Merge from the ASN1 branch of new ASN1 code
authorDr. Stephen Henson <steve@openssl.org>
Fri, 8 Dec 2000 19:09:35 +0000 (19:09 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 8 Dec 2000 19:09:35 +0000 (19:09 +0000)
to main trunk.

Lets see if the makes it to openssl-cvs :-)

121 files changed:
CHANGES
README.ASN1 [new file with mode: 0644]
apps/ca.c
apps/req.c
crypto/asn1/Makefile.ssl
crypto/asn1/a_bitstr.c
crypto/asn1/a_bmp.c [deleted file]
crypto/asn1/a_bool.c
crypto/asn1/a_bytes.c
crypto/asn1/a_dup.c
crypto/asn1/a_enum.c
crypto/asn1/a_gentm.c
crypto/asn1/a_i2d_fp.c
crypto/asn1/a_int.c
crypto/asn1/a_null.c [deleted file]
crypto/asn1/a_octet.c
crypto/asn1/a_print.c
crypto/asn1/a_time.c
crypto/asn1/a_type.c
crypto/asn1/a_utctm.c
crypto/asn1/a_utf8.c
crypto/asn1/a_vis.c [deleted file]
crypto/asn1/asn1.h
crypto/asn1/asn1_err.c
crypto/asn1/asn1_lib.c
crypto/asn1/asn1t.h [new file with mode: 0644]
crypto/asn1/d2i_dhp.c [deleted file]
crypto/asn1/d2i_dsap.c [deleted file]
crypto/asn1/d2i_r_pr.c [deleted file]
crypto/asn1/d2i_r_pu.c [deleted file]
crypto/asn1/d2i_s_pr.c [deleted file]
crypto/asn1/d2i_s_pu.c [deleted file]
crypto/asn1/i2d_dhp.c [deleted file]
crypto/asn1/i2d_dsap.c [deleted file]
crypto/asn1/i2d_r_pr.c [deleted file]
crypto/asn1/i2d_r_pu.c [deleted file]
crypto/asn1/i2d_s_pr.c [deleted file]
crypto/asn1/i2d_s_pu.c [deleted file]
crypto/asn1/n_pkey.c
crypto/asn1/nsseq.c
crypto/asn1/p5_pbe.c
crypto/asn1/p5_pbev2.c
crypto/asn1/p7_dgst.c [deleted file]
crypto/asn1/p7_enc.c [deleted file]
crypto/asn1/p7_enc_c.c [deleted file]
crypto/asn1/p7_evp.c [deleted file]
crypto/asn1/p7_i_s.c [deleted file]
crypto/asn1/p7_lib.c [deleted file]
crypto/asn1/p7_recip.c [deleted file]
crypto/asn1/p7_s_e.c [deleted file]
crypto/asn1/p7_signd.c [deleted file]
crypto/asn1/p7_signi.c [deleted file]
crypto/asn1/p8_pkey.c
crypto/asn1/t_req.c
crypto/asn1/t_spki.c
crypto/asn1/t_x509a.c
crypto/asn1/tasn_dec.c [new file with mode: 0644]
crypto/asn1/tasn_enc.c [new file with mode: 0644]
crypto/asn1/tasn_fre.c [new file with mode: 0644]
crypto/asn1/tasn_new.c [new file with mode: 0644]
crypto/asn1/tasn_prn.c [new file with mode: 0644]
crypto/asn1/tasn_typ.c [new file with mode: 0644]
crypto/asn1/tasn_utl.c [new file with mode: 0644]
crypto/asn1/x_algor.c
crypto/asn1/x_attrib.c
crypto/asn1/x_bignum.c [new file with mode: 0644]
crypto/asn1/x_crl.c
crypto/asn1/x_exten.c
crypto/asn1/x_info.c
crypto/asn1/x_long.c [new file with mode: 0644]
crypto/asn1/x_name.c
crypto/asn1/x_pubkey.c
crypto/asn1/x_req.c
crypto/asn1/x_sig.c
crypto/asn1/x_spki.c
crypto/asn1/x_val.c
crypto/asn1/x_x509.c
crypto/asn1/x_x509a.c
crypto/dh/Makefile.ssl
crypto/dh/dh_asn1.c [new file with mode: 0644]
crypto/dsa/Makefile.ssl
crypto/dsa/dsa.h
crypto/dsa/dsa_asn1.c
crypto/dsa/dsa_err.c
crypto/pkcs12/Makefile.ssl
crypto/pkcs12/p12_asn.c [new file with mode: 0644]
crypto/pkcs12/p12_attr.c
crypto/pkcs12/pkcs12.h
crypto/pkcs7/Makefile.ssl
crypto/pkcs7/pk7_asn1.c [new file with mode: 0644]
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_lib.c
crypto/pkcs7/pkcs7.h
crypto/rsa/Makefile.ssl
crypto/rsa/rsa.h
crypto/rsa/rsa_asn1.c [new file with mode: 0644]
crypto/stack/safestack.h
crypto/x509/Makefile.ssl
crypto/x509/x509.h
crypto/x509/x509_att.c
crypto/x509/x509_req.c
crypto/x509/x509_v3.c
crypto/x509/x509spki.c
crypto/x509v3/Makefile.ssl
crypto/x509v3/v3_akey.c
crypto/x509v3/v3_alt.c
crypto/x509v3/v3_bcons.c
crypto/x509v3/v3_cpols.c
crypto/x509v3/v3_crld.c
crypto/x509v3/v3_extku.c
crypto/x509v3/v3_genn.c
crypto/x509v3/v3_info.c
crypto/x509v3/v3_pku.c
crypto/x509v3/v3_purp.c
crypto/x509v3/v3_sxnet.c
crypto/x509v3/v3_utl.c
crypto/x509v3/v3conf.c
crypto/x509v3/v3prin.c
crypto/x509v3/x509v3.h
demos/asn1/README.ASN1 [new file with mode: 0644]
demos/asn1/ocsp.c [new file with mode: 0644]

diff --git a/CHANGES b/CHANGES
index 8c2380a6a998c54167476a76363ecd00603a23cd..acc4a85ebc6bae615c52a8dabed350291f7827ad 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,10 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+     completely replaces the old ASN1 functionality.
+     [Steve Henson]
+
   *) Change BN_mod_exp_recp so that negative moduli are tolerated
      (the sign is ignored).  Similarly, ignore the sign in BN_MONT_CTX_set
      so that BN_mod_exp_mont and BN_mod_exp_mont_word work
diff --git a/README.ASN1 b/README.ASN1
new file mode 100644 (file)
index 0000000..11bcfaf
--- /dev/null
@@ -0,0 +1,187 @@
+
+OpenSSL ASN1 Revision
+=====================
+
+This document describes some of the issues relating to the new ASN1 code.
+
+Previous OpenSSL ASN1 problems
+=============================
+
+OK why did the OpenSSL ASN1 code need revising in the first place? Well
+there are lots of reasons some of which are included below...
+
+1. The code is difficult to read and write. For every single ASN1 structure
+(e.g. SEQUENCE) four functions need to be written for new, free, encode and
+decode operations. This is a very painful and error prone operation. Very few
+people have ever written any OpenSSL ASN1 and those that have usually wish
+they hadn't.
+
+2. Partly because of 1. the code is bloated and takes up a disproportionate
+amount of space. The SEQUENCE encoder is particularly bad: it essentially
+contains two copies of the same operation, one to compute the SEQUENCE length
+and the other to encode it.
+
+3. The code is memory based: that is it expects to be able to read the whole
+structure from memory. This is fine for small structures but if you have a
+(say) 1Gb PKCS#7 signedData structure it isn't such a good idea...
+
+4. The code for the ASN1 IMPLICIT tag is evil. It is handled by temporarily
+changing the tag to the expected one, attempting to read it, then changing it
+back again. This means that decode buffers have to be writable even though they
+are ultimately unchanged. This gets in the way of constification.
+
+5. The handling of EXPLICIT isn't much better. It adds a chunk of code into 
+the decoder and encoder for every EXPLICIT tag.
+
+6. APPLICATION and PRIVATE tags aren't even supported at all.
+
+7. Even IMPLICIT isn't complete: there is no support for implicitly tagged
+types that are not OPTIONAL.
+
+8. Much of the code assumes that a tag will fit in a single octet. This is
+only true if the tag is 30 or less (mercifully tags over 30 are rare).
+
+9. The ASN1 CHOICE type has to be largely handled manually, there aren't any
+macros that properly support it.
+
+10. Encoders have no concept of OPTIONAL and have no error checking. If the
+passed structure contains a NULL in a mandatory field it will not be encoded,
+resulting in an invalid structure.
+
+11. It is tricky to add ASN1 encoders and decoders to external applications.
+
+Template model
+==============
+
+One of the major problems with revision is the sheer volume of the ASN1 code.
+Attempts to change (for example) the IMPLICIT behaviour would result in a
+modification of *every* single decode function. 
+
+I decided to adopt a template based approach. I'm using the term 'template'
+in a manner similar to SNACC templates: it has nothing to do with C++
+templates.
+
+A template is a description of an ASN1 module as several constant C structures.
+It describes in a machine readable way exactly how the ASN1 structure should
+behave. If this template contains enough detail then it is possible to write
+versions of new, free, encode, decode (and possibly others operations) that
+operate on templates.
+
+Instead of having to write code to handle each operation only a single
+template needs to be written. If new operations are needed (such as a 'print'
+operation) only a single new template based function needs to be written 
+which will then automatically handle all existing templates.
+
+Plans for revision
+==================
+
+The revision will consist of the following steps. Other than the first two
+these can be handled in any order.
+o Design and write template new, free, encode and decode operations, initially
+memory based. *DONE*
+
+o Convert existing ASN1 code to template form. *IN PROGRESS*
+
+o Convert an existing ASN1 compiler (probably SNACC) to output templates
+in OpenSSL form.
+
+o Add support for BIO based ASN1 encoders and decoders to handle large
+structures, initially blocking I/O.
+
+o Add support for non blocking I/O: this is quite a bit harder than blocking
+I/O.
+
+o Add new ASN1 structures, such as OCSP, CRMF, S/MIME v3 (CMS), attribute
+certificates etc etc.
+
+Description of major changes
+============================
+
+The BOOLEAN type now takes three values. 0xff is TRUE, 0 is FALSE and -1 is
+absent. The meaning of absent depends on the context. If for example the
+boolean type is DEFAULT FALSE (as in the case of the critical flag for
+certificate extensions) then -1 is FALSE, if DEFAULT TRUE then -1 is TRUE.
+Usually the value will only ever be read via an API which will hide this from
+an application.
+
+There is an evil bug in the old ASN1 code that mishandles OPTIONAL with
+SEQUENCE OF or SET OF. These are both implemented as a STACK structure. The
+old code would omit the structure if the STACK was NULL (which is fine) or if
+it had zero elements (which is NOT OK). This causes problems because an empty
+SEQUENCE OF or SET OF will result in an empty STACK when it is decoded but when
+it is encoded it will be omitted resulting in different encodings. The new code
+only omits the encoding if the STACK is NULL, if it contains zero elements it
+is encoded and empty. There is an additional problem though: because an empty
+STACK was omitted, sometimes the corresponding *_new() function would
+initialize the STACK to empty so an application could immediately use it, if
+this is done with the new code (i.e. a NULL) it wont work. Therefore a new
+STACK should be allocated first. One instance of this is the X509_CRL list of
+revoked certificates: a helper function X509_CRL_add0_revoked() has been added
+for this purpose.
+
+The X509_ATTRIBUTE structure used to have an element called 'set' which took
+the value 1 if the attribute value was a SET OF or 0 if it was a single. Due
+to the behaviour of CHOICE in the new code this has been changed to a field
+called 'single' which is 0 for a SET OF and 1 for single. The old field has
+been deleted to deliberately break source compatibility. Since this structure
+is normally accessed via higher level functions this shouldn't break too much.
+
+The X509_REQ_INFO certificate request info structure no longer has a field
+called 'req_kludge'. This used to be set to 1 if the attributes field was
+(incorrectly) omitted. You can check to see if the field is omitted now by
+checking if the attributes field is NULL. Similarly if you need to omit
+the field then free attributes and set it to NULL.
+
+The top level 'detached' field in the PKCS7 structure is no longer set when
+a PKCS#7 structure is read in. PKCS7_is_detached() should be called instead.
+The behaviour of PKCS7_get_detached() is unaffected.
+
+The values of 'type' in the GENERAL_NAME structure have changed. This is
+because the old code use the ASN1 initial octet as the selector. The new
+code uses the index in the ASN1_CHOICE template.
+
+The DIST_POINT_NAME structure has changed to be a true CHOICE type.
+
+typedef struct DIST_POINT_NAME_st {
+int type;
+union {
+       STACK_OF(GENERAL_NAME) *fullname;
+       STACK_OF(X509_NAME_ENTRY) *relativename;
+} name;
+} DIST_POINT_NAME;
+
+This means that name.fullname or name.relativename should be set
+and type reflects the option. That is if name.fullname is set then
+type is 0 and if name.relativename is set type is 1.
+
+With the old code using the i2d functions would typically involve:
+
+unsigned char *buf, *p;
+int len;
+/* Find length of encoding */
+len = i2d_SOMETHING(x, NULL);
+/* Allocate buffer */
+buf = OPENSSL_malloc(len);
+if(buf == NULL) {
+       /* Malloc error */
+}
+/* Use temp variable because &p gets updated to point to end of
+ * encoding.
+ */
+p = buf;
+i2d_SOMETHING(x, &p);
+
+
+Using the new i2d you can also do:
+
+unsigned char *buf = NULL;
+int len;
+len = i2d_SOMETHING(x, &buf);
+if(len < 0) {
+       /* Malloc error */
+}
+
+and it will automatically allocate and populate a buffer with the
+encoding. After this call 'buf' will point to the start of the
+encoding which is len bytes long.
index 3f855a156586e7859ad3db8943723b391b817027..c0677a5f2b3db5fcfaaf34bc32a4d864a2dac72c 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1201,7 +1201,7 @@ bad:
                                if (!a2i_ASN1_INTEGER(hex,r->serialNumber,
                                        buf[0],BSIZE)) goto err;
 
-                               sk_X509_REVOKED_push(ci->revoked,r);
+                               X509_CRL_add0_revoked(crl,r);
                                }
                        }
                /* sort the data so it will be written in serial
index 4c4b9e3eac7464046d512093dde610165918c8a8..7b8b4dbd60bc956ef848a183ca406542c300a07b 100644 (file)
@@ -752,8 +752,11 @@ loop:
                                }
 
                        i=make_REQ(req,pkey,!x509);
-                       if (kludge >= 0)
-                               req->req_info->req_kludge=kludge;
+                       if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes))
+                               {
+                               sk_X509_ATTRIBUTE_free(req->req_info->attributes);
+                               req->req_info->attributes = NULL;
+                               }
                        if (!i)
                                {
                                BIO_printf(bio_err,"problems making Certificate Request\n");
index 3e88b3e409fcf83b79a4ac947e04ce4484667636..5dd662843bacfca6e849dfc5eb5a7d57d95c42f3 100644 (file)
@@ -23,39 +23,33 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC=        a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
-       a_null.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
-       a_enum.c a_vis.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
-       x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
-       x_name.c x_cinf.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
-       d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
-       d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
+       a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+       a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+       x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+       x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
        d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
        t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
-       p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \
-       p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
-       f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
+       tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+       f_int.c f_string.c n_pkey.c \
        f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
        asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
        evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c
 LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
-       a_null.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
-       a_enum.o a_vis.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
-       x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
-       x_name.o x_cinf.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
-       d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
-       d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
+       a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+       a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+       x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+       x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
        d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
        t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
-       p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \
-       p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
-       f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
+       tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+       f_int.o f_string.o n_pkey.o \
        f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
        asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
        evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o
 
 SRC= $(LIBSRC)
 
-EXHEADER=  asn1.h asn1_mac.h
+EXHEADER=  asn1.h asn1_mac.h asn1t.h
 HEADER=        $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
@@ -124,30 +118,22 @@ a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 a_bitstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_bitstr.o: ../cryptlib.h
-a_bmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bmp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bmp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bmp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bmp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bmp.o: ../cryptlib.h
-a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bool.o: ../cryptlib.h
-a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bytes.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+a_bool.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bool.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_bytes.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bytes.o: ../cryptlib.h
 a_d2i_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 a_d2i_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -177,14 +163,14 @@ a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_dup.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_dup.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_dup.o: ../cryptlib.h
 a_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
@@ -209,12 +195,11 @@ a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
 a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_i2d_fp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_i2d_fp.o: ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_i2d_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 a_i2d_fp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_i2d_fp.o: ../cryptlib.h
@@ -242,14 +227,6 @@ a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_meth.o: ../cryptlib.h
-a_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_null.o: ../cryptlib.h
 a_object.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 a_object.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 a_object.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
@@ -331,15 +308,15 @@ a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 a_strnid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_strnid.o: ../cryptlib.h
-a_time.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_time.o: ../cryptlib.h
-a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+a_time.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+a_time.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_time.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 a_type.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 a_type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
@@ -383,26 +360,17 @@ a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_vis.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_vis.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_vis.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_vis.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_vis.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_vis.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_vis.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_vis.o: ../cryptlib.h
 asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
 asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
 asn1_err.o: ../../include/openssl/opensslconf.h
 asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 asn1_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn1_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_lib.o: ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 asn1_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 asn1_lib.o: ../cryptlib.h
@@ -423,27 +391,6 @@ asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 asn_pack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 asn_pack.o: ../cryptlib.h
-d2i_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-d2i_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-d2i_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-d2i_dhp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dhp.o: ../cryptlib.h
-d2i_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_dsap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_dsap.o: ../../include/openssl/opensslconf.h
-d2i_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dsap.o: ../cryptlib.h
 d2i_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 d2i_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 d2i_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -480,48 +427,6 @@ d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
 d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pr.o: ../../include/openssl/opensslconf.h
-d2i_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pu.o: ../../include/openssl/opensslconf.h
-d2i_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pr.o: ../../include/openssl/opensslconf.h
-d2i_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pr.o: ../cryptlib.h
-d2i_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pu.o: ../../include/openssl/opensslconf.h
-d2i_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pu.o: ../cryptlib.h
 evp_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
 evp_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -555,25 +460,6 @@ f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 f_string.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 f_string.o: ../cryptlib.h
-i2d_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-i2d_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-i2d_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-i2d_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dhp.o: ../cryptlib.h
-i2d_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_dsap.o: ../../include/openssl/opensslconf.h
-i2d_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dsap.o: ../cryptlib.h
 i2d_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 i2d_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -610,88 +496,47 @@ i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
 i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pr.o: ../../include/openssl/opensslconf.h
-i2d_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pu.o: ../../include/openssl/opensslconf.h
-i2d_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pr.o: ../../include/openssl/opensslconf.h
-i2d_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pr.o: ../cryptlib.h
-i2d_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pu.o: ../../include/openssl/opensslconf.h
-i2d_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pu.o: ../cryptlib.h
 n_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-n_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-n_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-n_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+n_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+n_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+n_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+n_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+n_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+n_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+n_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+n_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h
+nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 nsseq.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
 nsseq.o: ../../include/openssl/des.h ../../include/openssl/dh.h
 nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-nsseq.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-nsseq.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-nsseq.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-nsseq.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
+nsseq.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
+nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+nsseq.o: ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 p5_pbe.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p5_pbe.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -712,7 +557,7 @@ p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p5_pbe.o: ../cryptlib.h
-p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -733,207 +578,7 @@ p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p5_pbev2.o: ../cryptlib.h
-p7_dgst.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_dgst.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_dgst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_dgst.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_dgst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_dgst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_dgst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_dgst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_dgst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_dgst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_dgst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_dgst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_dgst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_dgst.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc_c.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc_c.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc_c.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc_c.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc_c.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc_c.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc_c.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc_c.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc_c.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc_c.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc_c.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc_c.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc_c.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc_c.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc_c.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_enc_c.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_enc_c.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc_c.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc_c.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc_c.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_evp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_evp.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_evp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_evp.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_evp.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_evp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_evp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_evp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_evp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_evp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_evp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_evp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_evp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_evp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_evp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_evp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_i_s.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_i_s.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_i_s.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_i_s.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_i_s.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_i_s.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_i_s.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_i_s.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_i_s.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_i_s.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_i_s.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_i_s.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_i_s.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_i_s.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_i_s.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_i_s.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_i_s.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_i_s.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_i_s.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_recip.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_recip.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_recip.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_recip.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_recip.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_recip.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_recip.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_recip.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_recip.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_recip.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_recip.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_recip.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_recip.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_recip.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_recip.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_recip.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_recip.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_recip.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_recip.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_recip.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_s_e.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_s_e.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_s_e.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_s_e.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_s_e.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_s_e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_s_e.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_s_e.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_s_e.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_s_e.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_s_e.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_s_e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_s_e.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_s_e.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_s_e.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_s_e.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_s_e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_s_e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_s_e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signd.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signd.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signd.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signd.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_signd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_signd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signi.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signi.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signi.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signi.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signi.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signi.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signi.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signi.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signi.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signi.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signi.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signi.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signi.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signi.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_signi.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_signi.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signi.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signi.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signi.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1025,26 +670,26 @@ t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_spki.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_spki.o: ../cryptlib.h
 t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -1066,33 +711,71 @@ t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_x509a.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_x509a.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_x509a.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+t_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509a.o: ../cryptlib.h
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_dec.o: ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
+tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_fre.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
+tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_new.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_typ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
+tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_algor.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_algor.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_algor.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
 x_algor.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
 x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
 x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
@@ -1105,8 +788,8 @@ x_algor.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
 x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_algor.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_algor.o: ../../include/openssl/x509_vfy.h
+x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1126,27 +809,16 @@ x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_cinf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_cinf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_cinf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_cinf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_cinf.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_cinf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_cinf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_cinf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_cinf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_cinf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_cinf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_cinf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_cinf.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_cinf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-x_cinf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-x_cinf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_cinf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_cinf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_cinf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_bignum.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_bignum.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x_bignum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_bignum.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+x_bignum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_bignum.o: ../cryptlib.h
+x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_crl.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1166,13 +838,12 @@ x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_exten.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_exten.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_exten.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
 x_exten.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
 x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
 x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
@@ -1185,28 +856,36 @@ x_exten.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
 x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_exten.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_info.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_exten.o: ../../include/openssl/x509_vfy.h
+x_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_info.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h
+x_long.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_long.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x_long.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_long.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_long.o: ../../include/openssl/symhacks.h ../cryptlib.h
+x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_name.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_name.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1246,7 +925,7 @@ x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1266,7 +945,7 @@ x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_pubkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_pubkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_req.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1286,7 +965,7 @@ x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_sig.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_sig.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1306,7 +985,7 @@ x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1326,7 +1005,7 @@ x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_val.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_val.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1346,7 +1025,7 @@ x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -1368,7 +1047,7 @@ x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 x_x509.o: ../cryptlib.h
-x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
index 7013a407ad68385d0f82c27ec6d4aed864f5d4ea..46e97038a28c8fc9d072a6eb05e385f53c868e54 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_BIT_STRING *ASN1_BIT_STRING_new(void)
-{ return M_ASN1_BIT_STRING_new(); }
-
-void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x)
-{ M_ASN1_BIT_STRING_free(x); }
-
 int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
 { return M_ASN1_BIT_STRING_set(x, d, len); }
 
-int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-{
-       int len, ret;
-       len = i2c_ASN1_BIT_STRING(a, NULL);     
-       ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING);
-       if(pp) {
-               ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
-               i2c_ASN1_BIT_STRING(a, pp);     
-       }
-       return ret;
-}
-
 int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
        {
        int ret,j,bits,len;
@@ -129,40 +111,6 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
        return(ret);
        }
 
-
-/* Convert DER encoded ASN1 BIT_STRING to ASN1_BIT_STRING structure */
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
-            long length)
-{
-       unsigned char *p;
-       long len;
-       int i;
-       int inf,tag,xclass;
-       ASN1_BIT_STRING *ret;
-
-       p= *pp;
-       inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-       if (inf & 0x80)
-               {
-               i=ASN1_R_BAD_OBJECT_HEADER;
-               goto err;
-               }
-
-       if (tag != V_ASN1_BIT_STRING)
-               {
-               i=ASN1_R_EXPECTING_A_BIT_STRING;
-               goto err;
-               }
-       if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
-       ret = c2i_ASN1_BIT_STRING(a, &p, len);
-       if(ret) *pp = p;
-       return ret;
-err:
-       ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
-       return(NULL);
-
-}
-
 ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
             long len)
        {
diff --git a/crypto/asn1/a_bmp.c b/crypto/asn1/a_bmp.c
deleted file mode 100644 (file)
index d9ac5a0..0000000
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_bmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_BMPSTRING *ASN1_BMPSTRING_new(void)
-{ return M_ASN1_BMPSTRING_new(); }
-
-void ASN1_BMPSTRING_free(ASN1_BMPSTRING *x)
-{ M_ASN1_BMPSTRING_free(x); }
-
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp)
-       {
-       return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-               V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL));
-       }
-
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
-            long length)
-       {
-       ASN1_BMPSTRING *ret=NULL;
-
-       ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-               pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
-       if (ret == NULL)
-               {
-               ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR);
-               return(NULL);
-               }
-       return(ret);
-       }
-
index 18fa61840b4b9e750650775ade2c5ec744198172..24333ea4d5250bed4eb611cb9fcdfd4d6a7e99c4 100644 (file)
@@ -58,7 +58,7 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 
 int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
        {
@@ -110,3 +110,5 @@ err:
        ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
        return(ret);
        }
+
+
index 3a0c0c783551bca509e3efa230625a65e63b7e2c..aa4b570d387db6f7ba48dafa61a5bc1b8aaec35a 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 
 static unsigned long tag2bit[32]={
 0,     0,      0,      B_ASN1_BIT_STRING,      /* tags  0 -  3 */
 B_ASN1_OCTET_STRING,   0,      0,              B_ASN1_UNKNOWN,/* tags  4- 7 */
 B_ASN1_UNKNOWN,        B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags  8-11 */
 B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0,     0,      B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
-B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
-0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
-B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
+0,     0,      B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,   /* tags 16-19 */
+B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,       /* tags 20-22 */
+B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,                               /* tags 23-24 */ 
+B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,  /* tags 25-27 */
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */
        };
 
+unsigned long ASN1_tag2bit(int tag)
+{
+       if((tag < 0) || (tag > 30)) return 0;
+       return tag2bit[tag];
+}
+
 static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
 /* type is a 'bitmap' of acceptable string types.
  */
index c3bda58a5d9ec849fcc1cf7cd3df5ebc079a890b..60e2e9a0a051689e2033fc50ff67fd88ac92285f 100644 (file)
@@ -58,7 +58,7 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 
 #define READ_CHUNK   2048
 
index 1428d1df7a499c18510ec8e5de8f70f8887f5605..b507c5ee44bb56c4189b0f97e3219ad38ba4d292 100644 (file)
  * for comments on encoding see a_int.c
  */
 
-ASN1_ENUMERATED *ASN1_ENUMERATED_new(void)
-{ return M_ASN1_ENUMERATED_new(); }
-
-void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x)
-{ M_ASN1_ENUMERATED_free(x); }
-
-
-int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
-{
-       int len, ret;
-       if(!a) return 0;
-       len = i2c_ASN1_INTEGER(a, NULL);        
-       ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED);
-       if(pp) {
-               ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
-               i2c_ASN1_INTEGER(a, pp);        
-       }
-       return ret;
-}
-
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
-            long length)
-{
-       unsigned char *p;
-       long len;
-       int i;
-       int inf,tag,xclass;
-       ASN1_ENUMERATED *ret;
-
-       p= *pp;
-       inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-       if (inf & 0x80)
-               {
-               i=ASN1_R_BAD_OBJECT_HEADER;
-               goto err;
-               }
-
-       if (tag != V_ASN1_ENUMERATED)
-               {
-               i=ASN1_R_EXPECTING_AN_ENUMERATED;
-               goto err;
-               }
-       ret = c2i_ASN1_INTEGER(a, &p, len);
-       if(ret) {
-               ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED;
-               *pp = p;
-       }
-       return ret;
-err:
-       ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
-       return(NULL);
-
-}
-
 int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
        {
        int i,j,k;
index 314479a03dad4481bdfc58d003ee1b635b57bd08..d71c190c776e8beff3d35ba984db493b71979a91 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void)
-{ return M_ASN1_GENERALIZEDTIME_new(); }
-
-void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *x)
-{ M_ASN1_GENERALIZEDTIME_free(x); }
+#if 0
 
 int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
        {
@@ -116,6 +112,8 @@ err:
        return(NULL);
        }
 
+#endif
+
 int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
        {
        static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
index aee29a779000c444ea3996da7c298647bc6b49ba..7b64a5704d6f7de793688297945ea7c987b4c58c 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 
 #ifndef NO_FP_API
 int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
index 6f0413f885c16e8297c3fd9a7a25e612bdff23ee..c18376be48a09cdd16679cb971a927d9938c1aa4 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_INTEGER *ASN1_INTEGER_new(void)
-{ return M_ASN1_INTEGER_new();}
-
-void ASN1_INTEGER_free(ASN1_INTEGER *x)
-{ M_ASN1_INTEGER_free(x);}
-
 ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
 { return M_ASN1_INTEGER_dup(x);}
 
 int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
 { return M_ASN1_INTEGER_cmp(x,y);}
 
-/* Output ASN1 INTEGER including tag+length */
-
-int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-{
-       int len, ret;
-       if(!a) return 0;
-       len = i2c_ASN1_INTEGER(a, NULL);        
-       ret=ASN1_object_size(0,len,V_ASN1_INTEGER);
-       if(pp) {
-               ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
-               i2c_ASN1_INTEGER(a, pp);        
-       }
-       return ret;
-}
-
 /* 
  * This converts an ASN1 INTEGER into its content encoding.
  * The internal representation is an ASN1_STRING whose data is a big endian
@@ -174,39 +153,6 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
        return(ret);
        }
 
-/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
-            long length)
-{
-       unsigned char *p;
-       long len;
-       int i;
-       int inf,tag,xclass;
-       ASN1_INTEGER *ret;
-
-       p= *pp;
-       inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-       if (inf & 0x80)
-               {
-               i=ASN1_R_BAD_OBJECT_HEADER;
-               goto err;
-               }
-
-       if (tag != V_ASN1_INTEGER)
-               {
-               i=ASN1_R_EXPECTING_AN_INTEGER;
-               goto err;
-               }
-       ret = c2i_ASN1_INTEGER(a, &p, len);
-       if(ret) *pp = p;
-       return ret;
-err:
-       ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
-       return(NULL);
-
-}
-
-
 /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
 
 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
diff --git a/crypto/asn1/a_null.c b/crypto/asn1/a_null.c
deleted file mode 100644 (file)
index 119fd78..0000000
+++ /dev/null
@@ -1,119 +0,0 @@
-/* a_null.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/* ASN1 functions for NULL type. For compatibility with other ASN1 code
- * it returns a pointer to an "ASN1_NULL" structure. The new/free functions
- * don't need to do any allocating because nothing is stored in a NULL.
- */
-
-int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **pp)
-       {
-       if(!a) return 0;
-       if (pp) ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
-       return 2;
-       }
-
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp, long length)
-       {
-       ASN1_NULL *ret = NULL;
-       unsigned char *p;
-       long len;
-       int inf,tag,xclass;
-       int i=0;
-
-       p= *pp;
-       inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
-       if (inf & 0x80)
-               {
-               i=ASN1_R_BAD_OBJECT_HEADER;
-               goto err;
-               }
-
-       if (tag != V_ASN1_NULL)
-               {
-               i=ASN1_R_EXPECTING_A_NULL;
-               goto err;
-               }
-
-       if (len != 0)
-               {
-               i=ASN1_R_NULL_IS_WRONG_LENGTH;
-               goto err;
-               }
-       ret=(ASN1_NULL *)1;
-       if (a != NULL) (*a)=ret;
-       *pp=p;
-       return(ret);
-err:
-       ASN1err(ASN1_F_D2I_ASN1_NULL,i);
-       return(ret);
-       }
-
-ASN1_NULL *ASN1_NULL_new(void)
-{
-       return (ASN1_NULL *)1;
-}
-
-void ASN1_NULL_free(ASN1_NULL *a)
-{
-       return;
-}
index 2586f4327dc6e80071fb14a4fe312151928952a1..9690bae0f12d49d6400a245c513d9c74592ba786 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void)
-{ return M_ASN1_OCTET_STRING_new(); }
-
-void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x)
-{ M_ASN1_OCTET_STRING_free(x); }
-
 ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
 { return M_ASN1_OCTET_STRING_dup(x); }
 
@@ -75,21 +69,3 @@ int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
 int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
 { return M_ASN1_OCTET_STRING_set(x, d, len); }
 
-int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp)
-{ return M_i2d_ASN1_OCTET_STRING(a, pp); }
-
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
-            unsigned char **pp, long length)
-       {
-       ASN1_OCTET_STRING *ret=NULL;
-
-       ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-               pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
-       if (ret == NULL)
-               {
-               ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
-               return(NULL);
-               }
-       return(ret);
-       }
-
index b7bd2bd18aeb5b05d23000d9f7c8f51dffb40762..8035513f04789673ab23a966dac9ba73b66cca3b 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_IA5STRING *ASN1_IA5STRING_new(void)
-{ return M_ASN1_IA5STRING_new();}
-
-void ASN1_IA5STRING_free(ASN1_IA5STRING *x)
-{ M_ASN1_IA5STRING_free(x);}
-
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp)
-       { return(M_i2d_ASN1_IA5STRING(a,pp)); }
-
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp,
-            long l)
-       { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
-
-ASN1_T61STRING *ASN1_T61STRING_new(void)
-{ return M_ASN1_T61STRING_new();}
-
-void ASN1_T61STRING_free(ASN1_T61STRING *x)
-{ M_ASN1_T61STRING_free(x);}
-
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp,
-            long l)
-       { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
-
-ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void)
-{ return M_ASN1_PRINTABLESTRING_new();}
-
-void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x)
-{ M_ASN1_PRINTABLESTRING_free(x);}
-
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
-            unsigned char **pp, long l)
-       { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,
-            l)); }
-
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp)
-       { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); }
-
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp)
-       { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
-
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp,
-            long l)
-       { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
-
 int ASN1_PRINTABLE_type(unsigned char *s, int len)
        {
        int c;
@@ -169,29 +125,3 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
        s->type=ASN1_PRINTABLE_type(s->data,s->length);
        return(1);
        }
-
-ASN1_STRING *DIRECTORYSTRING_new(void)
-{ return M_DIRECTORYSTRING_new();}
-
-void DIRECTORYSTRING_free(ASN1_STRING *x)
-{ M_DIRECTORYSTRING_free(x);}
-
-int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp)
-       { return(M_i2d_DIRECTORYSTRING(a,pp)); }
-
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
-            long l)
-       { return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
-
-ASN1_STRING *DISPLAYTEXT_new(void)
-{ return M_DISPLAYTEXT_new();}
-
-void DISPLAYTEXT_free(ASN1_STRING *x)
-{ M_DISPLAYTEXT_free(x);}
-
-int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp)
-       { return(M_i2d_DISPLAYTEXT(a,pp)); }
-
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp,
-            long l)
-       { return(M_d2i_DISPLAYTEXT(a,pp,l)); }
index 8c0ddee4ac3e34ab7fcec43a6c53549a21447b58..edc4929c361c0512ec4c9eaff19a9939a51fb050 100644 (file)
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 
-ASN1_TIME *ASN1_TIME_new(void)
-{ return M_ASN1_TIME_new(); }
+IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
 
-void ASN1_TIME_free(ASN1_TIME *x)
-{ M_ASN1_TIME_free(x); }
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
 
+#if 0
 int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
        {
 #ifdef CHARSET_EBCDIC
@@ -95,19 +94,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
        ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
        return -1;
        }
-
-
-ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
-       {
-       unsigned char tag;
-       tag = **pp & ~V_ASN1_CONSTRUCTED;
-       if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL))
-                                        return d2i_ASN1_UTCTIME(a, pp, length);
-       if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL))
-                               return d2i_ASN1_GENERALIZEDTIME(a, pp, length);
-       ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
-       return(NULL);
-       }
+#endif
 
 
 ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
index e72a6b29e0f0975fda35e1c2da94fb51e705c1e9..96e111cf237b6b22cd031f0acde2d158b99a72db 100644 (file)
  */
 
