Rewrite and tidy ASN1_INTEGER and ASN1_ENUMERATED handling.
Remove code duplication.
New functions to convert between int64_t and ASN.1 types without the
quirks of the old long conversion functions.
Add documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
LIB=$(TOP)/libcrypto.a
LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
a_print.c a_type.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
- a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+ a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_bignum.c \
x_long.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
tasn_prn.c tasn_scn.c ameth_lib.c \
f_int.c f_string.c n_pkey.c \
- f_enum.c x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \
+ x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \
asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_strnid.c \
evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c \
asn_mstbl.c
LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
a_print.o a_type.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
- a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+ a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_bignum.o \
x_long.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
tasn_prn.o tasn_scn.o ameth_lib.o \
f_int.o f_string.o n_pkey.o \
- f_enum.o x_pkey.o bio_asn1.o bio_ndef.o asn_mime.o \
+ x_pkey.o bio_asn1.o bio_ndef.o asn_mime.o \
asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_strnid.o \
evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o \
asn_mstbl.o
a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
a_dup.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h
a_dup.o: a_dup.c
-a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_enum.o: ../include/internal/cryptlib.h a_enum.c
a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_asn1.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h
evp_asn1.o: evp_asn1.c
-f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
-f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-f_enum.o: ../../include/openssl/symhacks.h ../include/internal/cryptlib.h
-f_enum.o: f_enum.c
f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+++ /dev/null
-/* crypto/asn1/a_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-
-/*
- * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
- * for comments on encoding see a_int.c
- */
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
-{
- int j, k;
- unsigned int i;
- unsigned char buf[sizeof(long) + 1];
- long d;
-
- a->type = V_ASN1_ENUMERATED;
- if (a->length < (int)(sizeof(long) + 1)) {
- OPENSSL_free(a->data);
- if ((a->data = OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset(a->data, 0, sizeof(long) + 1);
- }
- if (a->data == NULL) {
- ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- d = v;
- if (d < 0) {
- d = -d;
- a->type = V_ASN1_NEG_ENUMERATED;
- }
-
- for (i = 0; i < sizeof(long); i++) {
- if (d == 0)
- break;
- buf[i] = (int)d & 0xff;
- d >>= 8;
- }
- j = 0;
- for (k = i - 1; k >= 0; k--)
- a->data[j++] = buf[k];
- a->length = j;
- return (1);
-}
-
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
-{
- int neg = 0, i;
- long r = 0;
-
- if (a == NULL)
- return (0L);
- i = a->type;
- if (i == V_ASN1_NEG_ENUMERATED)
- neg = 1;
- else if (i != V_ASN1_ENUMERATED)
- return -1;
-
- if (a->length > (int)sizeof(long)) {
- /* hmm... a bit ugly */
- return (0xffffffffL);
- }
- if (a->data == NULL)
- return 0;
-
- for (i = 0; i < a->length; i++) {
- r <<= 8;
- r |= (unsigned char)a->data[i];
- }
- if (neg)
- r = -r;
- return (r);
-}
-
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
-{
- ASN1_ENUMERATED *ret;
- int len, j;
-
- if (ai == NULL)
- ret = ASN1_ENUMERATED_new();
- else
- ret = ai;
- if (ret == NULL) {
- ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
- goto err;
- }
- if (BN_is_negative(bn))
- ret->type = V_ASN1_NEG_ENUMERATED;
- else
- ret->type = V_ASN1_ENUMERATED;
- j = BN_num_bits(bn);
- len = ((j == 0) ? 0 : ((j / 8) + 1));
- if (ret->length < len + 4) {
- unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
- if (!new_data) {
- ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ret->data = new_data;
- }
-
- ret->length = BN_bn2bin(bn, ret->data);
- return (ret);
- err:
- if (ret != ai)
- ASN1_ENUMERATED_free(ret);
- return (NULL);
-}
-
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
-{
- BIGNUM *ret;
-
- if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
- ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
- else if (ai->type == V_ASN1_NEG_ENUMERATED)
- BN_set_negative(ret, 1);
- return (ret);
-}
#include <stdio.h>
#include "internal/cryptlib.h"
+#include <limits.h>
#include <openssl/asn1.h>
#include <openssl/bn.h>
#include "asn1_locl.h"
}
/*-
- * This converts an ASN1 INTEGER into its content encoding.
