#include <openssl/x509.h>
#include <openssl/x509v3.h>
-static int x509_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
-
-ASN1_SEQUENCE(X509_CINF) = {
+ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END(X509_CINF);
+} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+extern void policy_cache_free(X509_POLICY_CACHE *cache);
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+ void *exarg)
{
X509 *ret = (X509 *)*pval;
ret->ex_pathlen = -1;
ret->skid = NULL;
ret->akid = NULL;
+#ifndef OPENSSL_NO_RFC3779
+ ret->rfc3779_addr = NULL;
+ ret->rfc3779_asid = NULL;
+#endif
ret->aux = NULL;
- CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
+ ret->crldp = NULL;
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
break;
case ASN1_OP_D2I_POST:
break;
case ASN1_OP_FREE_POST:
- CRYPTO_free_ex_data(x509_meth,ret,&ret->ex_data);
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
X509_CERT_AUX_free(ret->aux);
ASN1_OCTET_STRING_free(ret->skid);
AUTHORITY_KEYID_free(ret->akid);
+ CRL_DIST_POINTS_free(ret->crldp);
+ policy_cache_free(ret->policy_cache);
+ GENERAL_NAMES_free(ret->altname);
+ NAME_CONSTRAINTS_free(ret->nc);
+#ifndef OPENSSL_NO_RFC3779
+ sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
+ ASIdentifiers_free(ret->rfc3779_asid);
+#endif
if (ret->name != NULL) OPENSSL_free(ret->name);
break;
ASN1_SIMPLE(X509, cert_info, X509_CINF),
ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509, X509);
+} ASN1_SEQUENCE_END_ref(X509, X509)
IMPLEMENT_ASN1_FUNCTIONS(X509)
-
-static ASN1_METHOD meth={
- (int (*)()) i2d_X509,
- (char *(*)())d2i_X509,
- (char *(*)())X509_new,
- (void (*)()) X509_free};
-
-ASN1_METHOD *X509_asn1_meth(void)
- {
- return(&meth);
- }
+IMPLEMENT_ASN1_DUP_FUNCTION(X509)
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
- x509_meth_num++;
- return(CRYPTO_get_ex_new_index(x509_meth_num-1,
- &x509_meth,argl,argp,new_func,dup_func,free_func));
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
+ new_func, dup_func, free_func);
}
int X509_set_ex_data(X509 *r, int idx, void *arg)
*
*/
-X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
{
- unsigned char *q;
+ const unsigned char *q;
X509 *ret;
/* Save start position */
q = *pp;
if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
return length;
}
+
+void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+ const X509 *x)
+ {
+ if (psig)
+ *psig = x->signature;
+ if (palg)
+ *palg = x->sig_alg;
+ }
+
+int X509_get_signature_nid(const X509 *x)
+ {
+ return OBJ_obj2nid(x->sig_alg->algorithm);
+ }