 #include <stdio.h>
+#include <openssl/asn1t.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-static void ASN1_TYPE_component_free(ASN1_TYPE *a);
-int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
-       {
-       int r=0;
-
-       if (a == NULL) return(0);
-
-       switch (a->type)
-               {
-       case V_ASN1_NULL:
-               if (pp != NULL)
-                       ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
-               r=2;
-               break;
-       case V_ASN1_INTEGER:
-       case V_ASN1_NEG_INTEGER:
-               r=i2d_ASN1_INTEGER(a->value.integer,pp);
-               break;
-       case V_ASN1_ENUMERATED:
-       case V_ASN1_NEG_ENUMERATED:
-               r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp);
-               break;
-       case V_ASN1_BIT_STRING:
-               r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
-               break;
-       case V_ASN1_OCTET_STRING:
-               r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
-               break;
-       case V_ASN1_OBJECT:
-               r=i2d_ASN1_OBJECT(a->value.object,pp);
-               break;
-       case V_ASN1_PRINTABLESTRING:
-               r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
-               break;
-       case V_ASN1_T61STRING:
-               r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
-               break;
-       case V_ASN1_IA5STRING:
-               r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
-               break;
-       case V_ASN1_GENERALSTRING:
-               r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
-               break;
-       case V_ASN1_UNIVERSALSTRING:
-               r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
-               break;
-       case V_ASN1_UTF8STRING:
-               r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp);
-               break;
-       case V_ASN1_VISIBLESTRING:
-               r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp);
-               break;
-       case V_ASN1_BMPSTRING:
-               r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
-               break;
-       case V_ASN1_UTCTIME:
-               r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
-               break;
-       case V_ASN1_GENERALIZEDTIME:
-               r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp);
-               break;
-       case V_ASN1_SET:
-       case V_ASN1_SEQUENCE:
-       case V_ASN1_OTHER:
-       default:
-               if (a->value.set == NULL)
-                       r=0;
-               else
-                       {
-                       r=a->value.set->length;
-                       if (pp != NULL)
-                               {
-                               memcpy(*pp,a->value.set->data,r);
-                               *pp+=r;
-                               }
-                       }
-               break;
-               }
-       return(r);
-       }
-
-ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
-       {
-       ASN1_TYPE *ret=NULL;
-       unsigned char *q,*p,*max;
-       int inf,tag,xclass;
-       long len;
-
-       if ((a == NULL) || ((*a) == NULL))
-               {
-               if ((ret=ASN1_TYPE_new()) == NULL) goto err;
-               }
-       else
-               ret=(*a);
-
-       p= *pp;
-       q=p;
-       max=(p+length);
-
-       inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
-       if (inf & 0x80) goto err;
-       /* If not universal tag we've no idea what it is */
-       if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
-       
-       ASN1_TYPE_component_free(ret);
-
-       switch (tag)
-               {
-       case V_ASN1_NULL:
-               p=q;
-               ret->value.ptr=NULL;
-               break;
-       case V_ASN1_INTEGER:
-               if ((ret->value.integer=
-                       d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_ENUMERATED:
-               if ((ret->value.enumerated=
-                       d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_BIT_STRING:
-               if ((ret->value.bit_string=
-                       d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_OCTET_STRING:
-               if ((ret->value.octet_string=
-                       d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_VISIBLESTRING:
-               if ((ret->value.visiblestring=
-                       d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_UTF8STRING:
-               if ((ret->value.utf8string=
-                       d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_OBJECT:
-               if ((ret->value.object=
-                       d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_PRINTABLESTRING:
-               if ((ret->value.printablestring=
-                       d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_T61STRING:
-               if ((ret->value.t61string=
-                       M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_IA5STRING:
-               if ((ret->value.ia5string=
-                       M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_GENERALSTRING:
-               if ((ret->value.generalstring=
-                       M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_UNIVERSALSTRING:
-               if ((ret->value.universalstring=
-                       M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_BMPSTRING:
-               if ((ret->value.bmpstring=
-                       M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_UTCTIME:
-               if ((ret->value.utctime=
-                       d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_GENERALIZEDTIME:
-               if ((ret->value.generalizedtime=
-                       d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL)
-                       goto err;
-               break;
-       case V_ASN1_SET:
-       case V_ASN1_SEQUENCE:
-       case V_ASN1_OTHER:
-       default:
-               /* Sets and sequences are left complete */
-               if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
-               ret->value.set->type=tag;
-               len+=(q-p);
-               if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
-               p+=len;
-               break;
-               }
-
-       ret->type=tag;
-       if (a != NULL) (*a)=ret;
-       *pp=p;
-       return(ret);
-err:
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
-       return(NULL);
-       }
-
-ASN1_TYPE *ASN1_TYPE_new(void)
-       {
-       ASN1_TYPE *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,ASN1_TYPE);
-       ret->type= -1;
-       ret->value.ptr=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
-       }
-
-void ASN1_TYPE_free(ASN1_TYPE *a)
-       {
-       if (a == NULL) return;
-       ASN1_TYPE_component_free(a);
-       OPENSSL_free(a);
-       }
 
 int ASN1_TYPE_get(ASN1_TYPE *a)
        {
@@ -299,54 +71,11 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
        {
        if (a->value.ptr != NULL)
-               ASN1_TYPE_component_free(a);
+               ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
        a->type=type;
        a->value.ptr=value;
        }
 
-static void ASN1_TYPE_component_free(ASN1_TYPE *a)
-       {
-       if (a == NULL) return;
-
-       if (a->value.ptr != NULL)
-               {
-               switch (a->type)
-                       {
-               case V_ASN1_OBJECT:
-                       ASN1_OBJECT_free(a->value.object);
-                       break;
-               case V_ASN1_NULL:
-                       break;
-               case V_ASN1_INTEGER:
-               case V_ASN1_NEG_INTEGER:
-               case V_ASN1_ENUMERATED:
-               case V_ASN1_NEG_ENUMERATED:
-               case V_ASN1_BIT_STRING:
-               case V_ASN1_OCTET_STRING:
-               case V_ASN1_SEQUENCE:
-               case V_ASN1_SET:
-               case V_ASN1_NUMERICSTRING:
-               case V_ASN1_PRINTABLESTRING:
-               case V_ASN1_T61STRING:
-               case V_ASN1_VIDEOTEXSTRING:
-               case V_ASN1_IA5STRING:
-               case V_ASN1_UTCTIME:
-               case V_ASN1_GENERALIZEDTIME:
-               case V_ASN1_GRAPHICSTRING:
-               case V_ASN1_VISIBLESTRING:
-               case V_ASN1_GENERALSTRING:
-               case V_ASN1_UNIVERSALSTRING:
-               case V_ASN1_BMPSTRING:
-               case V_ASN1_UTF8STRING:
-               case V_ASN1_OTHER:
-               default:
-                       ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
-                       break;
-                       }
-               a->type=0;
-               a->value.ptr=NULL;
-               }
-       }
 
 IMPLEMENT_STACK_OF(ASN1_TYPE)
 IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
index d381c9e0d1e6e8807774479da04681b6f1194cb0..6ddeaff0ec4c615cb90225e4bdde6e1d4a09b2ca 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_UTCTIME *ASN1_UTCTIME_new(void)
-{ return M_ASN1_UTCTIME_new(); }
-
-void ASN1_UTCTIME_free(ASN1_UTCTIME *x)
-{ M_ASN1_UTCTIME_free(x); }
-
+#if 0
 int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
        {
 #ifndef CHARSET_EBCDIC
@@ -119,6 +114,8 @@ err:
        return(NULL);
        }
 
+#endif
+
 int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
        {
        static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
index 854278f136e75977ac888d7e392224ca9415ca6a..508e11e527c8c4b2b4bc84e872f453c58c179073 100644 (file)
 #include "cryptlib.h"
 #include <openssl/asn1.h>
 
-ASN1_UTF8STRING *ASN1_UTF8STRING_new(void)
-{ return M_ASN1_UTF8STRING_new();}
-
-void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x)
-{ M_ASN1_UTF8STRING_free(x);}
-
-int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
-       {
-       return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-               V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
-       }
-
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp,
-            long length)
-       {
-       ASN1_UTF8STRING *ret=NULL;
-
-       ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-               pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL);
-       if (ret == NULL)
-               {
-               ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR);
-               return(NULL);
-               }
-       return(ret);
-       }
-
 
 /* UTF8 utilities */
 
diff --git a/crypto/asn1/a_vis.c b/crypto/asn1/a_vis.c
deleted file mode 100644 (file)
index 5cfc080..0000000
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_vis.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void)
-{ return M_ASN1_VISIBLESTRING_new(); }
-
-void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *x)
-{ M_ASN1_VISIBLESTRING_free(x); }
-
-int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **pp)
-       {
-       return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
-               V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL));
-       }
-
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
-            unsigned char **pp, long length)
-       {
-       ASN1_VISIBLESTRING *ret=NULL;
-
-       ret=(ASN1_VISIBLESTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
-               pp,length,V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL);
-       if (ret == NULL)
-               {
-               ASN1err(ASN1_F_D2I_ASN1_VISIBLESTRING,ERR_R_NESTED_ASN1_ERROR);
-               return(NULL);
-               }
-       return(ret);
-       }
-
index 3daf4e483a200217d974b98de03503d76a9703dc..a0680359478c4e643995e1ea9637b70ee42dfdbc 100644 (file)
@@ -84,6 +84,7 @@ extern "C" {
 
 #define V_ASN1_APP_CHOOSE              -2      /* let the recipient choose */
 #define V_ASN1_OTHER                   -3      /* used in ASN1_TYPE */
+#define V_ASN1_ANY                     -4      /* used in ASN1 template code */
 
 #define V_ASN1_NEG                     0x100   /* negative flag */
 
@@ -136,6 +137,8 @@ extern "C" {
 #define B_ASN1_BMPSTRING       0x0800
 #define B_ASN1_UNKNOWN         0x1000
 #define B_ASN1_UTF8STRING      0x2000
+#define B_ASN1_UTCTIME         0x4000
+#define B_ASN1_GENERALIZEDTIME 0x8000
 
 /* For use with ASN1_mbstring_copy() */
 #define MBSTRING_FLAG          0x1000
@@ -193,6 +196,21 @@ typedef struct asn1_string_st
        long flags;
        } ASN1_STRING;
 
+/* ASN1_ENCODING structure: this is used to save the received
+ * encoding of an ASN1 type. This is useful to get round
+ * problems with invalid encodings which can break signatures.
+ */
+
+typedef struct ASN1_ENCODING_st
+       {
+       unsigned char *enc;     /* DER encoding */
+       long len;               /* Length of encoding */
+       int modified;            /* set to 1 if 'enc' is invalid */
+       } ASN1_ENCODING;
+
+/* Used with ASN1 LONG type: if a long is set to this it is omitted */
+#define ASN1_LONG_UNDEF        0x7fffffffL
+
 #define STABLE_FLAGS_MALLOC    0x01
 #define STABLE_NO_MASK         0x02
 #define DIRSTRING_TYPE \
@@ -237,6 +255,7 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
 #define ASN1_VISIBLESTRING     ASN1_STRING
 #define ASN1_UTF8STRING                ASN1_STRING
 #define ASN1_BOOLEAN           int
+#define ASN1_NULL              int
 #else
 typedef struct asn1_string_st ASN1_INTEGER;
 typedef struct asn1_string_st ASN1_ENUMERATED;
@@ -254,9 +273,40 @@ typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
 typedef struct asn1_string_st ASN1_VISIBLESTRING;
 typedef struct asn1_string_st ASN1_UTF8STRING;
 typedef int ASN1_BOOLEAN;
+typedef int ASN1_NULL;
 #endif
 
-typedef int ASN1_NULL;
+/* Declarations for template structures: for full definitions
+ * see asn1t.h
+ */
+typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct ASN1_TLC_st ASN1_TLC;
+/* This is just an opaque pointer */
+typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+/* Declare ASN1 functions: the implement macro in in asn1t.h */
+
+#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+
+#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+       type *name##_new(void); \
+       void name##_free(type *a); \
+       DECLARE_ASN1_ENCODE_FUNCTIONS(type, name)
+
+#define        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name) \
+       type *d2i_##name(type **a, unsigned char **in, long len); \
+       int i2d_##name(type *a, unsigned char **out); \
+       extern const ASN1_ITEM name##_it;
+
+#define        DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+       type *d2i_##name(type **a, const unsigned char **in, long len); \
+       int i2d_##name(const type *a, unsigned char **out); \
+       extern const ASN1_ITEM name##_it;
+
+#define DECLARE_ASN1_FUNCTIONS_const(name) \
+       name *name##_new(void); \
+       void name##_free(name *a);
 
 /* Parameters used by ASN1_STRING_print_ex() */
 
@@ -438,12 +488,11 @@ typedef struct BIT_STRING_BITNAME_st {
                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
                V_ASN1_UNIVERSAL)
 
-#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-               pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
-               d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+#define B_ASN1_TIME \
+                       B_ASN1_UTCTIME | \
+                       B_ASN1_GENERALIZEDTIME
+
+#define B_ASN1_PRINTABLE \
                        B_ASN1_PRINTABLESTRING| \
                        B_ASN1_T61STRING| \
                        B_ASN1_IA5STRING| \
@@ -451,7 +500,28 @@ typedef struct BIT_STRING_BITNAME_st {
                        B_ASN1_UNIVERSALSTRING|\
                        B_ASN1_BMPSTRING|\
                        B_ASN1_UTF8STRING|\
-                       B_ASN1_UNKNOWN)
+                       B_ASN1_UNKNOWN
+
+#define B_ASN1_DIRECTORYSTRING \
+                       B_ASN1_PRINTABLESTRING| \
+                       B_ASN1_TELETEXSTRING|\
+                       B_ASN1_BMPSTRING|\
+                       B_ASN1_UNIVERSALSTRING|\
+                       B_ASN1_UTF8STRING
+
+#define B_ASN1_DISPLAYTEXT \
+                       B_ASN1_IA5STRING| \
+                       B_ASN1_VISIBLESTRING| \
+                       B_ASN1_BMPSTRING|\
+                       B_ASN1_UTF8STRING
+
+#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define M_ASN1_PRINTABLE_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+               pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+               d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+                       B_ASN1_PRINTABLE)
 
 #define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
 #define M_DIRECTORYSTRING_free(a)      ASN1_STRING_free((ASN1_STRING *)a)
@@ -459,11 +529,7 @@ typedef struct BIT_STRING_BITNAME_st {
                                                pp,a->type,V_ASN1_UNIVERSAL)
 #define M_d2i_DIRECTORYSTRING(a,pp,l) \
                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-                       B_ASN1_PRINTABLESTRING| \
-                       B_ASN1_TELETEXSTRING|\
-                       B_ASN1_BMPSTRING|\
-                       B_ASN1_UNIVERSALSTRING|\
-                       B_ASN1_UTF8STRING)
+                       B_ASN1_DIRECTORYSTRING)
 
 #define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
 #define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
@@ -471,9 +537,7 @@ typedef struct BIT_STRING_BITNAME_st {
                                                pp,a->type,V_ASN1_UNIVERSAL)
 #define M_d2i_DISPLAYTEXT(a,pp,l) \
                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-                       B_ASN1_VISIBLESTRING| \
-                       B_ASN1_BMPSTRING|\
-                       B_ASN1_UTF8STRING)
+                       B_ASN1_DISPLAYTEXT)
 
 #define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
                ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
@@ -577,10 +641,8 @@ typedef struct BIT_STRING_BITNAME_st {
 #define IS_SEQUENCE    0
 #define IS_SET         1
 
-ASN1_TYPE *    ASN1_TYPE_new(void );
-void           ASN1_TYPE_free(ASN1_TYPE *a);
-int            i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
-ASN1_TYPE *    d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_TYPE)
+
 int ASN1_TYPE_get(ASN1_TYPE *a);
 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
 
@@ -608,12 +670,8 @@ void ASN1_STRING_length_set(ASN1_STRING *x, int n);
 int ASN1_STRING_type(ASN1_STRING *x);
 unsigned char * ASN1_STRING_data(ASN1_STRING *x);
 
-ASN1_BIT_STRING *      ASN1_BIT_STRING_new(void);
-void           ASN1_BIT_STRING_free(ASN1_BIT_STRING *a);
-int            i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
 int            i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
-                       long length);
 ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
                        long length);
 int            ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
@@ -632,12 +690,8 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
 int            i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
 int            d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
 
-ASN1_INTEGER * ASN1_INTEGER_new(void);
-void           ASN1_INTEGER_free(ASN1_INTEGER *a);
-int            i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
 int            i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
-                       long length);
 ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
                        long length);
 ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
@@ -645,11 +699,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
 ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
 int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
 
-ASN1_ENUMERATED *      ASN1_ENUMERATED_new(void);
-void           ASN1_ENUMERATED_free(ASN1_ENUMERATED *a);
-int            i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp);
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
 
 int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
 ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
@@ -663,90 +713,30 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
 ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
 int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); 
 
-ASN1_OCTET_STRING *    ASN1_OCTET_STRING_new(void);
-void           ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a);
-int            i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
-                       unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
 ASN1_OCTET_STRING *    ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
 int    ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
 int    ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
 
-ASN1_VISIBLESTRING *   ASN1_VISIBLESTRING_new(void);
-void           ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a);
-int    i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp);
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
-                       unsigned char **pp,long length);
-
-ASN1_UTF8STRING *      ASN1_UTF8STRING_new(void);
-void           ASN1_UTF8STRING_free(ASN1_UTF8STRING *a);
-int            i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp);
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a,
-                       unsigned char **pp,long length);
-
-ASN1_NULL *    ASN1_NULL_new(void);
-void           ASN1_NULL_free(ASN1_NULL *a);
-int            i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp);
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length);
-
-ASN1_BMPSTRING *       ASN1_BMPSTRING_new(void);
-void           ASN1_BMPSTRING_free(ASN1_BMPSTRING *a);
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
-       long length);
-
+DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
 
 int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
 int UTF8_putc(unsigned char *str, int len, unsigned long value);
 
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
-       unsigned char **pp, long l);
-
-ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void);
-void           ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a);
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
-       unsigned char **pp, long l);
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp);
-
-ASN1_STRING *  DIRECTORYSTRING_new(void);
-void           DIRECTORYSTRING_free(ASN1_STRING *a);
-int    i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
-                                                                long length);
-
-ASN1_STRING *  DISPLAYTEXT_new(void);
-void           DISPLAYTEXT_free(ASN1_STRING *a);
-int    i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
-
-ASN1_T61STRING *       ASN1_T61STRING_new(void);
-void           ASN1_T61STRING_free(ASN1_IA5STRING *a);
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
-       unsigned char **pp, long l);
-
-ASN1_IA5STRING *       ASN1_IA5STRING_new(void);
-void           ASN1_IA5STRING_free(ASN1_IA5STRING *a);
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
-       unsigned char **pp, long l);
-
-ASN1_UTCTIME * ASN1_UTCTIME_new(void);
-void           ASN1_UTCTIME_free(ASN1_UTCTIME *a);
-int            i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
-ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
 
-ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void);
-void           ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a);
-int            i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp);
-ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
 
-ASN1_TIME *    ASN1_TIME_new(void);
-void           ASN1_TIME_free(ASN1_TIME *a);
-int            i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp);
-ASN1_TIME *    d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length);
 ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
 
 int            i2d_ASN1_SET(STACK *a, unsigned char **pp,
@@ -787,6 +777,7 @@ int ASN1_PRINTABLE_type(unsigned char *s, int max);
 int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
 ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
        long length, int Ptag, int Pclass);
+unsigned long ASN1_tag2bit(int tag);
 /* type is one or more of the B_ASN1_ values. */
 ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
                long length,int type);
@@ -873,6 +864,15 @@ ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
 int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
 void ASN1_STRING_TABLE_cleanup(void);
 
+/* ASN1 template functions */
+
+/* Old API compatible functions */
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it);
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -882,297 +882,224 @@ void ASN1_STRING_TABLE_cleanup(void);
 
 /* Function codes. */
 #define ASN1_F_A2D_ASN1_OBJECT                          100
-#define ASN1_F_A2I_ASN1_ENUMERATED                      236
-#define ASN1_F_A2I_ASN1_INTEGER                                 101
-#define ASN1_F_A2I_ASN1_STRING                          102
-#define ASN1_F_ACCESS_DESCRIPTION_NEW                   291
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE                   103
-#define ASN1_F_ASN1_D2I_BIO                             104
-#define ASN1_F_ASN1_D2I_FP                              105
-#define ASN1_F_ASN1_DUP                                         106
-#define ASN1_F_ASN1_ENUMERATED_SET                      232
-#define ASN1_F_ASN1_ENUMERATED_TO_BN                    233
-#define ASN1_F_ASN1_GENERALIZEDTIME_NEW                         222
-#define ASN1_F_ASN1_GET_OBJECT                          107
-#define ASN1_F_ASN1_HEADER_NEW                          108
-#define ASN1_F_ASN1_I2D_BIO                             109
-#define ASN1_F_ASN1_I2D_FP                              110
-#define ASN1_F_ASN1_INTEGER_SET                                 111
-#define ASN1_F_ASN1_INTEGER_TO_BN                       112
-#define ASN1_F_ASN1_MBSTRING_COPY                       282
-#define ASN1_F_ASN1_OBJECT_NEW                          113
-#define ASN1_F_ASN1_PACK_STRING                                 245
-#define ASN1_F_ASN1_PBE_SET                             253
-#define ASN1_F_ASN1_SEQ_PACK                            246
-#define ASN1_F_ASN1_SEQ_UNPACK                          247
-#define ASN1_F_ASN1_SIGN                                114
-#define ASN1_F_ASN1_STRING_NEW                          115
-#define ASN1_F_ASN1_STRING_TABLE_ADD                    283
-#define ASN1_F_ASN1_STRING_TYPE_NEW                     116
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING            117
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                118
-#define ASN1_F_ASN1_TYPE_NEW                            119
-#define ASN1_F_ASN1_UNPACK_STRING                       248
-#define ASN1_F_ASN1_UTCTIME_NEW                                 120
-#define ASN1_F_ASN1_VERIFY                              121
-#define ASN1_F_AUTHORITY_KEYID_NEW                      237
-#define ASN1_F_BASIC_CONSTRAINTS_NEW                    226
-#define ASN1_F_BN_TO_ASN1_ENUMERATED                    234
-#define ASN1_F_BN_TO_ASN1_INTEGER                       122
-#define ASN1_F_D2I_ACCESS_DESCRIPTION                   284
-#define ASN1_F_D2I_ASN1_BIT_STRING                      123
-#define ASN1_F_D2I_ASN1_BMPSTRING                       124
-#define ASN1_F_D2I_ASN1_BOOLEAN                                 125
-#define ASN1_F_D2I_ASN1_BYTES                           126
-#define ASN1_F_D2I_ASN1_ENUMERATED                      235
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME                         223
-#define ASN1_F_D2I_ASN1_HEADER                          127
-#define ASN1_F_D2I_ASN1_INTEGER                                 128
-#define ASN1_F_D2I_ASN1_NULL                            292
-#define ASN1_F_D2I_ASN1_OBJECT                          129
-#define ASN1_F_D2I_ASN1_OCTET_STRING                    130
-#define ASN1_F_D2I_ASN1_PRINT_TYPE                      131
-#define ASN1_F_D2I_ASN1_SET                             132
-#define ASN1_F_D2I_ASN1_TIME                            224
-#define ASN1_F_D2I_ASN1_TYPE                            133
-#define ASN1_F_D2I_ASN1_TYPE_BYTES                      134
-#define ASN1_F_D2I_ASN1_UINTEGER                        280
-#define ASN1_F_D2I_ASN1_UTCTIME                                 135
-#define ASN1_F_D2I_ASN1_UTF8STRING                      266
-#define ASN1_F_D2I_ASN1_VISIBLESTRING                   267
-#define ASN1_F_D2I_AUTHORITY_KEYID                      238
-#define ASN1_F_D2I_BASIC_CONSTRAINTS                    227
-#define ASN1_F_D2I_DHPARAMS                             136
-#define ASN1_F_D2I_DIST_POINT                           276
-#define ASN1_F_D2I_DIST_POINT_NAME                      277
-#define ASN1_F_D2I_DSAPARAMS                            137
-#define ASN1_F_D2I_DSAPRIVATEKEY                        138
-#define ASN1_F_D2I_DSAPUBLICKEY                                 139
-#define ASN1_F_D2I_GENERAL_NAME                                 230
-#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE               228
-#define ASN1_F_D2I_NETSCAPE_PKEY                        140
-#define ASN1_F_D2I_NETSCAPE_RSA                                 141
-#define ASN1_F_D2I_NETSCAPE_RSA_2                       142
-#define ASN1_F_D2I_NETSCAPE_SPKAC                       143
-#define ASN1_F_D2I_NETSCAPE_SPKI                        144
-#define ASN1_F_D2I_NOTICEREF                            268
-#define ASN1_F_D2I_OCSP_BASICRESP                       293
-#define ASN1_F_D2I_OCSP_CERTID                          294
-#define ASN1_F_D2I_OCSP_CERTSTATUS                      295
-#define ASN1_F_D2I_OCSP_CRLID                           296
-#define ASN1_F_D2I_OCSP_ONEREQ                          297
-#define ASN1_F_D2I_OCSP_REQINFO                                 298
-#define ASN1_F_D2I_OCSP_REQUEST                                 299
-#define ASN1_F_D2I_OCSP_RESPBYTES                       300
-#define ASN1_F_D2I_OCSP_RESPDATA                        301
-#define ASN1_F_D2I_OCSP_RESPID                          302
-#define ASN1_F_D2I_OCSP_RESPONSE                        303
-#define ASN1_F_D2I_OCSP_REVOKEDINFO                     304
-#define ASN1_F_D2I_OCSP_SERVICELOC                      305
-#define ASN1_F_D2I_OCSP_SIGNATURE                       306
-#define ASN1_F_D2I_OCSP_SINGLERESP                      307
-#define ASN1_F_D2I_OTHERNAME                            287
-#define ASN1_F_D2I_PBE2PARAM                            262
-#define ASN1_F_D2I_PBEPARAM                             249
-#define ASN1_F_D2I_PBKDF2PARAM                          263
-#define ASN1_F_D2I_PKCS12                               254
-#define ASN1_F_D2I_PKCS12_BAGS                          255
-#define ASN1_F_D2I_PKCS12_MAC_DATA                      256
-#define ASN1_F_D2I_PKCS12_SAFEBAG                       257
-#define ASN1_F_D2I_PKCS7                                145
-#define ASN1_F_D2I_PKCS7_DIGEST                                 146
-#define ASN1_F_D2I_PKCS7_ENCRYPT                        147
-#define ASN1_F_D2I_PKCS7_ENC_CONTENT                    148
-#define ASN1_F_D2I_PKCS7_ENVELOPE                       149
-#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL              150
-#define ASN1_F_D2I_PKCS7_RECIP_INFO                     151
-#define ASN1_F_D2I_PKCS7_SIGNED                                 152
-#define ASN1_F_D2I_PKCS7_SIGNER_INFO                    153
-#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE                  154
-#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO                  250
-#define ASN1_F_D2I_PKEY_USAGE_PERIOD                    239
-#define ASN1_F_D2I_POLICYINFO                           269
-#define ASN1_F_D2I_POLICYQUALINFO                       270
-#define ASN1_F_D2I_PRIVATEKEY                           155
-#define ASN1_F_D2I_PUBLICKEY                            156
-#define ASN1_F_D2I_RSAPRIVATEKEY                        157
-#define ASN1_F_D2I_RSAPUBLICKEY                                 158
-#define ASN1_F_D2I_SXNET                                241
-#define ASN1_F_D2I_SXNETID                              243
-#define ASN1_F_D2I_USERNOTICE                           271
-#define ASN1_F_D2I_X509                                         159
-#define ASN1_F_D2I_X509_ALGOR                           160
-#define ASN1_F_D2I_X509_ATTRIBUTE                       161
-#define ASN1_F_D2I_X509_CERT_AUX                        285
-#define ASN1_F_D2I_X509_CINF                            162
-#define ASN1_F_D2I_X509_CRL                             163
-#define ASN1_F_D2I_X509_CRL_INFO                        164
-#define ASN1_F_D2I_X509_EXTENSION                       165
-#define ASN1_F_D2I_X509_KEY                             166
-#define ASN1_F_D2I_X509_NAME                            167
-#define ASN1_F_D2I_X509_NAME_ENTRY                      168
-#define ASN1_F_D2I_X509_PKEY                            169
-#define ASN1_F_D2I_X509_PUBKEY                          170
-#define ASN1_F_D2I_X509_REQ                             171
-#define ASN1_F_D2I_X509_REQ_INFO                        172
-#define ASN1_F_D2I_X509_REVOKED                                 173
-#define ASN1_F_D2I_X509_SIG                             174
-#define ASN1_F_D2I_X509_VAL                             175
-#define ASN1_F_DIST_POINT_NAME_NEW                      278
-#define ASN1_F_DIST_POINT_NEW                           279
-#define ASN1_F_GENERAL_NAME_NEW                                 231
-#define ASN1_F_I2D_ASN1_HEADER                          176
-#define ASN1_F_I2D_ASN1_TIME                            225
-#define ASN1_F_I2D_DHPARAMS                             177
-#define ASN1_F_I2D_DSAPARAMS                            178
-#define ASN1_F_I2D_DSAPRIVATEKEY                        179
-#define ASN1_F_I2D_DSAPUBLICKEY                                 180
-#define ASN1_F_I2D_DSA_PUBKEY                           290
-#define ASN1_F_I2D_NETSCAPE_RSA                                 181
-#define ASN1_F_I2D_PKCS7                                182
-#define ASN1_F_I2D_PRIVATEKEY                           183
-#define ASN1_F_I2D_PUBLICKEY                            184
-#define ASN1_F_I2D_RSAPRIVATEKEY                        185
-#define ASN1_F_I2D_RSAPUBLICKEY                                 186
-#define ASN1_F_I2D_RSA_PUBKEY                           289
-#define ASN1_F_I2D_X509_ATTRIBUTE                       187
-#define ASN1_F_I2T_ASN1_OBJECT                          188
-#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW               229
-#define ASN1_F_NETSCAPE_PKEY_NEW                        189
-#define ASN1_F_NETSCAPE_SPKAC_NEW                       190
-#define ASN1_F_NETSCAPE_SPKI_NEW                        191
-#define ASN1_F_NOTICEREF_NEW                            272
-#define ASN1_F_OCSP_BASICRESP_NEW                       308
-#define ASN1_F_OCSP_CERTID_NEW                          309
-#define ASN1_F_OCSP_CERTSTATUS_NEW                      310
-#define ASN1_F_OCSP_CRLID_NEW                           311
-#define ASN1_F_OCSP_ONEREQ_NEW                          312
-#define ASN1_F_OCSP_REQINFO_NEW                                 313
-#define ASN1_F_OCSP_REQUEST_NEW                                 314
-#define ASN1_F_OCSP_RESPBYTES_NEW                       315
-#define ASN1_F_OCSP_RESPDATA_NEW                        316
-#define ASN1_F_OCSP_RESPID_NEW                          317
-#define ASN1_F_OCSP_RESPONSE_NEW                        318
-#define ASN1_F_OCSP_REVOKEDINFO_NEW                     319
-#define ASN1_F_OCSP_SERVICELOC_NEW                      320
-#define ASN1_F_OCSP_SIGNATURE_NEW                       321
-#define ASN1_F_OCSP_SINGLERESP_NEW                      322
-#define ASN1_F_OTHERNAME_NEW                            288
-#define ASN1_F_PBE2PARAM_NEW                            264
-#define ASN1_F_PBEPARAM_NEW                             251
-#define ASN1_F_PBKDF2PARAM_NEW                          265
-#define ASN1_F_PKCS12_BAGS_NEW                          258
-#define ASN1_F_PKCS12_MAC_DATA_NEW                      259
-#define ASN1_F_PKCS12_NEW                               260
-#define ASN1_F_PKCS12_SAFEBAG_NEW                       261
-#define ASN1_F_PKCS5_PBE2_SET                           281
-#define ASN1_F_PKCS7_DIGEST_NEW                                 192
-#define ASN1_F_PKCS7_ENCRYPT_NEW                        193
-#define ASN1_F_PKCS7_ENC_CONTENT_NEW                    194
-#define ASN1_F_PKCS7_ENVELOPE_NEW                       195
-#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW              196
-#define ASN1_F_PKCS7_NEW                                197
-#define ASN1_F_PKCS7_RECIP_INFO_NEW                     198
-#define ASN1_F_PKCS7_SIGNED_NEW                                 199
-#define ASN1_F_PKCS7_SIGNER_INFO_NEW                    200
-#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW                  201
-#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW                  252
-#define ASN1_F_PKEY_USAGE_PERIOD_NEW                    240
-#define ASN1_F_POLICYINFO_NEW                           273
-#define ASN1_F_POLICYQUALINFO_NEW                       274
-#define ASN1_F_SXNETID_NEW                              244
-#define ASN1_F_SXNET_NEW                                242
-#define ASN1_F_USERNOTICE_NEW                           275
-#define ASN1_F_X509_ALGOR_NEW                           202
-#define ASN1_F_X509_ATTRIBUTE_NEW                       203
-#define ASN1_F_X509_CERT_AUX_NEW                        286
-#define ASN1_F_X509_CINF_NEW                            204
-#define ASN1_F_X509_CRL_INFO_NEW                        205
-#define ASN1_F_X509_CRL_NEW                             206
-#define ASN1_F_X509_DHPARAMS_NEW                        207
-#define ASN1_F_X509_EXTENSION_NEW                       208
-#define ASN1_F_X509_INFO_NEW                            209
-#define ASN1_F_X509_KEY_NEW                             210
-#define ASN1_F_X509_NAME_ENTRY_NEW                      211
-#define ASN1_F_X509_NAME_NEW                            212
-#define ASN1_F_X509_NEW                                         213
-#define ASN1_F_X509_PKEY_NEW                            214
-#define ASN1_F_X509_PUBKEY_NEW                          215
-#define ASN1_F_X509_REQ_INFO_NEW                        216
-#define ASN1_F_X509_REQ_NEW                             217
-#define ASN1_F_X509_REVOKED_NEW                                 218
-#define ASN1_F_X509_SIG_NEW                             219
-#define ASN1_F_X509_VAL_FREE                            220
-#define ASN1_F_X509_VAL_NEW                             221
+#define ASN1_F_A2I_ASN1_ENUMERATED                      101
+#define ASN1_F_A2I_ASN1_INTEGER                                 102
+#define ASN1_F_A2I_ASN1_STRING                          103
+#define ASN1_F_ASN1_CHECK_TLEN                          104
+#define ASN1_F_ASN1_COLLATE_PRIMITIVE                   105
+#define ASN1_F_ASN1_COLLECT                             106
+#define ASN1_F_ASN1_D2I_BIO                             107
+#define ASN1_F_ASN1_D2I_EX_PRIMITIVE                    108
+#define ASN1_F_ASN1_D2I_FP                              109
+#define ASN1_F_ASN1_DO_ADB                              110
+#define ASN1_F_ASN1_DUP                                         111
+#define ASN1_F_ASN1_ENUMERATED_SET                      112
+#define ASN1_F_ASN1_ENUMERATED_TO_BN                    113
+#define ASN1_F_ASN1_GET_OBJECT                          114
+#define ASN1_F_ASN1_HEADER_NEW                          115
+#define ASN1_F_ASN1_I2D_BIO                             116
+#define ASN1_F_ASN1_I2D_FP                              117
+#define ASN1_F_ASN1_INTEGER_SET                                 118
+#define ASN1_F_ASN1_INTEGER_TO_BN                       119
+#define ASN1_F_ASN1_ITEM_EX_D2I                                 120
+#define ASN1_F_ASN1_ITEM_NEW                            121
+#define ASN1_F_ASN1_MBSTRING_COPY                       122
+#define ASN1_F_ASN1_OBJECT_NEW                          123
+#define ASN1_F_ASN1_PACK_STRING                                 124
+#define ASN1_F_ASN1_PBE_SET                             125
+#define ASN1_F_ASN1_SEQ_PACK                            126
+#define ASN1_F_ASN1_SEQ_UNPACK                          127
+#define ASN1_F_ASN1_SIGN                                128
+#define ASN1_F_ASN1_STRING_TABLE_ADD                    129
+#define ASN1_F_ASN1_STRING_TYPE_NEW                     130
+#define ASN1_F_ASN1_TEMPLATE_D2I                        131
+#define ASN1_F_ASN1_TEMPLATE_EX_D2I                     132
+#define ASN1_F_ASN1_TEMPLATE_NEW                        133
+#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING            134
+#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                135
+#define ASN1_F_ASN1_UNPACK_STRING                       136
+#define ASN1_F_ASN1_VERIFY                              137
+#define ASN1_F_BN_TO_ASN1_ENUMERATED                    138
+#define ASN1_F_BN_TO_ASN1_INTEGER                       139
+#define ASN1_F_COLLECT_DATA                             140
+#define ASN1_F_D2I_ASN1_BIT_STRING                      141
+#define ASN1_F_D2I_ASN1_BMPSTRING                       178
+#define ASN1_F_D2I_ASN1_BOOLEAN                                 142
+#define ASN1_F_D2I_ASN1_BYTES                           143
+#define ASN1_F_D2I_ASN1_GENERALIZEDTIME                         144
+#define ASN1_F_D2I_ASN1_HEADER                          145
+#define ASN1_F_D2I_ASN1_INTEGER                                 146
+#define ASN1_F_D2I_ASN1_NULL                            179
+#define ASN1_F_D2I_ASN1_OBJECT                          147
+#define ASN1_F_D2I_ASN1_SET                             148
+#define ASN1_F_D2I_ASN1_TYPE_BYTES                      149
+#define ASN1_F_D2I_ASN1_UINTEGER                        150
+#define ASN1_F_D2I_ASN1_UTCTIME                                 151
+#define ASN1_F_D2I_ASN1_VISIBLESTRING                   180
+#define ASN1_F_D2I_DHPARAMS                             152
+#define ASN1_F_D2I_DSAPARAMS                            153
+#define ASN1_F_D2I_DSAPRIVATEKEY                        154
+#define ASN1_F_D2I_DSAPUBLICKEY                                 155
+#define ASN1_F_D2I_NETSCAPE_RSA                                 156
+#define ASN1_F_D2I_NETSCAPE_RSA_2                       157
+#define ASN1_F_D2I_OCSP_BASICRESP                       181
+#define ASN1_F_D2I_OCSP_CERTID                          182
+#define ASN1_F_D2I_OCSP_CERTSTATUS                      183
+#define ASN1_F_D2I_OCSP_CRLID                           184
+#define ASN1_F_D2I_OCSP_ONEREQ                          185
+#define ASN1_F_D2I_OCSP_REQINFO                                 186
+#define ASN1_F_D2I_OCSP_REQUEST                                 187
+#define ASN1_F_D2I_OCSP_RESPBYTES                       188
+#define ASN1_F_D2I_OCSP_RESPDATA                        189
+#define ASN1_F_D2I_OCSP_RESPID                          190
+#define ASN1_F_D2I_OCSP_RESPONSE                        191
+#define ASN1_F_D2I_OCSP_REVOKEDINFO                     192
+#define ASN1_F_D2I_OCSP_SERVICELOC                      193
+#define ASN1_F_D2I_OCSP_SIGNATURE                       194
+#define ASN1_F_D2I_OCSP_SINGLERESP                      195
+#define ASN1_F_D2I_PKCS12                               196
+#define ASN1_F_D2I_PKCS12_BAGS                          197
+#define ASN1_F_D2I_PKCS12_MAC_DATA                      198
+#define ASN1_F_D2I_PKCS12_SAFEBAG                       199
+#define ASN1_F_D2I_PKCS7                                200
+#define ASN1_F_D2I_PKCS7_DIGEST                                 201
+#define ASN1_F_D2I_PKCS7_ENCRYPT                        202
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT                    203
+#define ASN1_F_D2I_PKCS7_ENVELOPE                       204
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL              205
+#define ASN1_F_D2I_PKCS7_RECIP_INFO                     206
+#define ASN1_F_D2I_PKCS7_SIGNED                                 207
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO                    208
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE                  209
+#define ASN1_F_D2I_PRIVATEKEY                           158
+#define ASN1_F_D2I_PUBLICKEY                            159
+#define ASN1_F_D2I_X509                                         210
+#define ASN1_F_D2I_X509_CINF                            211
+#define ASN1_F_D2I_X509_NAME                            160
+#define ASN1_F_D2I_X509_PKEY                            161
+#define ASN1_F_I2D_ASN1_TIME                            162
+#define ASN1_F_I2D_DHPARAMS                             163
+#define ASN1_F_I2D_DSAPARAMS                            164
+#define ASN1_F_I2D_DSAPRIVATEKEY                        165
+#define ASN1_F_I2D_DSAPUBLICKEY                                 166
+#define ASN1_F_I2D_DSA_PUBKEY                           167
+#define ASN1_F_I2D_NETSCAPE_RSA                                 168
+#define ASN1_F_I2D_PRIVATEKEY                           169
+#define ASN1_F_I2D_PUBLICKEY                            170
+#define ASN1_F_I2D_RSA_PUBKEY                           171
+#define ASN1_F_LONG_C2I                                         172
+#define ASN1_F_OCSP_BASICRESP_NEW                       212
+#define ASN1_F_OCSP_CERTID_NEW                          213
+#define ASN1_F_OCSP_CERTSTATUS_NEW                      214
+#define ASN1_F_OCSP_CRLID_NEW                           215
+#define ASN1_F_OCSP_ONEREQ_NEW                          216
+#define ASN1_F_OCSP_REQINFO_NEW                                 217
+#define ASN1_F_OCSP_REQUEST_NEW                                 218
+#define ASN1_F_OCSP_RESPBYTES_NEW                       219
+#define ASN1_F_OCSP_RESPDATA_NEW                        220
+#define ASN1_F_OCSP_RESPID_NEW                          221
+#define ASN1_F_OCSP_RESPONSE_NEW                        222
+#define ASN1_F_OCSP_REVOKEDINFO_NEW                     223
+#define ASN1_F_OCSP_SERVICELOC_NEW                      224
+#define ASN1_F_OCSP_SIGNATURE_NEW                       225
+#define ASN1_F_OCSP_SINGLERESP_NEW                      226
+#define ASN1_F_PKCS12_BAGS_NEW                          227
+#define ASN1_F_PKCS12_MAC_DATA_NEW                      228
+#define ASN1_F_PKCS12_NEW                               229
+#define ASN1_F_PKCS12_SAFEBAG_NEW                       230
+#define ASN1_F_PKCS5_PBE2_SET                           173
+#define ASN1_F_PKCS7_DIGEST_NEW                                 231
+#define ASN1_F_PKCS7_ENCRYPT_NEW                        232
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW                    233
+#define ASN1_F_PKCS7_ENVELOPE_NEW                       234
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW              235
+#define ASN1_F_PKCS7_NEW                                236
+#define ASN1_F_PKCS7_RECIP_INFO_NEW                     237
+#define ASN1_F_PKCS7_SIGNED_NEW                                 238
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW                    239
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW                  240
+#define ASN1_F_X509_CINF_NEW                            241
+#define ASN1_F_X509_CRL_ADD0_REVOKED                    174
+#define ASN1_F_X509_INFO_NEW                            175
+#define ASN1_F_X509_NAME_NEW                            176
+#define ASN1_F_X509_NEW                                         242
+#define ASN1_F_X509_PKEY_NEW                            177
 