+ * This converts a big endian buffer and sign into its content encoding.
+ * This is used for INTEGER and ENUMERATED types.
* The internal representation is an ASN1_STRING whose data is a big endian
* representation of the value, ignoring the sign. The sign is determined by
- * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
+ * the type: if type & V_ASN1_NEG is true it is negative, otherwise positive.
*
* Positive integers are no problem: they are almost the same as the DER
* encoding, except if the first byte is >= 0x80 we need to add a zero pad.
* followed by optional zeros isn't padded.
*/
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
+static size_t i2c_ibuf(const unsigned char *b, size_t blen, int neg,
+ unsigned char **pp)
{
- int pad = 0, ret, i, neg;
- unsigned char *p, *n, pb = 0;
+ int pad = 0;
+ size_t ret, i;
+ unsigned char *p, pb = 0;
+ const unsigned char *n;
- if (a == NULL)
- return (0);
- neg = a->type & V_ASN1_NEG;
- if (a->length == 0)
+ if (b == NULL || blen == 0)
ret = 1;
else {
- ret = a->length;
- i = a->data[0];
+ ret = blen;
+ i = b[0];
if (ret == 1 && i == 0)
neg = 0;
if (!neg && (i > 127)) {
* Special case: if any other bytes non zero we pad:
* otherwise we don't.
*/
- for (i = 1; i < a->length; i++)
- if (a->data[i]) {
+ for (i = 1; i < blen; i++)
+ if (b[i]) {
pad = 1;
pb = 0xFF;
break;
ret += pad;
}
if (pp == NULL)
- return (ret);
+ return ret;
p = *pp;
if (pad)
*(p++) = pb;
- if (a->length == 0)
+ if (blen == 0)
*(p++) = 0;
else if (!neg)
- memcpy(p, a->data, (unsigned int)a->length);
+ memcpy(p, b, blen);
else {
/* Begin at the end of the encoding */
- n = a->data + a->length - 1;
- p += a->length - 1;
- i = a->length;
+ n = b + blen - 1;
+ p += blen - 1;
+ i = blen;
/* Copy zeros to destination as long as source is zero */
while (!*n && i > 1) {
*(p--) = 0;
}
*pp += ret;
- return (ret);
+ return ret;
}
-/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
+/*
+ * convert content octets into a big endian buffer. Returns the length
+ * of buffer or 0 on error: for malformed INTEGER. If output bufer is
+ * NULL just return length.
+ */
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
- long len)
+static size_t c2i_ibuf(unsigned char *b, int *pneg,
+ const unsigned char *p, size_t plen)
{
- ASN1_INTEGER *ret = NULL;
- const unsigned char *p, *pend;
- unsigned char *to, *s;
- int i;
+ size_t i;
+ int neg, pad;
+ /* Zero content length is illegal */
+ if (plen == 0) {
+ ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_ZERO_CONTENT);
+ return 0;
+ }
+ neg = p[0] & 0x80;
+ if (pneg)
+ *pneg = neg;
+ /* Handle common case where length is 1 octet separately */
+ if (plen == 1) {
+ if (b) {
+ if (neg)
+ b[0] = (p[0] ^ 0xFF) + 1;
+ else
+ b[0] = p[0];
+ }
+ return 1;
+ }
+ if (p[0] == 0 || p[0] == 0xFF)
+ pad = 1;
+ else
+ pad = 0;
+ /* reject illegal padding: first two octets MSB can't match */
+ if (pad && (neg == (p[1] & 0x80))) {
+ ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_PADDING);
+ return 0;
+ }
+ /* If positive just copy across */
+ if (neg == 0) {
+ if (b)
+ memcpy(b, p + pad, plen - pad);
+ return plen - pad;
+ }
- if ((a == NULL) || ((*a) == NULL)) {
- if ((ret = ASN1_INTEGER_new()) == NULL)
- return (NULL);
- ret->type = V_ASN1_INTEGER;
- } else
- ret = (*a);
+ if (neg && pad) {
+ /* check is any following octets are non zero */
+ for (i = 1; i < plen; i++) {
+ if (p[i] != 0)
+ break;
+ }
+ /* if all bytes are zero handle as special case */
+ if (i == plen) {
+ if (b) {
+ b[0] = 1;
+ memset(b + 1, 0, plen - 1);
+ }
+ return plen;
+ }
+ }
- p = *pp;
- pend = p + len;
+ plen -= pad;
+ /* Must be negative: calculate twos complement */
+ if (b) {
+ const unsigned char *from = p + plen - 1 + pad;
+ unsigned char *to = b + plen - 1;
+ i = plen;
+ while (*from == 0 && i) {
+ *to-- = 0;
+ i--;
+ from--;
+ }
+ *to-- = (*from-- ^ 0xff) + 1;
+ OPENSSL_assert(i != 0);
+ i--;
+ for (; i > 0; i--)
+ *to-- = *from-- ^ 0xff;
+ }
+ return plen;
+}
- /*
- * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
- * a missing NULL parameter.
