Index: stable/11/crypto/openssl/crypto/asn1/asn1.h =================================================================== --- stable/11/crypto/openssl/crypto/asn1/asn1.h (revision 368529) +++ stable/11/crypto/openssl/crypto/asn1/asn1.h (revision 368530) @@ -1,1424 +1,1426 @@ /* crypto/asn1/asn1.h */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #ifndef HEADER_ASN1_H # define HEADER_ASN1_H # include # include # ifndef OPENSSL_NO_BIO # include # endif # include # include # include # include # ifndef OPENSSL_NO_DEPRECATED # include # endif # ifdef OPENSSL_BUILD_SHLIBCRYPTO # undef OPENSSL_EXTERN # define OPENSSL_EXTERN OPENSSL_EXPORT # endif #ifdef __cplusplus extern "C" { #endif # define V_ASN1_UNIVERSAL 0x00 # define V_ASN1_APPLICATION 0x40 # define V_ASN1_CONTEXT_SPECIFIC 0x80 # define V_ASN1_PRIVATE 0xc0 # define V_ASN1_CONSTRUCTED 0x20 # define V_ASN1_PRIMITIVE_TAG 0x1f # define V_ASN1_PRIMATIVE_TAG 0x1f # define V_ASN1_APP_CHOOSE -2/* let the recipient choose */ # define V_ASN1_OTHER -3/* used in ASN1_TYPE */ # define V_ASN1_ANY -4/* used in ASN1 template code */ # define V_ASN1_NEG 0x100/* negative flag */ # define V_ASN1_UNDEF -1 # define V_ASN1_EOC 0 # define V_ASN1_BOOLEAN 1 /**/ # define V_ASN1_INTEGER 2 # define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) # define V_ASN1_BIT_STRING 3 # define V_ASN1_OCTET_STRING 4 # define V_ASN1_NULL 5 # define V_ASN1_OBJECT 6 # define V_ASN1_OBJECT_DESCRIPTOR 7 # define V_ASN1_EXTERNAL 8 # define V_ASN1_REAL 9 # define V_ASN1_ENUMERATED 10 # define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) # define V_ASN1_UTF8STRING 12 # define V_ASN1_SEQUENCE 16 # define V_ASN1_SET 17 # define V_ASN1_NUMERICSTRING 18 /**/ # define V_ASN1_PRINTABLESTRING 19 # define V_ASN1_T61STRING 20 # define V_ASN1_TELETEXSTRING 20/* alias */ # define V_ASN1_VIDEOTEXSTRING 21 /**/ # define V_ASN1_IA5STRING 22 # define V_ASN1_UTCTIME 23 # define V_ASN1_GENERALIZEDTIME 24 /**/ # define V_ASN1_GRAPHICSTRING 25 /**/ # define V_ASN1_ISO64STRING 26 /**/ # define V_ASN1_VISIBLESTRING 26/* alias */ # define V_ASN1_GENERALSTRING 27 /**/ # define V_ASN1_UNIVERSALSTRING 28 /**/ # define V_ASN1_BMPSTRING 30 /* For use with d2i_ASN1_type_bytes() */ # define B_ASN1_NUMERICSTRING 0x0001 # define B_ASN1_PRINTABLESTRING 0x0002 # define B_ASN1_T61STRING 0x0004 # define B_ASN1_TELETEXSTRING 0x0004 # define B_ASN1_VIDEOTEXSTRING 0x0008 # define B_ASN1_IA5STRING 0x0010 # define B_ASN1_GRAPHICSTRING 0x0020 # define B_ASN1_ISO64STRING 0x0040 # define B_ASN1_VISIBLESTRING 0x0040 # define B_ASN1_GENERALSTRING 0x0080 # define B_ASN1_UNIVERSALSTRING 0x0100 # define B_ASN1_OCTET_STRING 0x0200 # define B_ASN1_BIT_STRING 0x0400 # define B_ASN1_BMPSTRING 0x0800 # define B_ASN1_UNKNOWN 0x1000 # define B_ASN1_UTF8STRING 0x2000 # define B_ASN1_UTCTIME 0x4000 # define B_ASN1_GENERALIZEDTIME 0x8000 # define B_ASN1_SEQUENCE 0x10000 /* For use with ASN1_mbstring_copy() */ # define MBSTRING_FLAG 0x1000 # define MBSTRING_UTF8 (MBSTRING_FLAG) # define MBSTRING_ASC (MBSTRING_FLAG|1) # define MBSTRING_BMP (MBSTRING_FLAG|2) # define MBSTRING_UNIV (MBSTRING_FLAG|4) # define SMIME_OLDMIME 0x400 # define SMIME_CRLFEOL 0x800 # define SMIME_STREAM 0x1000 struct X509_algor_st; DECLARE_STACK_OF(X509_ALGOR) # define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */ # define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */ /* * We MUST make sure that, except for constness, asn1_ctx_st and * asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1 * parsing macros are gone, we can throw this away as well... */ typedef struct asn1_ctx_st { unsigned char *p; /* work char pointer */ int eos; /* end of sequence read for indefinite * encoding */ int error; /* error code to use when returning an error */ int inf; /* constructed if 0x20, indefinite is 0x21 */ int tag; /* tag from last 'get object' */ int xclass; /* class from last 'get object' */ long slen; /* length of last 'get object' */ unsigned char *max; /* largest value of p allowed */ unsigned char *q; /* temporary variable */ unsigned char **pp; /* variable */ int line; /* used in error processing */ } ASN1_CTX; typedef struct asn1_const_ctx_st { const unsigned char *p; /* work char pointer */ int eos; /* end of sequence read for indefinite * encoding */ int error; /* error code to use when returning an error */ int inf; /* constructed if 0x20, indefinite is 0x21 */ int tag; /* tag from last 'get object' */ int xclass; /* class from last 'get object' */ long slen; /* length of last 'get object' */ const unsigned char *max; /* largest value of p allowed */ const unsigned char *q; /* temporary variable */ const unsigned char **pp; /* variable */ int line; /* used in error processing */ } ASN1_const_CTX; /* * These are used internally in the ASN1_OBJECT to keep track of whether the * names and data need to be free()ed */ # define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */ # define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */ # define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */ # define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */ struct asn1_object_st { const char *sn, *ln; int nid; int length; const unsigned char *data; /* data remains const after init */ int flags; /* Should we free this one */ }; # define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */ /* * This indicates that the ASN1_STRING is not a real value but just a place * holder for the location where indefinite length constructed data should be * inserted in the memory buffer */ # define ASN1_STRING_FLAG_NDEF 0x010 /* * This flag is used by the CMS code to indicate that a string is not * complete and is a place holder for content when it had all been accessed. * The flag will be reset when content has been written to it. */ # define ASN1_STRING_FLAG_CONT 0x020 /* * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING * type. */ # define ASN1_STRING_FLAG_MSTRING 0x040 /* This is the base type that holds just about everything :-) */ struct asn1_string_st { int length; int type; unsigned char *data; /* * The value of the following field depends on the type being held. It * is mostly being used for BIT_STRING so if the input data has a * non-zero 'unused bits' value, it will be handled correctly */ long flags; }; /* * ASN1_ENCODING structure: this is used to save the received encoding of an * ASN1 type. This is useful to get round problems with invalid encodings * which can break signatures. */ typedef struct ASN1_ENCODING_st { unsigned char *enc; /* DER encoding */ long len; /* Length of encoding */ int modified; /* set to 1 if 'enc' is invalid */ } ASN1_ENCODING; /* Used with ASN1 LONG type: if a long is set to this it is omitted */ # define ASN1_LONG_UNDEF 0x7fffffffL # define STABLE_FLAGS_MALLOC 0x01 # define STABLE_NO_MASK 0x02 # define DIRSTRING_TYPE \ (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) # define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) typedef struct asn1_string_table_st { int nid; long minsize; long maxsize; unsigned long mask; unsigned long flags; } ASN1_STRING_TABLE; DECLARE_STACK_OF(ASN1_STRING_TABLE) /* size limits: this stuff is taken straight from RFC2459 */ # define ub_name 32768 # define ub_common_name 64 # define ub_locality_name 128 # define ub_state_name 128 # define ub_organization_name 64 # define ub_organization_unit_name 64 # define ub_title 64 # define ub_email_address 128 /* * Declarations for template structures: for full definitions see asn1t.h */ typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; typedef struct ASN1_TLC_st ASN1_TLC; /* This is just an opaque pointer */ typedef struct ASN1_VALUE_st ASN1_VALUE; /* Declare ASN1 functions: the implement macro in in asn1t.h */ # define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) # define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) # define DECLARE_ASN1_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) # define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) # define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ type *d2i_##name(type **a, const unsigned char **in, long len); \ int i2d_##name(type *a, unsigned char **out); \ DECLARE_ASN1_ITEM(itname) # define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ type *d2i_##name(type **a, const unsigned char **in, long len); \ int i2d_##name(const type *a, unsigned char **out); \ DECLARE_ASN1_ITEM(name) # define DECLARE_ASN1_NDEF_FUNCTION(name) \ int i2d_##name##_NDEF(name *a, unsigned char **out); # define DECLARE_ASN1_FUNCTIONS_const(name) \ DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) # define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ type *name##_new(void); \ void name##_free(type *a); # define DECLARE_ASN1_PRINT_FUNCTION(stname) \ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) # define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ int fname##_print_ctx(BIO *out, stname *x, int indent, \ const ASN1_PCTX *pctx); # define D2I_OF(type) type *(*)(type **,const unsigned char **,long) # define I2D_OF(type) int (*)(type *,unsigned char **) # define I2D_OF_const(type) int (*)(const type *,unsigned char **) # define CHECKED_D2I_OF(type, d2i) \ ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) # define CHECKED_I2D_OF(type, i2d) \ ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) # define CHECKED_NEW_OF(type, xnew) \ ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) # define CHECKED_PTR_OF(type, p) \ ((void*) (1 ? p : (type*)0)) # define CHECKED_PPTR_OF(type, p) \ ((void**) (1 ? p : (type**)0)) # define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) # define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) # define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) TYPEDEF_D2I2D_OF(void); /*- * The following macros and typedefs allow an ASN1_ITEM * to be embedded in a structure and referenced. Since * the ASN1_ITEM pointers need to be globally accessible * (possibly from shared libraries) they may exist in * different forms. On platforms that support it the * ASN1_ITEM structure itself will be globally exported. * Other platforms will export a function that returns * an ASN1_ITEM pointer. * * To handle both cases transparently the macros below * should be used instead of hard coding an ASN1_ITEM * pointer in a structure. * * The structure will look like this: * * typedef struct SOMETHING_st { * ... * ASN1_ITEM_EXP *iptr; * ... * } SOMETHING; * * It would be initialised as e.g.: * * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; * * and the actual pointer extracted with: * * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr); * * Finally an ASN1_ITEM pointer can be extracted from an * appropriate reference with: ASN1_ITEM_rptr(X509). This * would be used when a function takes an ASN1_ITEM * argument. * */ # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION /* ASN1_ITEM pointer exported type */ typedef const ASN1_ITEM ASN1_ITEM_EXP; /* Macro to obtain ASN1_ITEM pointer from exported type */ # define ASN1_ITEM_ptr(iptr) (iptr) /* Macro to include ASN1_ITEM pointer from base type */ # define ASN1_ITEM_ref(iptr) (&(iptr##_it)) # define ASN1_ITEM_rptr(ref) (&(ref##_it)) # define DECLARE_ASN1_ITEM(name) \ OPENSSL_EXTERN const ASN1_ITEM name##_it; # else /* * Platforms that can't easily handle shared global variables are declared as * functions returning ASN1_ITEM pointers. */ /* ASN1_ITEM pointer exported type */ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void); /* Macro to obtain ASN1_ITEM pointer from exported type */ # define ASN1_ITEM_ptr(iptr) (iptr()) /* Macro to include ASN1_ITEM pointer from base type */ # define ASN1_ITEM_ref(iptr) (iptr##_it) # define ASN1_ITEM_rptr(ref) (ref##_it()) # define DECLARE_ASN1_ITEM(name) \ const ASN1_ITEM * name##_it(void); # endif /* Parameters used by ASN1_STRING_print_ex() */ /* * These determine which characters to escape: RFC2253 special characters, * control characters and MSB set characters */ # define ASN1_STRFLGS_ESC_2253 1 # define ASN1_STRFLGS_ESC_CTRL 2 # define ASN1_STRFLGS_ESC_MSB 4 /* * This flag determines how we do escaping: normally RC2253 backslash only, * set