 /* Reason codes. */
-#define ASN1_R_BAD_CLASS                                100
-#define ASN1_R_BAD_OBJECT_HEADER                        101
-#define ASN1_R_BAD_PASSWORD_READ                        102
-#define ASN1_R_BAD_PKCS7_CONTENT                        103
-#define ASN1_R_BAD_PKCS7_TYPE                           104
-#define ASN1_R_BAD_TAG                                  105
-#define ASN1_R_BAD_TYPE                                         106
-#define ASN1_R_BN_LIB                                   107
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  108
-#define ASN1_R_BUFFER_TOO_SMALL                                 109
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          166
-#define ASN1_R_DATA_IS_WRONG                            110
-#define ASN1_R_DECODE_ERROR                             155
+#define ASN1_R_AUX_ERROR                                100
+#define ASN1_R_BAD_CLASS                                101
+#define ASN1_R_BAD_OBJECT_HEADER                        102
+#define ASN1_R_BAD_PASSWORD_READ                        103
+#define ASN1_R_BAD_PKCS7_CONTENT                        171
+#define ASN1_R_BAD_TAG                                  104
+#define ASN1_R_BAD_TYPE                                         172
+#define ASN1_R_BN_LIB                                   105
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  106
+#define ASN1_R_BUFFER_TOO_SMALL                                 107
+#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          108
+#define ASN1_R_DATA_IS_WRONG                            109
+#define ASN1_R_DECODE_ERROR                             110
 #define ASN1_R_DECODING_ERROR                           111
-#define ASN1_R_ENCODE_ERROR                             156
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT                112
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS              157
-#define ASN1_R_EXPECTING_AN_ENUMERATED                  154
-#define ASN1_R_EXPECTING_AN_INTEGER                     113
-#define ASN1_R_EXPECTING_AN_OBJECT                      114
-#define ASN1_R_EXPECTING_AN_OCTET_STRING                115
-#define ASN1_R_EXPECTING_A_BIT_STRING                   116
+#define ASN1_R_ENCODE_ERROR                             112
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT                113
+#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS              114
+#define ASN1_R_EXPECTING_AN_INTEGER                     115
+#define ASN1_R_EXPECTING_AN_OBJECT                      116
 #define ASN1_R_EXPECTING_A_BOOLEAN                      117
-#define ASN1_R_EXPECTING_A_GENERALIZEDTIME              151
-#define ASN1_R_EXPECTING_A_NULL                                 164
-#define ASN1_R_EXPECTING_A_TIME                                 152
-#define ASN1_R_EXPECTING_A_UTCTIME                      118
-#define ASN1_R_FIRST_NUM_TOO_LARGE                      119
-#define ASN1_R_GENERALIZEDTIME_TOO_LONG                         153
-#define ASN1_R_HEADER_TOO_LONG                          120
-#define ASN1_R_ILLEGAL_CHARACTERS                       158
-#define ASN1_R_INVALID_BMPSTRING_LENGTH                         159
-#define ASN1_R_INVALID_DIGIT                            121
-#define ASN1_R_INVALID_SEPARATOR                        122
-#define ASN1_R_INVALID_TIME_FORMAT                      123
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           160
-#define ASN1_R_INVALID_UTF8STRING                       161
-#define ASN1_R_IV_TOO_LARGE                             124
-#define ASN1_R_LENGTH_ERROR                             125
-#define ASN1_R_MISSING_SECOND_NUMBER                    126
-#define ASN1_R_NON_HEX_CHARACTERS                       127
-#define ASN1_R_NOT_ENOUGH_DATA                          128
-#define ASN1_R_NULL_IS_WRONG_LENGTH                     165
-#define ASN1_R_ODD_NUMBER_OF_CHARS                      129
-#define ASN1_R_PARSING                                  130
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               131
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  132
-#define ASN1_R_SHORT_LINE                               133
-#define ASN1_R_STRING_TOO_LONG                          163
-#define ASN1_R_STRING_TOO_SHORT                                 134
-#define ASN1_R_TAG_VALUE_TOO_HIGH                       135
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
-#define ASN1_R_TOO_LONG                                         137
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         138
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 139
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE                   140
-#define ASN1_R_UNKNOWN_FORMAT                           162
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 141
-#define ASN1_R_UNKNOWN_OBJECT_TYPE                      142
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  143
-#define ASN1_R_UNSUPPORTED_CIPHER                       144
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 145
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              146
-#define ASN1_R_UTCTIME_TOO_LONG                                 147
-#define ASN1_R_WRONG_PRINTABLE_TYPE                     148
-#define ASN1_R_WRONG_TAG                                149
-#define ASN1_R_WRONG_TYPE                               150
+#define ASN1_R_EXPECTING_A_NULL                                 173
+#define ASN1_R_EXPECTING_A_TIME                                 118
+#define ASN1_R_EXPLICIT_LENGTH_MISMATCH                         119
+#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED             120
+#define ASN1_R_FIELD_MISSING                            121
+#define ASN1_R_FIRST_NUM_TOO_LARGE                      122
+#define ASN1_R_HEADER_TOO_LONG                          123
+#define ASN1_R_ILLEGAL_CHARACTERS                       124
+#define ASN1_R_ILLEGAL_NULL                             125
+#define ASN1_R_ILLEGAL_OPTIONAL_ANY                     126
+#define ASN1_R_ILLEGAL_TAGGED_ANY                       127
+#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               128
+#define ASN1_R_INVALID_BMPSTRING_LENGTH                         129
+#define ASN1_R_INVALID_DIGIT                            130
+#define ASN1_R_INVALID_SEPARATOR                        131
+#define ASN1_R_INVALID_TIME_FORMAT                      132
+#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           133
+#define ASN1_R_INVALID_UTF8STRING                       134
+#define ASN1_R_IV_TOO_LARGE                             135
+#define ASN1_R_LENGTH_ERROR                             136
+#define ASN1_R_MISSING_EOC                              137
+#define ASN1_R_MISSING_SECOND_NUMBER                    138
+#define ASN1_R_MSTRING_NOT_UNIVERSAL                    139
+#define ASN1_R_MSTRING_WRONG_TAG                        140
+#define ASN1_R_NON_HEX_CHARACTERS                       141
+#define ASN1_R_NOT_ENOUGH_DATA                          142
+#define ASN1_R_NO_MATCHING_CHOICE_TYPE                  143
+#define ASN1_R_NULL_IS_WRONG_LENGTH                     144
+#define ASN1_R_ODD_NUMBER_OF_CHARS                      145
+#define ASN1_R_PARSING                                  146
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING               147
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE                  148
+#define ASN1_R_SEQUENCE_LENGTH_MISMATCH                         149
+#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                         150
+#define ASN1_R_SHORT_LINE                               151
+#define ASN1_R_STRING_TOO_LONG                          152
+#define ASN1_R_STRING_TOO_SHORT                                 153
+#define ASN1_R_TAG_VALUE_TOO_HIGH                       154
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 155
+#define ASN1_R_TOO_LONG                                         156
+#define ASN1_R_TYPE_NOT_CONSTRUCTED                     157
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         158
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 159
+#define ASN1_R_UNEXPECTED_EOC                           160
+#define ASN1_R_UNKNOWN_FORMAT                           161
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 162
+#define ASN1_R_UNKNOWN_OBJECT_TYPE                      163
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  164
+#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE          165
+#define ASN1_R_UNSUPPORTED_CIPHER                       166
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM                 167
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              168
+#define ASN1_R_WRONG_TAG                                169
+#define ASN1_R_WRONG_TYPE                               170
 
 #ifdef  __cplusplus
 }
index 3a53cb33c52010b937c12ea678a78c1ae6e7686f..e75dfc71bf2cd1618e1d71bef32ed6999b4fc97d 100644 (file)
@@ -70,20 +70,24 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0),     "a2i_ASN1_ENUMERATED"},
 {ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0),        "a2i_ASN1_INTEGER"},
 {ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
-{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0),  "ACCESS_DESCRIPTION_new"},
+{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"},
 {ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0),  "ASN1_COLLATE_PRIMITIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0),    "ASN1_COLLECT"},
 {ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0),    "ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0),   "ASN1_D2I_EX_PRIMITIVE"},
 {ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0),     "ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0),     "ASN1_DO_ADB"},
 {ERR_PACK(0,ASN1_F_ASN1_DUP,0),        "ASN1_dup"},
 {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0),     "ASN1_ENUMERATED_set"},
 {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0),   "ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0),        "ASN1_GENERALIZEDTIME_new"},
 {ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
 {ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
 {ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0),    "ASN1_i2d_bio"},
 {ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0),     "ASN1_i2d_fp"},
 {ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0),        "ASN1_INTEGER_set"},
 {ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0),      "ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0),        "ASN1_ITEM_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0),   "ASN1_item_new"},
 {ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0),      "ASN1_mbstring_copy"},
 {ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
 {ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0),        "ASN1_pack_string"},
@@ -91,56 +95,38 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0),   "ASN1_seq_pack"},
 {ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
 {ERR_PACK(0,ASN1_F_ASN1_SIGN,0),       "ASN1_sign"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0),   "ASN1_STRING_TABLE_add"},
 {ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0),    "ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0),       "ASN1_TEMPLATE_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0),    "ASN1_TEMPLATE_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0),       "ASN1_TEMPLATE_NEW"},
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0),   "ASN1_TYPE_get_int_octetstring"},
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0),       "ASN1_TYPE_get_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0),   "ASN1_TYPE_new"},
 {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0),      "ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0),        "ASN1_UTCTIME_new"},
 {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),     "ASN1_verify"},
-{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0),     "AUTHORITY_KEYID_new"},
-{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0),   "BASIC_CONSTRAINTS_new"},
 {ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0),   "BN_to_ASN1_ENUMERATED"},
 {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),      "BN_to_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0),  "d2i_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),     "d2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),      "d2i_ASN1_BMPSTRING"},
+{ERR_PACK(0,ASN1_F_COLLECT_DATA,0),    "COLLECT_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),     "D2I_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),      "D2I_ASN1_BMPSTRING"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0),        "d2i_ASN1_BOOLEAN"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0),  "d2i_ASN1_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0),     "d2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0),        "d2i_ASN1_GENERALIZEDTIME"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0),        "D2I_ASN1_GENERALIZEDTIME"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0),        "d2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0),   "d2i_ASN1_NULL"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0),        "D2I_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0),   "D2I_ASN1_NULL"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0),   "d2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0),     "D2I_ASN1_PRINT_TYPE"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0),    "d2i_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0),   "d2i_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0),   "d2i_ASN1_TYPE"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),     "d2i_ASN1_type_bytes"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0),       "d2i_ASN1_UINTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),        "d2i_ASN1_UTCTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0),     "d2i_ASN1_UTF8STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0),  "d2i_ASN1_VISIBLESTRING"},
-{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0),     "d2i_AUTHORITY_KEYID"},
-{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0),   "d2i_BASIC_CONSTRAINTS"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),        "D2I_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0),  "D2I_ASN1_VISIBLESTRING"},
 {ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0),    "d2i_DHparams"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0),  "d2i_DIST_POINT"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0),     "d2i_DIST_POINT_NAME"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0),   "d2i_DSAparams"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0),       "d2i_DSAPrivateKey"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0),        "d2i_DSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0),        "d2i_GENERAL_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0),      "d2i_NETSCAPE_CERT_SEQUENCE"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0),       "D2I_NETSCAPE_PKEY"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0),        "d2i_Netscape_RSA"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),      "d2i_Netscape_RSA_2"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0),      "d2i_NETSCAPE_SPKAC"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0),       "d2i_NETSCAPE_SPKI"},
-{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0),   "d2i_NOTICEREF"},
 {ERR_PACK(0,ASN1_F_D2I_OCSP_BASICRESP,0),      "d2i_OCSP_BASICRESP"},
 {ERR_PACK(0,ASN1_F_D2I_OCSP_CERTID,0), "d2i_OCSP_CERTID"},
 {ERR_PACK(0,ASN1_F_D2I_OCSP_CERTSTATUS,0),     "d2i_OCSP_CERTSTATUS"},
@@ -156,77 +142,37 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_OCSP_SERVICELOC,0),     "d2i_OCSP_SERVICELOC"},
 {ERR_PACK(0,ASN1_F_D2I_OCSP_SIGNATURE,0),      "d2i_OCSP_SIGNATURE"},
 {ERR_PACK(0,ASN1_F_D2I_OCSP_SINGLERESP,0),     "d2i_OCSP_SINGLERESP"},
-{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0),   "d2i_OTHERNAME"},
-{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0),   "d2i_PBE2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0),    "d2i_PBEPARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12,0),      "d2i_PKCS12"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0),     "d2i_PKCS12_MAC_DATA"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0),      "d2i_PKCS12_SAFEBAG"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7,0),       "d2i_PKCS7"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0),        "d2i_PKCS7_DIGEST"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0),       "d2i_PKCS7_ENCRYPT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0),   "d2i_PKCS7_ENC_CONTENT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0),      "d2i_PKCS7_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0),     "d2i_PKCS7_ISSUER_AND_SERIAL"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0),    "d2i_PKCS7_RECIP_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0),        "d2i_PKCS7_SIGNED"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0),   "d2i_PKCS7_SIGNER_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0),   "d2i_PKEY_USAGE_PERIOD"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0),  "d2i_POLICYINFO"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0),      "d2i_POLICYQUALINFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12,0),      "D2I_PKCS12"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0),     "D2I_PKCS12_MAC_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0),      "D2I_PKCS12_SAFEBAG"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7,0),       "D2I_PKCS7"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0),        "D2I_PKCS7_DIGEST"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0),       "D2I_PKCS7_ENCRYPT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0),   "D2I_PKCS7_ENC_CONTENT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0),      "D2I_PKCS7_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0),     "D2I_PKCS7_ISSUER_AND_SERIAL"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0),    "D2I_PKCS7_RECIP_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0),        "D2I_PKCS7_SIGNED"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0),   "D2I_PKCS7_SIGNER_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
 {ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0),  "d2i_PrivateKey"},
 {ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0),   "d2i_PublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0),       "d2i_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0),        "d2i_RSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_SXNET,0),       "d2i_SXNET"},
-{ERR_PACK(0,ASN1_F_D2I_SXNETID,0),     "d2i_SXNETID"},
-{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0),  "d2i_USERNOTICE"},
-{ERR_PACK(0,ASN1_F_D2I_X509,0),        "d2i_X509"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0),  "d2i_X509_ALGOR"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0),      "d2i_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0),       "d2i_X509_CERT_AUX"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),   "d2i_X509_CINF"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0),    "d2i_X509_CRL"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0),       "d2i_X509_CRL_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0),      "d2i_X509_EXTENSION"},
-{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0),    "D2I_X509_KEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),   "d2i_X509_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0),     "d2i_X509_NAME_ENTRY"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0),        "D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0),   "D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0),   "D2I_X509_NAME"},
 {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),   "d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0),    "d2i_X509_REQ"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0),       "d2i_X509_REQ_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0),        "d2i_X509_REVOKED"},
-{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0),    "d2i_X509_SIG"},
-{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0),    "d2i_X509_VAL"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0),     "DIST_POINT_NAME_new"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0),  "DIST_POINT_new"},
-{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0),        "GENERAL_NAME_new"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),   "i2d_ASN1_TIME"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),   "I2D_ASN1_TIME"},
 {ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0),    "i2d_DHparams"},
 {ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0),   "i2d_DSAparams"},
 {ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0),       "i2d_DSAPrivateKey"},
 {ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0),        "i2d_DSAPublicKey"},
 {ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),  "i2d_DSA_PUBKEY"},
 {ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),        "i2d_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_I2D_PKCS7,0),       "i2d_PKCS7"},
 {ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),  "i2d_PrivateKey"},
 {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),   "i2d_PublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0),       "i2d_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0),        "i2d_RSAPublicKey"},
 {ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0),  "i2d_RSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0),      "i2d_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0),      "NETSCAPE_CERT_SEQUENCE_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0),       "NETSCAPE_PKEY_NEW"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0),      "NETSCAPE_SPKAC_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0),       "NETSCAPE_SPKI_new"},
-{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0),   "NOTICEREF_new"},
+{ERR_PACK(0,ASN1_F_LONG_C2I,0),        "LONG_C2I"},
 {ERR_PACK(0,ASN1_F_OCSP_BASICRESP_NEW,0),      "OCSP_BASICRESP_new"},
 {ERR_PACK(0,ASN1_F_OCSP_CERTID_NEW,0), "OCSP_CERTID_new"},
 {ERR_PACK(0,ASN1_F_OCSP_CERTSTATUS_NEW,0),     "OCSP_CERTSTATUS_new"},
@@ -242,63 +188,37 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_OCSP_SERVICELOC_NEW,0),     "OCSP_SERVICELOC_new"},
 {ERR_PACK(0,ASN1_F_OCSP_SIGNATURE_NEW,0),      "OCSP_SIGNATURE_new"},
 {ERR_PACK(0,ASN1_F_OCSP_SINGLERESP_NEW,0),     "OCSP_SINGLERESP_new"},
-{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0),   "OTHERNAME_new"},
-{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0),   "PBE2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0),    "PBEPARAM_new"},
-{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0),     "PKCS12_MAC_DATA_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_NEW,0),      "PKCS12_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0),      "PKCS12_SAFEBAG_new"},
+{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0),     "PKCS12_MAC_DATA_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_NEW,0),      "PKCS12_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0),      "PKCS12_SAFEBAG_NEW"},
 {ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0),  "PKCS5_pbe2_set"},
-{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0),        "PKCS7_DIGEST_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0),       "PKCS7_ENCRYPT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0),   "PKCS7_ENC_CONTENT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0),      "PKCS7_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0),     "PKCS7_ISSUER_AND_SERIAL_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_NEW,0),       "PKCS7_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0),    "PKCS7_RECIP_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0),        "PKCS7_SIGNED_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0),   "PKCS7_SIGNER_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0),   "PKEY_USAGE_PERIOD_new"},
-{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0),  "POLICYINFO_new"},
-{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0),      "POLICYQUALINFO_new"},
-{ERR_PACK(0,ASN1_F_SXNETID_NEW,0),     "SXNETID_new"},
-{ERR_PACK(0,ASN1_F_SXNET_NEW,0),       "SXNET_new"},
-{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0),  "USERNOTICE_new"},
-{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0),  "X509_ALGOR_new"},
-{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0),      "X509_ATTRIBUTE_new"},
-{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0),       "X509_CERT_AUX_new"},
-{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),   "X509_CINF_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0),       "X509_CRL_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0),    "X509_CRL_new"},
-{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0),       "X509_DHPARAMS_NEW"},
-{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0),      "X509_EXTENSION_new"},
+{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0),        "PKCS7_DIGEST_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0),       "PKCS7_ENCRYPT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0),   "PKCS7_ENC_CONTENT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0),      "PKCS7_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0),     "PKCS7_ISSUER_AND_SERIAL_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_NEW,0),       "PKCS7_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0),    "PKCS7_RECIP_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0),        "PKCS7_SIGNED_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0),   "PKCS7_SIGNER_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0),   "X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0),   "X509_CRL_add0_revoked"},
 {ERR_PACK(0,ASN1_F_X509_INFO_NEW,0),   "X509_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0),    "X509_KEY_NEW"},
-{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0),     "X509_NAME_ENTRY_new"},
-{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),   "X509_NAME_new"},
-{ERR_PACK(0,ASN1_F_X509_NEW,0),        "X509_new"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0),   "X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0),        "X509_NEW"},
 {ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0),   "X509_PKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0),       "X509_REQ_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0),    "X509_REQ_new"},
-{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0),        "X509_REVOKED_new"},
-{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0),    "X509_SIG_new"},
-{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0),   "X509_VAL_free"},
-{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0),    "X509_VAL_new"},
 {0,NULL}
        };
 
 static ERR_STRING_DATA ASN1_str_reasons[]=
        {
+{ASN1_R_AUX_ERROR                        ,"aux error"},
 {ASN1_R_BAD_CLASS                        ,"bad class"},
 {ASN1_R_BAD_OBJECT_HEADER                ,"bad object header"},
 {ASN1_R_BAD_PASSWORD_READ                ,"bad password read"},
 {ASN1_R_BAD_PKCS7_CONTENT                ,"bad pkcs7 content"},
-{ASN1_R_BAD_PKCS7_TYPE                   ,"bad pkcs7 type"},
 {ASN1_R_BAD_TAG                          ,"bad tag"},
 {ASN1_R_BAD_TYPE                         ,"bad type"},
 {ASN1_R_BN_LIB                           ,"bn lib"},
@@ -311,20 +231,21 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_ENCODE_ERROR                     ,"encode error"},
 {ASN1_R_ERROR_PARSING_SET_ELEMENT        ,"error parsing set element"},
 {ASN1_R_ERROR_SETTING_CIPHER_PARAMS      ,"error setting cipher params"},
-{ASN1_R_EXPECTING_AN_ENUMERATED          ,"expecting an enumerated"},
 {ASN1_R_EXPECTING_AN_INTEGER             ,"expecting an integer"},
 {ASN1_R_EXPECTING_AN_OBJECT              ,"expecting an object"},
-{ASN1_R_EXPECTING_AN_OCTET_STRING        ,"expecting an octet string"},
-{ASN1_R_EXPECTING_A_BIT_STRING           ,"expecting a bit string"},
 {ASN1_R_EXPECTING_A_BOOLEAN              ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_GENERALIZEDTIME      ,"expecting a generalizedtime"},
 {ASN1_R_EXPECTING_A_NULL                 ,"expecting a null"},
 {ASN1_R_EXPECTING_A_TIME                 ,"expecting a time"},
-{ASN1_R_EXPECTING_A_UTCTIME              ,"expecting a utctime"},
+{ASN1_R_EXPLICIT_LENGTH_MISMATCH         ,"explicit length mismatch"},
+{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED     ,"explicit tag not constructed"},
+{ASN1_R_FIELD_MISSING                    ,"field missing"},
 {ASN1_R_FIRST_NUM_TOO_LARGE              ,"first num too large"},
-{ASN1_R_GENERALIZEDTIME_TOO_LONG         ,"generalizedtime too long"},
 {ASN1_R_HEADER_TOO_LONG                  ,"header too long"},
 {ASN1_R_ILLEGAL_CHARACTERS               ,"illegal characters"},
+{ASN1_R_ILLEGAL_NULL                     ,"illegal null"},
+{ASN1_R_ILLEGAL_OPTIONAL_ANY             ,"illegal optional any"},
+{ASN1_R_ILLEGAL_TAGGED_ANY               ,"illegal tagged any"},
+{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG       ,"integer too large for long"},
 {ASN1_R_INVALID_BMPSTRING_LENGTH         ,"invalid bmpstring length"},
 {ASN1_R_INVALID_DIGIT                    ,"invalid digit"},
 {ASN1_R_INVALID_SEPARATOR                ,"invalid separator"},
@@ -333,32 +254,38 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_INVALID_UTF8STRING               ,"invalid utf8string"},
 {ASN1_R_IV_TOO_LARGE                     ,"iv too large"},
 {ASN1_R_LENGTH_ERROR                     ,"length error"},
+{ASN1_R_MISSING_EOC                      ,"missing eoc"},
 {ASN1_R_MISSING_SECOND_NUMBER            ,"missing second number"},
+{ASN1_R_MSTRING_NOT_UNIVERSAL            ,"mstring not universal"},
+{ASN1_R_MSTRING_WRONG_TAG                ,"mstring wrong tag"},
 {ASN1_R_NON_HEX_CHARACTERS               ,"non hex characters"},
 {ASN1_R_NOT_ENOUGH_DATA                  ,"not enough data"},
+{ASN1_R_NO_MATCHING_CHOICE_TYPE          ,"no matching choice type"},
 {ASN1_R_NULL_IS_WRONG_LENGTH             ,"null is wrong length"},
 {ASN1_R_ODD_NUMBER_OF_CHARS              ,"odd number of chars"},
 {ASN1_R_PARSING                          ,"parsing"},
 {ASN1_R_PRIVATE_KEY_HEADER_MISSING       ,"private key header missing"},
 {ASN1_R_SECOND_NUMBER_TOO_LARGE          ,"second number too large"},
+{ASN1_R_SEQUENCE_LENGTH_MISMATCH         ,"sequence length mismatch"},
+{ASN1_R_SEQUENCE_NOT_CONSTRUCTED         ,"sequence not constructed"},
 {ASN1_R_SHORT_LINE                       ,"short line"},
 {ASN1_R_STRING_TOO_LONG                  ,"string too long"},
 {ASN1_R_STRING_TOO_SHORT                 ,"string too short"},
 {ASN1_R_TAG_VALUE_TOO_HIGH               ,"tag value too high"},
 {ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
 {ASN1_R_TOO_LONG                         ,"too long"},
+{ASN1_R_TYPE_NOT_CONSTRUCTED             ,"type not constructed"},
 {ASN1_R_UNABLE_TO_DECODE_RSA_KEY         ,"unable to decode rsa key"},
 {ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
-{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE           ,"unknown attribute type"},
+{ASN1_R_UNEXPECTED_EOC                   ,"unexpected eoc"},
 {ASN1_R_UNKNOWN_FORMAT                   ,"unknown format"},
 {ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
 {ASN1_R_UNKNOWN_OBJECT_TYPE              ,"unknown object type"},
 {ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE          ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE  ,"unsupported any defined by type"},
 {ASN1_R_UNSUPPORTED_CIPHER               ,"unsupported cipher"},
 {ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
 {ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE      ,"unsupported public key type"},
-{ASN1_R_UTCTIME_TOO_LONG                 ,"utctime too long"},
-{ASN1_R_WRONG_PRINTABLE_TYPE             ,"wrong printable type"},
 {ASN1_R_WRONG_TAG                        ,"wrong tag"},
 {ASN1_R_WRONG_TYPE                       ,"wrong type"},
 {0,NULL}
index 77447a5240959387c9a7dd634e5519a8b171798f..830ff2af3ced375df5a236685735a197e003eb45 100644 (file)
@@ -59,7 +59,6 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
 