- */
- s = OPENSSL_malloc((int)len + 1);
- if (s == NULL) {
- i = ERR_R_MALLOC_FAILURE;
- goto err;
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
+{
+ return i2c_ibuf(a->data, a->length, a->type & V_ASN1_NEG, pp);
+}
+
+/* Convert big endian buffer into uint64_t, return 0 on error */
+static int asn1_get_uint64(uint64_t *pr, const unsigned char *b, size_t blen)
+{
+ size_t i;
+ if (blen > sizeof(*pr)) {
+ ASN1err(ASN1_F_ASN1_GET_UINT64, ASN1_R_TOO_LARGE);
+ return 0;
}
- to = s;
- if (!len) {
- /*
- * Strictly speaking this is an illegal INTEGER but we tolerate it.
- */
- ret->type = V_ASN1_INTEGER;
- } else if (*p & 0x80) { /* a negative number */
- ret->type = V_ASN1_NEG_INTEGER;
- if ((*p == 0xff) && (len != 1)) {
- p++;
- len--;
- }
- i = len;
- p += i - 1;
- to += i - 1;
- while ((!*p) && i) {
- *(to--) = 0;
- i--;
- p--;
+ *pr = 0;
+ if (b == NULL)
+ return 0;
+ for (i = 0; i < blen; i++) {
+ *pr <<= 8;
+ *pr |= b[i];
+ }
+ return 1;
+}
+
+static size_t asn1_put_uint64(unsigned char *b, uint64_t r)
+{
+ if (r >= 0x100) {
+ unsigned char *p;
+ uint64_t rtmp = r;
+ size_t i = 0;
+
+ /* Work out how many bytes we need */
+ while (rtmp) {
+ rtmp >>= 8;
+ i++;
}
- /*
- * Special case: if all zeros then the number will be of the form FF
- * followed by n zero bytes: this corresponds to 1 followed by n zero
- * bytes. We've already written n zeros so we just append an extra
- * one and set the first byte to a 1. This is treated separately
- * because it is the only case where the number of bytes is larger
- * than len.
- */
- if (!i) {
- *s = 1;
- s[len] = 0;
- len++;
- } else {
- *(to--) = (*(p--) ^ 0xff) + 1;
- i--;
- for (; i > 0; i--)
- *(to--) = *(p--) ^ 0xff;
+
+ /* Copy from end to beginning */
+ p = b + i - 1;
+
+ do {
+ *p-- = r & 0xFF;
+ r >>= 8;
+ } while (p >= b);
+
+ return i;
+ }
+
+ b[0] = (unsigned char)r;
+ return 1;
+
+}
+
+/*
+ * Absolute value of INT64_MIN: we can't just use -INT64_MIN as it produces
+ * overflow warnings.