this to use backslash and quote. */ # define ASN1_STRFLGS_ESC_QUOTE 8 /* These three flags are internal use only. */ /* Character is a valid PrintableString character */ # define CHARTYPE_PRINTABLESTRING 0x10 /* Character needs escaping if it is the first character */ # define CHARTYPE_FIRST_ESC_2253 0x20 /* Character needs escaping if it is the last character */ # define CHARTYPE_LAST_ESC_2253 0x40 /* * NB the internal flags are safely reused below by flags handled at the top * level. */ /* * If this is set we convert all character strings to UTF8 first */ # define ASN1_STRFLGS_UTF8_CONVERT 0x10 /* * If this is set we don't attempt to interpret content: just assume all * strings are 1 byte per character. This will produce some pretty odd * looking output! */ # define ASN1_STRFLGS_IGNORE_TYPE 0x20 /* If this is set we include the string type in the output */ # define ASN1_STRFLGS_SHOW_TYPE 0x40 /* * This determines which strings to display and which to 'dump' (hex dump of * content octets or DER encoding). We can only dump non character strings or * everything. If we don't dump 'unknown' they are interpreted as character * strings with 1 octet per character and are subject to the usual escaping * options. */ # define ASN1_STRFLGS_DUMP_ALL 0x80 # define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 /* * These determine what 'dumping' does, we can dump the content octets or the * DER encoding: both use the RFC2253 #XXXXX notation. */ # define ASN1_STRFLGS_DUMP_DER 0x200 /* * All the string flags consistent with RFC2253, escaping control characters * isn't essential in RFC2253 but it is advisable anyway. */ # define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ ASN1_STRFLGS_ESC_CTRL | \ ASN1_STRFLGS_ESC_MSB | \ ASN1_STRFLGS_UTF8_CONVERT | \ ASN1_STRFLGS_DUMP_UNKNOWN | \ ASN1_STRFLGS_DUMP_DER) DECLARE_STACK_OF(ASN1_INTEGER) DECLARE_ASN1_SET_OF(ASN1_INTEGER) DECLARE_STACK_OF(ASN1_GENERALSTRING) typedef struct asn1_type_st { int type; union { char *ptr; ASN1_BOOLEAN boolean; ASN1_STRING *asn1_string; ASN1_OBJECT *object; ASN1_INTEGER *integer; ASN1_ENUMERATED *enumerated; ASN1_BIT_STRING *bit_string; ASN1_OCTET_STRING *octet_string; ASN1_PRINTABLESTRING *printablestring; ASN1_T61STRING *t61string; ASN1_IA5STRING *ia5string; ASN1_GENERALSTRING *generalstring; ASN1_BMPSTRING *bmpstring; ASN1_UNIVERSALSTRING *universalstring; ASN1_UTCTIME *utctime; ASN1_GENERALIZEDTIME *generalizedtime; ASN1_VISIBLESTRING *visiblestring; ASN1_UTF8STRING *utf8string; /* * set and sequence are left complete and still contain the set or * sequence bytes */ ASN1_STRING *set; ASN1_STRING *sequence; ASN1_VALUE *asn1_value; } value; } ASN1_TYPE; DECLARE_STACK_OF(ASN1_TYPE) DECLARE_ASN1_SET_OF(ASN1_TYPE) typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) typedef struct NETSCAPE_X509_st { ASN1_OCTET_STRING *header; X509 *cert; } NETSCAPE_X509; /* This is used to contain a list of bit names */ typedef struct BIT_STRING_BITNAME_st { int bitnum; const char *lname; const char *sname; } BIT_STRING_BITNAME; # define M_ASN1_STRING_length(x) ((x)->length) # define M_ASN1_STRING_length_set(x, n) ((x)->length = (n)) # define M_ASN1_STRING_type(x) ((x)->type) # define M_ASN1_STRING_data(x) ((x)->data) /* Macros for string operations */ # define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ ASN1_STRING_type_new(V_ASN1_BIT_STRING) # define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ (const ASN1_STRING *)a,(const ASN1_STRING *)b) # define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) # define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\ ASN1_STRING_type_new(V_ASN1_INTEGER) # define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ (const ASN1_STRING *)a,(const ASN1_STRING *)b) # define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\ ASN1_STRING_type_new(V_ASN1_ENUMERATED) # define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\ (const ASN1_STRING *)a,(const ASN1_STRING *)b) # define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ ASN1_STRING_type_new(V_ASN1_OCTET_STRING) # define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ (const ASN1_STRING *)a,(const ASN1_STRING *)b) # define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) # define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) # define M_i2d_ASN1_OCTET_STRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ V_ASN1_UNIVERSAL) # define B_ASN1_TIME \ B_ASN1_UTCTIME | \ B_ASN1_GENERALIZEDTIME # define B_ASN1_PRINTABLE \ B_ASN1_NUMERICSTRING| \ B_ASN1_PRINTABLESTRING| \ B_ASN1_T61STRING| \ B_ASN1_IA5STRING| \ B_ASN1_BIT_STRING| \ B_ASN1_UNIVERSALSTRING|\ B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING|\ B_ASN1_SEQUENCE|\ B_ASN1_UNKNOWN # define B_ASN1_DIRECTORYSTRING \ B_ASN1_PRINTABLESTRING| \ B_ASN1_TELETEXSTRING|\ B_ASN1_BMPSTRING|\ B_ASN1_UNIVERSALSTRING|\ B_ASN1_UTF8STRING # define B_ASN1_DISPLAYTEXT \ B_ASN1_IA5STRING| \ B_ASN1_VISIBLESTRING| \ B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING # define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) # define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ pp,a->type,V_ASN1_UNIVERSAL) # define M_d2i_ASN1_PRINTABLE(a,pp,l) \ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ B_ASN1_PRINTABLE) # define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) # define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ pp,a->type,V_ASN1_UNIVERSAL) # define M_d2i_DIRECTORYSTRING(a,pp,l) \ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ B_ASN1_DIRECTORYSTRING) # define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) # define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ pp,a->type,V_ASN1_UNIVERSAL) # define M_d2i_DISPLAYTEXT(a,pp,l) \ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ B_ASN1_DISPLAYTEXT) # define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) # define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) # define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\ ASN1_STRING_type_new(V_ASN1_T61STRING) # define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_T61STRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_T61STRING(a,pp,l) \ (ASN1_T61STRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) # define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ ASN1_STRING_type_new(V_ASN1_IA5STRING) # define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_IA5STRING_dup(a) \ (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a) # define M_i2d_ASN1_IA5STRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_IA5STRING(a,pp,l) \ (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ B_ASN1_IA5STRING) # define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ ASN1_STRING_type_new(V_ASN1_UTCTIME) # define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) # define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\ (const ASN1_STRING *)a) # define M_ASN1_TIME_new() (ASN1_TIME *)\ ASN1_STRING_type_new(V_ASN1_UTCTIME) # define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_ASN1_TIME_dup(a) (ASN1_TIME *)\ ASN1_STRING_dup((const ASN1_STRING *)a) # define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ ASN1_STRING_type_new(V_ASN1_GENERALSTRING) # define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_GENERALSTRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) # define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) # define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) # define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ ASN1_STRING_type_new(V_ASN1_BMPSTRING) # define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_BMPSTRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_BMPSTRING(a,pp,l) \ (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) # define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\ ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) # define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_VISIBLESTRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \ (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING) # define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\ ASN1_STRING_type_new(V_ASN1_UTF8STRING) # define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) # define M_i2d_ASN1_UTF8STRING(a,pp) \ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\ V_ASN1_UNIVERSAL) # define M_d2i_ASN1_UTF8STRING(a,pp,l) \ (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\ ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING) /* for the is_set parameter to i2d_ASN1_SET */ # define IS_SEQUENCE 0 # define IS_SET 1 DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) int ASN1_TYPE_get(ASN1_TYPE *a); void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); ASN1_OBJECT *ASN1_OBJECT_new(void); void ASN1_OBJECT_free(ASN1_OBJECT *a); int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp); ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length); ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length); DECLARE_ASN1_ITEM(ASN1_OBJECT) DECLARE_STACK_OF(ASN1_OBJECT) DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING *ASN1_STRING_new(void); void ASN1_STRING_free(ASN1_STRING *a); void ASN1_STRING_clear_free(ASN1_STRING *a); int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); ASN1_STRING *ASN1_STRING_type_new(int type); int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); /* * Since this is used to store all sorts of things, via macros, for now, * make its data void * */ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); int ASN1_STRING_length(const ASN1_STRING *x); void ASN1_STRING_length_set(ASN1_STRING *x, int n); int ASN1_STRING_type(ASN1_STRING *x); unsigned char *ASN1_STRING_data(ASN1_STRING *x); DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **pp, long length); int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length); int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, unsigned char *flags, int flags_len); # ifndef OPENSSL_NO_BIO int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, BIT_STRING_BITNAME *tbl, int indent); # endif int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl); int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, BIT_STRING_BITNAME *tbl); int i2d_ASN1_BOOLEAN(int a, unsigned char **pp); int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length); DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length); ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length); ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x); int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) int ASN1_UTCTIME_check(const ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec); int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); # if 0 time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); # endif int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec); int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to); DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b); int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING) DECLARE_ASN1_FUNCTIONS(ASN1_NULL) DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING) int UTF8_getc(const unsigned char *str, int len, unsigned long *val); int UTF8_putc(unsigned char *str, int len, unsigned long value); DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE) DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT) DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING) DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING) DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING) DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING) DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) DECLARE_ASN1_FUNCTIONS(ASN1_TIME) DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec); int ASN1_TIME_check(ASN1_TIME *t); ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, const unsigned char **pp, long length, d2i_of_void *d2i, void (*free_func) (OPENSSL_BLOCK), int ex_tag, int ex_class); # ifndef OPENSSL_NO_BIO