 static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
 static void asn1_put_length(unsigned char **pp, int length);
diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h
new file mode 100644 (file)
index 0000000..430c371
--- /dev/null
@@ -0,0 +1,755 @@
+/* asn1t.h */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ASN1T_H
+#define HEADER_ASN1T_H
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+
+/* ASN1 template defines, structures and functions */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Macros to aid ASN1 template writing */
+
+#define ASN1_ITEM_TEMPLATE(tname) \
+       const static ASN1_TEMPLATE tname##_item_tt 
+
+#define ASN1_ITEM_TEMPLATE_END(tname) \
+       ;\
+       const ASN1_ITEM tname##_it = { \
+               ASN1_ITYPE_PRIMITIVE,\
+               -1,\
+               &tname##_item_tt,\
+               0,\
+               NULL,\
+               0,\
+               #tname \
+       }
+
+
+/* This is a ASN1 type which just embeds a template */
+/* This pair helps declare a SEQUENCE. We can do:
+ *
+ *     ASN1_SEQUENCE(stname) = {
+ *             ... SEQUENCE components ...
+ *     } ASN1_SEQUENCE_END(stname);
+ *
+ *     This will produce an ASN1_ITEM called stname_it
+ *     for a structure called stname.
+ *
+ *     If you want the same structure but a different
+ *     name then use:
+ *
+ *     ASN1_SEQUENCE(itname) = {
+ *             ... SEQUENCE components ...
+ *     } ASN1_SEQUENCE_END_name(stname, itname);
+ *
+ *     This will create an item called itname_it using
+ *     a structure called stname.
+ */
+
+#define ASN1_SEQUENCE(tname) \
+       const static ASN1_TEMPLATE tname##_seq_tt[] 
+
+#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+
+#define ASN1_SEQUENCE_END_name(stname, tname) \
+       ;\
+       const ASN1_ITEM tname##_it = { \
+               ASN1_ITYPE_SEQUENCE,\
+               V_ASN1_SEQUENCE,\
+               tname##_seq_tt,\
+               sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+               NULL,\
+               sizeof(stname),\
+               #stname \
+       }
+
+#define ASN1_SEQUENCE_cb(tname, cb) \
+       const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+       ASN1_SEQUENCE(tname)
+
+#define ASN1_BROKEN_SEQUENCE(tname) \
+       const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+       ASN1_SEQUENCE(tname)
+
+#define ASN1_SEQUENCE_ref(tname, cb, lck) \
+       const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+       ASN1_SEQUENCE(tname)
+
+#define ASN1_SEQUENCE_enc(tname, enc, cb) \
+       const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+       ASN1_SEQUENCE(tname)
+
+#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+
+#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+#define ASN1_SEQUENCE_END_ref(stname, tname) \
+       ;\
+       const ASN1_ITEM tname##_it = { \
+               ASN1_ITYPE_SEQUENCE,\
+               V_ASN1_SEQUENCE,\
+               tname##_seq_tt,\
+               sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+               &tname##_aux,\
+               sizeof(stname),\
+               #stname \
+       }
+
+
+/* This pair helps declare a CHOICE type. We can do:
+ *
+ *     ASN1_CHOICE(chname) = {
+ *             ... CHOICE options ...
+ *     ASN1_CHOICE_END(chname);
+ *
+ *     This will produce an ASN1_ITEM called chname_it
+ *     for a structure called chname. The structure
+ *     definition must look like this:
+ *     typedef struct {
+ *             int type;
+ *             union {
+ *                     ASN1_SOMETHING *opt1;
+ *                     ASN1_SOMEOTHER *opt2;
+ *             } value;
+ *     } chname;
+ *     
+ *     the name of the selector must be 'type'.
+ *     to use an alternative selector name use the
+ *      ASN1_CHOICE_END_selector() version.
+ */
+
+#define ASN1_CHOICE(tname) \
+       const static ASN1_TEMPLATE tname##_ch_tt[] 
+
+#define ASN1_CHOICE_cb(tname, cb) \
+       const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+       ASN1_CHOICE(tname)
+
+#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+
+#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+
+#define ASN1_CHOICE_END_selector(stname, tname, selname) \
+       ;\
+       const ASN1_ITEM tname##_it = { \
+               ASN1_ITYPE_CHOICE,\
+               offsetof(stname,selname) ,\
+               tname##_ch_tt,\
+               sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+               NULL,\
+               sizeof(stname),\
+               #stname \
+       }
+
+#define ASN1_CHOICE_END_cb(stname, tname, selname) \
+       ;\
+       const ASN1_ITEM tname##_it = { \
+               ASN1_ITYPE_CHOICE,\
+               offsetof(stname,selname) ,\
+               tname##_ch_tt,\
+               sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+               &tname##_aux,\
+               sizeof(stname),\
+               #stname \
+       }
+
+/* This helps with the template wrapper form of ASN1_ITEM */
+
+#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+       (flags), (tag), 0,\
+       #name, &(type##_it) }
+
+/* These help with SEQUENCE or CHOICE components */
+
+/* used to declare other types */
+
+#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+       (flags), (tag), offsetof(stname, field),\
+       #field, &(type##_it) }
+
+/* used when the structure is combined with the parent */
+
+#define ASN1_EX_COMBINE(flags, tag, type) { \
+       (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, &(type##_it) }
+
+/* implicit and explicit helper macros */
+
+#define ASN1_IMP_EX(stname, field, type, tag, ex) \
+               ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
+
+#define ASN1_EXP_EX(stname, field, type, tag, ex) \
+               ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
+
+/* Any defined by macros: the field used is in the table itself */
+
+#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, &(tblname##_adb) }
+#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, &(tblname##_adb) }
+
+/* Plain simple type */
+#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+
+/* OPTIONAL simple type */
+#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* IMPLICIT tagged simple type */
+#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+
+/* IMPLICIT tagged OPTIONAL simple type */
+#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* Same as above but EXPLICIT */
+
+#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* SEQUENCE OF type */
+#define ASN1_SEQUENCE_OF(stname, field, type) \
+               ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+
+/* OPTIONAL SEQUENCE OF */
+#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+               ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Same as above but for SET OF */
+
+#define ASN1_SET_OF(stname, field, type) \
+               ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+
+#define ASN1_SET_OF_OPT(stname, field, type) \
+               ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
+
+#define ASN1_IMP_SET_OF(stname, field, type, tag) \
+                       ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+#define ASN1_EXP_SET_OF(stname, field, type, tag) \
+                       ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+                       ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+                       ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+                       ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+                       ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+                       ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+                       ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+/* Macros for the ASN1_ADB structure */
+
+#define ASN1_ADB(name) \
+       const static ASN1_ADB_TABLE name##_adbtbl[] 
+
+#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+       ;\
+       const static ASN1_ADB name##_adb = {\
+               flags,\
+               offsetof(name, field),\
+               app_table,\
+               name##_adbtbl,\
+               sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+               def,\
+               none\
+       }
+
+#define ADB_ENTRY(val, template) {val, template}
+
+#define ASN1_ADB_TEMPLATE(name) \
+       const static ASN1_TEMPLATE name##_tt 
+
+/* This is the ASN1 template structure that defines
+ * a wrapper round the actual type. It determines the
+ * actual position of the field in the value structure,
+ * various flags such as OPTIONAL and the field name.
+ */
+
+struct ASN1_TEMPLATE_st {
+unsigned long flags;           /* Various flags */
+long tag;                      /* tag, not used if no tagging */
+unsigned long offset;          /* Offset of this field in structure */
+#ifndef NO_ASN1_FIELD_NAMES
+char *field_name;              /* Field name */
+#endif
+const void *item;              /* Relevant ASN1_ITEM or ASN1_ADB */
+};
+
+
+typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
+typedef struct ASN1_ADB_st ASN1_ADB;
+
+struct ASN1_ADB_st {
+       unsigned long flags;    /* Various flags */
+       unsigned long offset;   /* Offset of selector field */
+       STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
+       const ASN1_ADB_TABLE *tbl;      /* Table of possible types */
+       long tblcount;          /* Number of entries in tbl */
+       const ASN1_TEMPLATE *default_tt;  /* Type to use if no match */
+       const ASN1_TEMPLATE *null_tt;  /* Type to use if selector is NULL */
+};
+
+struct ASN1_ADB_TABLE_st {
+       long value;             /* NID for an object or value for an int */
+       const ASN1_TEMPLATE tt;         /* item for this value */
+};
+
+/* template flags */
+
+/* Field is optional */
+#define ASN1_TFLG_OPTIONAL     (0x1)
+
+/* Field is a SET OF */
+#define ASN1_TFLG_SET_OF       (0x1 << 1)
+
+/* Field is a SEQUENCE OF */
+#define ASN1_TFLG_SEQUENCE_OF  (0x2 << 1)
+
+#define ASN1_TFLG_SK_MASK      (0x3 << 1)
+
+/* These flags mean the tag should be taken from the
+ * tag field. If EXPLICIT then the underlying type
+ * is used for the inner tag.
+ */
+
+/* IMPLICIT tagging */
+#define ASN1_TFLG_IMPTAG       (0x1 << 3)
+
+
+/* EXPLICIT tagging, inner tag from underlying type */
+#define ASN1_TFLG_EXPTAG       (0x2 << 3)
+
+#define ASN1_TFLG_TAG_MASK     (0x3 << 3)
+
+/* context specific IMPLICIT */
+#define ASN1_TFLG_IMPLICIT     ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
+
+/* context specific EXPLICIT */
+#define ASN1_TFLG_EXPLICIT     ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
+
+/* If tagging is in force these determine the
+ * type of tag to use. Otherwise the tag is
+ * determined by the underlying type. These 
+ * values reflect the actual octet format.
+ */
+
+/* Universal tag */ 
+#define ASN1_TFLG_UNIVERSAL    (0x0<<6)
+/* Application tag */ 
+#define ASN1_TFLG_APPLICATION  (0x1<<6)
+/* Context specific tag */ 
+#define ASN1_TFLG_CONTEXT      (0x2<<6)
+/* Private tag */ 
+#define ASN1_TFLG_PRIVATE      (0x3<<6)
+
+#define ASN1_TFLG_TAG_CLASS    (0x3<<6)
+
+/* These are for ANY DEFINED BY type. In this case
+ * the 'item' field points to an ASN1_ADB structure
+ * which contains a table of values to decode the
+ * relevant type
+ */
+
+#define ASN1_TFLG_ADB_MASK     (0x3<<8)
+
+#define ASN1_TFLG_ADB_OID      (0x1<<8)
+
+#define ASN1_TFLG_ADB_INT      (0x1<<9)
+
+/* This flag means a parent structure is passed
+ * instead of the field: this is useful is a
+ * SEQUENCE is being combined with a CHOICE for
+ * example. Since this means the structure and
+ * item name will differ we need to use the
+ * ASN1_CHOICE_END_name() macro for example.
+ */
+
+#define ASN1_TFLG_COMBINE      (0x1<<10)
+
+/* This is the actual ASN1 item itself */
+
+struct ASN1_ITEM_st {
+char itype;                    /* The item type, primitive, SEQUENCE, CHOICE or extern */
+long utype;                    /* underlying type */
+const ASN1_TEMPLATE *templates;        /* If SEQUENCE or CHOICE this contains the contents */
+long tcount;                   /* Number of templates if SEQUENCE or CHOICE */
+const void *funcs;             /* functions that handle this type */
+long size;                     /* Structure size (usually)*/
+#ifndef NO_ASN1_FIELD_NAMES
+const char *sname;             /* Structure name */
+#endif
+};
+
+/* These are values for the itype field and
+ * determine how the type is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single 
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application
+ * specific functions. 
+ *
+ * For COMPAT types the funcs field gives a
+ * set of functions that handle this type, this
+ * supports the old d2i, i2d convention.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ */
+
+#define ASN1_ITYPE_PRIMITIVE   0x0
+
+#define ASN1_ITYPE_SEQUENCE    0x1
+
+#define ASN1_ITYPE_CHOICE      0x2
+
+#define ASN1_ITYPE_COMPAT      0x3
+
+#define ASN1_ITYPE_EXTERN      0x4
+
+#define ASN1_ITYPE_MSTRING     0x5
+
+/* Cache for ASN1 tag and length, so we
+ * don't keep re-reading it for things
+ * like CHOICE
+ */
+
+struct ASN1_TLC_st{
+       char valid;     /* Values below are valid */
+       int ret;        /* return value */
+       long plen;      /* length */
+       int ptag;       /* class value */
+       int pclass;     /* class value */
+       int hdrlen;     /* header length */
+};
+
+/* Typedefs for ASN1 function pointers */
+
+typedef ASN1_VALUE * ASN1_new_func(void);
+typedef void ASN1_free_func(ASN1_VALUE *a);
+typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length);
+typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
+
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+                                       int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+typedef struct ASN1_COMPAT_FUNCS_st {
+       ASN1_new_func *asn1_new;
+       ASN1_free_func *asn1_free;
+       ASN1_d2i_func *asn1_d2i;
+       ASN1_i2d_func *asn1_i2d;
+} ASN1_COMPAT_FUNCS;
+
+typedef struct ASN1_EXTERN_FUNCS_st {
+       void *app_data;
+       ASN1_ex_new_func *asn1_ex_new;
+       ASN1_ex_free_func *asn1_ex_free;
+       ASN1_ex_free_func *asn1_ex_clear;
+       ASN1_ex_d2i *asn1_ex_d2i;
+       ASN1_ex_i2d *asn1_ex_i2d;
+} ASN1_EXTERN_FUNCS;
+
+typedef struct ASN1_PRIMITIVE_FUNCS_st {
+       void *app_data;
+       unsigned long flags;
+       ASN1_ex_new_func *prim_new;
+       ASN1_ex_free_func *prim_free;
+       ASN1_ex_free_func *prim_clear;
+       ASN1_primitive_c2i *prim_c2i;
+       ASN1_primitive_i2c *prim_i2c;
+} ASN1_PRIMITIVE_FUNCS;
+
+/* This is the ASN1_AUX structure: it handles various
+ * miscellaneous requirements. For example the use of
+ * reference counts and an informational callback.
+ *
+ * The "informational callback" is called at various
+ * points during the ASN1 encoding and decoding. It can
+ * be used to provide minor customisation of the structures
+ * used. This is most useful where the supplied routines
+ * *almost* do the right thing but need some extra help
+ * at a few points. If the callback returns zero then
+ * it is assumed a fatal error has occurred and the 
+ * main operation should be abandoned.
+ *
+ * If major changes in the default behaviour are required
+ * then an external type is more appropriate.
+ */
+
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
+
+typedef struct ASN1_AUX_st {
+       void *app_data;
+       int flags;
+       int ref_offset;         /* Offset of reference value */
+       int ref_lock;           /* Lock type to use */
+       ASN1_aux_cb *asn1_cb;
+       int enc_offset;         /* Offset of ASN1_ENCODING structure */
+} ASN1_AUX;
+
+/* Flags in ASN1_AUX */
+
+/* Use a reference count */
+#define ASN1_AFLG_REFCOUNT     1
+/* Save the encoding of structure (useful for signatures) */
+#define ASN1_AFLG_ENCODING     2
+/* The Sequence length is invalid */
+#define ASN1_AFLG_BROKEN       4
+
+/* operation values for asn1_cb */
+
+#define ASN1_OP_NEW_PRE                0
+#define ASN1_OP_NEW_POST       1
+#define ASN1_OP_FREE_PRE       2
+#define ASN1_OP_FREE_POST      3
+#define ASN1_OP_D2I_PRE                4
+#define ASN1_OP_D2I_POST       5
+#define ASN1_OP_I2D_PRE                6
+#define ASN1_OP_I2D_POST       7
+
+/* Macro to implement a primitive type */
+#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) const ASN1_ITEM itname##_it = \
+                               { ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname};
+
+/* Macro to implement a multi string type */
+#define IMPLEMENT_ASN1_MSTRING(itname, mask) const ASN1_ITEM itname##_it = \
+                               { ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname};
+
+/* Macro to implement an ASN1_ITEM in terms of old style funcs */
+
+#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
+
+#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
+       static const ASN1_COMPAT_FUNCS sname##_ff = { \
+               (ASN1_new_func *)sname##_new, \
+               (ASN1_free_func *)sname##_free, \
+               (ASN1_d2i_func *)d2i_##sname, \
+               (ASN1_i2d_func *)i2d_##sname, \
+       }; \
+       ASN1_ITEM const sname##_it = { \
+               ASN1_ITYPE_COMPAT, \
+               tag, \
+               NULL, \
+               0, \
+               &sname##_ff, \
+               0, \
+               #sname \
+       }
+
+#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+       const ASN1_ITEM sname##_it = { \
+               ASN1_ITYPE_EXTERN, \
+               tag, \
+               NULL, \
+               0, \
+               &fptrs, \
+               0, \
+               #sname \
+       };
+
+/* Macro to implement standard functions in terms of ASN1_ITEM structures */
+
+#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+                       IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+
+#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+       stname *fname##_new(void) \
+       { \
+               return (stname *)ASN1_item_new(&itname##_it); \
+       } \
+       void fname##_free(stname *a) \
+       { \
+               ASN1_item_free((ASN1_VALUE *)a, &itname##_it); \
+       }
+
+#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+       IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+       IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+       stname *d2i_##fname(stname **a, unsigned char **in, long len) \
+       { \
+               return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &itname##_it);\
+       } \
+       int i2d_##fname(stname *a, unsigned char **out) \
+       { \
+               return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\
+       } 
+
+/* This includes evil casts to remove const: they will go away when full
+ * ASN1 constification is done.
+ */
+#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+       stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+       { \
+               return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, &itname##_it);\
+       } \
+       int i2d_##fname(const stname *a, unsigned char **out) \
+       { \
+               return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\
+       } 
+
+#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+               IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+       IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+       IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+/* external definitions for primitive types */
+
+extern const ASN1_ITEM ASN1_BOOLEAN_it;
+extern const ASN1_ITEM ASN1_TBOOLEAN_it;
+extern const ASN1_ITEM ASN1_FBOOLEAN_it;
+extern const ASN1_ITEM ASN1_OBJECT_it;
+extern const ASN1_ITEM ASN1_ANY_it;
+extern const ASN1_ITEM ASN1_SEQUENCE_it;
+extern const ASN1_ITEM CBIGNUM_it;
+extern const ASN1_ITEM BIGNUM_it;
+extern const ASN1_ITEM LONG_it;
+extern const ASN1_ITEM ZLONG_it;
+
+DECLARE_STACK_OF(ASN1_VALUE)
+
+/* Functions used internally by the ASN1 code */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt);
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+                               int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
+
+ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c
deleted file mode 100644 (file)
index d64ec74..0000000
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/asn1/d2i_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DH *d2i_DHparams(DH **a, const unsigned char **pp, long length)
-       {
-       int i=ERR_R_NESTED_ASN1_ERROR;
-       ASN1_INTEGER *bs=NULL;
-       long v=0;
-       M_ASN1_D2I_vars(a,DH *,DH_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
-       if (!M_ASN1_D2I_end_sequence())
-               {
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               for (i=0; i<bs->length; i++)
-                       v=(v<<8)|(bs->data[i]);
-               ret->length=(int)v;
-               }
-
-       M_ASN1_BIT_STRING_free(bs);
-
-       M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_DHPARAMS,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret);
-       if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
-       return(NULL);
-       }
-#endif
diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c
deleted file mode 100644 (file)
index 1b6b7cd..0000000
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/asn1/d2i_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length)
-       {
-       int i=ERR_R_NESTED_ASN1_ERROR;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
-       M_ASN1_BIT_STRING_free(bs);
-       bs = NULL;
-
-       M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_DSAPARAMS,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-       if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
-       return(NULL);
-       }
-#endif
diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c
deleted file mode 100644 (file)
index 46037a0..0000000
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/d2i_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-static ASN1_METHOD method={
-        (int (*)())  i2d_RSAPrivateKey,
-        (char *(*)())d2i_RSAPrivateKey,
-        (char *(*)())RSA_new,
-        (void (*)()) RSA_free};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-       {
-       return(&method);
-       }
-
-RSA *d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length)
-       {
-       int i=ASN1_R_PARSING;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if (bs->length == 0)
-               ret->version=0;
-       else    ret->version=bs->data[0];
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL)
-               goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL)
-               goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL)
-               goto err_bn;
-
-       M_ASN1_INTEGER_free(bs);
-       bs = NULL;
-
-       M_ASN1_D2I_Finish_2(a);
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
-       if (bs != NULL) M_ASN1_INTEGER_free(bs);
-
-       return(NULL);
-       }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c
deleted file mode 100644 (file)
index 0d11d85..0000000
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/asn1/d2i_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-RSA *d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length)
-       {
-       int i=ASN1_R_PARSING;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
-
-       M_ASN1_INTEGER_free(bs);
-       bs=NULL;
-
-       M_ASN1_D2I_Finish_2(a);
-
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
-       if (bs != NULL) M_ASN1_INTEGER_free(bs);
-       return(NULL);
-       }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c
deleted file mode 100644 (file)
index 4722b26..0000000
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/asn1/d2i_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length)
-       {
-       int i=ASN1_R_PARSING;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if (bs->length == 0)
-               ret->version=0;
-       else    ret->version=bs->data[0];
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-               == NULL) goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key))
-               == NULL) goto err_bn;
-
-       M_ASN1_INTEGER_free(bs);
-       bs = NULL;
-
-       M_ASN1_D2I_Finish_2(a);
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-       if (bs != NULL) M_ASN1_INTEGER_free(bs);
-       return(NULL);
-       }
-#endif
diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c
deleted file mode 100644 (file)
index 4d1a772..0000000
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/d2i_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length)
-       {
-       int i=ASN1_R_PARSING;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
-       M_ASN1_D2I_Init();
-       if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED))
-               == (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER))))
-               {
-               c.slen=length;
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-                        == NULL)
-                        goto err_bn;
-               ret->write_params=0;
-               }
-       else
-               {
-               M_ASN1_D2I_start_sequence();
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
-                       == NULL)
-                       goto err_bn;
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL)
-                       goto err_bn;
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL)
-                       goto err_bn;
-               M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-               if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL)
-                       goto err_bn;
-
-               ret->write_params=1;
-               }
-
-       M_ASN1_INTEGER_free(bs);
-       bs=NULL;
-       M_ASN1_D2I_Finish_2(a);
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
-       if (bs != NULL) M_ASN1_INTEGER_free(bs);
-       return(NULL);
-       }
-#endif
diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c
deleted file mode 100644 (file)
index 68d0c74..0000000
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/asn1/i2d_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dh.h>
-
-int i2d_DHparams(const DH *a, unsigned char **pp)
-       {
-       BIGNUM *num[3];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot=0,len,max=0;
-       int t,ret= -1;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-       num[0]=a->p;
-       num[1]=a->g;
-       if (a->length != 0)
-               {
-               if ((num[2]=BN_new()) == NULL) goto err;
-               if (!BN_set_word(num[2],a->length)) goto err;
-               }
-       else    
-               num[2]=NULL;
-
-       for (i=0; i<3; i++)
-               {
-               if (num[i] == NULL) continue;
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-       if (pp == NULL)
-               {
-               if (num[2] != NULL)
-                       BN_free(num[2]);
-               return(t);
-               }
-
-       p= *pp;
-       ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       bs.type=V_ASN1_INTEGER;
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE);
-               goto err;
-               }
-
-       for (i=0; i<3; i++)
-               {
-               if (num[i] == NULL) continue;
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       ret=t;
-err:
-       if (num[2] != NULL) BN_free(num[2]);
-       *pp=p;
-       return(ret);
-       }
-#endif
diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c
deleted file mode 100644 (file)
index 0289579..0000000
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/asn1/i2d_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dsa.h>
-
-int i2d_DSAparams(const DSA *a, unsigned char **pp)
-       {
-       BIGNUM *num[3];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot=0,len,max=0;
-       int t,ret= -1;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-       num[0]=a->p;
-       num[1]=a->q;
-       num[2]=a->g;
-
-       for (i=0; i<3; i++)
-               {
-               if (num[i] == NULL) continue;
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-       if (pp == NULL) return(t);
-
-       p= *pp;
-       ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       bs.type=V_ASN1_INTEGER;
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE);
-               goto err;
-               }
-
-       for (i=0; i<3; i++)
-               {
-               if (num[i] == NULL) continue;
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       ret=t;
-err:
-       *pp=p;
-       return(ret);
-       }
-#endif
-
diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c
deleted file mode 100644 (file)
index 518f4af..0000000
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/asn1/i2d_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPrivateKey(const RSA *a, unsigned char **pp)
-       {
-       BIGNUM *num[9];
-       unsigned char data[1];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot,t,len,max=0;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-
-       num[1]=a->n;
-       num[2]=a->e;
-       num[3]=a->d;
-       num[4]=a->p;
-       num[5]=a->q;
-       num[6]=a->dmp1;
-       num[7]=a->dmq1;
-       num[8]=a->iqmp;
-
-       bs.length=1;
-       bs.data=data;
-       bs.type=V_ASN1_INTEGER;
-       data[0]=a->version&0x7f;
-
-       tot=i2d_ASN1_INTEGER(&(bs),NULL);
-       for (i=1; i<9; i++)
-               {
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-       if (pp == NULL) return(t);
-
-       p= *pp;
-       ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       i2d_ASN1_INTEGER(&bs,&p);
-
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-               return(-1);
-               }
-
-       for (i=1; i<9; i++)
-               {
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       *pp=p;
-       return(t);
-       }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
-
diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c
deleted file mode 100644 (file)
index 4a07ff9..0000000
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/asn1/i2d_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPublicKey(const RSA *a, unsigned char **pp)
-       {
-       BIGNUM *num[2];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot=0,len,max=0,t;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-
-       num[0]=a->n;
-       num[1]=a->e;
-
-       for (i=0; i<2; i++)
-               {
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-       if (pp == NULL) return(t);
-
-       p= *pp;
-       ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       bs.type=V_ASN1_INTEGER;
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
-               return(-1);
-               }
-
-       for (i=0; i<2; i++)
-               {
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       *pp=p;
-       return(t);
-       }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c
deleted file mode 100644 (file)
index 124ad98..0000000
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/asn1/i2d_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp)
-       {
-       BIGNUM *num[6];
-       unsigned char data[1];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot,t,len,max=0;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-
-       num[1]=a->p;
-       num[2]=a->q;
-       num[3]=a->g;
-       num[4]=a->pub_key;
-       num[5]=a->priv_key;
-
-       bs.length=1;
-       bs.data=data;
-       bs.type=V_ASN1_INTEGER;
-       data[0]=a->version&0x7f;
-
-       tot=i2d_ASN1_INTEGER(&(bs),NULL);
-       for (i=1; i<6; i++)
-               {
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-       if (pp == NULL) return(t);
-
-       p= *pp;
-       ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       i2d_ASN1_INTEGER(&bs,&p);
-
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
-               return(-1);
-               }
-
-       for (i=1; i<6; i++)
-               {
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       *pp=p;
-       return(t);
-       }
-#endif
diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c
deleted file mode 100644 (file)
index 96e9ff5..0000000
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/i2d_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp)
-       {
-       BIGNUM *num[4];
-       ASN1_INTEGER bs;
-       unsigned int j,i,tot=0,len,max=0,t=0,all,n=1;
-       unsigned char *p;
-
-       if (a == NULL) return(0);
-
-       all=a->write_params;
-
-       num[0]=a->pub_key;
-       if (all)
-               {
-               num[1]=a->p;
-               num[2]=a->q;
-               num[3]=a->g;
-               n=4;
-               }
-
-       for (i=0; i<n; i++)
-               {
-               j=BN_num_bits(num[i]);
-               len=((j == 0)?0:((j/8)+1));
-               if (len > max) max=len;
-               len=ASN1_object_size(0,len,
-                       (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
-               tot+=len;
-               }
-
-       if (all)
-               {
-               t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
-               if (pp == NULL) return(t);
-               }
-       else
-               {
-               if (pp == NULL) return(tot);
-               }
-
-       p= *pp;
-       if (all)
-               ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       bs.type=V_ASN1_INTEGER;
-       bs.data=(unsigned char *)OPENSSL_malloc(max+4);
-       if (bs.data == NULL)
-               {
-               ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
-               return(-1);
-               }
-
-       for (i=0; i<n; i++)
-               {
-               bs.length=BN_bn2bin(num[i],bs.data);
-               i2d_ASN1_INTEGER(&bs,&p);
-               }
-       OPENSSL_free(bs.data);
-       *pp=p;
-       if(all) return(t);
-       else return(tot);
-       }
-#endif
index b091eac5d2be7837196e4a5e892eddbe37aa2952..82a621224bb15947abd079ae97497dccc4d25cab 100644 (file)
@@ -61,6 +61,7 @@
 #include "cryptlib.h"
 #include <openssl/rsa.h>
 #include <openssl/objects.h>
+#include <openssl/asn1t.h>
 #include <openssl/asn1_mac.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 
 typedef struct netscape_pkey_st
        {
-       ASN1_INTEGER *version;
+       long version;
        X509_ALGOR *algor;
        ASN1_OCTET_STRING *private_key;
        } NETSCAPE_PKEY;
 
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
+typedef struct netscape_encrypted_pkey_st
+       {
+       ASN1_OCTET_STRING *os;
+       /* This is the same structure as DigestInfo so use it:
+        * although this isn't really anything to do with
+        * digests.
+        */
+       X509_SIG *enckey;
+       } NETSCAPE_ENCRYPTED_PKEY;
+
+
+ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
+       ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
+       ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
+} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
+
+ASN1_SEQUENCE(NETSCAPE_PKEY) = {
+       ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
+       ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
+       ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_PKEY);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
+
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
+            int (*cb)(), int sgckey);
 
 int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
 {
@@ -87,79 +112,78 @@ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
 
 int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
        {
-       int i,j,l[6];
-       NETSCAPE_PKEY *pkey;
+       int i, j, ret = 0;
+       int rsalen, pkeylen, olen;
+       NETSCAPE_PKEY *pkey = NULL;
+       NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
        unsigned char buf[256],*zz;
        unsigned char key[EVP_MAX_KEY_LENGTH];
        EVP_CIPHER_CTX ctx;
-       X509_ALGOR *alg=NULL;
-       ASN1_OCTET_STRING os,os2;
-       M_ASN1_I2D_vars(a);
 
        if (a == NULL) return(0);
 
-#ifdef WIN32
-       r=r; /* shut the damn compiler up :-) */
-#endif
-
-       os.data=os2.data=NULL;
        if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
-       if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
+       if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err;
+       pkey->version = 0;
 
-       if (pkey->algor->algorithm != NULL)
-               ASN1_OBJECT_free(pkey->algor->algorithm);
        pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
        if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
        pkey->algor->parameter->type=V_ASN1_NULL;
 
-       l[0]=i2d_RSAPrivateKey(a,NULL);
-       pkey->private_key->length=l[0];
+       rsalen = i2d_RSAPrivateKey(a, NULL);
 
-       os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
-       l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
+       /* Fake some octet strings just for the initial length
+        * calculation.
+        */
 
-       if ((alg=X509_ALGOR_new()) == NULL) goto err;
-       if (alg->algorithm != NULL)
-               ASN1_OBJECT_free(alg->algorithm);
-       alg->algorithm=OBJ_nid2obj(NID_rc4);
-       if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
-       alg->parameter->type=V_ASN1_NULL;
+       pkey->private_key->length=rsalen;
 
-       l[2]=i2d_X509_ALGOR(alg,NULL);
-       l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+       pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL);
 
-#ifndef CONST_STRICT
-       os.data=(unsigned char *)"private-key";
-#endif
-       os.length=11;
-       l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
+       enckey->enckey->digest->length = pkeylen;
+
+       enckey->os->length = 11;        /* "private-key" */
 
-       l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
+       enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4);
+       if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
+       enckey->enckey->algor->parameter->type=V_ASN1_NULL;
 
        if (pp == NULL)
                {
-               if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
-               if (alg != NULL) X509_ALGOR_free(alg);
-               return(l[5]);
+               olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
+               NETSCAPE_PKEY_free(pkey);
+               NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+               return olen;
                }
 
-       if (pkey->private_key->data != NULL)
-               OPENSSL_free(pkey->private_key->data);
-       if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
+
+       /* Since its RC4 encrypted length is actual length */
+       if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
                {
                ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
                goto err;
                }
-       zz=pkey->private_key->data;
+
+       pkey->private_key->data = zz;
+       /* Write out private key encoding */
        i2d_RSAPrivateKey(a,&zz);
 
-       if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
+       if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
+               {
+               ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+               goto err;
+               }
+
+       if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 
                {
                ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
                goto err;
                }
-       zz=os2.data;
+       enckey->enckey->digest->data = zz;
        i2d_NETSCAPE_PKEY(pkey,&zz);
+
+       /* Wipe the private key encoding */
+       memset(pkey->private_key->data, 0, rsalen);
                
        if (cb == NULL)
                cb=EVP_read_pw_string;
@@ -171,7 +195,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
                }
        i = strlen((char *)buf);
        /* If the key is used for SGC the algorithm is modified a little. */
-       if(sgckey){
+       if(sgckey) {
                EVP_MD_CTX mctx;
                EVP_DigestInit(&mctx, EVP_md5());
                EVP_DigestUpdate(&mctx, buf, i);
@@ -183,24 +207,18 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
        EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
        memset(buf,0,256);
 
+       /* Encrypt private key in place */
+       zz = enckey->enckey->digest->data;
        EVP_CIPHER_CTX_init(&ctx);
        EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
-       EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
-       EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
+       EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
+       EVP_EncryptFinal(&ctx,zz + i,&j);
        EVP_CIPHER_CTX_cleanup(&ctx);
 
-       p= *pp;
-       ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-       i2d_ASN1_OCTET_STRING(&os,&p);
-       ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-       i2d_X509_ALGOR(alg,&p);
-       i2d_ASN1_OCTET_STRING(&os2,&p);
-       ret=l[5];
+       ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
 err:
-       if (os2.data != NULL) OPENSSL_free(os2.data);
-       if (alg != NULL) X509_ALGOR_free(alg);
-       if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
-       r=r;
+       NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+       NETSCAPE_PKEY_free(pkey);
        return(ret);
        }
 
@@ -213,68 +231,53 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)(
 RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
        {
        RSA *ret=NULL;
-       ASN1_OCTET_STRING *os=NULL;
-       ASN1_CTX c;
+       const unsigned char *p, *kp;
+       NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
 
-       c.pp=(unsigned char **)pp; /* TMP UGLY CAST */
-       c.error=ASN1_R_DECODING_ERROR;
+       p = *pp;
+
+       enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
+       if(!enckey) {
+               ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+               return NULL;
+       }
 
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
-       if ((os->length != 11) || (strncmp("private-key",
-               (char *)os->data,os->length) != 0))
+       if ((enckey->os->length != 11) || (strncmp("private-key",
+               (char *)enckey->os->data,11) != 0))
                {
                ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
-               M_ASN1_BIT_STRING_free(os);
-               goto err;
+               NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+               return NULL;
                }
-       M_ASN1_BIT_STRING_free(os);
-       c.q=c.p;
-       if ((ret=d2i_RSA_NET_2(a,(const unsigned char **)&c.p, /* TMP UGLY CAST */
-                              c.slen,cb, sgckey)) == NULL) goto err;
-       /* Note: some versions of IIS key files use length values that are
-        * too small for the surrounding SEQUENCEs. This following line
-        * effectively disable length checking.
-        */
-       c.slen = 0;
-
-       M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
+       if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
+               {
+               ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+               goto err;
        }
+       kp = enckey->enckey->digest->data;
+       if (cb == NULL)
+               cb=EVP_read_pw_string;
+       if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
 
-RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length,
-            int (*cb)())
-{
-       return d2i_RSA_NET_2(a, pp, length, cb, 0);
-}
+       *pp = p;
+
+       err:
+       NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+       return ret;
+
+       }
 
-RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length,
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
             int (*cb)(), int sgckey)
        {
        NETSCAPE_PKEY *pkey=NULL;
        RSA *ret=NULL;
        int i,j;
-       unsigned char buf[256],*zz;
+       unsigned char buf[256];
+       const unsigned char *zz;
        unsigned char key[EVP_MAX_KEY_LENGTH];
        EVP_CIPHER_CTX ctx;
-       X509_ALGOR *alg=NULL;
-       ASN1_OCTET_STRING *os=NULL;
-       ASN1_CTX c;
 
-       c.error=ERR_R_NESTED_ASN1_ERROR;
-       c.pp=(unsigned char **)pp;
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
-       if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
-               {
-               ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
-               goto err;
-               }
-       M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
-       if (cb == NULL)
-               cb=EVP_read_pw_string;
        i=cb(buf,256,"Enter Private Key password:",0);
        if (i != 0)
                {
@@ -311,72 +314,14 @@ RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length,
                }
                
        zz=pkey->private_key->data;
-       if ((ret=d2i_RSAPrivateKey(a,(const unsigned char **)&zz, /* TMP UGLY CAST */
-               pkey->private_key->length)) == NULL)
+       if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
                {
                ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
                goto err;
                }
-       if (!asn1_Finish(&c)) goto err;
-       *pp=c.p;
 err:
-       if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
-       if (os != NULL) M_ASN1_BIT_STRING_free(os);
-       if (alg != NULL) X509_ALGOR_free(alg);
-       return(ret);
-       }
-
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-
-       M_ASN1_I2D_len(a->version,      i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->private_key,  i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,      i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->private_key,  i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
-       M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
-       }
-
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
-       {
-       NETSCAPE_PKEY *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->algor,X509_ALGOR_new);
-       M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
+       NETSCAPE_PKEY_free(pkey);
        return(ret);
-       M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
-       }
-
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       X509_ALGOR_free(a->algor);
-       M_ASN1_OCTET_STRING_free(a->private_key);
-       OPENSSL_free(a);
        }
 
 #endif /* NO_RC4 */
index 6e7f09ba236eb48bac075d531d7ed7bdfad18341..36e5dce3598663e20d44b67d9a4f0383a3efeb43 100644 (file)
 
 #include <stdio.h>
 #include <stdlib.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/err.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 
-/* Netscape certificate sequence structure */
-
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp)
+static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
-       int v = 0;
-       M_ASN1_I2D_vars(a);
-       M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
-                                            V_ASN1_SEQUENCE,v);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
-                                            V_ASN1_SEQUENCE,v);
-
-       M_ASN1_I2D_finish();
+       if(operation == ASN1_OP_NEW_POST) {
+               NETSCAPE_CERT_SEQUENCE *nsseq;
+               nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
+               nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
+       }
+       return 1;
 }
 
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void)
-{
-       NETSCAPE_CERT_SEQUENCE *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE);
-       /* Note hardcoded object type */
-       ret->type = OBJ_nid2obj(NID_netscape_cert_sequence);
-       ret->certs = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW);
-}
+/* Netscape certificate sequence structure */
 
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a,
-            unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *,
-                                       NETSCAPE_CERT_SEQUENCE_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
-       M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0,
-                                       V_ASN1_SEQUENCE);
-       M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free,
-                         ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE);
-}
+ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
+       ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
+       ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
+} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE);
 
-void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a)
-{
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->type);
-       if(a->certs)
-           sk_X509_pop_free(a->certs, X509_free);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
index b7ed538eb2c808c470a1789913650531a57a3c19..eedeb9ee3e82a313980639f67000bf715eef4d45 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/rand.h>
 
 /* PKCS#5 password based encryption structure */
 
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-       M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_seq_total ();
-
-       M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_finish();
-}
-
-PBEPARAM *PBEPARAM_new(void)
-{
-       PBEPARAM *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, PBEPARAM);
-       M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
-}
-
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
-       M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
-       M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
-}
+ASN1_SEQUENCE(PBEPARAM) = {
+       ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
+       ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PBEPARAM);
 
-void PBEPARAM_free (PBEPARAM *a)
-{
-       if(a==NULL) return;
-       M_ASN1_OCTET_STRING_free(a->salt);
-       M_ASN1_INTEGER_free (a->iter);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
 
 /* Return an algorithm identifier for a PKCS#5 PBE algorithm */
 
index 6a7b578c0e2293aa97a40c87d587685efdb55e72..82526f38fdb635b509999e342a0a1b4382f122d0 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/rand.h>
 
 /* PKCS#5 v2.0 password based encryption structures */
 
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-       M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR);
-       M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR);
-
-       M_ASN1_I2D_seq_total ();
-
-       M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR);
-       M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR);
-
-       M_ASN1_I2D_finish();
-}
-
-PBE2PARAM *PBE2PARAM_new(void)
-{
-       PBE2PARAM *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, PBE2PARAM);
-       M_ASN1_New(ret->keyfunc,X509_ALGOR_new);
-       M_ASN1_New(ret->encryption,X509_ALGOR_new);
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW);
-}
-
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR);
-       M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR);
-       M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM);
-}
-
-void PBE2PARAM_free (PBE2PARAM *a)
-{
-       if(a==NULL) return;
-       X509_ALGOR_free(a->keyfunc);
-       X509_ALGOR_free(a->encryption);
-       OPENSSL_free (a);
-}
-
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-       M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE);
-       M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR);
+ASN1_SEQUENCE(PBE2PARAM) = {
+       ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
+       ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBE2PARAM);
 
-       M_ASN1_I2D_seq_total ();
+IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
 
-       M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE);
-       M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR);
+ASN1_SEQUENCE(PBKDF2PARAM) = {
+       ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
+       ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
+       ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
+       ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBKDF2PARAM);
 
-       M_ASN1_I2D_finish();
-}
-
-PBKDF2PARAM *PBKDF2PARAM_new(void)
-{
-       PBKDF2PARAM *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, PBKDF2PARAM);
-       M_ASN1_New(ret->salt, ASN1_TYPE_new);
-       M_ASN1_New(ret->iter, M_ASN1_INTEGER_new);
-       ret->keylength = NULL;
-       ret->prf = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW);
-}
-
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp,
-            long length)
-{
-       M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE);
-       M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
-       M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE);
-       M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM);
-}
-
-void PBKDF2PARAM_free (PBKDF2PARAM *a)
-{
-       if(a==NULL) return;
-       ASN1_TYPE_free(a->salt);
-       M_ASN1_INTEGER_free(a->iter);
-       M_ASN1_INTEGER_free(a->keylength);
-       X509_ALGOR_free(a->prf);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
 