+ */
+
+#define ABS_INT64_MIN \
+ ((uint64_t)INT64_MAX + (uint64_t)(-(INT64_MIN + INT64_MAX)))
+
+/* signed version of asn1_get_uint64 */
+static int asn1_get_int64(int64_t *pr, const unsigned char *b, size_t blen,
+ int neg)
+{
+ uint64_t r;
+ if (asn1_get_uint64(&r, b, blen) == 0)
+ return 0;
+ if (neg) {
+ if (r > ABS_INT64_MIN) {
+ ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_SMALL);
+ return 0;
}
+ *pr = (int64_t)-r;
} else {
- ret->type = V_ASN1_INTEGER;
- if ((*p == 0) && (len != 1)) {
- p++;
- len--;
+ if (r > INT64_MAX) {
+ ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_LARGE);
+ return 0;
}
- memcpy(s, p, (int)len);
+ *pr = (int64_t)r;
}
+ return 1;
+}
- OPENSSL_free(ret->data);
- ret->data = s;
- ret->length = (int)len;
+/* Convert ASN1 INTEGER content octets to ASN1_INTEGER structure */
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long len)
+{
+ ASN1_INTEGER *ret = NULL;
+ size_t r;
+ int neg;
+
+ r = c2i_ibuf(NULL, NULL, *pp, len);
+
+ if (r == 0)
+ return NULL;
+
+ if ((a == NULL) || ((*a) == NULL)) {
+ ret = ASN1_INTEGER_new();
+ if (ret == NULL)
+ return NULL;
+ ret->type = V_ASN1_INTEGER;
+ } else
+ ret = *a;
+
+ if (ASN1_STRING_set(ret, NULL, r) == 0)
+ goto err;
+
+ c2i_ibuf(ret->data, &neg, *pp, len);
+
+ if (neg)
+ ret->type |= V_ASN1_NEG;
+
+ *pp += len;
if (a != NULL)
(*a) = ret;
- *pp = pend;
- return (ret);
+ return ret;
err:
- ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
+ ASN1err(ASN1_F_C2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
if ((a == NULL) || (*a != ret))
ASN1_INTEGER_free(ret);
- return (NULL);
+ return NULL;
+}
+
+static int asn1_string_get_int64(int64_t *pr, const ASN1_STRING *a, int itype)
+{
+ if (a == NULL) {
+ ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if ((a->type & ~V_ASN1_NEG) != itype) {
+ ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ASN1_R_WRONG_INTEGER_TYPE);
+ return 0;
+ }
+ return asn1_get_int64(pr, a->data, a->length, a->type & V_ASN1_NEG);
+}
+
+static int asn1_string_set_int64(ASN1_STRING *a, int64_t r, int itype)
+{
+ unsigned char tbuf[sizeof(r)];
+ size_t l;
+ a->type = itype;
+ if (r < 0) {
+ l = asn1_put_uint64(tbuf, -r);
+ a->type |= V_ASN1_NEG;
+ } else {
+ l = asn1_put_uint64(tbuf, r);
+ a->type &= ~V_ASN1_NEG;
+ }
+ if (l == 0)
+ return 0;
+ return ASN1_STRING_set(a, tbuf, l);
}
/*
return (NULL);
}
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
+static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai,
+ int atype)
{
- int j, k;
- unsigned int i;
- unsigned char buf[sizeof(long) + 1];
-
- if (a->length < (int)(sizeof(long) + 1)) {
- OPENSSL_free(a->data);
- if ((a->data = OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset(a->data, 0, sizeof(long) + 1);
- }
- if (a->data == NULL) {
- ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
- return (0);
- }
- if (v < 0) {
- v = -v;
- a->type = V_ASN1_NEG_INTEGER;
- } else
- a->type = V_ASN1_INTEGER;
+ ASN1_INTEGER *ret;
+ int len;
- for (i = 0; i < sizeof(long); i++) {
- if (v == 0)
- break;
- buf[i] = (int)v & 0xff;
- v >>= 8;
+ if (ai == NULL) {
+ ret = ASN1_STRING_type_new(atype);
+ } else {
+ ret = ai;
+ ret->type = atype;
}
- j = 0;
- for (k = i - 1; k >= 0; k--)
- a->data[j++] = buf[k];
- a->length = j;
- return (1);
-}
-
-long ASN1_INTEGER_get(const ASN1_INTEGER *a)
-{
- int neg = 0, i;
- long r = 0;
- if (a == NULL)
- return (0L);
- i = a->type;
- if (i == V_ASN1_NEG_INTEGER)
- neg = 1;
- else if (i != V_ASN1_INTEGER)
- return -1;
-
- if (a->length > (int)sizeof(long)) {
- /* hmm... a bit ugly, return all ones */
- return -1;
+ if (ret == NULL) {
+ ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
}
- if (a->data == NULL)
- return 0;
- for (i = 0; i < a->length; i++) {
- r <<= 8;
- r |= (unsigned char)a->data[i];
- }
- if (neg)
- r = -r;
- return (r);
-}
+ if (BN_is_negative(bn) && !BN_is_zero(bn))
+ ret->type |= V_ASN1_NEG_INTEGER;
-ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
-{
- ASN1_INTEGER *ret;
- int len, j;
+ len = BN_num_bytes(bn);
- if (ai == NULL)
- ret = ASN1_INTEGER_new();
- else
- ret = ai;
- if (ret == NULL) {
- ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
+ if (len == 0)
+ len = 1;
+
+ if (ASN1_STRING_set(ret, NULL, len) == 0) {
+ ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (BN_is_negative(bn) && !BN_is_zero(bn))
- ret->type = V_ASN1_NEG_INTEGER;
- else
- ret->type = V_ASN1_INTEGER;
- j = BN_num_bits(bn);
- len = ((j == 0) ? 0 : ((j / 8) + 1));
- if (ret->length < len + 4) {
- unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
- if (!new_data) {
- ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ret->data = new_data;
- }
- ret->length = BN_bn2bin(bn, ret->data);
+
/* Correct zero case */
- if (!ret->length) {
+ if (BN_is_zero(bn))
ret->data[0] = 0;
- ret->length = 1;
- }
- return (ret);
+ else
+ len = BN_bn2bin(bn, ret->data);
+ ret->length = len;
+ return ret;
err:
if (ret != ai)
ASN1_INTEGER_free(ret);
return (NULL);
}
-BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
+static BIGNUM *asn1_string_to_bn(const ASN1_INTEGER *ai, BIGNUM *bn,
+ int itype)
{
BIGNUM *ret;
- if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
- ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
- else if (ai->type == V_ASN1_NEG_INTEGER)
+ if ((ai->type & ~V_ASN1_NEG) != itype) {
+ ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_WRONG_INTEGER_TYPE);
+ return NULL;
+ }
+
+ ret = BN_bin2bn(ai->data, ai->length, bn);
+ if (ret == 0) {
+ ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_BN_LIB);
+ return NULL;
+ }
+ if (ai->type & V_ASN1_NEG)
BN_set_negative(ret, 1);
- return (ret);
+ return ret;
+}
+
+int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a)
+{
+ return asn1_string_get_int64(pr, a, V_ASN1_INTEGER);
+}
+
+int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r)
+{
+ return asn1_string_set_int64(a, r, V_ASN1_INTEGER);
+}
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
+{
+ return ASN1_INTEGER_set_int64(a, v);
+}
+
+long ASN1_INTEGER_get(const ASN1_INTEGER *a)
+{
+ int i;
+ int64_t r;
+ if (a == NULL)
+ return 0;
+ i = ASN1_INTEGER_get_int64(&r, a);
+ if (i == 0)
+ return -1;
+ if (r > LONG_MAX || r < LONG_MIN)
+ return -1;
+ return (long)r;
+}
+
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
+{
+ return bn_to_asn1_string(bn, ai, V_ASN1_INTEGER);
+}
+
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
+{
+ return asn1_string_to_bn(ai, bn, V_ASN1_INTEGER);
+}
+
+int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a)
+{
+ return asn1_string_get_int64(pr, a, V_ASN1_ENUMERATED);
+}
+
+int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r)
+{
+ return asn1_string_set_int64(a, r, V_ASN1_ENUMERATED);
+}
+
+int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
+{
+ return ASN1_ENUMERATED_set_int64(a, v);
+}
+
+long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
+{
+ int i;
+ int64_t r;
+ if (a == NULL)
+ return 0;
+ if ((a->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED)
+ return -1;
+ if (a->length > (int)sizeof(long))
+ return 0xffffffffL;
+ i = ASN1_ENUMERATED_get_int64(&r, a);
+ if (i == 0)
+ return -1;
+ if (r > LONG_MAX || r < LONG_MIN)
+ return -1;
+ return (long)r;
+}
+
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai)
+{
+ return bn_to_asn1_string(bn, ai, V_ASN1_ENUMERATED);
+}
+
+BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn)
+{
+ return asn1_string_to_bn(ai, bn, V_ASN1_ENUMERATED);
}
/* crypto/asn1/asn1_err.c */
/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
+ {ERR_FUNC(ASN1_F_ASN1_GET_INT64), "ASN1_GET_INT64"},
{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
+ {ERR_FUNC(ASN1_F_ASN1_GET_UINT64), "ASN1_GET_UINT64"},
{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
- {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_NEW), "ASN1_ITEM_EX_NEW"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
+ {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_NEW), "ASN1_ITEM_EX_NEW"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
{ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
{ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
+ {ERR_FUNC(ASN1_F_ASN1_STRING_GET_INT64), "ASN1_STRING_GET_INT64"},
{ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
+ {ERR_FUNC(ASN1_F_ASN1_STRING_TO_BN), "ASN1_STRING_TO_BN"},
{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
{ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
+ {ERR_FUNC(ASN1_F_BN_TO_ASN1_STRING), "BN_TO_ASN1_STRING"},
{ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
{ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
{ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
+ {ERR_FUNC(ASN1_F_C2I_IBUF), "C2I_IBUF"},
{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"},
{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
"illegal options on item template"},
+ {ERR_REASON(ASN1_R_ILLEGAL_PADDING), "illegal padding"},
{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"},
{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"},
+ {ERR_REASON(ASN1_R_ILLEGAL_ZERO_CONTENT), "illegal zero content"},
{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
"integer too large for long"},