int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size); int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a); int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size); int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a); int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size); int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); # endif int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a); int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num); ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, const char *sn, const char *ln); int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); long ASN1_INTEGER_get(const ASN1_INTEGER *a); ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn); /* General */ /* given a string, return the correct type, max is the maximum length */ int ASN1_PRINTABLE_type(const unsigned char *s, int max); int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int Ptag, int Pclass); unsigned long ASN1_tag2bit(int tag); /* type is one or more of the B_ASN1_ values. */ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int type); /* PARSING */ int asn1_Finish(ASN1_CTX *c); int asn1_const_Finish(ASN1_const_CTX *c); /* SPECIALS */ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, int *pclass, long omax); int ASN1_check_infinite_end(unsigned char **p, long len); int ASN1_const_check_infinite_end(const unsigned char **p, long len); void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, int xclass); int ASN1_put_eoc(unsigned char **pp); int ASN1_object_size(int constructed, int length, int tag); /* Used to implement other functions */ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); # define ASN1_dup_of(type,i2d,d2i,x) \ ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ CHECKED_D2I_OF(type, d2i), \ CHECKED_PTR_OF(type, x))) # define ASN1_dup_of_const(type,i2d,d2i,x) \ ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ CHECKED_D2I_OF(type, d2i), \ CHECKED_PTR_OF(const type, x))) void *ASN1_item_dup(const ASN1_ITEM *it, void *x); /* ASN1 alloc/free macros for when a type is only used internally */ # define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type)) # define M_ASN1_free_of(x, type) \ ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type)) # ifndef OPENSSL_NO_FP_API void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x); # define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ CHECKED_D2I_OF(type, d2i), \ in, \ CHECKED_PPTR_OF(type, x))) void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x); # define ASN1_i2d_fp_of(type,i2d,out,x) \ (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ out, \ CHECKED_PTR_OF(type, x))) # define ASN1_i2d_fp_of_const(type,i2d,out,x) \ (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ out, \ CHECKED_PTR_OF(const type, x))) int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); # endif int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); # ifndef OPENSSL_NO_BIO void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x); # define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ CHECKED_D2I_OF(type, d2i), \ in, \ CHECKED_PPTR_OF(type, x))) void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x); # define ASN1_i2d_bio_of(type,i2d,out,x) \ (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ out, \ CHECKED_PTR_OF(type, x))) # define ASN1_i2d_bio_of_const(type,i2d,out,x) \ (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ out, \ CHECKED_PTR_OF(const type, x))) int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, int off); int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent); int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump); # endif const char *ASN1_tag2str(int tag); /* Used to load and write netscape format cert */ DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509) int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len); int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len); int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, int len); int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, int max_len); STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, d2i_of_void *d2i, void (*free_func) (OPENSSL_BLOCK)); unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, unsigned char **buf, int *len); void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_OCTET_STRING **oct); # define ASN1_pack_string_of(type,obj,i2d,oct) \ (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \ CHECKED_I2D_OF(type, i2d), \ oct)) ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); void ASN1_STRING_set_default_mask(unsigned long mask); int ASN1_STRING_set_default_mask_asc(const char *p); unsigned long ASN1_STRING_get_default_mask(void); int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, int inform, unsigned long mask); int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, int inform, unsigned long mask, long minsize, long maxsize); ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, int inform, int nid); ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); void ASN1_STRING_TABLE_cleanup(void); /* ASN1 template functions */ /* Old API compatible functions */ ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); void ASN1_add_oid_module(void); ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); /* ASN1 Print flags */ /* Indicate missing OPTIONAL fields */ # define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 /* Mark start and end of SEQUENCE */ # define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 /* Mark start and end of SEQUENCE/SET OF */ # define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 /* Show the ASN1 type of primitives */ # define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 /* Don't show ASN1 type of ANY */ # define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 /* Don't show ASN1 type of MSTRINGs */ # define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 /* Don't show field names in SEQUENCE */ # define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 /* Show structure names of each SEQUENCE field */ # define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 /* Don't show structure name even at top level */ # define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, const ASN1_PCTX *pctx); ASN1_PCTX *ASN1_PCTX_new(void); void ASN1_PCTX_free(ASN1_PCTX *p); unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p); void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p); void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p); void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p); void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p); void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); BIO_METHOD *BIO_f_asn1(void); BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const ASN1_ITEM *it); int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const char *hdr, const ASN1_ITEM *it); int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it); ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); int SMIME_crlf_copy(BIO *in, BIO *out, int flags); int SMIME_text(BIO *in, BIO *out); /* BEGIN ERROR CODES */ /* * The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_ASN1_strings(void); /* Error codes for the ASN1 functions. */ /* Function codes. */ # define ASN1_F_A2D_ASN1_OBJECT 100 # define ASN1_F_A2I_ASN1_ENUMERATED 101 # define ASN1_F_A2I_ASN1_INTEGER 102 # define ASN1_F_A2I_ASN1_STRING 103 # define ASN1_F_APPEND_EXP 176 # define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 # define ASN1_F_ASN1_CB 177 # define ASN1_F_ASN1_CHECK_TLEN 104 # define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 # define ASN1_F_ASN1_COLLECT 106 # define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 # define ASN1_F_ASN1_D2I_FP 109 # define ASN1_F_ASN1_D2I_READ_BIO 107 # define ASN1_F_ASN1_DIGEST 184 # define ASN1_F_ASN1_DO_ADB 110 # define ASN1_F_ASN1_DUP 111 # define ASN1_F_ASN1_ENUMERATED_SET 112 # define ASN1_F_ASN1_ENUMERATED_TO_BN 113 # define ASN1_F_ASN1_EX_C2I 204 # define ASN1_F_ASN1_FIND_END 190 # define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 # define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 # define ASN1_F_ASN1_GENERATE_V3 178 # define ASN1_F_ASN1_GET_OBJECT 114 # define ASN1_F_ASN1_HEADER_NEW 115 # define ASN1_F_ASN1_I2D_BIO 116 # define ASN1_F_ASN1_I2D_FP 117 # define ASN1_F_ASN1_INTEGER_SET 118 # define ASN1_F_ASN1_INTEGER_TO_BN 119 # define ASN1_F_ASN1_ITEM_D2I_FP 206 # define ASN1_F_ASN1_ITEM_DUP 191 # define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 # define ASN1_F_ASN1_ITEM_EX_D2I 120 +# define ASN1_F_ASN1_ITEM_EX_I2D 224 # define ASN1_F_ASN1_ITEM_I2D_BIO 192 # define ASN1_F_ASN1_ITEM_I2D_FP 193 # define ASN1_F_ASN1_ITEM_PACK 198 # define ASN1_F_ASN1_ITEM_SIGN 195 # define ASN1_F_ASN1_ITEM_SIGN_CTX 220 # define ASN1_F_ASN1_ITEM_UNPACK 199 # define ASN1_F_ASN1_ITEM_VERIFY 197 # define ASN1_F_ASN1_MBSTRING_NCOPY 122 # define ASN1_F_ASN1_OBJECT_NEW 123 # define ASN1_F_ASN1_OUTPUT_DATA 214 # define ASN1_F_ASN1_PACK_STRING 124 # define ASN1_F_ASN1_PCTX_NEW 205 # define ASN1_F_ASN1_PKCS5_PBE_SET 125 # define ASN1_F_ASN1_SEQ_PACK 126 # define ASN1_F_ASN1_SEQ_UNPACK 127 # define ASN1_F_ASN1_SIGN 128 # define ASN1_F_ASN1_STR2TYPE 179 # define ASN1_F_ASN1_STRING_SET 186 # define ASN1_F_ASN1_STRING_TABLE_ADD 129 # define ASN1_F_ASN1_STRING_TYPE_NEW 130 # define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 # define ASN1_F_ASN1_TEMPLATE_NEW 133 # define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 # define ASN1_F_ASN1_TIME_ADJ 217 # define ASN1_F_ASN1_TIME_SET 175 # define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 # define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 # define ASN1_F_ASN1_UNPACK_STRING 136 # define ASN1_F_ASN1_UTCTIME_ADJ 218 # define ASN1_F_ASN1_UTCTIME_SET 187 # define ASN1_F_ASN1_VERIFY 137 # define ASN1_F_B64_READ_ASN1 209 # define ASN1_F_B64_WRITE_ASN1 210 # define ASN1_F_BIO_NEW_NDEF 208 # define ASN1_F_BITSTR_CB 180 # define ASN1_F_BN_TO_ASN1_ENUMERATED 138 # define ASN1_F_BN_TO_ASN1_INTEGER 139 # define ASN1_F_C2I_ASN1_BIT_STRING 189 # define ASN1_F_C2I_ASN1_INTEGER 194 # define ASN1_F_C2I_ASN1_OBJECT 196 # define ASN1_F_COLLECT_DATA 140 # define ASN1_F_D2I_ASN1_BIT_STRING 141 # define ASN1_F_D2I_ASN1_BOOLEAN 142 # define ASN1_F_D2I_ASN1_BYTES 143 # define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 # define ASN1_F_D2I_ASN1_HEADER 145 # define ASN1_F_D2I_ASN1_INTEGER 146 # define ASN1_F_D2I_ASN1_OBJECT 147 # define ASN1_F_D2I_ASN1_SET 148 # define ASN1_F_D2I_ASN1_TYPE_BYTES 149 # define ASN1_F_D2I_ASN1_UINTEGER 150 # define ASN1_F_D2I_ASN1_UTCTIME 151 # define ASN1_F_D2I_AUTOPRIVATEKEY 207 # define ASN1_F_D2I_NETSCAPE_RSA 152 # define ASN1_F_D2I_NETSCAPE_RSA_2 153 # define ASN1_F_D2I_PRIVATEKEY 154 # define ASN1_F_D2I_PUBLICKEY 155 # define ASN1_F_D2I_RSA_NET 200 # define ASN1_F_D2I_RSA_NET_2 201 # define ASN1_F_D2I_X509 156 # define ASN1_F_D2I_X509_CINF 157 # define ASN1_F_D2I_X509_PKEY 159 # define ASN1_F_DO_BUF 221 # define ASN1_F_I2D_ASN1_BIO_STREAM 211 # define ASN1_F_I2D_ASN1_BOOLEAN 223 # define ASN1_F_I2D_ASN1_OBJECT 222 # define ASN1_F_I2D_ASN1_SET 188 # define ASN1_F_I2D_ASN1_TIME 160 # define ASN1_F_I2D_DSA_PUBKEY 161 # define ASN1_F_I2D_EC_PUBKEY 181 # define ASN1_F_I2D_PRIVATEKEY 163 # define ASN1_F_I2D_PUBLICKEY 164 # define ASN1_F_I2D_RSA_NET 162 # define ASN1_F_I2D_RSA_PUBKEY 165 # define ASN1_F_LONG_C2I 166 # define ASN1_F_OID_MODULE_INIT 174 # define ASN1_F_PARSE_TAGGING 182 # define ASN1_F_PKCS5_PBE2_SET_IV 167 # define ASN1_F_PKCS5_PBE_SET 202 # define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 # define ASN1_F_PKCS5_PBKDF2_SET 219 # define ASN1_F_SMIME_READ_ASN1 212 # define ASN1_F_SMIME_TEXT 213 # define ASN1_F_X509_CINF_NEW 168 # define ASN1_F_X509_CRL_ADD0_REVOKED 169 # define ASN1_F_X509_INFO_NEW 170 # define ASN1_F_X509_NAME_ENCODE 203 # define ASN1_F_X509_NAME_EX_D2I 158 # define ASN1_F_X509_NAME_EX_NEW 171 # define ASN1_F_X509_NEW 172 # define ASN1_F_X509_PKEY_NEW 173 /* Reason codes. */ # define ASN1_R_ADDING_OBJECT 171 # define ASN1_R_ASN1_PARSE_ERROR 203 # define ASN1_R_ASN1_SIG_PARSE_ERROR 204 # define ASN1_R_AUX_ERROR 100 # define ASN1_R_BAD_CLASS 101 # define ASN1_R_BAD_OBJECT_HEADER 102 # define ASN1_R_BAD_PASSWORD_READ 