 /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
  * yes I know this is horrible!
diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c
deleted file mode 100644 (file)
index c170244..0000000
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/p7_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->md,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->contents,i2d_PKCS7);
-       M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->md,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->contents,i2d_PKCS7);
-       M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
-       M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
-
-       M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST);
-       }
-
-PKCS7_DIGEST *PKCS7_DIGEST_new(void)
-       {
-       PKCS7_DIGEST *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->md,X509_ALGOR_new);
-       M_ASN1_New(ret->contents,PKCS7_new);
-       M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW);
-       }
-
-void PKCS7_DIGEST_free(PKCS7_DIGEST *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       X509_ALGOR_free(a->md);
-       PKCS7_free(a->contents);
-       M_ASN1_OCTET_STRING_free(a->digest);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c
deleted file mode 100644 (file)
index 38ccafb..0000000
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
-       M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT);
-       }
-
-PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void)
-       {
-       PKCS7_ENCRYPT *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW);
-       }
-
-void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       PKCS7_ENC_CONTENT_free(a->enc_data);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c
deleted file mode 100644 (file)
index 031178a..0000000
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/asn1/p7_enc_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR);
-       M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR);
-       M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
-            unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT);
-       M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR);
-       M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0,
-               V_ASN1_OCTET_STRING);
-
-       M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free,
-               ASN1_F_D2I_PKCS7_ENC_CONTENT);
-       }
-
-PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void)
-       {
-       PKCS7_ENC_CONTENT *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
-       /* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */
-       /* We will almost always want this: so make it the default */
-       ret->content_type=OBJ_nid2obj(NID_pkcs7_data);
-       M_ASN1_New(ret->algorithm,X509_ALGOR_new);
-       ret->enc_data=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW);
-       }
-
-void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a)
-       {
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->content_type);
-       X509_ALGOR_free(a->algorithm);
-       M_ASN1_OCTET_STRING_free(a->enc_data);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c
deleted file mode 100644 (file)
index 60be3e5..0000000
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/asn1/p7_evp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-                               i2d_PKCS7_RECIP_INFO);
-       M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-                               i2d_PKCS7_RECIP_INFO);
-       M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
-                               d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
-       M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
-       M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE);
-       }
-
-PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void)
-       {
-       PKCS7_ENVELOPE *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
-       M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW);
-       }
-
-void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
-       PKCS7_ENC_CONTENT_free(a->enc_data);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c
deleted file mode 100644 (file)
index 4a7260a..0000000
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_i_s.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a,
-            unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
-       M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
-       M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
-       M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free,
-               ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL);
-       }
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void)
-       {
-       PKCS7_ISSUER_AND_SERIAL *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_New(ret->issuer,X509_NAME_new);
-       M_ASN1_New(ret->serial,M_ASN1_INTEGER_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW);
-       }
-
-void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a)
-       {
-       if (a == NULL) return;
-       X509_NAME_free(a->issuer);
-       M_ASN1_INTEGER_free(a->serial);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
deleted file mode 100644 (file)
index b1196ef..0000000
+++ /dev/null
@@ -1,391 +0,0 @@
-/* crypto/asn1/p7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs7.h>
-#include <openssl/objects.h>
-
-#ifdef PKCS7_INDEFINITE_ENCODING
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       if (a->asn1 != NULL)
-               {
-               if (pp == NULL)
-                       return((int)a->length);
-               memcpy(*pp,a->asn1,(int)a->length);
-               *pp+=a->length;
-               return((int)a->length);
-               }
-
-       ret+=4; /* sequence, BER header plus '0 0' end padding */
-       M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
-       if (a->d.ptr != NULL)
-               {
-               ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */
-               switch (OBJ_obj2nid(a->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
-                       break;
-               case NID_pkcs7_signed:
-                       M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
-                       break;
-               case NID_pkcs7_enveloped:
-                       M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       M_ASN1_I2D_len(a->d.signed_and_enveloped,
-                               i2d_PKCS7_SIGN_ENVELOPE);
-                       break;
-               case NID_pkcs7_digest:
-                       M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
-                       break;
-               case NID_pkcs7_encrypted:
-                       M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-                       break;
-               default:
-                       M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
-                       break;
-                       }
-               }
-       r=ret;
-       if (pp == NULL) return(r);
-       p= *pp;
-       M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-       M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
-       if (a->d.ptr != NULL)
-               {
-               M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC);
-               switch (OBJ_obj2nid(a->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
-                       break;
-               case NID_pkcs7_signed:
-                       M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
-                       break;
-               case NID_pkcs7_enveloped:
-                       M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       M_ASN1_I2D_put(a->d.signed_and_enveloped,
-                               i2d_PKCS7_SIGN_ENVELOPE);
-                       break;
-               case NID_pkcs7_digest:
-                       M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
-                       break;
-               case NID_pkcs7_encrypted:
-                       M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-                       break;
-               default:
-                       M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
-                       break;
-                       }
-               M_ASN1_I2D_INF_seq_end();
-               }
-       M_ASN1_I2D_INF_seq_end();
-       M_ASN1_I2D_finish();
-       }
-
-#else
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
-       {
-       int explen = 0;
-       M_ASN1_I2D_vars(a);
-
-       if (a->asn1 != NULL)
-               {
-               if (pp == NULL)
-                       return((int)a->length);
-               memcpy(*pp,a->asn1,(int)a->length);
-               *pp+=a->length;
-               return((int)a->length);
-               }
-
-       M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
-       if (a->d.ptr != NULL)
-               {
-               /* Save current length */
-               r = ret;
-               switch (OBJ_obj2nid(a->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
-                       break;
-               case NID_pkcs7_signed:
-                       M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
-                       break;
-               case NID_pkcs7_enveloped:
-                       M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       M_ASN1_I2D_len(a->d.signed_and_enveloped,
-                               i2d_PKCS7_SIGN_ENVELOPE);
-                       break;
-               case NID_pkcs7_digest:
-                       M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
-                       break;
-               case NID_pkcs7_encrypted:
-                       M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-                       break;
-               default:
-                       M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
-                       break;
-                       }
-               /* Work out explicit tag content size */
-               explen = ret - r;
-               /* Work out explicit tag size: Note: ASN1_object_size
-                * includes the content length.
-                */
-               ret =  r + ASN1_object_size(1, explen, 0);
-               }
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
-       if (a->d.ptr != NULL)
-               {
-               ASN1_put_object(&p, 1, explen, 0, V_ASN1_CONTEXT_SPECIFIC);
-               switch (OBJ_obj2nid(a->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
-                       break;
-               case NID_pkcs7_signed:
-                       M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
-                       break;
-               case NID_pkcs7_enveloped:
-                       M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       M_ASN1_I2D_put(a->d.signed_and_enveloped,
-                               i2d_PKCS7_SIGN_ENVELOPE);
-                       break;
-               case NID_pkcs7_digest:
-                       M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
-                       break;
-               case NID_pkcs7_encrypted:
-                       M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
-                       break;
-               default:
-                       M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
-                       break;
-                       }
-               }
-       M_ASN1_I2D_finish();
-       }
-
-#endif
-
-PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new);
-
-       if ((a != NULL) && ((*a) != NULL))
-               {
-               if ((*a)->asn1 != NULL)
-                       {
-                       OPENSSL_free((*a)->asn1);
-                       (*a)->asn1=NULL;
-                       }
-               (*a)->length=0;
-               }
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT);
-       if (!M_ASN1_D2I_end_sequence())
-               {
-               int Tinf,Ttag,Tclass;
-               long Tlen;
-
-               if (M_ASN1_next != (V_ASN1_CONSTRUCTED|
-                       V_ASN1_CONTEXT_SPECIFIC|0))
-                       {
-                       c.error=ASN1_R_BAD_PKCS7_CONTENT;
-                       c.line=__LINE__;
-                       goto err;
-                       }
-
-               ret->detached=0;
-
-               c.q=c.p;
-               Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,
-                       (c.inf & 1)?(length+ *pp-c.q):c.slen);
-               if (Tinf & 0x80) { c.line=__LINE__; goto err; }
-               c.slen-=(c.p-c.q);
-
-               switch (OBJ_obj2nid(ret->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING);
-                       break;
-               case NID_pkcs7_signed:
-                       M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED);
-                       if (ret->d.sign->contents->d.ptr == NULL)
-                               ret->detached=1;
-                       break;
-               case NID_pkcs7_enveloped:
-                       M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       M_ASN1_D2I_get(ret->d.signed_and_enveloped,
-                               d2i_PKCS7_SIGN_ENVELOPE);
-                       break;
-               case NID_pkcs7_digest:
-                       M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST);
-                       break;
-               case NID_pkcs7_encrypted:
-                       M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT);
-                       break;
-               default:
-                       M_ASN1_D2I_get(ret->d.other,d2i_ASN1_TYPE);
-                       break;
-                       }
-               if (Tinf == (1|V_ASN1_CONSTRUCTED))
-                       {
-                       if (!ASN1_check_infinite_end(&c.p,c.slen))
-                               {
-                               c.error=ERR_R_MISSING_ASN1_EOS;
-                               c.line=__LINE__;
-                               goto err;
-                               }
-                       }
-               }
-       else
-               ret->detached=1;
-               
-       M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7);
-       }
-
-PKCS7 *PKCS7_new(void)
-       {
-       PKCS7 *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7);
-       ret->type=OBJ_nid2obj(NID_undef);
-       ret->asn1=NULL;
-       ret->length=0;
-       ret->detached=0;
-       ret->d.ptr=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_NEW);
-       }
-
-void PKCS7_free(PKCS7 *a)
-       {
-       if (a == NULL) return;
-
-       PKCS7_content_free(a);
-       if (a->type != NULL)
-               {
-               ASN1_OBJECT_free(a->type);
-               }
-       OPENSSL_free(a);
-       }
-
-void PKCS7_content_free(PKCS7 *a)
-       {
-       if(a == NULL)
-           return;
-
-       if (a->asn1 != NULL) OPENSSL_free(a->asn1);
-
-       if (a->d.ptr != NULL)
-               {
-               if (a->type == NULL) return;
-
-               switch (OBJ_obj2nid(a->type))
-                       {
-               case NID_pkcs7_data:
-                       M_ASN1_OCTET_STRING_free(a->d.data);
-                       break;
-               case NID_pkcs7_signed:
-                       PKCS7_SIGNED_free(a->d.sign);
-                       break;
-               case NID_pkcs7_enveloped:
-                       PKCS7_ENVELOPE_free(a->d.enveloped);
-                       break;
-               case NID_pkcs7_signedAndEnveloped:
-                       PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped);
-                       break;
-               case NID_pkcs7_digest:
-                       PKCS7_DIGEST_free(a->d.digest);
-                       break;
-               case NID_pkcs7_encrypted:
-                       PKCS7_ENCRYPT_free(a->d.encrypted);
-                       break;
-               default:
-                       ASN1_TYPE_free(a->d.other);
-                       break;
-                       }
-               }
-       a->d.ptr=NULL;
-       }
-
-IMPLEMENT_STACK_OF(PKCS7)
-IMPLEMENT_ASN1_SET_OF(PKCS7)
diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c
deleted file mode 100644 (file)
index 5f6c88a..0000000
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/asn1/p7_recip.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
-            unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING);
-
-       M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO);
-       }
-
-PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void)
-       {
-       PKCS7_RECIP_INFO *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
-       M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
-       M_ASN1_New(ret->enc_key,M_ASN1_OCTET_STRING_new);
-       ret->cert=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
-       }
-
-void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
-       X509_ALGOR_free(a->key_enc_algor);
-       M_ASN1_OCTET_STRING_free(a->enc_key);
-       if (a->cert != NULL) X509_free(a->cert);
-       OPENSSL_free(a);
-       }
-
-IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_RECIP_INFO)
diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c
deleted file mode 100644 (file)
index 709eb24..0000000
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/asn1/p7_s_e.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-                               i2d_PKCS7_RECIP_INFO);
-       M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-       M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-       M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-       M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-                               i2d_PKCS7_SIGNER_INFO);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
-                               i2d_PKCS7_RECIP_INFO);
-       M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-       M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-       M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-       M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-                               i2d_PKCS7_SIGNER_INFO);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
-            unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
-                               d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
-       M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
-                               X509_ALGOR_free);
-       M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
-                                       X509_CRL_free,1);
-       M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
-                               d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
-       M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free,
-               ASN1_F_D2I_PKCS7_SIGN_ENVELOPE);
-       }
-
-PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void)
-       {
-       PKCS7_SIGN_ENVELOPE *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
-       M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
-       M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
-       ret->cert=NULL;
-       ret->crl=NULL;
-       M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW);
-       }
-
-void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
-       sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
-       PKCS7_ENC_CONTENT_free(a->enc_data);
-       sk_X509_pop_free(a->cert,X509_free);
-       sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
-       sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c
deleted file mode 100644 (file)
index c835f54..0000000
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/asn1/p7_signd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->contents,i2d_PKCS7);
-       M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-       M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-       M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-                               i2d_PKCS7_SIGNER_INFO);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->contents,i2d_PKCS7);
-       M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
-       M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
-       M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
-                               i2d_PKCS7_SIGNER_INFO);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
-                               X509_ALGOR_free);
-       M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
-                                       X509_CRL_free,1);
-       M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
-                               d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
-       M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED);
-       }
-
-PKCS7_SIGNED *PKCS7_SIGNED_new(void)
-       {
-       PKCS7_SIGNED *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_SIGNED);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
-       M_ASN1_New(ret->contents,PKCS7_new);
-       ret->cert=NULL;
-       ret->crl=NULL;
-       M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW);
-       }
-
-void PKCS7_SIGNED_free(PKCS7_SIGNED *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
-       PKCS7_free(a->contents);
-       sk_X509_pop_free(a->cert,X509_free);
-       sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
-       sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
-       OPENSSL_free(a);
-       }
diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c
deleted file mode 100644 (file)
index 248bf00..0000000
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/asn1/p7_signi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
-                                       i2d_X509_ATTRIBUTE,0);
-       M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
-                                       i2d_X509_ATTRIBUTE,1);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
-                                       i2d_X509_ATTRIBUTE,0);
-       M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
-                                       i2d_X509_ATTRIBUTE,1);
-
-       M_ASN1_I2D_finish();
-       }
-
-PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
-            unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
-       M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->auth_attr,
-                                       d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free,
-                                       0);
-       M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->unauth_attr,
-                                       d2i_X509_ATTRIBUTE,
-                                       X509_ATTRIBUTE_free,1);
-
-       M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free,
-               ASN1_F_D2I_PKCS7_SIGNER_INFO);
-       }
-
-PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void)
-       {
-       PKCS7_SIGNER_INFO *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
-       M_ASN1_New(ret->digest_alg,X509_ALGOR_new);
-       ret->auth_attr=NULL;
-       M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new);
-       M_ASN1_New(ret->enc_digest,M_ASN1_OCTET_STRING_new);
-       ret->unauth_attr=NULL;
-       ret->pkey=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW);
-       }
-
-void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
-       X509_ALGOR_free(a->digest_alg);
-       sk_X509_ATTRIBUTE_pop_free(a->auth_attr,X509_ATTRIBUTE_free);
-       X509_ALGOR_free(a->digest_enc_alg);
-       M_ASN1_OCTET_STRING_free(a->enc_digest);
-       sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free);
-       if (a->pkey != NULL)
-               EVP_PKEY_free(a->pkey);
-       OPENSSL_free(a);
-       }
-
-IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_SIGNER_INFO)
index fa6cbfb6f88562933f2ad7985cec10029d31e435..e218899985af76336860ea9afc94ebb80fee43e7 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp)
+/* Minor tweak to operation: zero private key data */
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
-
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);
-       M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);
-       M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
-                                        i2d_X509_ATTRIBUTE, 0);
-       
-       M_ASN1_I2D_seq_total ();
-
-       M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
-       M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
-       M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
-                                        i2d_X509_ATTRIBUTE, 0);
-
-       M_ASN1_I2D_finish();
+       /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
+       if(operation == ASN1_OP_FREE_PRE) {
+               PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
+               if (key->pkey->value.octet_string)
+               memset(key->pkey->value.octet_string->data,
+                                0, key->pkey->value.octet_string->length);
+       }
+       return 1;
 }
 
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)
-{
-       PKCS8_PRIV_KEY_INFO *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);
-       M_ASN1_New (ret->version, M_ASN1_INTEGER_new);
-       M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
-       M_ASN1_New (ret->pkey, ASN1_TYPE_new);
-       ret->attributes = NULL;
-       ret->broken = PKCS8_OK;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
-}
+ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
+       ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
+       ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
+       ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO);
 
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
-            unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
-       M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
-                                       d2i_X509_ATTRIBUTE,
-                                       X509_ATTRIBUTE_free, 0);
-       M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
-}
-
-void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
-{
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free (a->version);
-       X509_ALGOR_free(a->pkeyalg);
-       /* Clear sensitive data */
-       if (a->pkey->value.octet_string)
-               memset (a->pkey->value.octet_string->data,
-                                0, a->pkey->value.octet_string->length);
-       ASN1_TYPE_free (a->pkey);
-       sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
index ea1af092db3fb09c44c44bf6d4e7f54de0a3aa92..b80ea1857fcd3f3bfc39a9f4a95ff06545062157 100644 (file)
@@ -145,13 +145,10 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
        if (BIO_puts(bp,str) <= 0) goto err;
 
        sk=x->req_info->attributes;
-       if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0))
+       if (sk_X509_ATTRIBUTE_num(sk) == 0)
                {
-               if (!x->req_info->req_kludge)
-                       {
-                       sprintf(str,"%12sa0:00\n","");
-                       if (BIO_puts(bp,str) <= 0) goto err;
-                       }
+               sprintf(str,"%12sa0:00\n","");
+               if (BIO_puts(bp,str) <= 0) goto err;
                }
        else
                {
@@ -170,7 +167,13 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
                        if (BIO_puts(bp,str) <= 0) goto err;
                        if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
                        {
-                       if (a->set)
+                       if (a->single)
+                               {
+                               t=a->value.single;
+                               type=t->type;
+                               bs=t->value.bit_string;
+                               }
+                       else
                                {
                                ii=0;
                                count=sk_ASN1_TYPE_num(a->value.set);
@@ -179,12 +182,6 @@ get_next:
                                type=at->type;
                                bs=at->value.asn1_string;
                                }
-                       else
-                               {
-                               t=a->value.single;
-                               type=t->type;
-                               bs=t->value.bit_string;
-                               }
                        }
                        for (j=25-j; j>0; j--)
                                if (BIO_write(bp," ",1) != 1) goto err;
index d708434fcabb7dd5c35faf95f91e712bd4fd1d14..f27342136d291ea3213b89f77988656a12bff3a0 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 
 /* Print out an SPKI */
 
index f06af5b576bf038dd0d764a540a11f101f62bdb4..7d4a6e60843dc42b1cae4690a3cef017275e9f2b 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 #include <openssl/x509.h>
 