{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
"the asn1 object identifier is not known for this md"},
{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
+ {ERR_REASON(ASN1_R_TOO_LARGE), "too large"},
{ERR_REASON(ASN1_R_TOO_LONG), "too long"},
+ {ERR_REASON(ASN1_R_TOO_SMALL), "too small"},
{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
{ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
"unsupported public key type"},
{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
+ {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE), "wrong integer type"},
{ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
{ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
{ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
+++ /dev/null
-/* crypto/asn1/f_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "internal/cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
-{
- int i, n = 0;
- static const char *h = "0123456789ABCDEF";
- char buf[2];
-
- if (a == NULL)
- return (0);
-
- if (a->length == 0) {
- if (BIO_write(bp, "00", 2) != 2)
- goto err;
- n = 2;
- } else {
- for (i = 0; i < a->length; i++) {
- if ((i != 0) && (i % 35 == 0)) {
- if (BIO_write(bp, "\\\n", 2) != 2)
- goto err;
- n += 2;
- }
- buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
- buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
- if (BIO_write(bp, buf, 2) != 2)
- goto err;
- n += 2;
- }
- }
- return (n);
- err:
- return (-1);
-}
-
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
-{
- int i, j, k, m, n, again, bufsize;
- unsigned char *s = NULL, *sp;
- unsigned char *bufp;
- int num = 0, slen = 0, first = 1;
-
- bs->type = V_ASN1_ENUMERATED;
-
- bufsize = BIO_gets(bp, buf, size);
- for (;;) {
- if (bufsize < 1)
- goto err;
- i = bufsize;
- if (buf[i - 1] == '\n')
- buf[--i] = '\0';
- if (i == 0)
- goto err;
- if (buf[i - 1] == '\r')
- buf[--i] = '\0';
- if (i == 0)
- goto err;
- again = (buf[i - 1] == '\\');
-
- for (j = 0; j < i; j++) {
- if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
- ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
- ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
- i = j;
- break;
- }
- }
- buf[i] = '\0';
- /*
- * We have now cleared all the crap off the end of the line
- */
- if (i < 2)
- goto err;
-
- bufp = (unsigned char *)buf;
- if (first) {
- first = 0;
- if ((bufp[0] == '0') && (buf[1] == '0')) {
- bufp += 2;
- i -= 2;
- }
- }
- k = 0;
- i -= again;
- if (i % 2 != 0) {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS);
- return 0;
- }
- i /= 2;
- if (num + i > slen) {
- sp = OPENSSL_realloc(s, (unsigned int)num + i * 2);
- if (sp == NULL) {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(s);
- return 0;
- }
- s = sp;
- slen = num + i * 2;
- }
- for (j = 0; j < i; j++, k += 2) {
- for (n = 0; n < 2; n++) {
- m = bufp[k + n];
- if ((m >= '0') && (m <= '9'))
- m -= '0';
- else if ((m >= 'a') && (m <= 'f'))
- m = m - 'a' + 10;
- else if ((m >= 'A') && (m <= 'F'))
- m = m - 'A' + 10;
- else {
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
- ASN1_R_NON_HEX_CHARACTERS);
- return 0;
- }
- s[num + j] <<= 4;
- s[num + j] |= m;
- }
- }
- num += i;
- if (again)
- bufsize = BIO_gets(bp, buf, size);
- else
- break;
- }
- bs->length = num;
- bs->data = s;
- return 1;
-
- err:
- ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
- return 0;
-}
ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
return 0;
}
+
+int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
+{
+ return i2a_ASN1_INTEGER(bp, a);
+}
+
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
+{
+ int rv = a2i_ASN1_INTEGER(bp, bs, buf, size);
+ if (rv == 1)
+ bs->type = V_ASN1_INTEGER | (bs->type & V_ASN1_NEG);
+ return rv;
+}
--- /dev/null
+=pod
+
+=head1 NAME
+
+ASN1_INTEGER_get_int64, ASN1_INTEGER_get, ASN1_INTEGER_set_int64, ASN1_INTEGER_set, BN_to_ASN1_INTEGER, ASN1_INTEGER_to_BN, ASN1_ENUMERATED_get_int64, ASN1_ENUMERATED_get, ASN1_ENUMERATED_set_int64, ASN1_ENUMERATED_set, BN_to_ASN1_ENUMERATED, ASN1_ENUMERATED_to_BN, - ASN.1 INTEGER and ENUMERATED utilities
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ int ASN1_INTEGER_get(ASN1_INTEGER *a, long v);
+
+ int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+ long ASN1_INTEGER_set(const ASN1_INTEGER *a);
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+ int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
+
+ int ASN1_ENUMERATED_set_int64(ASN1_INTEGER *a, int64_t r);
+ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
+
+=head1 DESCRIPTION
+
+These functions convert to and from B<ASN1_INTEGER> and B<ASN1_ENUMERATED>
+structures.