103 # define ASN1_R_BAD_TAG 104 +# define ASN1_R_BAD_TEMPLATE 221 # define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 # define ASN1_R_BN_LIB 105 # define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 # define ASN1_R_BUFFER_TOO_SMALL 107 # define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 # define ASN1_R_CONTEXT_NOT_INITIALISED 217 # define ASN1_R_DATA_IS_WRONG 109 # define ASN1_R_DECODE_ERROR 110 # define ASN1_R_DECODING_ERROR 111 # define ASN1_R_DEPTH_EXCEEDED 174 # define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198 # define ASN1_R_ENCODE_ERROR 112 # define ASN1_R_ERROR_GETTING_TIME 173 # define ASN1_R_ERROR_LOADING_SECTION 172 # define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 # define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 # define ASN1_R_EXPECTING_AN_INTEGER 115 # define ASN1_R_EXPECTING_AN_OBJECT 116 # define ASN1_R_EXPECTING_A_BOOLEAN 117 # define ASN1_R_EXPECTING_A_TIME 118 # define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 # define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 # define ASN1_R_FIELD_MISSING 121 # define ASN1_R_FIRST_NUM_TOO_LARGE 122 # define ASN1_R_HEADER_TOO_LONG 123 # define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 # define ASN1_R_ILLEGAL_BOOLEAN 176 # define ASN1_R_ILLEGAL_CHARACTERS 124 # define ASN1_R_ILLEGAL_FORMAT 177 # define ASN1_R_ILLEGAL_HEX 178 # define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 # define ASN1_R_ILLEGAL_INTEGER 180 # define ASN1_R_ILLEGAL_NESTED_TAGGING 181 # define ASN1_R_ILLEGAL_NULL 125 # define ASN1_R_ILLEGAL_NULL_VALUE 182 # define ASN1_R_ILLEGAL_OBJECT 183 # define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 # define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 # define ASN1_R_ILLEGAL_TAGGED_ANY 127 # define ASN1_R_ILLEGAL_TIME_VALUE 184 # define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 # define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 # define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220 # define ASN1_R_INVALID_BMPSTRING_LENGTH 129 # define ASN1_R_INVALID_DIGIT 130 # define ASN1_R_INVALID_MIME_TYPE 205 # define ASN1_R_INVALID_MODIFIER 186 # define ASN1_R_INVALID_NUMBER 187 # define ASN1_R_INVALID_OBJECT_ENCODING 216 # define ASN1_R_INVALID_SEPARATOR 131 # define ASN1_R_INVALID_TIME_FORMAT 132 # define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 # define ASN1_R_INVALID_UTF8STRING 134 # define ASN1_R_IV_TOO_LARGE 135 # define ASN1_R_LENGTH_ERROR 136 # define ASN1_R_LIST_ERROR 188 # define ASN1_R_MIME_NO_CONTENT_TYPE 206 # define ASN1_R_MIME_PARSE_ERROR 207 # define ASN1_R_MIME_SIG_PARSE_ERROR 208 # define ASN1_R_MISSING_EOC 137 # define ASN1_R_MISSING_SECOND_NUMBER 138 # define ASN1_R_MISSING_VALUE 189 # define ASN1_R_MSTRING_NOT_UNIVERSAL 139 # define ASN1_R_MSTRING_WRONG_TAG 140 # define ASN1_R_NESTED_ASN1_STRING 197 # define ASN1_R_NESTED_TOO_DEEP 219 # define ASN1_R_NON_HEX_CHARACTERS 141 # define ASN1_R_NOT_ASCII_FORMAT 190 # define ASN1_R_NOT_ENOUGH_DATA 142 # define ASN1_R_NO_CONTENT_TYPE 209 # define ASN1_R_NO_DEFAULT_DIGEST 201 # define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 # define ASN1_R_NO_MULTIPART_BODY_FAILURE 210 # define ASN1_R_NO_MULTIPART_BOUNDARY 211 # define ASN1_R_NO_SIG_CONTENT_TYPE 212 # define ASN1_R_NULL_IS_WRONG_LENGTH 144 # define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 # define ASN1_R_ODD_NUMBER_OF_CHARS 145 # define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 # define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 # define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 # define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 # define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 # define ASN1_R_SHORT_LINE 150 # define ASN1_R_SIG_INVALID_MIME_TYPE 213 # define ASN1_R_STREAMING_NOT_SUPPORTED 202 # define ASN1_R_STRING_TOO_LONG 151 # define ASN1_R_STRING_TOO_SHORT 152 # define ASN1_R_TAG_VALUE_TOO_HIGH 153 # define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 # define ASN1_R_TIME_NOT_ASCII_FORMAT 193 # define ASN1_R_TOO_LONG 155 # define ASN1_R_TYPE_NOT_CONSTRUCTED 156 # define ASN1_R_TYPE_NOT_PRIMITIVE 218 # define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 # define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158 # define ASN1_R_UNEXPECTED_EOC 159 # define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 # define ASN1_R_UNKNOWN_FORMAT 160 # define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 # define ASN1_R_UNKNOWN_OBJECT_TYPE 162 # define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 # define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199 # define ASN1_R_UNKNOWN_TAG 194 # define ASN1_R_UNKOWN_FORMAT 195 # define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 # define ASN1_R_UNSUPPORTED_CIPHER 165 # define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 # define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 # define ASN1_R_UNSUPPORTED_TYPE 196 # define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 # define ASN1_R_WRONG_TAG 168 # define ASN1_R_WRONG_TYPE 169 # ifdef __cplusplus } # endif #endif Index: stable/11/crypto/openssl/crypto/asn1/asn1_err.c =================================================================== --- stable/11/crypto/openssl/crypto/asn1/asn1_err.c (revision 368529) +++ stable/11/crypto/openssl/crypto/asn1/asn1_err.c (revision 368530) @@ -1,358 +1,360 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2020 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ /* * NOTE: this file was auto generated by the mkerr.pl script: any changes * made to it will be overwritten when the script next updates this file, * only reason strings will be preserved. */ #include #include #include /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR # define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0) # define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason) static ERR_STRING_DATA ASN1_str_functs[] = { {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"}, {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"}, {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"}, {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"}, {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"}, {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, + {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_I2D), "ASN1_item_ex_i2d"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"}, {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"}, {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"}, {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"}, {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"}, {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"}, {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"}, {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"}, {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"}, {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"}, {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"}, {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"}, {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"}, {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"}, {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"}, {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"}, {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"}, {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"}, {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"}, {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"}, {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"}, {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, {ERR_FUNC(ASN1_F_DO_BUF), "DO_BUF"}, {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"}, {ERR_FUNC(ASN1_F_I2D_ASN1_BOOLEAN), "i2d_ASN1_BOOLEAN"}, {ERR_FUNC(ASN1_F_I2D_ASN1_OBJECT), "i2d_ASN1_OBJECT"}, {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"}, {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"}, {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"}, {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"}, {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"}, {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"}, {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"}, {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"}, {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"}, {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, {0, NULL} }; static ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_REASON(ASN1_R_ADDING_OBJECT), "adding object"}, {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"}, {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"}, {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"}, {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"}, {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"}, {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"}, + {ERR_REASON(ASN1_R_BAD_TEMPLATE), "bad template"}, {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"}, {ERR_REASON(ASN1_R_BN_LIB), "bn lib"}, {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"}, {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"}, {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"}, {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"}, {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"}, {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"}, {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"}, {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "digest and key type not supported"}, {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"}, {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"}, {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"}, {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT), "error parsing set element"}, {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS), "error setting cipher params"}, {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"}, {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"}, {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"}, {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"}, {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"}, {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), "explicit tag not constructed"}, {ERR_REASON(ASN1_R_FIELD_MISSING), "field missing"}, {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE), "first num too large"}, {ERR_REASON(ASN1_R_HEADER_TOO_LONG), "header too long"}, {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"}, {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"}, {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS), "illegal characters"}, {ERR_REASON(ASN1_R_ILLEGAL_FORMAT), "illegal format"}, {ERR_REASON(ASN1_R_ILLEGAL_HEX), "illegal hex"}, {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG), "illegal implicit tag"}, {ERR_REASON(ASN1_R_ILLEGAL_INTEGER), "illegal integer"}, {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"}, {ERR_REASON(ASN1_R_ILLEGAL_NULL), "illegal null"}, {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE), "illegal null value"}, {ERR_REASON(ASN1_R_ILLEGAL_OBJECT), "illegal object"}, {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"}, {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), "illegal options on item template"}, {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"}, {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"}, {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"}, {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), "integer too large for long"}, {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT), "invalid bit string bits left"}, {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"}, {ERR_REASON(ASN1_R_INVALID_DIGIT), "invalid digit"}, {ERR_REASON(ASN1_R_INVALID_MIME_TYPE), "invalid mime type"}, {ERR_REASON(ASN1_R_INVALID_MODIFIER), "invalid modifier"}, {ERR_REASON(ASN1_R_INVALID_NUMBER), "invalid number"}, {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"}, {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"}, {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"}, {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), "invalid