 /* X509_CERT_AUX and string set routines
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
new file mode 100644 (file)
index 0000000..0caa8f6
--- /dev/null
@@ -0,0 +1,910 @@
+/* tasn_dec.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+static int asn1_check_eoc(unsigned char **in, long len);
+static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
+static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
+                       unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx);
+static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
+static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len,
+                                       const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+/* Macro to initialize and invalidate the cache */
+
+#define asn1_tlc_clear(c)      if(c) (c)->valid = 0
+
+/* Decode an ASN1 item, this currently behaves just 
+ * like a standard 'd2i' function. 'in' points to 
+ * a buffer to read the data from, in future we will
+ * have more advanced versions that can input data
+ * a piece at a time and this will simply be a special
+ * case.
+ */
+
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it)
+{
+       ASN1_TLC c;
+       ASN1_VALUE *ptmpval = NULL;
+       if(!pval) pval = &ptmpval;
+       asn1_tlc_clear(&c);
+       if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) 
+               return *pval;
+       return NULL;
+}
+
+int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt)
+{
+       ASN1_TLC c;
+       asn1_tlc_clear(&c);
+       return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+}
+
+
+/* Decode an item, taking care of IMPLICIT tagging, if any.
+ * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
+ */
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+                               int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+       const ASN1_TEMPLATE *tt, *errtt = NULL;
+       const ASN1_COMPAT_FUNCS *cf;
+       const ASN1_EXTERN_FUNCS *ef;
+       const ASN1_AUX *aux = it->funcs;
+       ASN1_aux_cb *asn1_cb;
+       unsigned char *p, *q, imphack = 0, oclass;
+       char seq_eoc, seq_nolen, cst, isopt;
+       long tmplen;
+       int i;
+       int otag;
+       int ret = 0;
+       ASN1_VALUE *pchval, **pchptr, *ptmpval;
+       if(!pval) return 0;
+       if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+       else asn1_cb = 0;
+
+       switch(it->itype) {
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates)
+                       return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx);
+               return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx);
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               p = *in;
+               /* Just read in tag and class */
+               ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       goto err;
+               } 
+               /* Must be UNIVERSAL class */
+               if(oclass != V_ASN1_UNIVERSAL) {
+                       /* If OPTIONAL, assume this is OK */
+                       if(opt) return -1;
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
+                       goto err;
+               } 
+               /* Check tag matches bit map */
+               if(!(ASN1_tag2bit(otag) & it->utype)) {
+                       /* If OPTIONAL, assume this is OK */
+                       if(opt) return -1;
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
+                       goto err;
+               } 
+               return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
+
+               case ASN1_ITYPE_EXTERN:
+               /* Use new style d2i */
+               ef = it->funcs;
+               return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
+
+               case ASN1_ITYPE_COMPAT:
+               /* we must resort to old style evil hackery */
+               cf = it->funcs;
+
+               /* If OPTIONAL see if it is there */
+               if(opt) {
+                       int exptag;
+                       p = *in;
+                       if(tag == -1) exptag = it->utype;
+                       else exptag = tag;
+                       /* Don't care about anything other than presence of expected tag */
+                       ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx);
+                       if(!ret) {
+                               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                               goto err;
+                       }
+                       if(ret == -1) return -1;
+               }
+               /* This is the old style evil hack IMPLICIT handling:
+                * since the underlying code is expecting a tag and
+                * class other than the one present we change the
+                * buffer temporarily then change it back afterwards.
+                * This doesn't and never did work for tags > 30.
+                *
+                * Yes this is *horrible* but it is only needed for
+                * old style d2i which will hopefully not be around
+                * for much longer.
+                * FIXME: should copy the buffer then modify it so
+                * the input buffer can be const: we should *always*
+                * copy because the old style d2i might modify the
+                * buffer.
+                */
+
+               if(tag != -1) {
+                       p = *in;
+                       imphack = *p;
+                       *p = (*p & V_ASN1_CONSTRUCTED) | it->utype;
+               }
+
+               ptmpval = cf->asn1_d2i(pval, in, len);
+
+               if(tag != -1) *p = imphack;
+
+               if(ptmpval) return 1;
+               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+               goto err;
+
+
+               case ASN1_ITYPE_CHOICE:
+               if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+                               goto auxerr;
+               /* CHOICE type, try each possibility in turn */
+               pchval = NULL;
+               p = *in;
+               for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
+                       /* We mark field as OPTIONAL so its absence
+                        * can be recognised.
+                        */
+                       ret = asn1_template_ex_d2i(&pchval, &p, len, tt, 1, ctx);
+                       /* If field not present, try the next one */
+                       if(ret == -1) continue;
+                       /* If positive return, read OK, break loop */
+                       if(ret > 0) break;
+                       /* Otherwise must be an ASN1 parsing error */
+                       errtt = tt;
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               }
+               /* Did we fall off the end without reading anything? */
+               if(i == it->tcount) {
+                       /* If OPTIONAL, this is OK */
+                       if(opt) return -1;
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
+                       return 0;
+               }
+               /* Otherwise we got a match, allocate structure and populate it */
+               if(!*pval) {
+                       if(!ASN1_item_ex_new(pval, it)) {
+                               errtt = tt;
+                               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                               return 0;
+                       }
+               }
+               pchptr = asn1_get_field_ptr(pval, tt);
+               *pchptr = pchval;
+               asn1_set_choice_selector(pval, i, it);
+               *in = p;
+               if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+                               goto auxerr;
+               return 1;
+
+               case ASN1_ITYPE_SEQUENCE:
+               p = *in;
+               tmplen = len;
+
+               /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+               if(tag == -1) {
+                       tag = V_ASN1_SEQUENCE;
+                       aclass = V_ASN1_UNIVERSAL;
+               }
+               /* Get SEQUENCE length and update len, p */
+               ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       goto err;
+               } else if(ret == -1) return -1;
+               if(aux && (aux->flags & ASN1_AFLG_BROKEN)) {
+                       len = tmplen - (p - *in);
+                       seq_nolen = 1;
+               } else seq_nolen = seq_eoc;     /* If indefinite we don't do a length check */
+               if(!cst) {
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
+                       goto err;
+               }
+
+               if(!*pval) {
+                       if(!ASN1_item_ex_new(pval, it)) {
+                               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                               goto err;
+                       }
+               }
+               if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+                               goto auxerr;
+
+               /* Get each field entry */
+               for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+                       const ASN1_TEMPLATE *seqtt;
+                       ASN1_VALUE **pseqval;
+                       seqtt = asn1_do_adb(pval, tt, 1);
+                       if(!seqtt) goto err;
+                       pseqval = asn1_get_field_ptr(pval, seqtt);
+                       /* Have we ran out of data? */
+                       if(!len) break;
+                       q = p;
+                       if(asn1_check_eoc(&p, len)) {
+                               if(!seq_eoc) {
+                                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
+                                       goto err;
+                               }
+                               len -= p - q;
+                               seq_eoc = 0;
+                               q = p;
+                               break;
+                       }
+                       /* This determines the OPTIONAL flag value. The field cannot
+                        * be omitted if it is the last of a SEQUENCE and there is
+                        * still data to be read. This isn't strictly necessary but
+                        * it increases efficiency in some cases.
+                        */
+                       if(i == (it->tcount - 1)) isopt = 0;
+                       else isopt = seqtt->flags & ASN1_TFLG_OPTIONAL;
+                       /* attempt to read in field, allowing each to be OPTIONAL */
+                       ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+                       if(!ret) {
+                               errtt = seqtt;
+                               goto err;
+                       } else if(ret == -1) {
+                               /* OPTIONAL component absent. Free and zero the field
+                                */
+                               ASN1_template_free(pseqval, seqtt);
+                               continue;
+                       }
+                       /* Update length */
+                       len -= p - q;
+               }
+               /* Check for EOC if expecting one */
+               if(seq_eoc && !asn1_check_eoc(&p, len)) {
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
+                       goto err;
+               }
+               /* Check all data read */
+               if(!seq_nolen && len) {
+                       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
+                       goto err;
+               }
+
+               /* If we get here we've got no more data in the SEQUENCE,
+                * however we may not have read all fields so check all
+                * remaining are OPTIONAL and clear any that are.
+                */
+               for(; i < it->tcount; tt++, i++) {
+                       const ASN1_TEMPLATE *seqtt;
+                       seqtt = asn1_do_adb(pval, tt, 1);
+                       if(!seqtt) goto err;
+                       if(seqtt->flags & ASN1_TFLG_OPTIONAL) {
+                               ASN1_VALUE **pseqval;
+                               pseqval = asn1_get_field_ptr(pval, seqtt);
+                               ASN1_template_free(pseqval, seqtt);
+                       } else {
+                               errtt = seqtt;
+                               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
+                               goto err;
+                       }
+               }
+               /* Save encoding */
+               if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr;
+               *in = p;
+               if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+                               goto auxerr;
+               return 1;
+
+               default:
+               return 0;
+       }
+       auxerr:
+       ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
+       err:
+       ASN1_item_ex_free(pval, it);
+       if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname);
+       else ERR_add_error_data(2, "Type=", it->sname);
+       return 0;
+}
+
+/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the
+ * rest.
+ */
+
+int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
+{
+       int flags, aclass;
+       int ret;
+       long len;
+       unsigned char *p, *q;
+       char exp_eoc;
+       if(!val) return 0;
+       flags = tt->flags;
+       aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+       p = *in;
+
+       /* Check if EXPLICIT tag expected */
+       if(flags & ASN1_TFLG_EXPTAG) {
+               char cst;
+               /* Need to work out amount of data available to the inner content and where it
+                * starts: so read in EXPLICIT header to get the info.
+                */
+               ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx);
+               q = p;
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               } else if(ret == -1) return -1;
+               if(!cst) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
+                       return 0;
+               }
+               /* We've found the field so it can't be OPTIONAL now */
+               ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               }
+               /* We read the field in OK so update length */
+               len -= p - q;
+               if(exp_eoc) {
+                       /* If NDEF we must have an EOC here */
+                       if(!asn1_check_eoc(&p, len)) {
+                               ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+                               goto err;
+                       }
+               } else {
+                       /* Otherwise we must hit the EXPLICIT tag end or its an error */
+                       if(len) {
+                               ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH);
+                               goto err;
+                       }
+               }
+       } else 
+               return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+
+       *in = p;
+       return 1;
+
+       err:
+       ASN1_template_free(val, tt);
+       *val = NULL;
+       return 0;
+}
+
+static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
+{
+       int flags, aclass;
+       int ret;
+       unsigned char *p, *q;
+       if(!val) return 0;
+       flags = tt->flags;
+       aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+       p = *in;
+       q = p;
+
+       if(flags & ASN1_TFLG_SK_MASK) {
+               /* SET OF, SEQUENCE OF */
+               int sktag, skaclass;
+               char sk_eoc;
+               /* First work out expected inner tag value */
+               if(flags & ASN1_TFLG_IMPTAG) {
+                       sktag = tt->tag;
+                       skaclass = aclass;
+               } else {
+                       skaclass = V_ASN1_UNIVERSAL;
+                       if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET;
+                       else sktag = V_ASN1_SEQUENCE;
+               }
+               /* Get the tag */
+               ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               } else if(ret == -1) return -1;
+               if(!*val) *val = (ASN1_VALUE *)sk_new_null();
+               else {
+                       /* We've got a valid STACK: free up any items present */
+                       STACK *sktmp = (STACK *)*val;
+                       ASN1_VALUE *vtmp;
+                       while(sk_num(sktmp) > 0) {
+                               vtmp = (ASN1_VALUE *)sk_pop(sktmp);
+                               ASN1_item_ex_free(&vtmp, tt->item);
+                       }
+               }
+                               
+               if(!*val) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE);
+                       goto err;
+               }
+               /* Read as many items as we can */
+               while(len > 0) {
+                       ASN1_VALUE *skfield;
+                       q = p;
+                       /* See if EOC found */
+                       if(asn1_check_eoc(&p, len)) {
+                               if(!sk_eoc) {
+                                       ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC);
+                                       goto err;
+                               }
+                               len -= p - q;
+                               sk_eoc = 0;
+                               break;
+                       }
+                       skfield = NULL;
+                       if(!ASN1_item_ex_d2i(&skfield, &p, len, tt->item, -1, 0, 0, ctx)) {
+                               ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+                               goto err;
+                       }
+                       len -= p - q;
+                       if(!sk_push((STACK *)*val, (char *)skfield)) {
+                               ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE);
+                               goto err;
+                       }
+               }
+               if(sk_eoc) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+                       goto err;
+               }
+       } else if(flags & ASN1_TFLG_IMPTAG) {
+               /* IMPLICIT tagging */
+               ret = ASN1_item_ex_d2i(val, &p, len, tt->item, tt->tag, aclass, opt, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       goto err;
+               } else if(ret == -1) return -1;
+       } else {
+               /* Nothing special */
+               ret = ASN1_item_ex_d2i(val, &p, len, tt->item, -1, 0, opt, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+                       goto err;
+               } else if(ret == -1) return -1;
+       }
+
+       *in = p;
+       return 1;
+
+       err:
+       ASN1_template_free(val, tt);
+       *val = NULL;
+       return 0;
+}
+
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, 
+                                               const ASN1_ITEM *it,
+                                               int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+       int ret = 0, utype;
+       long plen;
+       char cst, inf, free_cont = 0;
+       unsigned char *p;
+       BUF_MEM buf;
+       unsigned char *cont = NULL;
+       long len; 
+       if(!pval) {
+               ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
+               return 0; /* Should never happen */
+       }
+
+       if(it->itype == ASN1_ITYPE_MSTRING) {
+               utype = tag;
+               tag = -1;
+       } else utype = it->utype;
+
+       if(utype == V_ASN1_ANY) {
+               /* If type is ANY need to figure out type from tag */
+               unsigned char oclass;
+               if(tag >= 0) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
+                       return 0;
+               }
+               if(opt) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY);
+                       return 0;
+               }
+               p = *in;
+               ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx);
+               if(!ret) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               }
+               if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER;
+       }
+       if(tag == -1) {
+               tag = utype;
+               aclass = V_ASN1_UNIVERSAL;
+       }
+       p = *in;
+       /* Check header */
+       ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx);
+       if(!ret) {
+               ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+               return 0;
+       } else if(ret == -1) return -1;
+       /* SEQUENCE, SET and "OTHER" are left in encoded form */
+       if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
+               /* SEQUENCE and SET must be constructed */
+               if((utype != V_ASN1_OTHER) && !cst) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED);
+                       return 0;
+               }
+
+               cont = *in;
+               /* If indefinite length constructed find the real end */
+               if(inf) {
+                       asn1_collect(NULL, &p, plen, inf, -1, -1);
+                       len = p - cont;
+               } else {
+                       len = p - cont + plen;
+                       p += plen;
+                       buf.data = NULL;
+               }
+       } else if(cst) {
+               buf.length = 0;
+               buf.max = 0;
+               buf.data = NULL;
+               /* Should really check the internal tags are correct but
+                * some things may get this wrong. The relevant specs
+                * say that constructed string types should be OCTET STRINGs
+                * internally irrespective of the type. So instead just check
+                * for UNIVERSAL class and ignore the tag.
+                */
+               asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL);
+               cont = (unsigned char *)buf.data;
+               len = buf.length;
+               free_cont = 1;
+       } else {
+               cont = p;
+               len = plen;
+               p += plen;
+       }
+
+       /* We now have content length and type: translate into a structure */
+       if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err;
+
+       *in = p;
+       ret = 1;
+       err:
+       if(free_cont && buf.data) OPENSSL_free(buf.data);
+       return ret;
+}
+
+/* Translate ASN1 content octets into a structure */
+
+int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+       ASN1_STRING *stmp;
+       ASN1_TYPE *typ = NULL;
+       int ret = 0;
+       const ASN1_PRIMITIVE_FUNCS *pf;
+       pf = it->funcs;
+       if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
+       /* If ANY type clear type and set pointer to internal value */
+       if(it->utype == V_ASN1_ANY) {
+               if(!*pval) {
+                       typ = ASN1_TYPE_new();
+                       *pval = (ASN1_VALUE *)typ;
+               } else typ = (ASN1_TYPE *)pval;
+               if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
+               pval = (ASN1_VALUE **)&typ->value.ptr;
+       }
+       switch(utype) {
+               case V_ASN1_OBJECT:
+               if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err;
+               break;
+
+               case V_ASN1_NULL:
+               if(len) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH);
+                       goto err;
+               }
+               *pval = (ASN1_VALUE *)1;
+               break;
+
+               case V_ASN1_BOOLEAN:
+               if(len != 1) {
+                       ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+                       goto err;
+               } else {
+                       ASN1_BOOLEAN *tbool;
+                       tbool = (ASN1_BOOLEAN *)pval;
+                       *tbool = *cont;
+               }
+               break;
+
+               case V_ASN1_BIT_STRING:
+               if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err;
+               break;
+
+               case V_ASN1_INTEGER:
+               case V_ASN1_NEG_INTEGER:
+               case V_ASN1_ENUMERATED:
+               case V_ASN1_NEG_ENUMERATED:
+               if(!c2i_ASN1_INTEGER((ASN1_INTEGER **)pval, &cont, len)) goto err;
+               break;
+
+               case V_ASN1_OCTET_STRING:
+               case V_ASN1_NUMERICSTRING:
+               case V_ASN1_PRINTABLESTRING:
+               case V_ASN1_T61STRING:
+               case V_ASN1_VIDEOTEXSTRING:
+               case V_ASN1_IA5STRING:
+               case V_ASN1_UTCTIME:
+               case V_ASN1_GENERALIZEDTIME:
+               case V_ASN1_GRAPHICSTRING:
+               case V_ASN1_VISIBLESTRING:
+               case V_ASN1_GENERALSTRING:
+               case V_ASN1_UNIVERSALSTRING:
+               case V_ASN1_BMPSTRING:
+               case V_ASN1_UTF8STRING:
+               case V_ASN1_OTHER:
+               case V_ASN1_SET:
+               case V_ASN1_SEQUENCE:
+               default:
+               /* All based on ASN1_STRING and handled the same */
+               if(!*pval) {
+                       stmp = ASN1_STRING_type_new(utype);
+                       if(!stmp) {
+                               ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+                               goto err;
+                       }
+                       *pval = (ASN1_VALUE *)stmp;
+               } else {
+                       stmp = (ASN1_STRING *)*pval;
+                       stmp->type = utype;
+               }
+               /* If we've already allocated a buffer use it */
+               if(*free_cont) {
+                       if(stmp->data) OPENSSL_free(stmp->data);
+                       stmp->data = cont;
+                       stmp->length = len;
+                       *free_cont = 0;
+               } else {
+                       if(!ASN1_STRING_set(stmp, cont, len)) {
+                               ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+                               ASN1_STRING_free(stmp); 
+                               *pval = NULL;
+                               goto err;
+                       }
+               }
+               break;
+       }
+       /* If ASN1_ANY and NULL type fix up value */
+       if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL;
+
+       ret = 1;
+       err:
+       if(!ret) ASN1_TYPE_free(typ);
+       return ret;
+}
+
+/* This function collects the asn1 data from a constructred string
+ * type into a buffer. The values of 'in' and 'len' should refer
+ * to the contents of the constructed type and 'inf' should be set
+ * if it is indefinite length. If 'buf' is NULL then we just want
+ * to find the end of the current structure: useful for indefinite
+ * length constructed stuff.
+ */
+
+static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
+{
+       unsigned char *p, *q;
+       long plen;
+       char cst, ininf;
+       p = *in;
+       inf &= 1;
+       /* If no buffer and not indefinite length constructed just pass over the encoded data */
+       if(!buf && !inf) {
+               *in += len;
+               return 1;
+       }
+       while(len > 0) {
+               q = p;
+               /* Check for EOC */
+               if(asn1_check_eoc(&p, len)) {
+                       /* EOC is illegal outside indefinite length constructed form */
+                       if(!inf) {
+                               ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
+                               return 0;
+                       }
+                       inf = 0;
+                       break;
+               }
+               if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) {
+                       ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
+                       return 0;
+               }
+               /* If indefinite length constructed update max length */
+               if(cst) {
+                       if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0;
+               } else {
+                       if(!collect_data(buf, &p, plen)) return 0;
+               }
+               len -= p - q;
+       }
+       if(inf) {
+               ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
+               return 0;
+       }
+       *in = p;
+       return 1;
+}
+
+static int collect_data(BUF_MEM *buf, unsigned char **p, long plen)
+{
+               int len;
+               if(buf) {
+                       len = buf->length;
+                       if(!BUF_MEM_grow(buf, len + plen)) {
+                               ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
+                               return 0;
+                       }
+                       memcpy(buf->data + len, *p, plen);
+               }
+               *p += plen;
+               return 1;
+}
+
+/* Check for ASN1 EOC and swallow it if found */
+
+static int asn1_check_eoc(unsigned char **in, long len)
+{
+       unsigned char *p;
+       if(len < 2) return 0;
+       p = *in;
+       if(!p[0] && !p[1]) {
+               *in += 2;
+               return 1;
+       }
+       return 0;
+}
+
+/* Check an ASN1 tag and length: a bit like ASN1_get_object
+ * but it sets the length for indefinite length constructed
+ * form, we don't know the exact length but we can set an
+ * upper bound to the amount of data available minus the
+ * header length just read.
+ */
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
+               unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx)
+{
+       int i;
+       int ptag, pclass;
+       long plen;
+       unsigned char *p, *q;
+       p = *in;
+       q = p;
+
+       if(ctx && ctx->valid) {
+               i = ctx->ret;
+               plen = ctx->plen;
+               pclass = ctx->pclass;
+               ptag = ctx->ptag;
+               p += ctx->hdrlen;
+       } else {
+               i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
+               if(ctx) {
+                       ctx->ret = i;
+                       ctx->plen = plen;
+                       ctx->pclass = pclass;
+                       ctx->ptag = ptag;
+                       ctx->hdrlen = p - q;
+                       ctx->valid = 1;
+               }
+               /* If definite length, length + header can't exceed total
+                * amount of data available.
+                */
+               if(!(i & 1) && ((plen + ctx->hdrlen) > len)) {
+                       ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
+                       asn1_tlc_clear(ctx);
+                       return 0;
+               }
+       }
+               
+       if(i & 0x80) {
+               ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
+               asn1_tlc_clear(ctx);
+               return 0;
+       }
+       if(exptag >= 0) {
+               if((exptag != ptag) || (expclass != pclass)) {
+                       /* If type is OPTIONAL, not an error, but indicate missing
+                        * type.
+                        */
+                       if(opt) return -1;
+                       asn1_tlc_clear(ctx);
+                       ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
+                       return 0;
+               }
+               /* We have a tag and class match, so assume we are going to do something with it */
+               asn1_tlc_clear(ctx);
+       }
+
+       if(i & 1) plen = len - (p - q);
+
+       if(inf) *inf = i & 1;
+
+       if(cst) *cst = i & V_ASN1_CONSTRUCTED;
+
+       if(olen) *olen = plen;
+       if(oclass) *oclass = pclass;
+       if(otag) *otag = ptag;
+
+       *in = p;
+       return 1;
+}
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
new file mode 100644 (file)
index 0000000..f6d33e1
--- /dev/null
@@ -0,0 +1,485 @@
+/* tasn_enc.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset);
+
+/* Encode an ASN1 item, this is compatible with the
+ * standard 'i2d' function. 'out' points to 
+ * a buffer to output the data to, in future we will
+ * have more advanced versions that can output data
+ * a piece at a time and this will simply be a special
+ * case.
+ *
+ * The new i2d has one additional feature. If the output
+ * buffer is NULL (i.e. *out == NULL) then a buffer is
+ * allocated and populated with the encoding.
+ */
+
+
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
+{
+       if(out && !*out) {
+               unsigned char *p, *buf;
+               int len;
+               len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0);
+               if(len <= 0) return len;
+               buf = OPENSSL_malloc(len);
+               if(!buf) return -1;
+               p = buf;
+               ASN1_item_ex_i2d(&val, &p, it, -1, 0);
+               *out = buf;
+               return len;
+       }
+               
+       return ASN1_item_ex_i2d(&val, out, it, -1, 0);
+}
+
+/* Encode an item, taking care of IMPLICIT tagging (if any).
+ * This function performs the normal item handling: it can be
+ * used in external types.
+ */
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+       const ASN1_TEMPLATE *tt = NULL;
+       unsigned char *p = NULL;
+       int i, seqcontlen, seqlen;
+       ASN1_STRING *strtmp;
+       const ASN1_COMPAT_FUNCS *cf;
+       const ASN1_EXTERN_FUNCS *ef;
+       const ASN1_AUX *aux = it->funcs;
+       ASN1_aux_cb *asn1_cb;
+       if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0;
+       if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+       else asn1_cb = 0;
+
+       switch(it->itype) {
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates)
+                       return ASN1_template_i2d(pval, out, it->templates);
+               return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               strtmp = (ASN1_STRING *)*pval;
+               return asn1_i2d_ex_primitive(pval, out, it, -1, 0);
+
+               case ASN1_ITYPE_CHOICE:
+               if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+                               return 0;
+               i = asn1_get_choice_selector(pval, it);
+               if((i >= 0) && (i < it->tcount)) {
+                       ASN1_VALUE **pchval;
+                       const ASN1_TEMPLATE *chtt;
+                       chtt = it->templates + i;
+                       pchval = asn1_get_field_ptr(pval, chtt);
+                       return ASN1_template_i2d(pchval, out, chtt);
+               } 
+               /* Fixme: error condition if selector out of range */
+               if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+                               return 0;
+               break;
+
+               case ASN1_ITYPE_EXTERN:
+               /* If new style i2d it does all the work */
+               ef = it->funcs;
+               return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
+
+               case ASN1_ITYPE_COMPAT:
+               /* old style hackery... */
+               cf = it->funcs;
+               if(out) p = *out;
+               i = cf->asn1_i2d(*pval, out);
+               /* Fixup for IMPLICIT tag: note this messes up for tags > 30,
+                * but so did the old code. Tags > 30 are very rare anyway.
+                */
+               if(out && (tag != -1))
+                       *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
+               return i;
+               
+               case ASN1_ITYPE_SEQUENCE:
+               i = asn1_enc_restore(&seqcontlen, out, pval, it);
+               /* An error occurred */
+               if(i < 0) return 0;
+               /* We have a valid cached encoding... */
+               if(i > 0) return seqcontlen;
+               /* Otherwise carry on */
+               seqcontlen = 0;
+               /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+               if(tag == -1) {
+                       tag = V_ASN1_SEQUENCE;
+                       aclass = V_ASN1_UNIVERSAL;
+               }
+               if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+                               return 0;
+               /* First work out sequence content length */
+               for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+                       const ASN1_TEMPLATE *seqtt;
+                       ASN1_VALUE **pseqval;
+                       seqtt = asn1_do_adb(pval, tt, 1);
+                       if(!seqtt) return 0;
+                       pseqval = asn1_get_field_ptr(pval, seqtt);
+                       /* FIXME: check for errors in enhanced version */
+                       /* FIXME: special handling of indefinite length encoding */
+                       seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt);
+               }
+               seqlen = ASN1_object_size(1, seqcontlen, tag);
+               if(!out) return seqlen;
+               /* Output SEQUENCE header */
+               ASN1_put_object(out, 1, seqcontlen, tag, aclass);
+               for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+                       const ASN1_TEMPLATE *seqtt;
+                       ASN1_VALUE **pseqval;
+                       seqtt = asn1_do_adb(pval, tt, 1);
+                       if(!seqtt) return 0;
+                       pseqval = asn1_get_field_ptr(pval, seqtt);
+                       /* FIXME: check for errors in enhanced version */
+                       ASN1_template_i2d(pseqval, out, seqtt);
+               }
+               if(asn1_cb  && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+                               return 0;
+               return seqlen;
+
+               default:
+               return 0;
+       }
+       return 0;
+}
+
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt)
+{
+       int i, ret, flags, aclass;
+       flags = tt->flags;
+       aclass = flags & ASN1_TFLG_TAG_CLASS;
+       if(flags & ASN1_TFLG_SK_MASK) {
+               /* SET OF, SEQUENCE OF */
+               STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+               int isset, sktag, skaclass;
+               int skcontlen, sklen;
+               ASN1_VALUE *skitem;
+               if(!*pval) return 0;
+               isset = flags & ASN1_TFLG_SET_OF;
+               /* First work out inner tag value */
+               if(flags & ASN1_TFLG_IMPTAG) {
+                       sktag = tt->tag;
+                       skaclass = aclass;
+               } else {
+                       skaclass = V_ASN1_UNIVERSAL;
+                       if(isset) sktag = V_ASN1_SET;
+                       else sktag = V_ASN1_SEQUENCE;
+               }
+               /* Now work out length of items */
+               skcontlen = 0;
+               for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+                       skitem = sk_ASN1_VALUE_value(sk, i);
+                       skcontlen += ASN1_item_ex_i2d(&skitem, NULL, tt->item, -1, 0);
+               }
+               sklen = ASN1_object_size(1, skcontlen, sktag);
+               /* If EXPLICIT need length of surrounding tag */
+               if(flags & ASN1_TFLG_EXPTAG)
+                       ret = ASN1_object_size(1, sklen, tt->tag);
+               else ret = sklen;
+
+               if(!out) return ret;
+
+               /* Now encode this lot... */
+               /* EXPLICIT tag */
+               if(flags & ASN1_TFLG_EXPTAG)
+                       ASN1_put_object(out, 1, sklen, tt->tag, aclass);
+               /* SET or SEQUENCE and IMPLICIT tag */
+               ASN1_put_object(out, 1, skcontlen, sktag, skaclass);
+               /* And finally the stuff itself */
+               asn1_set_seq_out(sk, out, skcontlen, tt->item, isset);
+
+               return ret;
+       }
+                       
+       if(flags & ASN1_TFLG_EXPTAG) {
+               /* EXPLICIT tagging */
+               /* Find length of tagged item */
+               i = ASN1_item_ex_i2d(pval, NULL, tt->item, -1, 0);
+               if(!i) return 0;
+               /* Find length of EXPLICIT tag */
+               ret = ASN1_object_size(1, i, tt->tag);
+               if(out) {
+                       /* Output tag and item */
+                       ASN1_put_object(out, 1, i, tt->tag, aclass);
+                       ASN1_item_ex_i2d(pval, out, tt->item, -1, 0);
+               }
+               return ret;
+       }
+       if(flags & ASN1_TFLG_IMPTAG) {
+               /* IMPLICIT tagging */
+               return ASN1_item_ex_i2d(pval, out, tt->item, tt->tag, aclass);
+       }
+       /* Nothing special: treat as normal */
+       return ASN1_item_ex_i2d(pval, out, tt->item, -1, 0);
+}
+
+/* Temporary structure used to hold DER encoding of items for SET OF */
+
+typedef        struct {
+       unsigned char *data;
+       int length;
+} DER_ENC;
+
+static int der_cmp(const void *a, const void *b)
+{
+       const DER_ENC *d1 = a, *d2 = b;
+       int cmplen, i;
+       cmplen = (d1->length < d2->length) ? d1->length : d2->length;
+       i = memcmp(d1->data, d2->data, cmplen);
+       if(i) return i;
+       return d1->length - d2->length;
+}
+
+/* Output the content octets of SET OF or SEQUENCE OF */
+
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort)
+{
+       int i;
+       ASN1_VALUE *skitem;
+       unsigned char *tmpdat, *p;
+       DER_ENC *derlst, *tder;
+       if(do_sort) {
+               /* Don't need to sort less than 2 items */
+               if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0;
+               else {
+                       derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst));
+                       tmpdat = OPENSSL_malloc(skcontlen);
+                       if(!derlst || !tmpdat) return 0;
+               }
+       }
+       /* If not sorting just output each item */
+       if(!do_sort) {
+               for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+                       skitem = sk_ASN1_VALUE_value(sk, i);
+                       ASN1_item_i2d(skitem, out, item);
+               }
+               return 1;
+       }
+       p = tmpdat;
+       /* Doing sort: build up a list of each member's DER encoding */
+       for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+               skitem = sk_ASN1_VALUE_value(sk, i);
+               tder->data = p;
+               tder->length = ASN1_item_i2d(skitem, &p, item);
+       }
+       /* Now sort them */
+       qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
+       /* Output sorted DER encoding */        
+       p = *out;
+       for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+               memcpy(p, tder->data, tder->length);
+               p += tder->length;
+       }
+       *out = p;
+       OPENSSL_free(derlst);
+       OPENSSL_free(tmpdat);
+       return 1;
+}
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+       int len;
+       int utype;
+       int usetag;
+
+       utype = it->utype;
+
+       /* Get length of content octets and maybe find
+        * out the underlying type.
+        */
+
+       len = asn1_ex_i2c(pval, NULL, &utype, it);
+
+       /* If SEQUENCE, SET or OTHER then header is
+        * included in pseudo content octets so don't
+        * include tag+length. We need to check here
+        * because the call to asn1_ex_i2c() could change
+        * utype.
+        */
+       if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
+          (utype == V_ASN1_OTHER))
+               usetag = 0;
+       else usetag = 1;
+
+       /* -1 means omit type */
+
+       if(len == -1) return 0;
+
+       /* If not implicitly tagged get tag from underlying type */
+       if(tag == -1) tag = utype;
+
+       /* Output tag+length followed by content octets */
+       if(out) {
+               if(usetag) ASN1_put_object(out, 0, len, tag, aclass);
+               asn1_ex_i2c(pval, *out, &utype, it);
+               *out += len;
+       }
+
+       if(usetag) return ASN1_object_size(0, len, tag);
+       return len;
+}
+
+/* Produce content octets from a structure */
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it)
+{
+       ASN1_BOOLEAN *tbool = NULL;
+       ASN1_STRING *strtmp;
+       ASN1_OBJECT *otmp;
+       int utype;
+       unsigned char *cont, c;
+       int len;
+       const ASN1_PRIMITIVE_FUNCS *pf;
+       pf = it->funcs;
+       if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it);
+
+       /* Should type be omitted? */
+       if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
+               if(!*pval) return -1;
+       }
+
+       if(it->itype == ASN1_ITYPE_MSTRING) {
+               /* If MSTRING type set the underlying type */
+               strtmp = (ASN1_STRING *)*pval;
+               utype = strtmp->type;
+               *putype = utype;
+       } else if(it->utype == V_ASN1_ANY) {
+               /* If ANY set type and pointer to value */
+               ASN1_TYPE *typ;
+               typ = (ASN1_TYPE *)*pval;
+               utype = typ->type;
+               *putype = utype;
+               pval = (ASN1_VALUE **)&typ->value.ptr;
+       } else utype = *putype;
+
+       switch(utype) {
+               case V_ASN1_OBJECT:
+               otmp = (ASN1_OBJECT *)*pval;
+               cont = otmp->data;
+               len = otmp->length;
+               break;
+
+               case V_ASN1_NULL:
+               cont = NULL;
+               len = 0;
+               break;
+
+               case V_ASN1_BOOLEAN:
+               tbool = (ASN1_BOOLEAN *)pval;
+               if(*tbool == -1) return -1;
+               /* Default handling if value == size field then omit */
+               if(*tbool && (it->size > 0)) return -1;
+               if(!*tbool && !it->size) return -1;
+               c = (unsigned char)*tbool;
+               cont = &c;
+               len = 1;
+               break;
+
+               case V_ASN1_BIT_STRING:
+               return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL);
+               break;
+
+               case V_ASN1_INTEGER:
+               case V_ASN1_NEG_INTEGER:
+               case V_ASN1_ENUMERATED:
+               case V_ASN1_NEG_ENUMERATED:
+               /* These are all have the same content format
+                * as ASN1_INTEGER
+                */
+               return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
+               break;
+
+               case V_ASN1_OCTET_STRING:
+               case V_ASN1_NUMERICSTRING:
+               case V_ASN1_PRINTABLESTRING:
+               case V_ASN1_T61STRING:
+               case V_ASN1_VIDEOTEXSTRING:
+               case V_ASN1_IA5STRING:
+               case V_ASN1_UTCTIME:
+               case V_ASN1_GENERALIZEDTIME:
+               case V_ASN1_GRAPHICSTRING:
+               case V_ASN1_VISIBLESTRING:
+               case V_ASN1_GENERALSTRING:
+               case V_ASN1_UNIVERSALSTRING:
+               case V_ASN1_BMPSTRING:
+               case V_ASN1_UTF8STRING:
+               case V_ASN1_SEQUENCE:
+               case V_ASN1_SET:
+               default:
+               /* All based on ASN1_STRING and handled the same */
+               strtmp = (ASN1_STRING *)*pval;
+               cont = strtmp->data;
+               len = strtmp->length;
+
+               break;
+
+       }
+       if(cout && len) memcpy(cout, cont, len);
+       return len;
+}
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
new file mode 100644 (file)
index 0000000..75a4a6f
--- /dev/null
@@ -0,0 +1,225 @@
+/* tasn_fre.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
+
+/* Free up an ASN1 structure */
+
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
+{
+       asn1_item_combine_free(&val, it, 0);
+}
+
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       asn1_item_combine_free(pval, it, 0);
+}
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
+{
+       const ASN1_TEMPLATE *tt = NULL, *seqtt;
+       const ASN1_EXTERN_FUNCS *ef;
+       const ASN1_COMPAT_FUNCS *cf;
+       const ASN1_AUX *aux = it->funcs;
+       ASN1_aux_cb *asn1_cb;
+       int i;
+       if(!pval) return;
+       if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return;
+       if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+       else asn1_cb = 0;
+
+       switch(it->itype) {
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates) ASN1_template_free(pval, it->templates);
+               else ASN1_primitive_free(pval, it);
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               ASN1_primitive_free(pval, it);
+               break;
+
+               case ASN1_ITYPE_CHOICE:
+               if(asn1_cb) {
+                       i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+                       if(i == 2) return;
+               }
+               i = asn1_get_choice_selector(pval, it);
+               if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+               if((i >= 0) && (i < it->tcount)) {
+                       ASN1_VALUE **pchval;
+                       tt = it->templates + i;
+                       pchval = asn1_get_field_ptr(pval, tt);
+                       ASN1_template_free(pchval, tt);
+               }
+               if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
+               if(!combine) {
+                       OPENSSL_free(*pval);
+                       *pval = NULL;
+               }
+               break;
+
+               case ASN1_ITYPE_COMPAT:
+               cf = it->funcs;
+               if(cf && cf->asn1_free) cf->asn1_free(*pval);
+               break;
+
+               case ASN1_ITYPE_EXTERN:
+               ef = it->funcs;
+               if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it);
+               break;
+
+               case ASN1_ITYPE_SEQUENCE:
+               if(asn1_do_lock(pval, -1, it) > 0) return;
+               if(asn1_cb) {
+                       i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+                       if(i == 2) return;
+               }               
+               asn1_enc_free(pval, it);
+               /* If we free up as normal we will invalidate any
+                * ANY DEFINED BY field and we wont be able to 
+                * determine the type of the field it defines. So
+                * free up in reverse order.
+                */
+               tt = it->templates + it->tcount - 1;
+               for(i = 0; i < it->tcount; tt--, i++) {
+                       ASN1_VALUE **pseqval;
+                       seqtt = asn1_do_adb(pval, tt, 0);
+                       if(!seqtt) continue;
+                       pseqval = asn1_get_field_ptr(pval, seqtt);
+                       ASN1_template_free(pseqval, seqtt);
+               }
+               if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
+               if(!combine) {
+                       OPENSSL_free(*pval);
+                       *pval = NULL;
+               }
+               break;
+       }
+}
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+       int i;
+       if(tt->flags & ASN1_TFLG_SK_MASK) {
+               STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+               for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+                       ASN1_VALUE *vtmp;
+                       vtmp = sk_ASN1_VALUE_value(sk, i);
+                       asn1_item_combine_free(&vtmp, tt->item, 0);
+               }
+               sk_ASN1_VALUE_free(sk);
+               *pval = NULL;
+       } else asn1_item_combine_free(pval, tt->item, tt->flags & ASN1_TFLG_COMBINE);
+}
+
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       int utype;
+       if(it) {
+               const ASN1_PRIMITIVE_FUNCS *pf;
+               pf = it->funcs;
+               if(pf && pf->prim_free) {
+                       pf->prim_free(pval, it);
+                       return;
+               }
+       }
+       /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
+       if(!it) {
+               ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
+               utype = typ->type;
+               pval = (ASN1_VALUE **)&typ->value.ptr;
+               if(!*pval) return;
+       } else if(it->itype == ASN1_ITYPE_MSTRING) {
+               utype = -1;
+               if(!*pval) return;
+       } else {
+               utype = it->utype;
+               if((utype != V_ASN1_BOOLEAN) && !*pval) return;
+       }
+
+       switch(utype) {
+               case V_ASN1_OBJECT:
+               ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
+               break;
+
+               case V_ASN1_BOOLEAN:
+               *(ASN1_BOOLEAN *)pval = it->size;
+               return;
+
+               case V_ASN1_NULL:
+               break;
+
+               case V_ASN1_ANY:
+               ASN1_primitive_free(pval, NULL);
+               OPENSSL_free(*pval);
+               break;
+
+               default:
+               ASN1_STRING_free((ASN1_STRING *)*pval);
+               *pval = NULL;
+               break;
+       }
+       *pval = NULL;
+}
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
new file mode 100644 (file)
index 0000000..d6f1155
--- /dev/null
@@ -0,0 +1,313 @@
+/* tasn_new.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
+{
+       ASN1_VALUE *ret = NULL;
+       if(ASN1_item_ex_new(&ret, it) > 0) return ret;
+       return NULL;
+}
+
+/* Allocate an ASN1 structure */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       return asn1_item_ex_combine_new(pval, it, 0);
+}
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
+{
+       const ASN1_TEMPLATE *tt = NULL;
+       const ASN1_COMPAT_FUNCS *cf;
+       const ASN1_EXTERN_FUNCS *ef;
+       const ASN1_AUX *aux = it->funcs;
+       ASN1_aux_cb *asn1_cb;
+       ASN1_VALUE **pseqval;
+       int i;
+       if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+       else asn1_cb = 0;
+
+       if(!combine) *pval = NULL;
+
+       switch(it->itype) {
+
+               case ASN1_ITYPE_EXTERN:
+               ef = it->funcs;
+               if(ef && ef->asn1_ex_new) {
+                       if(!ef->asn1_ex_new(pval, it))
+                               goto memerr;
+               }
+               break;
+
+               case ASN1_ITYPE_COMPAT:
+               cf = it->funcs;
+               if(cf && cf->asn1_new) {
+                       *pval = cf->asn1_new();
+                       if(!*pval) goto memerr;
+               }
+               break;
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates) {
+                       if(!ASN1_template_new(pval, it->templates))
+                               goto memerr;
+               } else {
+                       if(!ASN1_primitive_new(pval, it))
+                               goto memerr;
+               }
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               if(!ASN1_primitive_new(pval, it))
+                               goto memerr;
+               break;
+
+               case ASN1_ITYPE_CHOICE:
+               if(asn1_cb) {
+                       i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+                       if(!i) goto auxerr;
+                       if(i==2) return 1;
+               }
+               if(!combine) {
+                       *pval = OPENSSL_malloc(it->size);
+                       if(!*pval) goto memerr;
+                       memset(*pval, 0, it->size);
+               }
+               asn1_set_choice_selector(pval, -1, it);
+               if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+                               goto auxerr;
+               break;
+
+               case ASN1_ITYPE_SEQUENCE:
+               if(asn1_cb) {
+                       i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+                       if(!i) goto auxerr;
+                       if(i==2) return 1;
+               }
+               if(!combine) {
+                       *pval = OPENSSL_malloc(it->size);
+                       if(!*pval) goto memerr;
+                       memset(*pval, 0, it->size);
+                       asn1_do_lock(pval, 0, it);
+                       asn1_enc_init(pval, it);
+               }
+               for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+                       pseqval = asn1_get_field_ptr(pval, tt);
+                       if(!ASN1_template_new(pseqval, tt)) goto memerr;
+               }
+               if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+                               goto auxerr;
+               break;
+       }
+       return 1;
+
+       memerr:
+       ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE);
+       return 0;
+
+       auxerr:
+       ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR);
+       ASN1_item_ex_free(pval, it);
+       return 0;
+
+}
+
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       const ASN1_EXTERN_FUNCS *ef;
+
+       switch(it->itype) {
+
+               case ASN1_ITYPE_EXTERN:
+               ef = it->funcs;
+               if(ef && ef->asn1_ex_clear) 
+                       ef->asn1_ex_clear(pval, it);
+               else *pval = NULL;
+               break;
+
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates) 
+                       asn1_template_clear(pval, it->templates);
+               else
+                       asn1_primitive_clear(pval, it);
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               asn1_primitive_clear(pval, it);
+               break;
+
+               case ASN1_ITYPE_COMPAT:
+               case ASN1_ITYPE_CHOICE:
+               case ASN1_ITYPE_SEQUENCE:
+               *pval = NULL;
+               break;
+       }
+}
+
+
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+       const ASN1_ITEM *it = tt->item;
+       if(tt->flags & ASN1_TFLG_OPTIONAL) {
+               asn1_template_clear(pval, tt);
+               return 1;
+       }
+       /* If ANY DEFINED BY nothing to do */
+
+       if(tt->flags & ASN1_TFLG_ADB_MASK) {
+               *pval = NULL;
+               return 1;
+       }
+       /* If SET OF or SEQUENCE OF, its a STACK */
+       if(tt->flags & ASN1_TFLG_SK_MASK) {
+               STACK_OF(ASN1_VALUE) *skval;
+               skval = sk_ASN1_VALUE_new_null();
+               if(!skval) {
+                       ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
+                       return 0;
+               }
+               *pval = (ASN1_VALUE *)skval;
+               return 1;
+       }
+       /* Otherwise pass it back to the item routine */
+       return asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
+}
+
+void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+       /* If ADB or STACK just NULL the field */
+       if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) 
+               *pval = NULL;
+       else
+               asn1_item_clear(pval, tt->item);
+}
+
+
+/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old
+ * functions.
+ */
+
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       ASN1_TYPE *typ;
+       int utype;
+       const ASN1_PRIMITIVE_FUNCS *pf;
+       pf = it->funcs;
+       if(pf && pf->prim_new) return pf->prim_new(pval, it);
+       if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
+       else utype = it->utype;
+       switch(utype) {
+               case V_ASN1_OBJECT:
+               *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
+               return 1;
+
+               case V_ASN1_BOOLEAN:
+               *(ASN1_BOOLEAN *)pval = it->size;
+               return 1;
+
+               case V_ASN1_NULL:
+               *pval = (ASN1_VALUE *)1;
+               return 1;
+
+               case V_ASN1_ANY:
+               typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
+               if(!typ) return 0;
+               typ->value.ptr = NULL;
+               typ->type = -1;
+               *pval = (ASN1_VALUE *)typ;
+               break;
+
+               default:
+               *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
+               break;
+       }
+       if(*pval) return 1;
+       return 0;
+}
+
+void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       int utype;
+       const ASN1_PRIMITIVE_FUNCS *pf;
+       pf = it->funcs;
+       if(pf) {
+               if(pf->prim_clear)
+                       pf->prim_clear(pval, it);
+               else 
+                       *pval = NULL;
+               return;
+       }
+       if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
+       else utype = it->utype;
+       if(utype == V_ASN1_BOOLEAN)
+               *(ASN1_BOOLEAN *)pval = it->size;
+       else *pval = NULL;
+}
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
new file mode 100644 (file)
index 0000000..a0c71ea
--- /dev/null
@@ -0,0 +1,196 @@
+/* tasn_prn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/nasn.h>
+
+/* Print routines. Print out a whole structure from a template.
+ */
+
+static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name);
+
+int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it)
+{
+       return asn1_item_print_nm(out, fld, indent, it, it->sname);
+}
+
+static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name)
+{
+       ASN1_STRING *str;
+       const ASN1_TEMPLATE *tt;
+       void *tmpfld;
+       int i;
+       if(!fld) {
+               BIO_printf(out, "%*s%s ABSENT\n", indent, "", name);
+               return 1;
+       }
+       switch(it->itype) {
+
+               case ASN1_ITYPE_PRIMITIVE:
+               if(it->templates)
+                       return ASN1_template_print(out, fld, indent, it->templates);
+               return asn1_primitive_print(out, fld, it->utype, indent, name);
+               break;
+
+               case ASN1_ITYPE_MSTRING:
+               str = fld;
+               return asn1_primitive_print(out, fld, str->type, indent, name);
+
+               case ASN1_ITYPE_EXTERN:
+               BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
+               return 1;
+               case ASN1_ITYPE_COMPAT:
+               BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
+               return 1;
+
+
+               case ASN1_ITYPE_CHOICE:
+               /* CHOICE type, get selector */
+               i = asn1_get_choice_selector(fld, it);
+               /* This should never happen... */
+               if((i < 0) || (i >= it->tcount)) {
+                       BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i);
+                       return 1;
+               }
+               tt = it->templates + i;
+               tmpfld = asn1_get_field(fld, tt);
+               return ASN1_template_print(out, tmpfld, indent, tt);
+
+               case ASN1_ITYPE_SEQUENCE:
+               BIO_printf(out, "%*s%s {\n", indent, "", name);
+               /* Get each field entry */
+               for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+                       tmpfld = asn1_get_field(fld, tt);
+                       ASN1_template_print(out, tmpfld, indent + 2, tt);
+               }
+               BIO_printf(out, "%*s}\n", indent, "");
+               return 1;
+
+               default:
+               return 0;
+       }
+}
+
+int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt)
+{
+       int i, flags;
+       //if(!fld) return 0;
+       flags = tt->flags;
+       if(flags & ASN1_TFLG_SK_MASK) {
+               char *tname;
+               void *skitem;
+               /* SET OF, SEQUENCE OF */
+               if(flags & ASN1_TFLG_SET_OF) tname = "SET";
+               else tname = "SEQUENCE";
+               if(fld) {
+                       BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name);
+                       for(i = 0; i < sk_num(fld); i++) {
+                               skitem = sk_value(fld, i);
+                               asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
+                       }
+                       BIO_printf(out, "%*s}\n", indent, "");
+               } else 
+                       BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name);
+               return 1;
+       }
+       return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
+}
+
+static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name)
+{
+       ASN1_STRING *str = fld;
+       if(fld) {
+               if(utype == V_ASN1_BOOLEAN) {
+                       int *bool = fld;
+if(*bool == -1) printf("BOOL MISSING\n");
+                       BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE");
+               } else if((utype == V_ASN1_INTEGER) 
+                         || (utype == V_ASN1_ENUMERATED)) {
+                       char *s, *nm;
+                       s = i2s_ASN1_INTEGER(NULL, fld);
+                       if(utype == V_ASN1_INTEGER) nm = "INTEGER";
+                       else nm = "ENUMERATED";
+                       BIO_printf(out, "%*s%s:%s", indent, "", nm, s);
+                       OPENSSL_free(s);
+               } else if(utype == V_ASN1_NULL) {
+                       BIO_printf(out, "%*s%s", indent, "", "NULL");
+               } else if(utype == V_ASN1_UTCTIME) {
+                       BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME");
+                       ASN1_UTCTIME_print(out, str);
+               } else if(utype == V_ASN1_GENERALIZEDTIME) {
+                       BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME");
+                       ASN1_GENERALIZEDTIME_print(out, str);
+               } else if(utype == V_ASN1_OBJECT) {
+                       char objbuf[80], *ln;
+                       ln = OBJ_nid2ln(OBJ_obj2nid(fld));
+                       if(!ln) ln = "";
+                       OBJ_obj2txt(objbuf, 80, fld, 1);
+                       BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
+               } else {
+                       BIO_printf(out, "%*s%s:", indent, "", name);
+                       ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE);
+               }
+               BIO_printf(out, "\n");
+       } else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name);
+       return 1;
+}
diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c
new file mode 100644 (file)
index 0000000..188311c
--- /dev/null
@@ -0,0 +1,130 @@
+/* tasn_typ.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Declarations for string types */
+
+
+IMPLEMENT_ASN1_TYPE(ASN1_INTEGER)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_NULL)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_T61STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ANY)
+
+/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
+IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
+
+IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+/* Multistring types */
+
+IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+
+IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+
+/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
+IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
new file mode 100644 (file)
index 0000000..16b2c14
--- /dev/null
@@ -0,0 +1,252 @@
+/* tasn_utl.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+
+/* Utility functions for manipulating fields and offsets */
+
+/* Add 'offset' to 'addr' */
+#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
+
+/* Given an ASN1_ITEM CHOICE type return
+ * the selector value
+ */
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       int *sel = offset2ptr(*pval, it->utype);
+       return *sel;
+}
+
+/* Given an ASN1_ITEM CHOICE type set
+ * the selector value, return old value.
+ */
+
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
+{      
+       int *sel, ret;
+       sel = offset2ptr(*pval, it->utype);
+       ret = *sel;
+       *sel = value;
+       return ret;
+}
+
+/* Do reference counting. The value 'op' decides what to do. 
+ * if it is +1 then the count is incremented. If op is 0 count is
+ * set to 1. If op is -1 count is decremented and the return value
+ * is the current refrence count or 0 if no reference count exists.
+ */
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
+{
+       const ASN1_AUX *aux;
+       int *lck, ret;
+       if(it->itype != ASN1_ITYPE_SEQUENCE) return 0;
+       aux = it->funcs;
+       if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0;
+       lck = offset2ptr(*pval, aux->ref_offset);
+       if(op == 0) {
+               *lck = 1;
+               return 1;
+       }
+       ret = CRYPTO_add(lck, op, aux->ref_lock);
+#ifdef REF_PRINT
+       fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
+#endif
+#ifdef REF_CHECK
+       if(ret < 0) 
+               fprintf(stderr, "%s, bad reference count\n", it->sname);
+#endif
+       return ret;
+}
+
+static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       const ASN1_AUX *aux;
+       if(!pval || !*pval) return NULL;
+       aux = it->funcs;
+       if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL;
+       return offset2ptr(*pval, aux->enc_offset);
+}
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       ASN1_ENCODING *enc;
+       enc = asn1_get_enc_ptr(pval, it);
+       if(enc) {
+               enc->enc = NULL;
+               enc->len = 0;
+               enc->modified = 1;
+       }
+}
+
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       ASN1_ENCODING *enc;
+       enc = asn1_get_enc_ptr(pval, it);
+       if(enc) {
+               if(enc->enc) OPENSSL_free(enc->enc);
+               enc->enc = NULL;
+               enc->len = 0;
+               enc->modified = 1;
+       }
+}
+
+int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it)
+{
+       ASN1_ENCODING *enc;
+       enc = asn1_get_enc_ptr(pval, it);
+       if(!enc) return 1;
+
+       if(enc->enc) OPENSSL_free(enc->enc);
+       enc->enc = OPENSSL_malloc(inlen);
+       if(!enc->enc) return 0;
+       memcpy(enc->enc, in, inlen);
+       enc->len = inlen;
+       enc->modified = 0;
+
+       return 1;
+}
+               
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       ASN1_ENCODING *enc;
+       enc = asn1_get_enc_ptr(pval, it);
+       if(!enc || enc->modified) return 0;
+       if(out) {
+               memcpy(*out, enc->enc, enc->len);
+               *out += enc->len;
+       }
+       if(len) *len = enc->len;
+       return 1;
+}
+
+/* Given an ASN1_TEMPLATE get a pointer to a field */
+ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+       ASN1_VALUE **pvaltmp;
+       if(tt->flags & ASN1_TFLG_COMBINE) return pval;
+       pvaltmp = offset2ptr(*pval, tt->offset);
+       /* NOTE for BOOLEAN types the field is just a plain
+        * int so we can't return int **, so settle for
+        * (int *).
+        */
+       return pvaltmp;
+}
+
+/* Handle ANY DEFINED BY template, find the selector, look up
+ * the relevant ASN1_TEMPLATE in the table and return it.
+ */
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr)
+{
+       const ASN1_ADB *adb;
+       const ASN1_ADB_TABLE *atbl;
+       long selector;
+       ASN1_VALUE **sfld;
+       int i;
+       if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt;
+
+       /* Else ANY DEFINED BY ... get the table */
+       adb = tt->item;
+
+       /* Get the selector field */
+       sfld = offset2ptr(*pval, adb->offset);
+
+       /* Check if NULL */
+       if(!sfld) {
+               if(!adb->null_tt) goto err;
+               return adb->null_tt;
+       }
+
+       /* Convert type to a long:
+        * NB: don't check for NID_undef here because it
+        * might be a legitimate value in the table
+        */
+       if(tt->flags & ASN1_TFLG_ADB_OID) 
+               selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
+       else 
+               selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
+
+       /* Try to find matching entry in table
+        * Maybe should check application types first to
+        * allow application override? Might also be useful
+        * to have a flag which indicates table is sorted and
+        * we can do a binary search. For now stick to a
+        * linear search.
+        */
+
+       for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
+               if(atbl->value == selector) return &atbl->tt;
+
+       /* FIXME: need to search application table too */
+
+       /* No match, return default type */
+       if(!adb->default_tt) goto err;          
+       return adb->default_tt;
+       
+       err:
+       /* FIXME: should log the value or OID of unsupported type */
+       if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
+       return NULL;
+}
index 853a8dfeef49b9cdb9d63d74de7715f00a60847f..c1cf2a5f8eca154a49fc5550298a567817ccef55 100644 (file)
-/* crypto/asn1/x_algor.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* x_algor.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
  * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
 
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <stddef.h>
 #include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 
-int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
-       if (a->parameter != NULL)
-               { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
-
-       M_ASN1_I2D_seq_total();
-       M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
-       if (a->parameter != NULL)
-               { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
-       if (!M_ASN1_D2I_end_sequence())
-               { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
-       else
-               {
-               ASN1_TYPE_free(ret->parameter);
-               ret->parameter=NULL;
-               }
-       M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
-       }
-
-X509_ALGOR *X509_ALGOR_new(void)
-       {
-       X509_ALGOR *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_ALGOR);
-       ret->algorithm=OBJ_nid2obj(NID_undef);
-       ret->parameter=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
-       }
+ASN1_SEQUENCE(X509_ALGOR) = {
+       ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
+       ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
+} ASN1_SEQUENCE_END(X509_ALGOR);
 
-void X509_ALGOR_free(X509_ALGOR *a)
-       {
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->algorithm);
-       ASN1_TYPE_free(a->parameter);
-       OPENSSL_free(a);
-       }
+IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
 
 IMPLEMENT_STACK_OF(X509_ALGOR)
 IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
index 14e5ea27aa76625c852fe32d58708e06cc2d692b..3c0d3ab759db4c4dd80788ae250e079e1a735393 100644 (file)
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-/* sequence */
-int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp)
-       {
-       int k=0;
-       int r=0,ret=0;
-       unsigned char **p=NULL;
-
-       if (a == NULL) return(0);
-
-       p=NULL;
-       for (;;)
-               {
-               if (k)
-                       {
-                       r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
-                       if (pp == NULL) return(r);
-                       p=pp;
-                       ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
-                               V_ASN1_UNIVERSAL);
-                       }
-
-               ret+=i2d_ASN1_OBJECT(a->object,p);
-               if (a->set)
-                       ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE,
-                               V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-               else
-                       ret+=i2d_ASN1_TYPE(a->value.single,p);
-               if (k++) return(r);
-               }
-       }
-
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
+/* X509_ATTRIBUTE: this has the following form:
+ *
+ * typedef struct x509_attributes_st
+ *     {
+ *     ASN1_OBJECT *object;
+ *     int single;
+ *     union   {
+ *             char            *ptr;
+ *             STACK_OF(ASN1_TYPE) *set;
+ *             ASN1_TYPE       *single;
+ *             } value;
+ *     } X509_ATTRIBUTE;
+ *
+ * this needs some extra thought because the CHOICE type is
+ * merged with the main structure and because the value can
+ * be anything at all we *must* try the SET OF first because
+ * the ASN1_ANY type will swallow anything including the whole
+ * SET OF structure.
+ */
 
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
+       ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
+       ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
+} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single);
 
-       if ((c.slen != 0) &&
-               (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
-               {
-               ret->set=1;
-               M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE,
-                                       ASN1_TYPE_free);
-               }
-       else
-               {
-               ret->set=0;
-               M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
-               }
+ASN1_SEQUENCE(X509_ATTRIBUTE) = {
+       ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
+       /* CHOICE type merged with parent */
+       ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
+} ASN1_SEQUENCE_END(X509_ATTRIBUTE);
 
-       M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
-       }
+IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
 
 X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
        {
@@ -126,7 +103,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
        if ((ret=X509_ATTRIBUTE_new()) == NULL)
                return(NULL);
        ret->object=OBJ_nid2obj(nid);
-       ret->set=1;
+       ret->single=0;
        if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
        if ((val=ASN1_TYPE_new()) == NULL) goto err;
        if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
@@ -138,28 +115,3 @@ err:
        if (val != NULL) ASN1_TYPE_free(val);
        return(NULL);
        }
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void)
-       {
-       X509_ATTRIBUTE *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
-       ret->object=OBJ_nid2obj(NID_undef);
-       ret->set=0;
-       ret->value.ptr=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
-       }
-       
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
-       {
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->object);
-       if (a->set)
-               sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free);
-       else
-               ASN1_TYPE_free(a->value.single);
-       OPENSSL_free(a);
-       }
-
diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
new file mode 100644 (file)
index 0000000..6d59f5c
--- /dev/null
@@ -0,0 +1,132 @@
+/* x_bignum.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+
+/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
+ * BIGNUM directly. Currently it ignores the sign which isn't a problem since all
+ * BIGNUMs used are non negative and anything that looks negative is normally due
+ * to an encoding error.
+ */
+
+#define BN_SENSITIVE   1
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+static ASN1_PRIMITIVE_FUNCS bignum_pf = {
+       NULL, 0,
+       bn_new,
+       bn_free,
+       0,
+       bn_c2i,
+       bn_i2c
+};
+
+const ASN1_ITEM BIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"};
+const ASN1_ITEM CBIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"};
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       *pval = (ASN1_VALUE *)BN_new();
+       if(*pval) return 1;
+       else return 0;
+}
+
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       if(!*pval) return;
+       if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
+       else BN_free((BIGNUM *)*pval);
+       *pval = NULL;
+}
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+       BIGNUM *bn;
+       int pad;
+       if(!*pval) return -1;
+       bn = (BIGNUM *)*pval;
+       /* If MSB set in an octet we need a padding byte */
+       if(BN_num_bits(bn) & 0x7) pad = 0;
+       else pad = 1;
+       if(cont) {
+               if(pad) *cont++ = 0;
+               BN_bn2bin(bn, cont);
+       }
+       return pad + BN_num_bytes(bn);
+}
+
+static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+       BIGNUM *bn;
+       if(!*pval) bn_new(pval, it);
+       bn  = (BIGNUM *)*pval;
+       if(!BN_bin2bn(cont, len, bn)) {
+               bn_free(pval, it);
+               return 0;
+       }
+       return 1;
+}
+
+
index 1f302d0e01eb39b5ee32fd264d3986d4d2db9400..bf13df81618dfddc65f7d4220f3a35ac9251f859 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
 static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
                                const X509_REVOKED * const *b);
 static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
                                const X509_REVOKED * const *b);
-int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
-       M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-                                        i2d_X509_EXTENSION);
-
-       M_ASN1_I2D_seq_total();
 
-       M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
-       M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-                                        i2d_X509_EXTENSION);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME);
-       M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions,
-                                   d2i_X509_EXTENSION,X509_EXTENSION_free);
-       M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
-       }
-
-int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
-       {
-       int v1=0;
-       long l=0;
+ASN1_SEQUENCE(X509_REVOKED) = {
+       ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
+       ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
+       ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
+} ASN1_SEQUENCE_END(X509_REVOKED);
+
+/* The X509_CRL_INFO structure needs a bit of customisation. This is actually
+ * mirroring the old behaviour: its purpose is to allow the use of
+ * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately
+ * this will zap the original order and the signature so we keep a copy
+ * of the original positions and reorder appropriately before encoding.
+ *
+ * Might want to see if there's a better way of doing this later...
+ */
+static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
+       int i;
        int (*old_cmp)(const X509_REVOKED * const *,
                        const X509_REVOKED * const *);
-       M_ASN1_I2D_vars(a);
-       
-       old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
-       sk_X509_REVOKED_sort(a->revoked);
-       sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
-
-       if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
-               {
-               M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
-               }
-       M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
-       M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME);
-       if (a->nextUpdate != NULL)
-               { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
-       M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
-                                        i2d_X509_REVOKED);
-       M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-                                            i2d_X509_EXTENSION,0,
-                                            V_ASN1_SEQUENCE,v1);
-
-       M_ASN1_I2D_seq_total();
-
-       if ((a->version != NULL) && (l != 0))
-               {
-               M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
-               }
-       M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
-       M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME);
-       if (a->nextUpdate != NULL)
-               { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
-       M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
-                                        i2d_X509_REVOKED);
-       M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
-                                            i2d_X509_EXTENSION,0,
-                                            V_ASN1_SEQUENCE,v1);
 