+
+ASN1_INTEGER_get_int64() converts an B<ASN1_INTEGER> into an B<int64_t> type
+If successful it returns 1 and sets B<*pr> to the value of B<a>. If it fails
+(due to invalid type or the value being too big to fit into an B<int64_t> type)
+it returns 0.
+
+ASN1_INTEGER_get() also returns the value of B<a> but it returns 0 if B<a> is
+NULL and -1 on error (which is ambiguous because -1 is a legitimate value for
+an B<ASN1_INTEGER>). New applications should use ASN1_INTEGER_get_int64()
+instead.
+
+ASN1_INTEGER_set_int64() sets the value of B<ASN1_INTEGER> B<a> to the
+B<int64_t> value B<r>.
+
+ASN1_INTEGER_set() sets the value of B<ASN1_INTEGER> B<a> to the B<long> value
+B<v>.
+
+BN_to_ASN1_INTEGER() converts B<BIGNUM> B<bn> to an B<ASN1_INTEGER>. If B<ai>
+is NULL a new B<ASN1_INTEGER> structure is returned. If B<ai> is not NULL then
+the existing structure will be used instead.
+
+ASN1_INTEGER_to_BN() converts ASN1_INTEGER B<ai> into a B<BIGNUM>. If B<bn> is
+NULL a new B<BIGNUM> structure is returned. If B<bn> is not NULL then the
+existing structure will be used instead.
+
+ASN1_ENUMERATED_get_int64(), ASN1_ENUMERATED_set_int64(),
+ASN1_ENUMERATED_set(), BN_to_ASN1_ENUMERATED() and ASN1_ENUMERATED_to_BN()
+behave in an identical way to their ASN1_INTEGER counterparts except they
+operate on an B<ASN1_ENUMERATED> value.
+
+ASN1_ENUMERATED_get() returns the value of B<a> in a similar way to
+ASN1_INTEGER_get() but it returns B<0xffffffffL> if the value of B<a> will not
+fit in a long type. New applications should use ASN1_ENUMERATED_get_int64()
+instead.
+
+=head1 NOTES
+
+In general an B<ASN1_INTEGER> or B<ASN1_ENUMERATED> type can contain an
+integer of almost arbitrary size and so cannot always be represented by a C
+B<int64_t> type. However in many cases (for example version numbers) they
+represent small integers which can be more easily manipulated if converted to
+an appropriate C integer type.
+
+=head1 BUGS
+
+The ambigious return values of ASN1_INTEGER_get() and ASN1_ENUMERATED_get()
+mean these functions should be avoided if possible. They are retained for
+compatibility. Normally the ambigious return values are not legitimate
+values for the fields they represent.
+
+=head1 RETURN VALUES
+
+ASN1_INTEGER_set_int64(), ASN1_INTEGER_set(), ASN1_ENUMERATED_set_int64() and
+ASN1_ENUMERATED_set() return 1 for success and 0 for failure. They will only
+fail if a memory allocation error occurs.
+
+ASN1_INTEGER_get_int64() and ASN1_ENUMERATED_get_int64() return 1 for success
+and 0 for failure. They will fail if the passed type is incorrect (this will
+only happen if there is a programming error) or if the value exceeds the range
+of an B<int64_t> type.