universalstring length"}, {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"}, {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"}, {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"}, {ERR_REASON(ASN1_R_LIST_ERROR), "list error"}, {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"}, {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"}, {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"}, {ERR_REASON(ASN1_R_MISSING_EOC), "missing eoc"}, {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"}, {ERR_REASON(ASN1_R_MISSING_VALUE), "missing value"}, {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"}, {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"}, {ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"}, {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"}, {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"}, {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"}, {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"}, {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"}, {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"}, {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"}, {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"}, {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE), "no sig content type"}, {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"}, {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"}, {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"}, {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING), "private key header missing"}, {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"}, {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"}, {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"}, {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), "sequence or set needs config"}, {ERR_REASON(ASN1_R_SHORT_LINE), "short line"}, {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"}, {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"}, {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"}, {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"}, {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"}, {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"}, {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"}, {ERR_REASON(ASN1_R_TOO_LONG), "too long"}, {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"}, {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY), "unable to decode rsa private key"}, {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"}, {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "universalstring is wrong length"}, {ERR_REASON(ASN1_R_UNKNOWN_FORMAT), "unknown format"}, {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "unknown message digest algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"}, {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"}, {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), "unknown signature algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"}, {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unknown format"}, {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), "unsupported any defined by type"}, {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"}, {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), "unsupported encryption algorithm"}, {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "unsupported public key type"}, {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"}, {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"}, {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"}, {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"}, {0, NULL} }; #endif void ERR_load_ASN1_strings(void) { #ifndef OPENSSL_NO_ERR if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) { ERR_load_strings(0, ASN1_str_functs); ERR_load_strings(0, ASN1_str_reasons); } #endif } Index: stable/11/crypto/openssl/crypto/asn1/tasn_dec.c =================================================================== --- stable/11/crypto/openssl/crypto/asn1/tasn_dec.c (revision 368529) +++ stable/11/crypto/openssl/crypto/asn1/tasn_dec.c (revision 368530) @@ -1,1250 +1,1269 @@ /* tasn_dec.c */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project * 2000. */ /* ==================================================================== * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include #include #include #include #include #include #include /* * Constructed types with a recursive definition (such as can be found in PKCS7) * could eventually exceed the stack given malicious input with excessive * recursion. Therefore we limit the stack depth. This is the maximum number of * recursive invocations of asn1_item_embed_d2i(). */ #define ASN1_MAX_CONSTRUCTED_NEST 30 static int asn1_check_eoc(const unsigned char **in, long len); static int asn1_find_end(const unsigned char **in, long len, char inf); static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, int tag, int aclass, int depth); static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen); static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, const unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx, int depth); static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx, int depth); static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); /* Table to convert tags to bit values, used for MSTRING type */ static const unsigned long tag2bit[32] = { /* tags 0 - 3 */ 0, 0, 0, B_ASN1_BIT_STRING, /* tags 4- 7 */ B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN, /* tags 8-11 */ B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, /* tags 12-15 */ B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, /* tags 16-19 */ B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING, /* tags 20-22 */ B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING, /* tags 23-24 */ B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 25-27 */ B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING, /* tags 28-31 */ B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN, }; unsigned long ASN1_tag2bit(int tag) { if ((tag < 0) || (tag > 30)) return 0; return tag2bit[tag]; } /* Macro to initialize and invalidate the cache */ #define asn1_tlc_clear(c) if (c) (c)->valid = 0 /* Version to avoid compiler warning about 'c' always non-NULL */ #define asn1_tlc_clear_nc(c) (c)->valid = 0 /* * Decode an ASN1 item, this currently behaves just like a standard 'd2i' * function. 'in' points to a buffer to read the data from, in future we * will have more advanced versions that can input data a piece at a time and * this will simply be a special case. */ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it) { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; if (!pval) pval = &ptmpval; asn1_tlc_clear_nc(&c); if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) return *pval; return NULL; } int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt) { ASN1_TLC c; asn1_tlc_clear_nc(&c); return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0); } /* * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and * tag mismatch return -1 to handle OPTIONAL */ static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx, int depth) { const ASN1_TEMPLATE *tt, *errtt = NULL; const ASN1_COMPAT_FUNCS *cf; const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb; const unsigned char *p = NULL, *q; unsigned char *wp = NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */ unsigned char imphack = 0, oclass; char seq_eoc, seq_nolen, cst, isopt; long tmplen; int i; int otag; int ret = 0; ASN1_VALUE **pchptr, *ptmpval; int combine = aclass & ASN1_TFLG_COMBINE; aclass &= ~ASN1_TFLG_COMBINE; if (!pval) return 0; if (aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; else asn1_cb = 0; if (++depth > ASN1_MAX_CONSTRUCTED_NEST) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP); goto err; } switch (it->itype) { case ASN1_ITYPE_PRIMITIVE: if (it->templates) { /* * tagging or OPTIONAL is currently illegal on an item template * because the flags can't get passed down. In practice this * isn't a problem: we include the relevant flags from the item * template in the template itself. */ if ((tag != -1) || opt) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); goto err; } return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx, depth); } return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); break; case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + p = *in; /* Just read in tag and class */ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } /* Must be UNIVERSAL class */ if (oclass != V_ASN1_UNIVERSAL) { /* If OPTIONAL, assume this is OK */ if (opt) return -1; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); goto err; } + /* Check tag matches bit map */ if (!(ASN1_tag2bit(otag) & it->utype)) { /* If OPTIONAL, assume this is OK */ if (opt) return -1; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG); goto err; } return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx); case ASN1_ITYPE_EXTERN: /* Use new style d2i */ ef = it->funcs; return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); case ASN1_ITYPE_COMPAT: /* we must resort to old style evil hackery */ cf = it->funcs; /* If OPTIONAL see if it is there */ if (opt) { int exptag; p = *in; if (tag == -1) exptag = it->utype; else exptag = tag; /* * Don't care about anything other than presence of expected tag */ ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } if (ret == -1) return -1; } /* * This is the old style evil hack IMPLICIT handling: since the * underlying code is expecting a tag and class other than the one * present we change the buffer temporarily then change it back * afterwards. This doesn't and never did work for tags > 30. Yes * this is *horrible* but it is only needed for old style d2i which * will hopefully not be around for much longer. FIXME: should copy * the buffer then modify it so the input buffer can be const: we * should *always* copy because the old style d2i might modify the * buffer. */ if (tag != -1) { wp = *(unsigned char **)in; imphack = *wp; if (p == NULL) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); } ptmpval = cf->asn1_d2i(pval, in, len); if (tag != -1) *wp = imphack; if (ptmpval) return 1; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_BAD_TEMPLATE); + goto err; + } + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; if (*pval) { /* Free up and zero CHOICE value if initialised */ i = asn1_get_choice_selector(pval, it); if ((i >= 0) && (i < it->tcount)) { tt = it->templates + i; pchptr = asn1_get_field_ptr(pval, tt); ASN1_template_free(pchptr, tt); asn1_set_choice_selector(pval, -1, it); } } else if (!ASN1_item_ex_new(pval, it)) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } /* CHOICE type, try each possibility in turn */ p = *in; for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { pchptr = asn1_get_field_ptr(pval, tt); /* * We mark field as OPTIONAL so its absence can be recognised. */ ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth); /* If field not present, try the next one */ if (ret == -1) continue; /* If positive return, read OK, break loop */ if (ret > 0) break; /* Otherwise must be an ASN1 parsing error */ errtt = tt; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } /* Did we fall off the end without reading anything? */ if (i == it->tcount) { /* If OPTIONAL, this is OK */ if (opt) { /* Free and zero it */ ASN1_item_ex_free(pval, it); return -1; } ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE); goto err; } asn1_set_choice_selector(pval, i, it); if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; *in = p; return 1; case ASN1_ITYPE_NDEF_SEQUENCE: case ASN1_ITYPE_SEQUENCE: p = *in; tmplen = len; /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ if (tag == -1) { tag = V_ASN1_SEQUENCE; aclass = V_ASN1_UNIVERSAL; } /* Get SEQUENCE length and update len, p */ ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) return -1; if (aux && (aux->flags & ASN1_AFLG_BROKEN)) { len = tmplen - (p - *in); seq_nolen = 1; } /* If indefinite we don't do a length check */ else seq_nolen = seq_eoc; if (!cst) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); goto err; } if (!