-       M_ASN1_I2D_finish();
-       }
-
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp,
-            long length)
-       {
-       int i,ver=0;
-       M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
-
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
-       if (ret->version != NULL)
-               ver=ret->version->data[0];
-       
-       if ((ver == 0) && (ret->version != NULL))
-               {
-               M_ASN1_INTEGER_free(ret->version);
-               ret->version=NULL;
-               }
-       M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
-       M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME);
-       /* Manually handle the OPTIONAL ASN1_TIME stuff */
-       /* First try UTCTime */
-       M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME);
-       /* If that doesn't work try GeneralizedTime */
-       if(!ret->nextUpdate) 
-               M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME,
-                                                       V_ASN1_GENERALIZEDTIME);
-       if (ret->revoked != NULL)
-               {
-               while (sk_X509_REVOKED_num(ret->revoked))
-                       X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked));
-               }
-       M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED,
-                                   X509_REVOKED_free);
-
-       if (ret->revoked != NULL)
-               {
-               for (i=0; i<sk_X509_REVOKED_num(ret->revoked); i++)
-                       {
-                       sk_X509_REVOKED_value(ret->revoked,i)->sequence=i;
-                       }
-               }
-
-       if (ret->extensions != NULL)
-               {
-               while (sk_X509_EXTENSION_num(ret->extensions))
-                       X509_EXTENSION_free(
-                       sk_X509_EXTENSION_pop(ret->extensions));
-               }
-               
-       M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
-                                       d2i_X509_EXTENSION,
-                                       X509_EXTENSION_free,0,
-                                       V_ASN1_SEQUENCE);
-
-       M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
-       }
-
-int i2d_X509_CRL(X509_CRL *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
-       M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
-       M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
-       M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-
-       M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
-       }
-
-
-X509_REVOKED *X509_REVOKED_new(void)
-       {
-       X509_REVOKED *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_REVOKED);
-       M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new);
-       ret->extensions=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
-       }
-
-X509_CRL_INFO *X509_CRL_INFO_new(void)
-       {
-       X509_CRL_INFO *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_CRL_INFO);
-       ret->version=NULL;
-       M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-       M_ASN1_New(ret->issuer,X509_NAME_new);
-       M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
-       ret->nextUpdate=NULL;
-       M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
-       M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null);
-       sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
-       }
-
-X509_CRL *X509_CRL_new(void)
-       {
-       X509_CRL *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_CRL);
-       ret->references=1;
-       M_ASN1_New(ret->crl,X509_CRL_INFO_new);
-       M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-       M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
-       }
-
-void X509_REVOKED_free(X509_REVOKED *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->serialNumber);
-       M_ASN1_UTCTIME_free(a->revocationDate);
-       sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
-       OPENSSL_free(a);
-       }
-
-void X509_CRL_INFO_free(X509_CRL_INFO *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       X509_ALGOR_free(a->sig_alg);
-       X509_NAME_free(a->issuer);
-       M_ASN1_UTCTIME_free(a->lastUpdate);
-       if (a->nextUpdate)
-               M_ASN1_UTCTIME_free(a->nextUpdate);
-       sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free);
-       sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
-       OPENSSL_free(a);
-       }
-
-void X509_CRL_free(X509_CRL *a)
-       {
-       int i;
-
-       if (a == NULL) return;
-
-       i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
-       REF_PRINT("X509_CRL",a);
-#endif
-       if (i > 0) return;
-#ifdef REF_CHECK
-       if (i < 0)
-               {
-               fprintf(stderr,"X509_CRL_free, bad reference count\n");
-               abort();
-               }
-#endif
-
-       X509_CRL_INFO_free(a->crl);
-       X509_ALGOR_free(a->sig_alg);
-       M_ASN1_BIT_STRING_free(a->signature);
-       OPENSSL_free(a);
+       if(!a || !a->revoked) return 1;
+       switch(operation) {
+
+               /* Save original order */
+               case ASN1_OP_D2I_POST:
+               for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
+                       sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
+               sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
+               break;
+
+               /* Restore original order */
+               case ASN1_OP_I2D_PRE:
+               old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
+               sk_X509_REVOKED_sort(a->revoked);
+               sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
+               break;
        }
+       return 1;
+}
+
+
+ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
+       ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
+       ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
+       ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
+       ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
+       ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
+       ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
+       ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO);
+
+ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
+       ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
+       ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
+       ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL);
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
 
 static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
                        const X509_REVOKED * const *b)
@@ -342,6 +142,19 @@ static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
        return((*a)->sequence-(*b)->sequence);
        }
 
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+{
+       X509_CRL_INFO *inf;
+       inf = crl->crl;
+       if(!inf->revoked)
+               inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
+       if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
+               ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
+               return 0;
+       }
+       return 1;
+}
+
 IMPLEMENT_STACK_OF(X509_REVOKED)
 IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
 IMPLEMENT_STACK_OF(X509_CRL)
index fbfd963b4063900686d83fa98fdf0c75134614a9..97e13f8dd1464a34f118bc335efbaf70be3888d9 100644 (file)
-/* crypto/asn1/x_exten.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* x_exten.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
  * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
 
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <stddef.h>
 #include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 
-int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp)
-       {
-       int k=0;
-       int r=0,ret=0;
-       unsigned char **p=NULL;
-
-       if (a == NULL) return(0);
-
-       p=NULL;
-       for (;;)
-               {
-               if (k)
-                       {
-                       r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
-                       if (pp == NULL) return(r);
-                       p=pp;
-                       ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
-                               V_ASN1_UNIVERSAL);
-                       }
-
-               ret+=i2d_ASN1_OBJECT(a->object,p);
-               if ((a->critical) || a->netscape_hack)
-                       ret+=i2d_ASN1_BOOLEAN(a->critical,p);
-               ret+=i2d_ASN1_OCTET_STRING(a->value,p);
-               if (k++) return(r);
-               }
-       }
-
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp,
-            long length)
-       {
-       int i;
-       M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-
-       ret->netscape_hack=0;
-       if ((c.slen != 0) &&
-               (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
-               {
-               c.q=c.p;
-               if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
-               ret->critical=i;
-               c.slen-=(c.p-c.q);
-               if (ret->critical == 0) ret->netscape_hack=1;
-               }
-       M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
-
-       M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
-       }
-
-X509_EXTENSION *X509_EXTENSION_new(void)
-       {
-       X509_EXTENSION *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_EXTENSION);
-       ret->object=OBJ_nid2obj(NID_undef);
-       M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new);
-       ret->critical=0;
-       ret->netscape_hack=0;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
-       }
-       
-void X509_EXTENSION_free(X509_EXTENSION *a)
-       {
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->object);
-       M_ASN1_OCTET_STRING_free(a->value);
-       OPENSSL_free(a);
-       }
+ASN1_SEQUENCE(X509_EXTENSION) = {
+       ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+       ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+       ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION);
 
+IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
index 5e62fc2f6f1a4d0481c32f359040c4c3c43f546a..d44f6cdb0197a2133d2d065a0224fe99ee0b4fce 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
 #include <openssl/x509.h>
 
 X509_INFO *X509_INFO_new(void)
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
new file mode 100644 (file)
index 0000000..845bc2d
--- /dev/null
@@ -0,0 +1,158 @@
+/* x_long.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+
+/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
+ * and a long directly.
+ */
+
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+static ASN1_PRIMITIVE_FUNCS long_pf = {
+       NULL, 0,
+       long_new,
+       long_free,
+       long_free,      /* Clear should set to initial value */
+       long_c2i,
+       long_i2c
+};
+
+const ASN1_ITEM LONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"};
+const ASN1_ITEM ZLONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"};
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       *(long *)pval = it->size;
+       return 1;
+}
+
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       *(long *)pval = it->size;
+}
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+       long ltmp;
+       unsigned long utmp;
+       int clen, pad, i;
+       ltmp = *(long *)pval;
+       if(ltmp == it->size) return -1;
+       /* Convert the long to positive: we subtract one if negative so
+        * we can cleanly handle the padding if only the MSB of the leading
+        * octet is set. 
+        */
+       if(ltmp < 0) utmp = -ltmp - 1;
+       else utmp = ltmp;
+       clen = BN_num_bits_word(utmp);
+       /* If MSB of leading octet set we need to pad */
+       if(!(clen & 0x7)) pad = 1;
+       else pad = 0;
+
+       /* Convert number of bits to number of octets */
+       clen = (clen + 7) >> 3;
+
+       if(cont) {
+               if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
+               for(i = clen - 1; i >= 0; i--) {
+                       cont[i] = (unsigned char)(utmp & 0xff);
+                       if(ltmp < 0) cont[i] ^= 0xff;
+                       utmp >>= 8;
+               }
+       }
+       return clen + pad;
+}
+
+static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+       int neg, i;
+       long ltmp;
+       unsigned long utmp = 0;
+       if(len > sizeof(long)) {
+               ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+               return 0;
+       }
+       /* Is it negative? */
+       if(len && (cont[0] & 0x80)) neg = 1;
+       else neg = 0;
+       utmp = 0;
+       for(i = 0; i < len; i++) {
+               utmp <<= 8;
+               if(neg) utmp |= cont[i] ^ 0xff;
+               else utmp |= cont[i];
+       }
+       ltmp = (long)utmp;
+       if(neg) {
+               ltmp++;
+               ltmp = -ltmp;
+       }
+       if(ltmp == it->size) {
+               ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+               return 0;
+       }
+       *(long *)pval = ltmp;
+       return 1;
+}
index b832deb928b0fe48d35fd55ceb5a3f5126caabf2..5da066949236ea104c6a38fe8dd05c8375b4a460 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-static int i2d_X509_NAME_entries(X509_NAME *a);
-int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-       M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
-       ret->set=0;
-       M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
-       }
-
-int i2d_X509_NAME(X509_NAME *a, unsigned char **pp)
-       {
-       int ret;
-
-       if (a == NULL) return(0);
-       if (a->modified)
-               {
-               ret=i2d_X509_NAME_entries(a);
-               if (ret < 0) return(ret);
-               }
-
-       ret=a->bytes->length;
-       if (pp != NULL)
-               {
-               memcpy(*pp,a->bytes->data,ret);
-               *pp+=ret;
-               }
-       return(ret);
-       }
+static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
+                                       int tag, int aclass, char opt, ASN1_TLC *ctx);
 
-static int i2d_X509_NAME_entries(X509_NAME *a)
-       {
-       X509_NAME_ENTRY *ne,*fe=NULL;
-       STACK_OF(X509_NAME_ENTRY) *sk;
-       BUF_MEM *buf=NULL;
-       int set=0,r,ret=0;
-       int i;
-       unsigned char *p;
-       int size=0;
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
+static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
 
-       sk=a->entries;
-       for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
-               {
-               ne=sk_X509_NAME_ENTRY_value(sk,i);
-               if (fe == NULL)
-                       {
-                       fe=ne;
-                       size=0;
-                       }
+static int x509_name_encode(X509_NAME *a);
 
-               if (ne->set != set)
-                       {
-                       ret+=ASN1_object_size(1,size,V_ASN1_SET);
-                       fe->size=size;
-                       fe=ne;
-                       size=0;
-                       set=ne->set;
-                       }
-               size+=i2d_X509_NAME_ENTRY(ne,NULL);
-               }
-
-       ret+=ASN1_object_size(1,size,V_ASN1_SET);
-       if (fe != NULL)
-               fe->size=size;
-
-       r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+ASN1_SEQUENCE(X509_NAME_ENTRY) = {
+       ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
+       ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
+} ASN1_SEQUENCE_END(X509_NAME_ENTRY);
 
-       buf=a->bytes;
-       if (!BUF_MEM_grow(buf,r)) goto err;
-       p=(unsigned char *)buf->data;
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
 
-       ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-       set= -1;
-       for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
-               {
-               ne=sk_X509_NAME_ENTRY_value(sk,i);
-               if (set != ne->set)
-                       {
-                       set=ne->set;
-                       ASN1_put_object(&p,1,ne->size,
-                               V_ASN1_SET,V_ASN1_UNIVERSAL);
-                       }
-               i2d_X509_NAME_ENTRY(ne,&p);
-               }
-       a->modified=0;
-       return(r);
-err:
-       return(-1);
-       }
+/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
+ * so declare two template wrappers for this
+ */
 
-X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length)
-       {
-       int set=0,i;
-       int idx=0;
-       unsigned char *orig;
-       M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
+ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES);
 
-       orig= *pp;
-       if (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
-               {
-               while (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
-                       X509_NAME_ENTRY_free(
-                                      sk_X509_NAME_ENTRY_pop(ret->entries));
-               }
+ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL);
 
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       for (;;)
-               {
-               if (M_ASN1_D2I_end_sequence()) break;
-               M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries,
-                                       d2i_X509_NAME_ENTRY,
-                                       X509_NAME_ENTRY_free);
-               for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++)
-                       {
-                       sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set;
-                       }
-               set++;
-               }
+/* Normally that's where it would end: we'd have two nested STACK structures
+ * representing the ASN1. Unfortunately X509_NAME uses a completely different
+ * form and caches encodings so we have to process the internal form and convert
+ * to the external form.
+ */
 
-       i=(int)(c.p-orig);
-       if (!BUF_MEM_grow(ret->bytes,i)) goto err;
-       memcpy(ret->bytes->data,orig,i);
-       ret->bytes->length=i;
-       ret->modified=0;
+const ASN1_EXTERN_FUNCS x509_name_ff = {
+       NULL,
+       x509_name_ex_new,
+       x509_name_ex_free,
+       0,      /* Default clear behaviour is OK */
+       x509_name_ex_d2i,
+       x509_name_ex_i2d
+};
 
-       M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
-       }
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) 
 
-X509_NAME *X509_NAME_new(void)
-       {
-       X509_NAME *ret=NULL;
-       ASN1_CTX c;
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
 
-       M_ASN1_New_Malloc(ret,X509_NAME);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+{
+       X509_NAME *ret = NULL;
+       ret = OPENSSL_malloc(sizeof(X509_NAME));
+       if(!ret) goto memerr;
        if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
-               { c.line=__LINE__; goto err2; }
-       M_ASN1_New(ret->bytes,BUF_MEM_new);
+               goto memerr;
+       if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
        ret->modified=1;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
-       }
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void)
-       {
-       X509_NAME_ENTRY *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
-/*     M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
-       ret->object=NULL;
-       ret->set=0;
-       M_ASN1_New(ret->value,ASN1_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
-       }
-
-void X509_NAME_free(X509_NAME *a)
-       {
-       if(a == NULL)
+       *val = (ASN1_VALUE *)ret;
+       return 1;
+       memerr:
+       ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE);
+       return 0;
+}
+
+static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       X509_NAME *a;
+       if(!pval || !*pval)
            return;
+       a = (X509_NAME *)*pval;
 
        BUF_MEM_free(a->bytes);
        sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
        OPENSSL_free(a);
+       *pval = NULL;
+}
+
+/* Used with sk_pop_free() to free up the internal representation.
+ * NB: we only free the STACK and not its contents because it is
+ * already present in the X509_NAME structure.
+ */
+
+static void sk_internal_free(void *a)
+{
+       sk_free(a);
+}
+
+static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
+                                       int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+       unsigned char *p = *in, *q;
+       STACK *intname = NULL;
+       int i, j, ret;
+       X509_NAME *nm = NULL;
+       STACK_OF(X509_NAME_ENTRY) *entries;
+       X509_NAME_ENTRY *entry;
+       q = p;
+
+       /* Get internal representation of Name */
+       ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, &X509_NAME_INTERNAL_it,
+                                                               tag, aclass, opt, ctx);
+       
+       if(ret <= 0) return ret;
+
+       if(*val) x509_name_ex_free(val, NULL);
+       if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
+       /* We've decoded it: now cache encoding */
+       if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
+       memcpy(nm->bytes->data, q, p - q);
+
+       /* Convert internal representation to X509_NAME structure */
+       for(i = 0; i < sk_num(intname); i++) {
+               entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
+               for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+                       entry = sk_X509_NAME_ENTRY_value(entries, j);
+                       entry->set = i;
+                       if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
+                               goto err;
+               }
+               sk_X509_NAME_ENTRY_free(entries);
        }
+       sk_free(intname);
+       nm->modified = 0;
+       *val = (ASN1_VALUE *)nm;
+       *in = p;
+       return ret;
+       err:
+       ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR);
+       return 0;
+}
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+       int ret;
+       X509_NAME *a = (X509_NAME *)*val;
+       if(a->modified) {
+               ret = x509_name_encode((X509_NAME *)a);
+               if(ret < 0) return ret;
+       }
+       ret = a->bytes->length;
+       if(out != NULL) {
+               memcpy(*out,a->bytes->data,ret);
+               *out+=ret;
+       }
+       return ret;
+}
 
-void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
-       {
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->object);
-       M_ASN1_BIT_STRING_free(a->value);
-       OPENSSL_free(a);
+static int x509_name_encode(X509_NAME *a)
+{
+       STACK *intname = NULL;
+       int len;
+       unsigned char *p;
+       STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+       X509_NAME_ENTRY *entry;
+       int i, set = -1;
+       intname = sk_new_null();
+       if(!intname) goto memerr;
+       for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+               entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+               if(entry->set != set) {
+                       entries = sk_X509_NAME_ENTRY_new_null();
+                       if(!entries) goto memerr;
+                       if(!sk_push(intname, (char *)entries)) goto memerr;
+                       set = entry->set;
+               }
+               if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
        }
+       len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, &X509_NAME_INTERNAL_it, -1, -1);
+       if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
+       p=(unsigned char *)a->bytes->data;
+       ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, &X509_NAME_INTERNAL_it, -1, -1);
+       sk_pop_free(intname, sk_internal_free);
+       a->modified = 0;
+       return len;
+       memerr:
+       sk_pop_free(intname, sk_internal_free);
+       ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE);
+       return -1;
+}
+
 
 int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
        {
index 8d1dbce22e433d9d302dcb64278f941f84e3c68b..8cef2cfb17fad901d135854007920f9d42f7582d 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->public_key,   i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->public_key,   i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
-       if (ret->pkey != NULL)
-               {
-               EVP_PKEY_free(ret->pkey);
-               ret->pkey=NULL;
-               }
-       M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
+/* Minor tweak to operation: free up EVP_PKEY */
+static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       if(operation == ASN1_OP_FREE_POST) {
+               X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
+               EVP_PKEY_free(pubkey->pkey);
        }
+       return 1;
+}
 
-X509_PUBKEY *X509_PUBKEY_new(void)
-       {
-       X509_PUBKEY *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_PUBKEY);
-       M_ASN1_New(ret->algor,X509_ALGOR_new);
-       M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new);
-       ret->pkey=NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
-       }
+ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
+       ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
+       ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY);
 
-void X509_PUBKEY_free(X509_PUBKEY *a)
-       {
-       if (a == NULL) return;
-       X509_ALGOR_free(a->algor);
-       M_ASN1_BIT_STRING_free(a->public_key);
-       if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
-       OPENSSL_free(a);
-       }
+IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
 
 int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
        {
index 6dddd4f653edbac51190579628b8b658191b1104..84a5ca65df253a14589fff8d37cf251fda206cb2 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       if(a->asn1) {
-               if(pp) {
-                       memcpy(*pp, a->asn1, a->length);
-                       *pp += a->length;
-               }
-               return a->length;
-       }
-
-       M_ASN1_I2D_len(a->version,              i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len(a->subject,              i2d_X509_NAME);
-       M_ASN1_I2D_len(a->pubkey,               i2d_X509_PUBKEY);
-
-       /* this is a *nasty* hack reported to be required to
-        * allow some CA Software to accept the cert request.
-        * It is not following the PKCS standards ...
-        * PKCS#10 pg 5
-        * attributes [0] IMPLICIT Attributes
-        * NOTE: no OPTIONAL ... so it *must* be there
-        */
-       if (a->req_kludge) 
-               {
-               M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0);
-               }
-       else
-               {
-               M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
-                                           i2d_X509_ATTRIBUTE,0);
-               }
-       
-       M_ASN1_I2D_seq_total();
-       M_ASN1_I2D_put(a->version,              i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put(a->subject,              i2d_X509_NAME);
-       M_ASN1_I2D_put(a->pubkey,               i2d_X509_PUBKEY);
+/* X509_REQ_INFO is handled in an unusual way to get round
+ * invalid encodings. Some broken certificate requests don't
+ * encode the attributes field if it is empty. This is in
+ * violation of PKCS#10 but we need to tolerate it. We do
+ * this by making the attributes field OPTIONAL then using
+ * the callback to initialise it to an empty STACK. 
+ *
+ * This means that the field will be correctly encoded unless
+ * we NULL out the field.
+ *
+ * As a result we no longer need the req_kludge field because
+ * the information is now contained in the attributes field:
+ * 1. If it is NULL then it's the invalid omission.
+ * 2. If it is empty it is the correct encoding.
+ * 3. If it is not empty then some attributes are present.
+ *
+ */
 
-       /* this is a *nasty* hack reported to be required by some CA's.
-        * It is not following the PKCS standards ...
-        * PKCS#10 pg 5
-        * attributes [0] IMPLICIT Attributes
-        * NOTE: no OPTIONAL ... so it *must* be there
-        */
-       if (a->req_kludge)
-               {
-               M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,
-                                               i2d_X509_ATTRIBUTE,0);
-               }
-       else
-               {
-               M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
-                                           i2d_X509_ATTRIBUTE,0);
-               }
+static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
 
-       M_ASN1_I2D_finish();
+       if(operation == ASN1_OP_NEW_POST) {
+               rinf->attributes = sk_X509_ATTRIBUTE_new_null();
+               if(!rinf->attributes) return 0;
        }
-
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
-       M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
-
-       /* this is a *nasty* hack to allow for some CA's that
-        * have been reported as requiring it.
-        * It is not following the PKCS standards ...
-        * PKCS#10 pg 5
-        * attributes [0] IMPLICIT Attributes
-        * NOTE: no OPTIONAL ... so it *must* be there
+       return 1;
+}
+
+ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
+       ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
+       ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
+       ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
+       /* This isn't really OPTIONAL but it gets round invalid
+        * encodings
         */
-       if (asn1_Finish(&c))
-               ret->req_kludge=1;
-       else
-               {
-               M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes,
-                                           d2i_X509_ATTRIBUTE,
-                                           X509_ATTRIBUTE_free,0);
-               }
-
-       M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
-       }
-
-X509_REQ_INFO *X509_REQ_INFO_new(void)
-       {
-       X509_REQ_INFO *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_REQ_INFO);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->subject,X509_NAME_new);
-       M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
-       M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null);
-       ret->req_kludge=0;
-       ret->asn1 = NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
-       }
-       
-void X509_REQ_INFO_free(X509_REQ_INFO *a)
-       {
-       if (a == NULL) return;
-       if(a->asn1) OPENSSL_free(a->asn1);
-       M_ASN1_INTEGER_free(a->version);
-       X509_NAME_free(a->subject);
-       X509_PUBKEY_free(a->pubkey);
-       sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free);
-       OPENSSL_free(a);
-       }
+       ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO);
 
-int i2d_X509_REQ(X509_REQ *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-       M_ASN1_I2D_len(a->req_info,     i2d_X509_REQ_INFO);
-       M_ASN1_I2D_len(a->sig_alg,      i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->signature,    i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->req_info,     i2d_X509_REQ_INFO);
-       M_ASN1_I2D_put(a->sig_alg,      i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->signature,    i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
-
-       /* Keep a copy of the original encoding for signature checking */
-       ret->req_info->length = c.p - c.q;
-       if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) {
-               c.line=__LINE__;
-               c.error = ERR_R_MALLOC_FAILURE;
-               goto err;
-       }
-
-       memcpy(ret->req_info->asn1, c.q, ret->req_info->length);
-
-       M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-       M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
-       }
-
-X509_REQ *X509_REQ_new(void)
-       {
-       X509_REQ *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_REQ);
-       ret->references=1;
-       M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
-       M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-       M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
-       }
-
-void X509_REQ_free(X509_REQ *a)
-       {
-       int i;
-
-       if (a == NULL) return;
-
-       i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
-#ifdef REF_PRINT
-       REF_PRINT("X509_REQ",a);
-#endif
-       if (i > 0) return;
-#ifdef REF_CHECK
-       if (i < 0)
-               {
-               fprintf(stderr,"X509_REQ_free, bad reference count\n");
-               abort();
-               }
-#endif
-
-       X509_REQ_INFO_free(a->req_info);
-       X509_ALGOR_free(a->sig_alg);
-       M_ASN1_BIT_STRING_free(a->signature);
-       OPENSSL_free(a);
-       }
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
 
+ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
+       ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
+       ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
+       ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ);
 
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
index d79f147647cc6bdaedaa9857cc7dfceb2f1c71d3..e53d0a3057ac754b0cee5f91ffe7faf34b1e8920 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-int i2d_X509_SIG(X509_SIG *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->digest,       i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->algor,        i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->digest,       i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
-       M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
-       }
-
-X509_SIG *X509_SIG_new(void)
-       {
-       X509_SIG *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_SIG);
-       M_ASN1_New(ret->algor,X509_ALGOR_new);
-       M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
-       }
-
-void X509_SIG_free(X509_SIG *a)
-       {
-       if (a == NULL) return;
-       X509_ALGOR_free(a->algor);
-       M_ASN1_OCTET_STRING_free(a->digest);
-       OPENSSL_free(a);
-       }
-
+ASN1_SEQUENCE(X509_SIG) = {
+       ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
+       ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_SIG);
 
+IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
index 4f01888f7d53c892fd974356d4f7b13dc7185305..87dfb41b3e8286483c1550e78faffe0c1567847f 100644 (file)
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 
-int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
+ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
+       ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
+       ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKAC);
 
-       M_ASN1_I2D_len(a->pubkey,       i2d_X509_PUBKEY);
-       M_ASN1_I2D_len(a->challenge,    i2d_ASN1_IA5STRING);
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
 
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->pubkey,       i2d_X509_PUBKEY);
-       M_ASN1_I2D_put(a->challenge,    i2d_ASN1_IA5STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
-       M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
-       M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
-       }
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void)
-       {
-       NETSCAPE_SPKAC *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
-       M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
-       M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
-       }
-
-void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
-       {
-       if (a == NULL) return;
-       X509_PUBKEY_free(a->pubkey);
-       M_ASN1_IA5STRING_free(a->challenge);
-       OPENSSL_free(a);
-       }
-
-int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->spkac,        i2d_NETSCAPE_SPKAC);
-       M_ASN1_I2D_len(a->sig_algor,    i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->signature,    i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->spkac,        i2d_NETSCAPE_SPKAC);
-       M_ASN1_I2D_put(a->sig_algor,    i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->signature,    i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp,
-            long length)
-       {
-       M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
-       M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-       M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
-       }
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_new(void)
-       {
-       NETSCAPE_SPKI *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
-       M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
-       M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
-       M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
-       }
-
-void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
-       {
-       if (a == NULL) return;
-       NETSCAPE_SPKAC_free(a->spkac);
-       X509_ALGOR_free(a->sig_algor);
-       M_ASN1_BIT_STRING_free(a->signature);
-       OPENSSL_free(a);
-       }
+ASN1_SEQUENCE(NETSCAPE_SPKI) = {
+       ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
+       ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
+       ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKI);
 
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
index 0f8f020b57d332f1d97c1819248bb0e44bd0bb3e..48edf88e81f4da6c6be765e58242af484ea6f83a 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
-int i2d_X509_VAL(X509_VAL *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME);
-       M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME);
-       M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
-
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME);
-       M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME);
-       M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
-       }
-
-X509_VAL *X509_VAL_new(void)
-       {
-       X509_VAL *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509_VAL);
-       M_ASN1_New(ret->notBefore,M_ASN1_TIME_new);
-       M_ASN1_New(ret->notAfter,M_ASN1_TIME_new);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
-       }
-
-void X509_VAL_free(X509_VAL *a)
-       {
-       if (a == NULL) return;
-       M_ASN1_TIME_free(a->notBefore);
-       M_ASN1_TIME_free(a->notAfter);
-       OPENSSL_free(a);
-       }
-
+ASN1_SEQUENCE(X509_VAL) = {
+       ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
+       ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
+} ASN1_SEQUENCE_END(X509_VAL);
index 61ba856b17c732d3188938522ebcbdedf5ccabe9..3209583f7c176c2b05b1ca4e4b82fa67c63d561e 100644 (file)
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
 static int x509_meth_num = 0;
 static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
 
-static ASN1_METHOD meth={
-       (int (*)())  i2d_X509,
-       (char *(*)())d2i_X509,
-       (char *(*)())X509_new,
-       (void (*)()) X509_free};
+ASN1_SEQUENCE(X509_CINF) = {
+       ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
+       ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
+       ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
+       ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
+       ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+       ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
+       ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
+       ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
+       ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
+       ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
+} ASN1_SEQUENCE_END(X509_CINF);
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
+/* X509 top level structure needs a bit of customisation */
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       X509 *ret = (X509 *)*pval;
+
+       switch(operation) {
+
+               case ASN1_OP_NEW_POST:
+               ret->valid=0;
+               ret->name = NULL;
+               ret->ex_flags = 0;
+               ret->ex_pathlen = -1;
+               ret->skid = NULL;
+               ret->akid = NULL;
+               ret->aux = NULL;
+               CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
+               break;
+
+               case ASN1_OP_D2I_POST:
+               if (ret->name != NULL) OPENSSL_free(ret->name);
+               ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+               break;
+
+               case ASN1_OP_FREE_POST:
+               CRYPTO_free_ex_data(x509_meth,ret,&ret->ex_data);
+               X509_CERT_AUX_free(ret->aux);
+               ASN1_OCTET_STRING_free(ret->skid);
+               AUTHORITY_KEYID_free(ret->akid);
+
+               if (ret->name != NULL) OPENSSL_free(ret->name);
+               break;
 
-ASN1_METHOD *X509_asn1_meth(void)
-       {
-       return(&meth);
        }
 
-int i2d_X509(X509 *a, unsigned char **pp)
-       {
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->cert_info,    i2d_X509_CINF);
-       M_ASN1_I2D_len(a->sig_alg,      i2d_X509_ALGOR);
-       M_ASN1_I2D_len(a->signature,    i2d_ASN1_BIT_STRING);
+       return 1;
 
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->cert_info,    i2d_X509_CINF);
-       M_ASN1_I2D_put(a->sig_alg,      i2d_X509_ALGOR);
-       M_ASN1_I2D_put(a->signature,    i2d_ASN1_BIT_STRING);
-
-       M_ASN1_I2D_finish();
-       }
-
-X509 *d2i_X509(X509 **a, unsigned char **pp, long length)
-       {
-       M_ASN1_D2I_vars(a,X509 *,X509_new);
+}
 
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
-       M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
-       M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-       if (ret->name != NULL) OPENSSL_free(ret->name);
-       ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+       ASN1_SIMPLE(X509, cert_info, X509_CINF),
+       ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
+       ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509, X509);
 
-       M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
-       }
+IMPLEMENT_ASN1_FUNCTIONS(X509)
 
-X509 *X509_new(void)
-       {
-       X509 *ret=NULL;
-       ASN1_CTX c;
-
-       M_ASN1_New_Malloc(ret,X509);
-       ret->valid=0;
-       ret->references=1;
-       ret->name = NULL;
-       ret->ex_flags = 0;
-       ret->ex_pathlen = -1;
-       ret->skid = NULL;
-       ret->akid = NULL;
-       ret->aux = NULL;
-       M_ASN1_New(ret->cert_info,X509_CINF_new);
-       M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
-       M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
-       CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_NEW);
-       }
+static ASN1_METHOD meth={
+       (int (*)())  i2d_X509,
+       (char *(*)())d2i_X509,
+       (char *(*)())X509_new,
+       (void (*)()) X509_free};
 
-void X509_free(X509 *a)
+ASN1_METHOD *X509_asn1_meth(void)
        {
-       int i;
-
-       if (a == NULL) return;
-
-       i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
-       REF_PRINT("X509",a);
-#endif
-       if (i > 0) return;
-#ifdef REF_CHECK
-       if (i < 0)
-               {
-               fprintf(stderr,"X509_free, bad reference count\n");
-               abort();
-               }
-#endif
-
-       CRYPTO_free_ex_data(x509_meth,a,&a->ex_data);
-       X509_CINF_free(a->cert_info);
-       X509_ALGOR_free(a->sig_alg);
-       M_ASN1_BIT_STRING_free(a->signature);
-       X509_CERT_AUX_free(a->aux);
-       ASN1_OCTET_STRING_free(a->skid);
-       AUTHORITY_KEYID_free(a->akid);
-
-       if (a->name != NULL) OPENSSL_free(a->name);
-       OPENSSL_free(a);
+       return(&meth);
        }
 
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
index ebcce87bf20a01c75801b8b530be05636b6f15d3..67d7fff642764faa25570a05859a1c0f90e7d982 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509.h>
 
 /* X509_CERT_AUX routines. These are used to encode additional
 
 static X509_CERT_AUX *aux_get(X509 *x);
 
-X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new);
-       
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-
-       M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust,
-                                       d2i_ASN1_OBJECT, ASN1_OBJECT_free);
-       M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject,
-                                       d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0);
-       M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING);
-       M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
-       M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other,
-                                       d2i_X509_ALGOR, X509_ALGOR_free, 1);
-
-       M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX);
-}
-
-X509_CERT_AUX *X509_CERT_AUX_new()
-{
-       X509_CERT_AUX *ret = NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, X509_CERT_AUX);
-       ret->trust = NULL;
-       ret->reject = NULL;
-       ret->alias = NULL;
-       ret->keyid = NULL;
-       ret->other = NULL;
-       return(ret);
-       M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW);
-}
-
-void X509_CERT_AUX_free(X509_CERT_AUX *a)
-{
-       if(a == NULL) return;
-       sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free);
-       sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free);
-       ASN1_UTF8STRING_free(a->alias);
-       ASN1_OCTET_STRING_free(a->keyid);
-       sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free);
-       OPENSSL_free(a);
-}
-
-int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
-       M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING);
-       M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
+ASN1_SEQUENCE(X509_CERT_AUX) = {
+       ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
+       ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
+       ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
+       ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
+       ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
+} ASN1_SEQUENCE_END(X509_CERT_AUX);
 
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
-       M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING);
-       M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
-
-       M_ASN1_I2D_finish();
-}
+IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
 
 static X509_CERT_AUX *aux_get(X509 *x)
 {
index 470cca3b4ccedb12af8c056f83612b9cdceab0a9..ccbac65a92e546d71a33486f5e9e48ce39b0358b 100644 (file)
@@ -22,8 +22,8 @@ TEST= dhtest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
-LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
 
 SRC= $(LIBSRC)
 
@@ -79,6 +79,16 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
+dh_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+dh_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_asn1.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dh_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_asn1.o: ../cryptlib.h
 dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
new file mode 100644 (file)
index 0000000..1f26be7
--- /dev/null
@@ -0,0 +1,87 @@
+/* dh_asn1.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/objects.h>
+#include <openssl/asn1t.h>
+
+/* Override the default free and new methods */
+static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       if(operation == ASN1_OP_NEW_PRE) {
+               *pval = (ASN1_VALUE *)DH_new();
+               if(*pval) return 2;
+               return 0;
+       } else if(operation == ASN1_OP_FREE_PRE) {
+               DH_free((DH *)*pval);
+               *pval = NULL;
+               return 2;
+       }
+       return 1;
+}
+
+ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
+       ASN1_SIMPLE(DH, p, BIGNUM),
+       ASN1_SIMPLE(DH, g, BIGNUM),
+       ASN1_OPT(DH, length, ZLONG),
+} ASN1_SEQUENCE_END_cb(DH, DHparams);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
index effcbb708ef8ae138628ab1147ab340209ae6b93..e7351630e0e577e1e92ebc3db6957d8b767e0a96 100644 (file)
@@ -81,7 +81,7 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
index 4608b0f75e328598c5d77ec77fda280f1e848286..9d72647808f109acd92b4eb842cc192f40b5c9f4 100644 (file)
@@ -246,6 +246,7 @@ DH *DSA_dup_DH(const DSA *r);
 #define DSA_F_DSA_SIG_NEW                               109
 #define DSA_F_DSA_VERIFY                                108
 #define DSA_F_I2D_DSA_SIG                               111
+#define DSA_F_SIG_CB                                    114
 
 /* Reason codes. */
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE               100
index 134fbeebf8ca984bead3d7e1cfeb054c77075abd..fba2f730234222fdc9c26bbf90b4fba2e74704d5 100644 (file)
-/* crypto/dsa/dsa_asn1.c */
+/* dsa_asn1.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/dsa.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 
-DSA_SIG *DSA_SIG_new(void)
+/* Override the default new methods */
+static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
-       DSA_SIG *ret;
-
-       ret = OPENSSL_malloc(sizeof(DSA_SIG));
-       if (ret == NULL)
-               {
-               DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
-               return(NULL);
-               }
-       ret->r = NULL;
-       ret->s = NULL;
-       return(ret);
+       if(operation == ASN1_OP_NEW_PRE) {
+               DSA_SIG *sig;
+               sig = OPENSSL_malloc(sizeof(DSA_SIG));
+               sig->r = NULL;
+               sig->s = NULL;
+               *pval = (ASN1_VALUE *)sig;
+               if(sig) return 2;
+               DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
+               return 0;
+       }
+       return 1;
 }
 
-void DSA_SIG_free(DSA_SIG *r)
+ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
+       ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
+       ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
+
+/* Override the default free and new methods */
+static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {
-       if (r == NULL) return;
-       if (r->r) BN_clear_free(r->r);
-       if (r->s) BN_clear_free(r->s);
-       OPENSSL_free(r);
+       if(operation == ASN1_OP_NEW_PRE) {
+               *pval = (ASN1_VALUE *)DSA_new();
+               if(*pval) return 2;
+               return 0;
+       } else if(operation == ASN1_OP_FREE_PRE) {
+               DSA_free((DSA *)*pval);
+               *pval = NULL;
+               return 2;
+       }
+       return 1;
 }
 
-int i2d_DSA_SIG(const DSA_SIG *v, unsigned char **pp)
-{
-       int t=0,len;
-       ASN1_INTEGER rbs,sbs;
-       unsigned char *p;
+ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
+       ASN1_SIMPLE(DSA, version, LONG),
+       ASN1_SIMPLE(DSA, p, BIGNUM),
+       ASN1_SIMPLE(DSA, q, BIGNUM),
+       ASN1_SIMPLE(DSA, g, BIGNUM),
+       ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+       ASN1_SIMPLE(DSA, priv_key, BIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey);
 
-       rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1);
-       if (rbs.data == NULL)
-               {
-               DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       rbs.type=V_ASN1_INTEGER;
-       rbs.length=BN_bn2bin(v->r,rbs.data);
-       sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1);
-       if (sbs.data == NULL)
-               {
-               OPENSSL_free(rbs.data);
-               DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       sbs.type=V_ASN1_INTEGER;
-       sbs.length=BN_bn2bin(v->s,sbs.data);
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
 
-       len=i2d_ASN1_INTEGER(&rbs,NULL);
-       len+=i2d_ASN1_INTEGER(&sbs,NULL);
+ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
+       ASN1_SIMPLE(DSA, p, BIGNUM),
+       ASN1_SIMPLE(DSA, q, BIGNUM),
+       ASN1_SIMPLE(DSA, g, BIGNUM),
+} ASN1_SEQUENCE_END_cb(DSA, DSAparams);
 
-       if (pp)
-               {
-               p=*pp;
-               ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-               i2d_ASN1_INTEGER(&rbs,&p);
-               i2d_ASN1_INTEGER(&sbs,&p);
-               }
-       t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
-       OPENSSL_free(rbs.data);
-       OPENSSL_free(sbs.data);
-       return(t);
-}
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
 