+
+BN_to_ASN1_INTEGER() and BN_to_ASN1_ENUMERATED() return an B<ASN1_INTEGER> or
+B<ASN1_ENUMERATED> structure respectively or NULL if an error occurs. They will
+only fail due to a memory allocation error.
+
+ASN1_INTEGER_to_BN() and ASN1_ENUMERATED_to_BN() return a B<BIGNUM> structure
+of NULL if an error occurs. They can fail if the pased type is incorrect
+(due to programming error) or due to a memory allocation failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+ASN1_INTEGER_set_int64(), ASN1_INTEGER_get_int64(),
+ASN1_ENUMERATED_set_int64() and ASN1_ENUMERATED_get_int64()
+were added to OpenSSL 1.1.0.
+
+=cut
ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
const char *sn, const char *ln);
+int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
long ASN1_INTEGER_get(const ASN1_INTEGER *a);
ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a);
+int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r);
+
+
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai);
+BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn);
/* General */
/* given a string, return the correct type, max is the maximum length */
# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
# define ASN1_F_ASN1_GENERATE_V3 178
+# define ASN1_F_ASN1_GET_INT64 224
# define ASN1_F_ASN1_GET_OBJECT 114
+# define ASN1_F_ASN1_GET_UINT64 225
# define ASN1_F_ASN1_HEADER_NEW 115
# define ASN1_F_ASN1_I2D_BIO 116
# define ASN1_F_ASN1_I2D_FP 117
# define ASN1_F_ASN1_INTEGER_TO_BN 119
# define ASN1_F_ASN1_ITEM_D2I_FP 206
# define ASN1_F_ASN1_ITEM_DUP 191
-# define ASN1_F_ASN1_ITEM_EX_NEW 121
# define ASN1_F_ASN1_ITEM_EX_D2I 120
+# define ASN1_F_ASN1_ITEM_EX_NEW 121
# define ASN1_F_ASN1_ITEM_I2D_BIO 192
# define ASN1_F_ASN1_ITEM_I2D_FP 193
# define ASN1_F_ASN1_ITEM_PACK 198
# define ASN1_F_ASN1_SEQ_UNPACK 127
# define ASN1_F_ASN1_SIGN 128
# define ASN1_F_ASN1_STR2TYPE 179
+# define ASN1_F_ASN1_STRING_GET_INT64 227
# define ASN1_F_ASN1_STRING_SET 186
# define ASN1_F_ASN1_STRING_TABLE_ADD 129
+# define ASN1_F_ASN1_STRING_TO_BN 228
# define ASN1_F_ASN1_STRING_TYPE_NEW 130
# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
# define ASN1_F_ASN1_TEMPLATE_NEW 133
# define ASN1_F_BITSTR_CB 180
# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
# define ASN1_F_BN_TO_ASN1_INTEGER 139
+# define ASN1_F_BN_TO_ASN1_STRING 229
# define ASN1_F_C2I_ASN1_BIT_STRING 189
# define ASN1_F_C2I_ASN1_INTEGER 194
# define ASN1_F_C2I_ASN1_OBJECT 196
+# define ASN1_F_C2I_IBUF 226
# define ASN1_F_COLLECT_DATA 140
# define ASN1_F_D2I_ASN1_BIT_STRING 141
# define ASN1_F_D2I_ASN1_BOOLEAN 142
# define ASN1_R_ILLEGAL_OBJECT 183
# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
+# define ASN1_R_ILLEGAL_PADDING 221
# define ASN1_R_ILLEGAL_TAGGED_ANY 127
# define ASN1_R_ILLEGAL_TIME_VALUE 184
+# define ASN1_R_ILLEGAL_ZERO_CONTENT 222
# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
# define ASN1_R_TAG_VALUE_TOO_HIGH 153
# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
+# define ASN1_R_TOO_LARGE 223
# define ASN1_R_TOO_LONG 155
+# define ASN1_R_TOO_SMALL 224
# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
# define ASN1_R_TYPE_NOT_PRIMITIVE 195
# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
# define ASN1_R_UNSUPPORTED_TYPE 196
+# define ASN1_R_WRONG_INTEGER_TYPE 225
# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
# define ASN1_R_WRONG_TAG 168
# define ASN1_R_WRONG_TYPE 169