*pval && !ASN1_item_ex_new(pval, it)) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; /* Free up and zero any ADB found */ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { if (tt->flags & ASN1_TFLG_ADB_MASK) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 0); if (seqtt == NULL) continue; pseqval = asn1_get_field_ptr(pval, seqtt); ASN1_template_free(pseqval, seqtt); } } /* Get each field entry */ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); if (seqtt == NULL) goto err; pseqval = asn1_get_field_ptr(pval, seqtt); /* Have we ran out of data? */ if (!len) break; q = p; if (asn1_check_eoc(&p, len)) { if (!seq_eoc) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; seq_eoc = 0; q = p; break; } /* * This determines the OPTIONAL flag value. The field cannot be * omitted if it is the last of a SEQUENCE and there is still * data to be read. This isn't strictly necessary but it * increases efficiency in some cases. */ if (i == (it->tcount - 1)) isopt = 0; else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL); /* * attempt to read in field, allowing each to be OPTIONAL */ ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx, depth); if (!ret) { errtt = seqtt; goto err; } else if (ret == -1) { /* * OPTIONAL component absent. Free and zero the field. */ ASN1_template_free(pseqval, seqtt); continue; } /* Update length */ len -= p - q; } /* Check for EOC if expecting one */ if (seq_eoc && !asn1_check_eoc(&p, len)) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); goto err; } /* Check all data read */ if (!seq_nolen && len) { ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH); goto err; } /* * If we get here we've got no more data in the SEQUENCE, however we * may not have read all fields so check all remaining are OPTIONAL * and clear any that are. */ for (; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; seqtt = asn1_do_adb(pval, tt, 1); if (seqtt == NULL) goto err; if (seqtt->flags & ASN1_TFLG_OPTIONAL) { ASN1_VALUE **pseqval; pseqval = asn1_get_field_ptr(pval, seqtt); ASN1_template_free(pseqval, seqtt); } else { errtt = seqtt; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING); goto err; } } /* Save encoding */ if (!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; *in = p; return 1; default: return 0; } auxerr: ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); err: if (combine == 0) ASN1_item_ex_free(pval, it); if (errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname); else ERR_add_error_data(2, "Type=", it->sname); return 0; } int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0); } /* * Templates are handled with two separate functions. One handles any * EXPLICIT tag and the other handles the rest. */ static int asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx, int depth) { int flags, aclass; int ret; long len; const unsigned char *p, *q; char exp_eoc; if (!val) return 0; flags = tt->flags; aclass = flags & ASN1_TFLG_TAG_CLASS; p = *in; /* Check if EXPLICIT tag expected */ if (flags & ASN1_TFLG_EXPTAG) { char cst; /* * Need to work out amount of data available to the inner content and * where it starts: so read in EXPLICIT header to get the info. */ ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx); q = p; if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; if (!cst) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); return 0; } /* We've found the field so it can't be OPTIONAL now */ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } /* We read the field in OK so update length */ len -= p - q; if (exp_eoc) { /* If NDEF we must have an EOC here */ if (!asn1_check_eoc(&p, len)) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC); goto err; } } else { /* * Otherwise we must hit the EXPLICIT tag end or its an error */ if (len) { ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; } } } else return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth); *in = p; return 1; err: ASN1_template_free(val, tt); return 0; } static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx, int depth) { int flags, aclass; int ret; const unsigned char *p, *q; if (!val) return 0; flags = tt->flags; aclass = flags & ASN1_TFLG_TAG_CLASS; p = *in; q = p; if (flags & ASN1_TFLG_SK_MASK) { /* SET OF, SEQUENCE OF */ int sktag, skaclass; char sk_eoc; /* First work out expected inner tag value */ if (flags & ASN1_TFLG_IMPTAG) { sktag = tt->tag; skaclass = aclass; } else { skaclass = V_ASN1_UNIVERSAL; if (flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET; else sktag = V_ASN1_SEQUENCE; } /* Get the tag */ ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; if (!*val) *val = (ASN1_VALUE *)sk_new_null(); else { /* * We've got a valid STACK: free up any items present */ STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val; ASN1_VALUE *vtmp; while (sk_ASN1_VALUE_num(sktmp) > 0) { vtmp = sk_ASN1_VALUE_pop(sktmp); ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); } } if (!*val) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE); goto err; } /* Read as many items as we can */ while (len > 0) { ASN1_VALUE *skfield; q = p; /* See if EOC found */ if (asn1_check_eoc(&p, len)) { if (!sk_eoc) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_UNEXPECTED_EOC); goto err; } len -= p - q; sk_eoc = 0; break; } skfield = NULL; if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx, depth)) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } len -= p - q; if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) { ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item)); ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE); goto err; } } if (sk_eoc) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); goto err; } } else if (flags & ASN1_TFLG_IMPTAG) { /* IMPLICIT tagging */ ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx, depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) return -1; } else { /* Nothing special */ ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx, depth); if (!ret) { ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } else if (ret == -1) return -1; } *in = p; return 1; err: ASN1_template_free(val, tt); return 0; } static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long inlen, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { int ret = 0, utype; long plen; char cst, inf, free_cont = 0; const unsigned char *p; BUF_MEM buf = { 0, NULL, 0 }; const unsigned char *cont = NULL; long len; if (!pval) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); return 0; /* Should never happen */ } if (it->itype == ASN1_ITYPE_MSTRING) { utype = tag; tag = -1; } else utype = it->utype; if (utype == V_ASN1_ANY) { /* If type is ANY need to figure out type from tag */ unsigned char oclass; if (tag >= 0) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY); return 0; } if (opt) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY); return 0; } p = *in; ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); return 0; } if (oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; } if (tag == -1) { tag = utype; aclass = V_ASN1_UNIVERSAL; } p = *in; /* Check header */ ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); if (!ret) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); return 0; } else if (ret == -1) return -1; ret = 0; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { /* * Clear context cache for type OTHER because the auto clear when we * have a exact match wont work */ if (utype == V_ASN1_OTHER) { asn1_tlc_clear(ctx); } /* SEQUENCE and SET must be constructed */ else if (!cst) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); return 0; } cont = *in; /* If indefinite length constructed find the real end */ if (inf) { if (!asn1_find_end(&p, plen, inf)) goto err; len = p - cont; } else { len = p - cont + plen; p += plen; } } else if (cst) { if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN || utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER || utype == V_ASN1_ENUMERATED) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE); return 0; } /* Free any returned 'buf' content */ free_cont = 1; /* * Should really check the internal tags are correct but some things * may get this wrong. The relevant specs say that constructed string * types should be OCTET STRINGs internally irrespective of the type. * So instead just check for UNIVERSAL class and ignore the tag. */ if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) { goto err; } len = buf.length; /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); goto err; } buf.data[len] = 0; cont = (const unsigned char *)buf.data; } else { cont = p; len = plen; p += plen; } /* We now have content length and type: translate into a structure */ /* asn1_ex_c2i may reuse allocated buffer, and so sets free_cont to 0 */ if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; *in = p; ret = 1; err: if (free_cont && buf.data) OPENSSL_free(buf.data); return ret; } /* Translate ASN1 content octets into a structure */ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; if (pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it); /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (!*pval) { typ = ASN1_TYPE_new(); if (typ == NULL) goto err; *pval = (ASN1_VALUE *)typ; } else typ = (ASN1_TYPE *)*pval; if (utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); opval = pval; pval = &typ->value.asn1_value; } switch (utype) { case V_ASN1_OBJECT: if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err; break; case V_ASN1_NULL: if (len) { ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH); goto err; } *pval = (ASN1_VALUE *)1; break; case V_ASN1_BOOLEAN: if (len != 1) { ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; } else { ASN1_BOOLEAN *tbool; tbool = (ASN1_BOOLEAN *)pval; *tbool = *cont; } break; case V_ASN1_BIT_STRING: if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err; break; case V_ASN1_INTEGER: case V_ASN1_ENUMERATED: tint = (ASN1_INTEGER **)pval; if (!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; /* Fixup type to match the expected form */ (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); break; case V_ASN1_OCTET_STRING: case V_ASN1_NUMERICSTRING: case V_ASN1_PRINTABLESTRING: case V_ASN1_T61STRING: case V_ASN1_VIDEOTEXSTRING: case V_ASN1_IA5STRING: case V_ASN1_UTCTIME: case V_ASN1_GENERALIZEDTIME: case V_ASN1_GRAPHICSTRING: case V_ASN1_VISIBLESTRING: case V_ASN1_GENERALSTRING: case V_ASN1_UNIVERSALSTRING: case V_ASN1_BMPSTRING: case V_ASN1_UTF8STRING: case V_ASN1_OTHER: case V_ASN1_SET: case V_ASN1_SEQUENCE: default: if (utype == V_ASN1_BMPSTRING && (len & 1)) { ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; } if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) { ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); goto err; } /* All based on ASN1_STRING and handled the same */ if (!*pval) { stmp = ASN1_STRING_type_new(utype); if (!stmp) { ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE); goto err; } *pval = (ASN1_VALUE *)stmp; } else { stmp = (ASN1_STRING *)*pval; stmp->type = utype; } /* If we've already allocated a buffer use it */ if (*free_cont) { if (stmp->data) OPENSSL_free(stmp->data); stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ stmp->length = len; *free_cont = 0; } else { if (!ASN1_STRING_set(stmp, cont, len)) { ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; goto err; } } break; } /* If ASN1_ANY and NULL type fix up value */ if (typ && (utype == V_ASN1_NULL)) typ->value.ptr = NULL; ret = 1; err: if (!ret) { ASN1_TYPE_free(typ); if (opval) *opval = NULL; } return ret; } /* * This function finds the end of an ASN1 structure when passed its maximum * length, whether it is indefinite length and a pointer to the content. This * is more efficient than calling asn1_collect because it does not recurse on * each indefinite length header. */ static int asn1_find_end(const unsigned char **in, long len, char inf) { int expected_eoc; long plen; const unsigned char *p = *in, *q; /* If not indefinite length constructed just add length */ if (inf == 0) { *in += len; return 1; } expected_eoc = 1; /* * Indefinite length constructed form. Find the end when enough EOCs are * found. If more indefinite length constructed headers are encountered * increment the expected eoc count otherwise just skip to the end of the * data. */ while (len > 0) { if (asn1_check_eoc(&p, len)) { expected_eoc--; if (expected_eoc == 0) break; len -= 2; continue; } q = p; /* Just read in a header: only care about the length */ if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, -1, 0, 0, NULL)) { ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR); return 0; } if (inf) expected_eoc++; else p += plen; len -= p - q; } if (expected_eoc) { ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC); return 0; } *in = p; return 1; } /* * This function collects the asn1 data from a constructred string type into * a buffer. The values of 'in' and 'len' should refer to the contents of the * constructed type and 'inf' should be set if it is indefinite length. */ #ifndef ASN1_MAX_STRING_NEST /* * This determines how many levels of recursion are permitted in ASN1 string * types. If it is not limited stack overflows can occur. If set to zero no * recursion is allowed at all. Although zero should be adequate examples * exist that require a value of 1. So 5 should be more than enough. */ # define ASN1_MAX_STRING_NEST 5 #endif static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, int tag, int aclass, int depth) { const unsigned char *p, *q; long plen; char cst, ininf; p = *in; inf &= 1; /* * If no buffer and not indefinite length constructed just pass over the * encoded data */ if (!buf && !inf) { *in += len; return 1; } while (len > 0) { q = p; /* Check for EOC */ if (asn1_check_eoc(&p, len)) { /* * EOC is illegal outside indefinite length constructed form */ if (!inf) { ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC); return 0; } inf = 0; break; } if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); return 0; } /* If indefinite length constructed update max length */ if (cst) { if (depth >= ASN1_MAX_STRING_NEST) { ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); return 0; } if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1)) return 0; } else if (plen && !collect_data(buf, &p, plen)) return 0; len -= p - q; } if (inf) { ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); return 0; } *in = p; return 1; } static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) { int len; if (buf) { len = buf->length; if (!BUF_MEM_grow_clean(buf, len + plen)) { ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); return 0; } memcpy(buf->data + len, *p, plen); } *p += plen; return 1; } /* Check for ASN1 EOC and swallow it if found */ static int asn1_check_eoc(const unsigned char **in, long len) { const unsigned char *p; if (len < 2) return 0; p = *in; if (!p[0] && !p[1]) { *in += 2; return 1; } return 0; } /* * Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the * length for indefinite length constructed form, we don't know the exact * length but we can set an upper bound to the amount of data available minus * the header length just read. */ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, const unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) { int i; int ptag, pclass; long plen; const unsigned char *p, *q; p = *in; q = p; if (ctx && ctx->valid) { i = ctx->ret; plen = ctx->plen; pclass = ctx->pclass; ptag = ctx->ptag; p += ctx->hdrlen; } else { i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); if (ctx) { ctx->ret = i; ctx->plen = plen; ctx->pclass = pclass; ctx->ptag = ptag; ctx->hdrlen = p - q; ctx->valid = 1; /* * If definite length, and no error, length + header can't exceed * total amount of data available. */ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG); asn1_tlc_clear(ctx); return 0; } } } if (i & 0x80) { ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); asn1_tlc_clear(ctx); return 0; } if (exptag >= 0) { if ((exptag != ptag) || (expclass != pclass)) { /* * If type is OPTIONAL, not an error: indicate missing type. */ if (opt) return -1; asn1_tlc_clear(ctx); ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); return 0; } /* * We have a tag and class match: assume we are going to do something * with it */ asn1_tlc_clear(ctx); } if (i & 1) plen = len - (p - q); if (inf) *inf = i & 1; if (cst) *cst = i & V_ASN1_CONSTRUCTED; if (olen) *olen = plen; if (oclass) *oclass = pclass; if (otag) *otag = ptag; *in = p; return 1; } Index: stable/11/crypto/openssl/crypto/asn1/tasn_enc.c =================================================================== --- stable/11/crypto/openssl/crypto/asn1/tasn_enc.c (revision 368529) +++ stable/11/crypto/openssl/crypto/asn1/tasn_enc.c (revision 368530) @@ -1,669 +1,685 @@ /* tasn_enc.c */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project * 2000. */ /* ==================================================================== * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include #include #include #include "cryptlib.h" #include #include #include static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass); static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt, int tag, int aclass); static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it, int flags); /* * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use * indefinite length constructed encoding, where appropriate */ int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) { return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF); } int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) { return asn1_item_flags_i2d(val, out, it, 0); } /* * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out' * points to a buffer to output the data to. The new i2d has one additional * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is * allocated and populated with the encoding. */ static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it, int flags) { if (out && !*out) { unsigned char *p, *buf; int len; len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); if (len <= 0) return len; buf = OPENSSL_malloc(len); if (!buf) return -1; p = buf; ASN1_item_ex_i2d(&val, &p, it, -1, flags); *out = buf; return len; } return ASN1_item_ex_i2d(&val, out, it, -1, flags); } /* * Encode an item, taking care of IMPLICIT tagging (if any). This function * performs the normal item handling: it can be used in external types. */ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) { const ASN1_TEMPLATE *tt = NULL; unsigned char *p = NULL; int i, seqcontlen, seqlen, ndef = 1; const ASN1_COMPAT_FUNCS *cf; const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb = 0; if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; if (aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; switch (it->itype) { case ASN1_ITYPE_PRIMITIVE: if (it->templates) return asn1_template_ex_i2d(pval, out, it->templates, tag, aclass); return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); break; case ASN1_ITYPE_MSTRING: + /* + * It never makes sense for multi-strings to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); case ASN1_ITYPE_CHOICE: + /* + * It never makes sense for CHOICE types to have implicit tagging, so + * if tag != -1, then this looks like an error in the template. + */ + if (tag != -1) { + ASN1err(ASN1_F_ASN1_ITEM_EX_I2D, ASN1_R_BAD_TEMPLATE); + return -1; + } if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; i = asn1_get_choice_selector(pval, it); if ((i >= 0) && (i < it->tcount)) { ASN1_VALUE **pchval; const ASN1_TEMPLATE *chtt; chtt = it->templates + i; pchval = asn1_get_field_ptr(pval, chtt); return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass); } /* Fixme: error condition if selector out of range */ if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) return 0; break; case ASN1_ITYPE_EXTERN: /* If new style i2d it does all the work */ ef = it->funcs; return ef->asn1_ex_i2d(pval, out, it, tag, aclass); case ASN1_ITYPE_COMPAT: /* old style hackery... */ cf = it->funcs; if (out) p = *out; i = cf->asn1_i2d(*pval, out); /* * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so * did the old code. Tags > 30 are very rare anyway. */ if (out && (tag != -1)) *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); return i; case ASN1_ITYPE_NDEF_SEQUENCE: /* Use indefinite length constructed if requested */ if (aclass & ASN1_TFLG_NDEF) ndef = 2; /* fall through */ case ASN1_ITYPE_SEQUENCE: i = asn1_enc_restore(&seqcontlen, out, pval, it); /* An error occurred */ if (i < 0) return 0; /* We have a valid cached encoding... */ if (i > 0) return seqcontlen; /* Otherwise carry on */ seqcontlen = 0; /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ if (tag == -1) { tag = V_ASN1_SEQUENCE; /* Retain any other flags in aclass */ aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) | V_ASN1_UNIVERSAL; } if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) return 0; /* First work out sequence content length */ for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; int tmplen; seqtt = asn1_do_adb(pval, tt, 1); if (!seqtt) return 0; pseqval = asn1_get_field_ptr(pval, seqtt); tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass); if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen)) return -1; seqcontlen += tmplen; } seqlen = ASN1_object_size(ndef, seqcontlen, tag); if (!out || seqlen == -1) return seqlen; /* Output SEQUENCE header */ ASN1_put_object(out, ndef, seqcontlen, tag, aclass); for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); if (!seqtt) return 0; pseqval = asn1_get_field_ptr(pval, seqtt); /* FIXME: check for errors in enhanced version */ asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass); } if (ndef == 2) ASN1_put_eoc(out); if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) return 0; return seqlen; default: return 0; } return 0; } int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt) { return asn1_template_ex_i2d(pval, out, tt, -1, 0); } static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt, int tag, int iclass) { int i, ret, flags, ttag, tclass, ndef; flags = tt->flags; /* * Work out tag and class to use: tagging may come either from the * template or the arguments, not both because this would create * ambiguity. Additionally the iclass argument may contain some * additional flags which should be noted and passed down to other * levels. */ if (flags & ASN1_TFLG_TAG_MASK) { /* Error if argument and template tagging */ if (tag != -1) /* FIXME: error code here */ return -1; /* Get tagging from template */ ttag = tt->tag; tclass = flags & ASN1_TFLG_TAG_CLASS; } else if (tag != -1) { /* No template tagging, get from arguments */ ttag = tag; tclass = iclass & ASN1_TFLG_TAG_CLASS; } else { ttag = -1; tclass = 0; } /* * Remove any class mask from iflag. */ iclass &= ~ASN1_TFLG_TAG_CLASS; /* * At this point 'ttag' contains the outer tag to use, 'tclass' is the * class and iclass is any flags passed to this function. */ /* if template and arguments require ndef, use it */ if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF)) ndef = 2; else ndef = 1; if (flags & ASN1_TFLG_SK_MASK) { /* SET OF, SEQUENCE OF */ STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; int isset, sktag, skaclass; int skcontlen, sklen; ASN1_VALUE *skitem; if (!*pval) return 0; if (flags & ASN1_TFLG_SET_OF) { isset = 1; /* 2 means we reorder */ if (flags & ASN1_TFLG_SEQUENCE_OF) isset = 2; } else isset = 0; /* * Work out inner tag value: if EXPLICIT or no tagging use underlying * type. */ if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) { sktag = ttag; skaclass = tclass; } else { skaclass = V_ASN1_UNIVERSAL; if (isset) sktag = V_ASN1_SET; else sktag = V_ASN1_SEQUENCE; } /* Determine total length of items */ skcontlen = 0; for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { int tmplen; skitem = sk_ASN1_VALUE_value(sk, i); tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass); if (tmplen == -1 || (skcontlen > INT_MAX - tmplen)) return -1; skcontlen += tmplen; } sklen = ASN1_object_size(ndef, skcontlen, sktag); if (sklen == -1) return -1; /* If EXPLICIT need length of surrounding tag */ if (flags & ASN1_TFLG_EXPTAG) ret = ASN1_object_size(ndef, sklen, ttag); else ret = sklen; if (!out || ret == -1) return ret; /* Now encode this lot... */ /* EXPLICIT tag */ if (flags & ASN1_TFLG_EXPTAG) ASN1_put_object(out, ndef, sklen, ttag, tclass); /* SET or SEQUENCE and IMPLICIT tag */ ASN1_put_object(out, ndef, skcontlen, sktag, skaclass); /* And the stuff itself */ asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), isset, iclass); if (ndef == 2) { ASN1_put_eoc(out); if (flags & ASN1_TFLG_EXPTAG) ASN1_put_eoc(out); } return ret; } if (flags & ASN1_TFLG_EXPTAG) { /* EXPLICIT tagging */ /* Find length of tagged item */ i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass); if (!i) return 0; /* Find length of EXPLICIT tag */ ret = ASN1_object_size(ndef, i, ttag); if (out && ret != -1) { /* Output tag and item */ ASN1_put_object(out, ndef, i, ttag, tclass); ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass); if (ndef == 2) ASN1_put_eoc(out); } return ret; } /* Either normal or IMPLICIT tagging: combine class and flags */ return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), ttag, tclass | iclass); } /* Temporary structure used to hold DER encoding of items for SET OF */ typedef struct { unsigned char *data; int length; ASN1_VALUE *field; } DER_ENC; static int der_cmp(const void *a, const void *b) { const DER_ENC *d1 = a, *d2 = b; int cmplen, i; cmplen = (d1->length < d2->length) ? d1->length : d2->length; i = memcmp(d1->data, d2->data, cmplen); if (i) return i; return d1->length - d2->length; } /* Output the content octets of SET OF or SEQUENCE OF */ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass) { int i; ASN1_VALUE *skitem; unsigned char *tmpdat = NULL, *p = NULL; DER_ENC *derlst = NULL, *tder; if (do_sort) { /* Don't need to sort less than 2 items */ if (sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; else { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); if (!derlst) return 0; tmpdat = OPENSSL_malloc(skcontlen); if (!tmpdat) { OPENSSL_free(derlst); return 0; } } } /* If not sorting just output each item */ if (!do_sort) { for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { skitem = sk_ASN1_VALUE_value(sk, i); ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); } return 1; } p = tmpdat; /* Doing sort: build up a list of each member's DER encoding */ for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { skitem = sk_ASN1_VALUE_value(sk, i); tder->data = p; tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); tder->field = skitem; } /* Now sort them */ qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); /* Output sorted DER encoding */ p = *out; for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { memcpy(p, tder->data, tder->length); p += tder->length; } *out = p; /* If do_sort is 2 then reorder the STACK */ if (do_sort == 2) { for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) (void)sk_ASN1_VALUE_set(sk, i, tder->field); } OPENSSL_free(derlst); OPENSSL_free(tmpdat); return 1; } static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) { int len; int utype; int usetag; int ndef = 0; utype = it->utype; /* * Get length of content octets and maybe find out the underlying type. */ len = asn1_ex_i2c(pval, NULL, &utype, it); /* * If SEQUENCE, SET or OTHER then header is included in pseudo content * octets so don't include tag+length. We need to check here because the * call to asn1_ex_i2c() could change utype. */ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) usetag = 0; else usetag = 1; /* -1 means omit type */ if (len == -1) return 0; /* -2 return is special meaning use ndef */ if (len == -2) { ndef = 2; len = 0; } /* If not implicitly tagged get tag from underlying type */ if (tag == -1) tag = utype; /* Output tag+length followed by content octets */ if (out) { if (usetag) ASN1_put_object(out, ndef, len, tag, aclass); asn1_ex_i2c(pval, *out, &utype, it); if (ndef) ASN1_put_eoc(out); else *out += len; } if (usetag) return ASN1_object_size(ndef, len, tag); return len; } /* Produce content octets from a structure */ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) { ASN1_BOOLEAN *tbool = NULL; ASN1_STRING *strtmp; ASN1_OBJECT *otmp; int utype; const unsigned char *cont; unsigned char c; int len; const ASN1_PRIMITIVE_FUNCS *pf; pf = it->funcs; if (pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it); /* Should type be omitted? */ if ((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) { if (!*pval) return -1; } if (it->itype == ASN1_ITYPE_MSTRING) { /* If MSTRING type set the underlying type */ strtmp = (ASN1_STRING *)*pval; utype = strtmp->type; *putype = utype; } else if (it->utype == V_ASN1_ANY) { /* If ANY set type and pointer to value */ ASN1_TYPE *typ; typ = (ASN1_TYPE *)*pval; utype = typ->type; *putype = utype; pval = &typ->value.asn1_value; } else utype = *putype; switch (utype) { case V_ASN1_OBJECT: otmp = (ASN1_OBJECT *)*pval; cont = otmp->data; len = otmp->length; if (cont == NULL || len == 0) return -1; break; case V_ASN1_NULL: cont = NULL; len = 0; break; case V_ASN1_BOOLEAN: tbool = (ASN1_BOOLEAN *)pval; if (*tbool == -1) return -1; if (it->utype != V_ASN1_ANY) { /* * Default handling if value == size field then omit */ if (*tbool && (it->size > 0)) return -1; if (!*tbool && !it->size) return -1; } c = (unsigned char)*tbool; cont = &c; len = 1; break; case V_ASN1_BIT_STRING: return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); break; case V_ASN1_INTEGER: case V_ASN1_ENUMERATED: /* * These are all have the same content format as ASN1_INTEGER */ return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); break; case V_ASN1_OCTET_STRING: case V_ASN1_NUMERICSTRING: case V_ASN1_PRINTABLESTRING: case V_ASN1_T61STRING: case V_ASN1_VIDEOTEXSTRING: case V_ASN1_IA5STRING: case V_ASN1_UTCTIME: case V_ASN1_GENERALIZEDTIME: case V_ASN1_GRAPHICSTRING: case V_ASN1_VISIBLESTRING: case V_ASN1_GENERALSTRING: case V_ASN1_UNIVERSALSTRING: case V_ASN1_BMPSTRING: case V_ASN1_UTF8STRING: case V_ASN1_SEQUENCE: case V_ASN1_SET: default: /* All based on ASN1_STRING and handled the same */ strtmp = (ASN1_STRING *)*pval; /* Special handling for NDEF */ if ((it->size == ASN1_TFLG_NDEF) && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) { if (cout) { strtmp->data = cout; strtmp->length = 0; } /* Special return code */ return -2; } cont = strtmp->data; len = strtmp->length; break; } if (cout && len) memcpy(cout, cont, len); return len; } Index: stable/11/crypto/openssl/crypto/x509v3/v3_genn.c =================================================================== --- stable/11/crypto/openssl/crypto/x509v3/v3_genn.c (revision 368529) +++ stable/11/crypto/openssl/crypto/x509v3/v3_genn.c (revision 368530) @@ -1,251 +1,291 @@ /* v3_genn.c */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project * 1999. */ /* ==================================================================== * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * licensing@OpenSSL.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ #include #include "cryptlib.h" #include #include #include ASN1_SEQUENCE(OTHERNAME) = { ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT), /* Maybe have a true ANY DEFINED BY later */ ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0) } ASN1_SEQUENCE_END(OTHERNAME) IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) ASN1_SEQUENCE(EDIPARTYNAME) = { - ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), - ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) + /* DirectoryString is a CHOICE type so use explicit tagging */ + ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), + ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) } ASN1_SEQUENCE_END(EDIPARTYNAME) IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) ASN1_CHOICE(GENERAL_NAME) = { ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME), ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL), ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS), /* Don't decode this */ ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400), /* X509_NAME is a CHOICE type so use EXPLICIT */ ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME), ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY), ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI), ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD), ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID) } ASN1_CHOICE_END(GENERAL_NAME) IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a) { return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME, (d2i_of_void *)d2i_GENERAL_NAME, (char *)a); } +static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) +{ + int res; + + if (a == NULL || b == NULL) { + /* + * Shouldn't be possible in a valid GENERAL_NAME, but we handle it + * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here + */ + return -1; + } + if (a->nameAssigner == NULL && b->nameAssigner != NULL) + return -1; + if (a->nameAssigner != NULL && b->nameAssigner == NULL) + return 1; + /* If we get here then both have nameAssigner set, or both unset */ + if (a->nameAssigner != NULL) { + res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); + if (res != 0) + return res; + } + /* + * partyName is required, so these should never be NULL. We treat it in + * the same way as the a == NULL || b == NULL case above + */ + if (a->partyName == NULL || b->partyName == NULL) + return -1; + + return ASN1_STRING_cmp(a->partyName, b->partyName); +} + /* Returns 0 if they are equal, != 0 otherwise. */ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) { int result = -1; if (!a || !b || a->type != b->type) return -1; switch (a->type) { case GEN_X400: + result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); + break; + case GEN_EDIPARTY: - result = ASN1_TYPE_cmp(a->d.other, b->d.other); + result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); break; case GEN_OTHERNAME: result = OTHERNAME_cmp(a->d.otherName, b->d.otherName); break; case GEN_EMAIL: case GEN_DNS: case GEN_URI: result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5); break; case GEN_DIRNAME: result = X509_NAME_cmp(a->d.dirn, b->d.dirn); break; case GEN_IPADD: result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); break; case GEN_RID: result = OBJ_cmp(a->d.rid, b->d.rid); break; } return result; } /* Returns 0 if they are equal, != 0 otherwise. */ int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) { int result = -1; if (!a || !b) return -1; /* Check their type first. */ if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) return result; /* Check the value. */ result = ASN1_TYPE_cmp(a->value, b->value); return result; } void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) { switch (type) { case GEN_X400: + a->d.x400Address = value; + break; + case GEN_EDIPARTY: - a->d.other = value; + a->d.ediPartyName = value; break; case GEN_OTHERNAME: a->d.otherName = value; break; case GEN_EMAIL: case GEN_DNS: case GEN_URI: a->d.ia5 = value; break; case GEN_DIRNAME: a->d.dirn = value; break; case GEN_IPADD: a->d.ip = value; break; case GEN_RID: a->d.rid = value; break; } a->type = type; } void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) { if (ptype) *ptype = a->type; switch (a->type) { case GEN_X400: + return a->d.x400Address; + case GEN_EDIPARTY: - return a->d.other; + return a->d.ediPartyName; case GEN_OTHERNAME: return a->d.otherName; case GEN_EMAIL: case GEN_DNS: case GEN_URI: return a->d.ia5; case GEN_DIRNAME: return a->d.dirn; case GEN_IPADD: return a->d.ip; case GEN_RID: return a->d.rid; default: return NULL; } } int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, ASN1_OBJECT *oid, ASN1_TYPE *value) { OTHERNAME *oth; oth = OTHERNAME_new(); if (!oth) return 0; ASN1_TYPE_free(oth->value); oth->type_id = oid; oth->value = value; GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); return 1; } int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, ASN1_OBJECT **poid, ASN1_TYPE **pvalue) { if (gen->type != GEN_OTHERNAME) return 0; if (poid) *poid = gen->d.otherName->type_id; if (pvalue) *pvalue = gen->d.otherName->value; return 1; }