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length)
-{
-       int i=ERR_R_NESTED_ASN1_ERROR;
-       ASN1_INTEGER *bs=NULL;
-       M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
+/* DSA public key is a bit trickier... its effectively a CHOICE type
+ * decided by a field called write_params which can either write out
+ * just the public key as an INTEGER or the parameters and public key
+ * in a SEQUENCE
+ */
 
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
-               goto err_bn;
-       M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-       if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
-               goto err_bn;
-       M_ASN1_BIT_STRING_free(bs);
-       bs = NULL;
-       M_ASN1_D2I_Finish_2(a);
+ASN1_SEQUENCE(dsa_pub_internal) = {
+       ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+       ASN1_SIMPLE(DSA, p, BIGNUM),
+       ASN1_SIMPLE(DSA, q, BIGNUM),
+       ASN1_SIMPLE(DSA, g, BIGNUM)
+} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal);
 
-err_bn:
-       i=ERR_R_BN_LIB;
-err:
-       DSAerr(DSA_F_D2I_DSA_SIG,i);
-       if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
-       if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
-       return(NULL);
-}
+ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
+       ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+       ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
+} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
index 2b3ab3a9ad8d8027f4cdd6749978c7b143231131..37ecc1839387b1755df6f44c32e59460b95b47f3 100644 (file)
@@ -79,6 +79,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
 {ERR_PACK(0,DSA_F_DSA_SIG_NEW,0),      "DSA_SIG_new"},
 {ERR_PACK(0,DSA_F_DSA_VERIFY,0),       "DSA_verify"},
 {ERR_PACK(0,DSA_F_I2D_DSA_SIG,0),      "i2d_DSA_SIG"},
+{ERR_PACK(0,DSA_F_SIG_CB,0),   "SIG_CB"},
 {0,NULL}
        };
 
index 4ed1b2654f61bc1ee6b07ea253a10be3d50f6cea..794185354ef580298a1d06879496973b9869aebb 100644 (file)
@@ -22,12 +22,12 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \
-       p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c\
-       p12_sbag.c p12_utl.c p12_npas.c pk12err.c
-LIBOBJ= p12_add.o p12_attr.o p12_bags.o p12_crpt.o p12_crt.o p12_decr.o \
-       p12_init.o p12_key.o p12_kiss.o p12_lib.o p12_mac.o p12_mutl.o\
-       p12_sbag.o p12_utl.o p12_npas.o pk12err.o
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+       p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+       p12_utl.c p12_npas.c pk12err.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+       p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+       p12_utl.o p12_npas.o pk12err.o
 
 SRC= $(LIBSRC)
 
@@ -105,6 +105,27 @@ p12_add.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/des.h ../../include/openssl/dh.h
+p12_asn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
+p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_asn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+p12_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_asn.o: ../cryptlib.h
 p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -126,27 +147,6 @@ p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p12_attr.o: ../cryptlib.h
-p12_bags.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_bags.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_bags.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_bags.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_bags.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_bags.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_bags.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_bags.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_bags.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_bags.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_bags.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_bags.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_bags.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_bags.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_bags.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_bags.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_bags.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_bags.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_bags.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_bags.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_bags.o: ../cryptlib.h
 p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -271,48 +271,6 @@ p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p12_kiss.o: ../cryptlib.h
-p12_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_lib.o: ../cryptlib.h
-p12_mac.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_mac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_mac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_mac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_mac.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_mac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_mac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_mac.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_mac.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_mac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_mac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_mac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mac.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_mac.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_mac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_mac.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_mac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_mac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_mac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_mac.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_mac.o: ../cryptlib.h
 p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -354,27 +312,6 @@ p12_npas.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
 p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_sbag.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_sbag.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_sbag.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_sbag.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_sbag.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_sbag.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_sbag.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_sbag.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_sbag.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_sbag.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_sbag.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_sbag.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_sbag.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_sbag.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_sbag.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_sbag.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_sbag.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_sbag.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_sbag.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../cryptlib.h
 p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
diff --git a/crypto/pkcs12/p12_asn.c b/crypto/pkcs12/p12_asn.c
new file mode 100644 (file)
index 0000000..cbee733
--- /dev/null
@@ -0,0 +1,114 @@
+/* p12_asn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 ASN1 module */
+
+ASN1_SEQUENCE(PKCS12) = {
+       ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS12, authsafes, PKCS7),
+       ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
+} ASN1_SEQUENCE_END(PKCS12);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
+
+ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
+       ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),
+       ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING),
+       ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS12_MAC_DATA);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+
+ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_BAGS) = {
+       ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)),
+       ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)),
+       ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)),
+} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_BAGS) = {
+       ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT),
+       ASN1_ADB_OBJECT(PKCS12_BAGS),
+} ASN1_SEQUENCE_END(PKCS12_BAGS);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_SAFEBAG) = {
+       ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)),
+       ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, X509_SIG, 0)),
+       ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)),
+       ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+       ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+       ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0))
+} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_SAFEBAG) = {
+       ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT),
+       ASN1_ADB_OBJECT(PKCS12_SAFEBAG),
+       ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE)
+} ASN1_SEQUENCE_END(PKCS12_SAFEBAG);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
index f1a210b5d274e9f250c520e2876f5a55a89669fb..64bf4173fca2b580b45d9100b16383f342985ce8 100644 (file)
@@ -92,7 +92,7 @@ int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name,
                return 0;
        }
        sk_ASN1_TYPE_push (attrib->value.set,keyid);
-       attrib->set = 1;
+       attrib->single = 0;
        if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
                PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
                return 0;
@@ -134,7 +134,7 @@ int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage)
                return 0;
        }
        sk_ASN1_TYPE_push (attrib->value.set,keyid);
-       attrib->set = 1;
+       attrib->single = 0;
        if (!p8->attributes
            && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
                PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
@@ -201,7 +201,7 @@ int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag,
                return 0;
        }
        sk_ASN1_TYPE_push (attrib->value.set,fname);
-       attrib->set = 1;
+       attrib->single = 0;
        if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
                PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
                                                        ERR_R_MALLOC_FAILURE);
index 502fceff954ab35d54be609f3e31ec1180e5e951..d58a140017bdea4e6e1834611eb26ee6df711b2a 100644 (file)
@@ -120,7 +120,6 @@ union {
        ASN1_TYPE *other;
 }value;
 STACK_OF(X509_ATTRIBUTE) *attrib;
-ASN1_TYPE *rest;
 } PKCS12_SAFEBAG;
 
 DECLARE_STACK_OF(PKCS12_SAFEBAG)
@@ -249,24 +248,12 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
                                         int saltlen, EVP_MD *md_type);
 unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen);
 char *uni2asc(unsigned char *uni, int unilen);
-int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
-PKCS12_BAGS *PKCS12_BAGS_new(void);
-PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length);
-void PKCS12_BAGS_free(PKCS12_BAGS *a);
-int i2d_PKCS12(PKCS12 *a, unsigned char **pp);
-PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length);
-PKCS12 *PKCS12_new(void);
-void PKCS12_free(PKCS12 *a);
-int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp);
-PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void);
-PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp,
-                                                                long length);
-void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a);
-int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp);
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void);
-PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
-                                                                long length);
-void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
 void ERR_load_PKCS12_strings(void);
 void PKCS12_PBE_add(void);
 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
index a5be0e04d20fe4b56e47f4d2d2a532016ac50a8e..ab87fb705617daa88bd2d45ec580497538a6b5f8 100644 (file)
@@ -25,8 +25,10 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=        pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c pk7_mime.c
-LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o pk7_mime.o
+LIBSRC=        pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+       pk7_mime.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+       pk7_mime.o
 
 SRC= $(LIBSRC)
 
@@ -98,6 +100,26 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
+pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/dh.h
+pk7_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
+pk7_asn1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk7_asn1.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
+pk7_asn1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+pk7_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
 pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 pk7_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
 pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c
new file mode 100644 (file)
index 0000000..777a861
--- /dev/null
@@ -0,0 +1,175 @@
+/* pk7_asn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs7.h>
+
+/* PKCS#7 ASN1 module */
+
+/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
+
+ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS7) = {
+       ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)),
+       ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)),
+       ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)),
+       ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)),
+       ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)),
+       ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
+} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS7) = {
+       ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
+       ASN1_ADB_OBJECT(PKCS7)
+}ASN1_SEQUENCE_END(PKCS7);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
+
+ASN1_SEQUENCE(PKCS7_SIGNED) = {
+       ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
+       ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
+       ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
+       ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
+       ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
+       ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_SEQUENCE_END(PKCS7_SIGNED);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
+
+/* Minor tweak to operation: free up EVP_PKEY */
+static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       if(operation == ASN1_OP_FREE_POST) {
+               PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
+               EVP_PKEY_free(si->pkey);
+       }
+       return 1;
+}
+
+ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = {
+       ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+       ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR),
+       ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0),
+       ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR),
+       ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING),
+       ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1)
+} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+
+ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = {
+       ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME),
+       ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+ASN1_SEQUENCE(PKCS7_ENVELOPE) = {
+       ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER),
+       ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+       ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_SEQUENCE_END(PKCS7_ENVELOPE);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+
+ASN1_SEQUENCE(PKCS7_RECIP_INFO) = {
+       ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+       ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR),
+       ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PKCS7_RECIP_INFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+
+ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = {
+       ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
+       ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
+       ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
+} ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+
+ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = {
+       ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER),
+       ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+       ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR),
+       ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT),
+       ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
+       ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1),
+       ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+
+ASN1_SEQUENCE(PKCS7_ENCRYPT) = {
+       ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_SEQUENCE_END(PKCS7_ENCRYPT);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+
+ASN1_SEQUENCE(PKCS7_DIGEST) = {
+       ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER),
+       ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR),
+       ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7),
+       ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PKCS7_DIGEST);
index 099e9651c1c31eff321a76d49e234cf42758a027..d294c5e28891f451b91fea9d0b3f77fac6762546 100644 (file)
@@ -219,7 +219,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
                }
 
        if (bio == NULL) {
-               if (p7->detached)
+               if (PKCS7_is_detached(p7))
                        bio=BIO_new(BIO_s_null());
                else {
                        if (PKCS7_type_is_signed(p7) &&
@@ -419,7 +419,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                }
 
 #if 1
-       if (p7->detached || (in_bio != NULL))
+       if (PKCS7_is_detached(p7) || (in_bio != NULL))
                {
                bio=in_bio;
                }
@@ -606,7 +606,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
                        }
                }
 
-       if (!p7->detached)
+       if (!PKCS7_is_detached(p7))
                {
                btmp=BIO_find_type(bio,BIO_TYPE_MEM);
                if (btmp == NULL)
@@ -838,7 +838,7 @@ static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
                xa=sk_X509_ATTRIBUTE_value(sk,i);
                if (OBJ_cmp(xa->object,o) == 0)
                        {
-                       if (xa->set && sk_ASN1_TYPE_num(xa->value.set))
+                       if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
                                return(sk_ASN1_TYPE_value(xa->value.set,0));
                        else
                                return(NULL);
index 45973fe8507cc3d08be0efeebea9446697873ac3..9ceeab6c5883f872cfdd56061801c9956b7f8245 100644 (file)
@@ -84,7 +84,11 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
        case PKCS7_OP_GET_DETACHED_SIGNATURE:
                if (nid == NID_pkcs7_signed)
                        {
-                       ret=p7->detached;
+                       if(!p7->d.sign  || !p7->d.sign->contents->d.ptr)
+                               ret = 1;
+                       else ret = 0;
+                               
+                       p7->detached = ret;
                        }
                else
                        {
@@ -144,7 +148,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
        {
        ASN1_OBJECT *obj;
 
-       PKCS7_content_free(p7);
+       /*PKCS7_content_free(p7);*/
        obj=OBJ_nid2obj(type); /* will not fail */
 
        switch (type)
index 1b817e605d191fc697d0035f9bb609473bf3d2fd..1dfbace15b858a18fcecf5cde3877f2326d42d5e 100644 (file)
@@ -235,6 +235,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define PKCS7_get_detached(p) \
                PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
 
+#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
 #ifdef SSLEAY_MACROS
 #ifndef PKCS7_ISSUER_AND_SERIAL_digest
 #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
@@ -268,14 +270,7 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define SMIME_BINARY   PKCS7_BINARY
 #define SMIME_NOATTR   PKCS7_NOATTR
 
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
-void                   PKCS7_ISSUER_AND_SERIAL_free(
-                               PKCS7_ISSUER_AND_SERIAL *a);
-int                    i2d_PKCS7_ISSUER_AND_SERIAL(
-                               PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
-                               PKCS7_ISSUER_AND_SERIAL **a,
-                               unsigned char **pp, long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
 
 #ifndef SSLEAY_MACROS
 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
@@ -289,69 +284,15 @@ PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
 #endif
 
-PKCS7_SIGNER_INFO      *PKCS7_SIGNER_INFO_new(void);
-void                   PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
-int                    i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
-                               unsigned char **pp);
-PKCS7_SIGNER_INFO      *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
-                               unsigned char **pp,long length);
-
-PKCS7_RECIP_INFO       *PKCS7_RECIP_INFO_new(void);
-void                   PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
-int                    i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
-                               unsigned char **pp);
-PKCS7_RECIP_INFO       *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
-                               unsigned char **pp,long length);
-
-PKCS7_SIGNED           *PKCS7_SIGNED_new(void);
-void                   PKCS7_SIGNED_free(PKCS7_SIGNED *a);
-int                    i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
-                               unsigned char **pp);
-PKCS7_SIGNED           *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
-                               unsigned char **pp,long length);
-
-PKCS7_ENC_CONTENT      *PKCS7_ENC_CONTENT_new(void);
-void                   PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
-int                    i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
-                               unsigned char **pp);
-PKCS7_ENC_CONTENT      *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
-                               unsigned char **pp,long length);
-
-PKCS7_ENVELOPE         *PKCS7_ENVELOPE_new(void);
-void                   PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
-int                    i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
-                               unsigned char **pp);
-PKCS7_ENVELOPE         *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
-                               unsigned char **pp,long length);
-
-PKCS7_SIGN_ENVELOPE    *PKCS7_SIGN_ENVELOPE_new(void);
-void                   PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
-int                    i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
-                               unsigned char **pp);
-PKCS7_SIGN_ENVELOPE    *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
-                               unsigned char **pp,long length);
-
-PKCS7_DIGEST           *PKCS7_DIGEST_new(void);
-void                   PKCS7_DIGEST_free(PKCS7_DIGEST *a);
-int                    i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
-                               unsigned char **pp);
-PKCS7_DIGEST           *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
-                               unsigned char **pp,long length);
-
-PKCS7_ENCRYPT          *PKCS7_ENCRYPT_new(void);
-void                   PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
-int                    i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
-                               unsigned char **pp);
-PKCS7_ENCRYPT          *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
-                               unsigned char **pp,long length);
-
-PKCS7                  *PKCS7_new(void);
-void                   PKCS7_free(PKCS7 *a);
-void                   PKCS7_content_free(PKCS7 *a);
-int                    i2d_PKCS7(PKCS7 *a,
-                               unsigned char **pp);
-PKCS7                  *d2i_PKCS7(PKCS7 **a,
-                               unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
 
 void ERR_load_PKCS7_strings(void);
 
index ede398905236d401a134ed713aaefc9f40b2cea2..6f18d2bf04c08742bfe31787652759b12eb4093c 100644 (file)
@@ -23,9 +23,11 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
-       rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c
+       rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+       rsa_asn1.c
 LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
-       rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o
+       rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+       rsa_asn1.o
 
 SRC= $(LIBSRC)
 
@@ -81,6 +83,15 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
+rsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+rsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h
 rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
 rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
index ede65003e1b3c3c886707b8a3ab45ff669c6b44f..a488b8076335d5717c0718f61de433c348708f1c 100644 (file)
@@ -119,7 +119,7 @@ struct rsa_st
        /* The first parameter is used to pickup errors where
         * this is passed instead of aEVP_PKEY, it is set to 0 */
        int pad;
-       int version;
+       long version;
 #if 0
        RSA_METHOD *meth;
 #else
@@ -236,7 +236,6 @@ int RSA_print(BIO *bp, const RSA *r,int offset);
 
 int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
 RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
 
 int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
 RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
new file mode 100644 (file)
index 0000000..0585b24
--- /dev/null
@@ -0,0 +1,111 @@
+/* rsa_asn1.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/asn1t.h>
+
+static ASN1_METHOD method={
+        (int (*)())  i2d_RSAPrivateKey,
+        (char *(*)())d2i_RSAPrivateKey,
+        (char *(*)())RSA_new,
+        (void (*)()) RSA_free};
+
+ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
+       {
+       return(&method);
+       }
+
+/* Override the default free and new methods */
+static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+       if(operation == ASN1_OP_NEW_PRE) {
+               *pval = (ASN1_VALUE *)RSA_new();
+               if(*pval) return 2;
+               return 0;
+       } else if(operation == ASN1_OP_FREE_PRE) {
+               RSA_free((RSA *)*pval);
+               *pval = NULL;
+               return 2;
+       }
+       return 1;
+}
+
+ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
+       ASN1_SIMPLE(RSA, version, LONG),
+       ASN1_SIMPLE(RSA, n, BIGNUM),
+       ASN1_SIMPLE(RSA, e, BIGNUM),
+       ASN1_SIMPLE(RSA, d, BIGNUM),
+       ASN1_SIMPLE(RSA, p, BIGNUM),
+       ASN1_SIMPLE(RSA, q, BIGNUM),
+       ASN1_SIMPLE(RSA, dmp1, BIGNUM),
+       ASN1_SIMPLE(RSA, dmq1, BIGNUM),
+       ASN1_SIMPLE(RSA, iqmp, BIGNUM)
+} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey);
+
+
+ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
+       ASN1_SIMPLE(RSA, n, BIGNUM),
+       ASN1_SIMPLE(RSA, e, BIGNUM),
+} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
index 38eea51547e09a66f418282ad7e683659f1a2bd6..67bce3f5ea52ec542ffee5ad67f645fdb8a84c2b 100644 (file)
@@ -304,6 +304,26 @@ STACK_OF(type) \
 #define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
 #define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
 
+#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
+#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
+#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
+#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
+#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
+#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
+#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
+#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
+#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
+#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
+
 #define sk_BIO_new(st) SKM_sk_new(BIO, (st))
 #define sk_BIO_new_null() SKM_sk_new_null(BIO)
 #define sk_BIO_free(st) SKM_sk_free(BIO, (st))
index 94020e42aa06e73ca0c687a1f394e5bfa036bd5f..c3ee997b8bf2b8abac8ec07790850c518665d986 100644 (file)
@@ -481,18 +481,18 @@ x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x509spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x509spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x509spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x509spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509spki.o: ../../include/openssl/opensslconf.h
 x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
 x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
index 228a0b706222c7dbe49c980f1a77d637d446750c..82714b7601c2ff820b6913867e38a434e016a048 100644 (file)
@@ -182,11 +182,8 @@ DECLARE_STACK_OF(X509_NAME)
 typedef struct X509_extension_st
        {
        ASN1_OBJECT *object;
-       short critical;
-       short netscape_hack;
+       ASN1_BOOLEAN critical;
        ASN1_OCTET_STRING *value;
-       struct v3_ext_method *method;   /* V3 method to use */
-       void *ext_val;                  /* extension value */
        } X509_EXTENSION;
 
 DECLARE_STACK_OF(X509_EXTENSION)
@@ -196,27 +193,26 @@ DECLARE_ASN1_SET_OF(X509_EXTENSION)
 typedef struct x509_attributes_st
        {
        ASN1_OBJECT *object;
-       int set; /* 1 for a set, 0 for a single item (which is wrong) */
+       int single; /* 0 for a set, 1 for a single item (which is wrong) */
        union   {
                char            *ptr;
-/* 1 */                STACK_OF(ASN1_TYPE) *set;
-/* 0 */                ASN1_TYPE       *single;
+/* 0 */                STACK_OF(ASN1_TYPE) *set;
+/* 1 */                ASN1_TYPE       *single;
                } value;
        } X509_ATTRIBUTE;
 
 DECLARE_STACK_OF(X509_ATTRIBUTE)
 DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
 
+
 typedef struct X509_req_info_st
        {
-       unsigned char *asn1;
-       int length;
+       ASN1_ENCODING enc;
        ASN1_INTEGER *version;
        X509_NAME *subject;
        X509_PUBKEY *pubkey;
        /*  d=2 hl=2 l=  0 cons: cont: 00 */
        STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-       int req_kludge;
        } X509_REQ_INFO;
 
 typedef struct X509_req_st
@@ -827,23 +823,11 @@ X509_REQ *        X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
 X509 *         X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
 void ERR_load_X509_strings(void );
 
-X509_ALGOR *   X509_ALGOR_new(void );
-void           X509_ALGOR_free(X509_ALGOR *a);
-int            i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
-X509_ALGOR *   d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
 
-X509_VAL *     X509_VAL_new(void );
-void           X509_VAL_free(X509_VAL *a);
-int            i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
-X509_VAL *     d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
 
-X509_PUBKEY *  X509_PUBKEY_new(void );
-void           X509_PUBKEY_free(X509_PUBKEY *a);
-int            i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
-X509_PUBKEY *  d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
-                       long length);
 int            X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
 EVP_PKEY *     X509_PUBKEY_get(X509_PUBKEY *key);
 int            X509_get_pubkey_parameters(EVP_PKEY *pkey,
@@ -862,58 +846,26 @@ DSA *             d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
                        long length);
 #endif
 
-X509_SIG *     X509_SIG_new(void );
-void           X509_SIG_free(X509_SIG *a);
-int            i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
-X509_SIG *     d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
-
-X509_REQ_INFO *X509_REQ_INFO_new(void);
-void           X509_REQ_INFO_free(X509_REQ_INFO *a);
-int            i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
-                       long length);
-
-X509_REQ *     X509_REQ_new(void);
-void           X509_REQ_free(X509_REQ *a);
-int            i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
-X509_REQ *     d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
 
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
-void           X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
-int            i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
 X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
 
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
 
-X509_EXTENSION *X509_EXTENSION_new(void );
-void           X509_EXTENSION_free(X509_EXTENSION *a);
-int            i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
 
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
-void           X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
-int            i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
-                       long length);
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
 
-X509_NAME *    X509_NAME_new(void);
-void           X509_NAME_free(X509_NAME *a);
-int            i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
-X509_NAME *    d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
 int            X509_NAME_set(X509_NAME **xn, X509_NAME *name);
 
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
 
-X509_CINF *    X509_CINF_new(void);
-void           X509_CINF_free(X509_CINF *a);
-int            i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
-X509_CINF *    d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
 
-X509 *         X509_new(void);
-void           X509_free(X509 *a);
-int            i2d_X509(X509 *a,unsigned char **pp);
-X509 *         d2i_X509(X509 **a,unsigned char **pp,long length);
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
 int X509_set_ex_data(X509 *r, int idx, void *arg);
@@ -921,11 +873,6 @@ void *X509_get_ex_data(X509 *r, int idx);
 int            i2d_X509_AUX(X509 *a,unsigned char **pp);
 X509 *         d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
 
-X509_CERT_AUX *        X509_CERT_AUX_new(void);
-void           X509_CERT_AUX_free(X509_CERT_AUX *a);
-int            i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
-X509_CERT_AUX *        d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
-                                                               long length);
 int X509_alias_set1(X509 *x, unsigned char *name, int len);
 int X509_keyid_set1(X509 *x, unsigned char *id, int len);
 unsigned char * X509_alias_get0(X509 *x, int *len);
@@ -935,44 +882,20 @@ int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
 void X509_trust_clear(X509 *x);
 void X509_reject_clear(X509 *x);
 
-X509_REVOKED * X509_REVOKED_new(void);
-void           X509_REVOKED_free(X509_REVOKED *a);
-int            i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
-X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
 
-X509_CRL_INFO *X509_CRL_INFO_new(void);
-void           X509_CRL_INFO_free(X509_CRL_INFO *a);
-int            i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
-                       long length);
-
-X509_CRL *     X509_CRL_new(void);
-void           X509_CRL_free(X509_CRL *a);
-int            i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
-X509_CRL *     d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
 
 X509_PKEY *    X509_PKEY_new(void );
 void           X509_PKEY_free(X509_PKEY *a);
 int            i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
 X509_PKEY *    d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
 
-NETSCAPE_SPKI *        NETSCAPE_SPKI_new(void );
-void           NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
-int            i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
-NETSCAPE_SPKI *        d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
-                       long length);
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
-void           NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
-int            i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
-               long length);
-
-
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
-void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
 
 #ifndef NO_EVP
 X509_INFO *    X509_INFO_new(void);
@@ -1192,31 +1115,17 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
                                     ASN1_INTEGER *serial);
 X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
 
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp);
-PBEPARAM *PBEPARAM_new(void);
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length);
-void PBEPARAM_free(PBEPARAM *a);
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+
 X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
 X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
                                         unsigned char *salt, int saltlen);
 
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp);
-PBKDF2PARAM *PBKDF2PARAM_new(void);
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length);
-void PBKDF2PARAM_free(PBKDF2PARAM *a);
-
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp);
-PBE2PARAM *PBE2PARAM_new(void);
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length);
-void PBE2PARAM_free(PBE2PARAM *a);
-
 /* PKCS#8 utilities */
 
-int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
-                                        unsigned char **pp, long length);
-void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
 
 EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
 PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
index caafde658f32e75bf859e6225601aad2de50f92f..f074d2ab18adfb79aa6c0c1cb3345eb9be9b87c9 100644 (file)
@@ -283,7 +283,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int
        if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
        if(!(ttmp = ASN1_TYPE_new())) goto err;
        if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
-       attr->set = 1;
+       attr->single = 0;
        ASN1_TYPE_set(ttmp, atype, stmp);
        return 1;
        err:
@@ -293,7 +293,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int
 
 int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
 {
-       if(attr->set) return sk_ASN1_TYPE_num(attr->value.set);
+       if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set);
        if(attr->value.single) return 1;
        return 0;
 }
@@ -321,6 +321,6 @@ ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
 {
        if (attr == NULL) return(NULL);
        if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
-       if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx);
+       if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx);
        else return attr->value.single;
 }
index 7eca1bd57a3df0ab162d632d0c9d8b8bc88b9933..e2766e1a5ffd79748ad62024e0c8095e73ee870c 100644 (file)
@@ -156,9 +156,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
        for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
                attr = sk_X509_ATTRIBUTE_value(sk, i);
                if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
-                       if(attr->set && sk_ASN1_TYPE_num(attr->value.set))
+                       if(attr->single) ext = attr->value.single;
+                       else if(sk_ASN1_TYPE_num(attr->value.set))
                                ext = sk_ASN1_TYPE_value(attr->value.set, 0);
-                       else ext = attr->value.single;
                        break;
                }
        }
@@ -199,7 +199,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
        if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
        if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
        at = NULL;
-       attr->set = 1;
+       attr->single = 0;
        attr->object = OBJ_nid2obj(nid);
        if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
        return 1;
index 52887986fe3445d83912bf5676605ab31c926448..b5f7daa2e58910dbb22be34141842e79fe78126f 100644 (file)
@@ -115,8 +115,8 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
        for ( ; lastpos < n; lastpos++)
                {
                ex=sk_X509_EXTENSION_value(sk,lastpos);
-               if (    (ex->critical && crit) ||
-                       (!ex->critical && !crit))
+               if (    ((ex->critical > 0) && crit) ||
+                       (!(ex->critical <= 0) && !crit))
                        return(lastpos);
                }
        return(-1);
@@ -234,7 +234,7 @@ int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
 int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
        {
        if (ex == NULL) return(0);
-       ex->critical=(crit)?0xFF:0;
+       ex->critical=(crit)?0xFF:-1;
        return(1);
        }
 
@@ -263,5 +263,6 @@ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
 int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
        {
        if (ex == NULL) return(0);
-       return(ex->critical);
+       if(ex->critical > 0) return 1;
+       return 0;
        }
index fd0a534d88e55c53f39914480a1bccebf22fa0bd..4c3af946ec731a2ccd2b46560a2288fa10848785 100644 (file)
@@ -59,7 +59,6 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
 
 int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
 {
index 5db86b9befc853d7443a6ee439bd4cb164261ac9..0c59c84041cdaa2bbbb79c6b63c85e93cf6cc2e4 100644 (file)
@@ -83,7 +83,7 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -126,7 +126,7 @@ v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -191,7 +191,7 @@ v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -213,7 +213,7 @@ v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 v3_cpols.o: ../cryptlib.h
-v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -256,19 +256,19 @@ v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_extku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_extku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_extku.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_extku.o: ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_extku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
+v3_extku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_extku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_extku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
 v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
 v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
@@ -278,7 +278,7 @@ v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 v3_extku.o: ../cryptlib.h
-v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -321,7 +321,7 @@ v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -385,7 +385,7 @@ v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h
-v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_pku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -470,7 +470,7 @@ v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
index 0889a189938b0a25be8ab9290a124f695798d611..9ca3c88cd43d67472826a0f4ee4f2b5286159474 100644 (file)
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
@@ -81,59 +81,13 @@ NULL,NULL,
 NULL
 };
 
+ASN1_SEQUENCE(AUTHORITY_KEYID) = {
+       ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0),
+       ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1),
+       ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2)
+} ASN1_SEQUENCE_END(AUTHORITY_KEYID);
 
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING);
-       M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES);
-       M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0);
-       M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1);
-       M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2);
-
-       M_ASN1_I2D_finish();
-}
-
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void)
-{
-       AUTHORITY_KEYID *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, AUTHORITY_KEYID);
-       ret->keyid = NULL;
-       ret->issuer = NULL;
-       ret->serial = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW);
-}
-
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp,
-            long length)
-{
-       M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0,
-                                                       V_ASN1_OCTET_STRING);
-       M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1,
-                                                       V_ASN1_SEQUENCE);
-       M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2,
-                                                       V_ASN1_INTEGER);
-       M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID);
-}
-
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
-{
-       if (a == NULL) return;
-       M_ASN1_OCTET_STRING_free(a->keyid);
-       sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
-       M_ASN1_INTEGER_free (a->serial);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID)
 
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
             AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
@@ -171,7 +125,7 @@ int i;
 CONF_VALUE *cnf;
 ASN1_OCTET_STRING *ikeyid = NULL;
 X509_NAME *isname = NULL;
-STACK_OF(GENERAL_NAME) * gens = NULL;
+GENERAL_NAMES * gens = NULL;
 GENERAL_NAME *gen = NULL;
 ASN1_INTEGER *serial = NULL;
 X509_EXTENSION *ext;
@@ -192,8 +146,6 @@ for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
        }
 }
 
-
-
 if(!ctx || !ctx->issuer_cert) {
        if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
index 733919f2507b4a044f851875556ef04f10dcc6f3..52c4f54679cbb011601876299c717ba8d7456d87 100644 (file)
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens);
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
 X509V3_EXT_METHOD v3_alt[] = {
 { NID_subject_alt_name, 0,
 (X509V3_EXT_NEW)GENERAL_NAMES_new,
@@ -87,7 +87,7 @@ NULL, NULL, NULL},
 };
 
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-               STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
+               GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret)
 {
        int i;
        GENERAL_NAME *gen;
@@ -154,10 +154,10 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
        return ret;
 }
 
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-       STACK_OF(GENERAL_NAME) *gens = NULL;
+       GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
        if(!(gens = sk_GENERAL_NAME_new_null())) {
@@ -184,9 +184,9 @@ static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
 
 /* Append subject altname of issuer to issuer alt name of subject */
 
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
 {
-       STACK_OF(GENERAL_NAME) *ialt;
+       GENERAL_NAMES *ialt;
        GENERAL_NAME *gen;
        X509_EXTENSION *ext;
        int i;
@@ -219,10 +219,10 @@ static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
        
 }
 
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-       STACK_OF(GENERAL_NAME) *gens = NULL;
+       GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
        if(!(gens = sk_GENERAL_NAME_new_null())) {
@@ -251,7 +251,7 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
  * GENERAL_NAMES
  */
 
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens)
 {
        X509_NAME *nm;
        ASN1_IA5STRING *email = NULL;
@@ -297,11 +297,11 @@ static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
        
 }
 
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
        GENERAL_NAME *gen;
-       STACK_OF(GENERAL_NAME) *gens = NULL;
+       GENERAL_NAMES *gens = NULL;
        CONF_VALUE *cnf;
        int i;
        if(!(gens = sk_GENERAL_NAME_new_null())) {
index c576b8e955cdeb4eedd57c9713ae7e782deacf64..7dc866db7eda2443dbe80b75490d79b12cfcb20f 100644 (file)
@@ -60,7 +60,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
@@ -80,51 +80,13 @@ NULL,NULL,
 NULL
 };
 
+ASN1_SEQUENCE(BASIC_CONSTRAINTS) = {
+       ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN),
+       ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS);
 
-int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-       if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN);
-       M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_seq_total();
-
-       if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN);
-       M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_finish();
-}
-
-BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void)
-{
-       BASIC_CONSTRAINTS *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS);
-       ret->ca = 0;
-       ret->pathlen = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW);
-}
+IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
 
-BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a,
-            unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) ==
-                (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) {
-                       M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN);
-       }
-       M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
-       M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS);
-}
-
-void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
-{
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free (a->pathlen);
-       OPENSSL_free (a);
-}
 
 static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
             BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
index 8203ed7571a77f8f2161826d08f934e7a325f77a..47e08c8fb8f19ccaa2451d5bd8ffcb67631473c2 100644 (file)
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 /* Certificate policies extension support: this one is a bit complex... */
@@ -88,6 +88,46 @@ NULL, NULL,
 NULL
 };
 
+ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = 
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
+ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES);
+
+IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+
+ASN1_SEQUENCE(POLICYINFO) = {
+       ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
+       ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYINFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
+
+ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
+
+ASN1_ADB(POLICYQUALINFO) = {
+       ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
+       ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
+} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
+
+ASN1_SEQUENCE(POLICYQUALINFO) = {
+       ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
+       ASN1_ADB_OBJECT(POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYQUALINFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO)
+
+ASN1_SEQUENCE(USERNOTICE) = {
+       ASN1_OPT(USERNOTICE, noticeref, NOTICEREF),
+       ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT)
+} ASN1_SEQUENCE_END(USERNOTICE);
+
+IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE)
+
+ASN1_SEQUENCE(NOTICEREF) = {
+       ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT),
+       ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(NOTICEREF);
+
+IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF)
 
 static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
                X509V3_CTX *ctx, char *value)
@@ -327,83 +367,6 @@ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
        return 1;
 }
 
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
-                                                 V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void)
-{
-       return sk_POLICYINFO_new_null();
-}
-
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a)
-{
-       sk_POLICYINFO_pop_free(a, POLICYINFO_free);
-}
-
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a,
-               unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
-                         POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
-IMPLEMENT_STACK_OF(POLICYINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYINFO)
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
-                                                        i2d_POLICYQUALINFO);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
-                                                        i2d_POLICYQUALINFO);
-
-       M_ASN1_I2D_finish();
-}
-
-POLICYINFO *POLICYINFO_new(void)
-{
-       POLICYINFO *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, POLICYINFO);
-       ret->policyid = NULL;
-       ret->qualifiers = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
-}
-
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length)
-{
-       M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
-       if(!M_ASN1_D2I_end_sequence()) {
-               M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
-                                d2i_POLICYQUALINFO, POLICYQUALINFO_free);
-       }
-       M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
-}
-
-void POLICYINFO_free(POLICYINFO *a)
-{
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->policyid);
-       sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
-       OPENSSL_free (a);
-}
-
 static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
                int indent)
 {
@@ -459,202 +422,4 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent)
                BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
                                                         notice->exptext->data);
 }
-               
-       
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
-       switch(OBJ_obj2nid(a->pqualid)) {
-               case NID_id_qt_cps:
-               M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
-               break;
-
-               case NID_id_qt_unotice:
-               M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
-               break;
-
-               default:
-               M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
-               break;
-       }
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
-       switch(OBJ_obj2nid(a->pqualid)) {
-               case NID_id_qt_cps:
-               M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
-               break;
-
-               case NID_id_qt_unotice:
-               M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
-               break;
-
-               default:
-               M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
-               break;
-       }
-
-       M_ASN1_I2D_finish();
-}
-
-POLICYQUALINFO *POLICYQUALINFO_new(void)
-{
-       POLICYQUALINFO *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, POLICYQUALINFO);
-       ret->pqualid = NULL;
-       ret->d.other = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
-}
-
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
-               long length)
-{
-       M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
-       switch(OBJ_obj2nid(ret->pqualid)) {
-               case NID_id_qt_cps:
-               M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
-               break;
-
-               case NID_id_qt_unotice:
-               M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
-               break;
-
-               default:
-               M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
-               break;
-       }
-       M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
-}
-
-void POLICYQUALINFO_free(POLICYQUALINFO *a)
-{
-       if (a == NULL) return;
-       switch(OBJ_obj2nid(a->pqualid)) {
-               case NID_id_qt_cps:
-               M_ASN1_IA5STRING_free(a->d.cpsuri);
-               break;
-
-               case NID_id_qt_unotice:
-               USERNOTICE_free(a->d.usernotice);
-               break;
-
-               default:
-               ASN1_TYPE_free(a->d.other);
-               break;
-       }
-       
-       ASN1_OBJECT_free(a->pqualid);
-       OPENSSL_free (a);
-}
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
-       M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
-       M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
-
-       M_ASN1_I2D_finish();
-}
-
-USERNOTICE *USERNOTICE_new(void)
-{
-       USERNOTICE *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, USERNOTICE);
-       ret->noticeref = NULL;
-       ret->exptext = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
-}
-
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length)
-{
-       M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
-       if (!M_ASN1_D2I_end_sequence()) {
-               M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
-       }
-       M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
-}
-
-void USERNOTICE_free(USERNOTICE *a)
-{
-       if (a == NULL) return;
-       NOTICEREF_free(a->noticeref);
-       M_DISPLAYTEXT_free(a->exptext);
-       OPENSSL_free (a);
-}
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
-       M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
-                                    i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
-       M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
-                                    i2d_ASN1_INTEGER);
-
-       M_ASN1_I2D_finish();
-}
-
-NOTICEREF *NOTICEREF_new(void)
-{
-       NOTICEREF *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, NOTICEREF);
-       ret->organization = NULL;
-       ret->noticenos = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
-}
-
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length)
-{
-       M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       /* This is to cope with some broken encodings that use IA5STRING for
-         * the organization field
-        */
-       M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
-                                                        V_ASN1_IA5STRING);
-       if(!ret->organization) {
-                M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
-       }
-       M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER,
-                               ASN1_STRING_free);
-       M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
-}
-
-void NOTICEREF_free(NOTICEREF *a)
-{
-       if (a == NULL) return;
-       M_DISPLAYTEXT_free(a->organization);
-       sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free);
-       OPENSSL_free (a);
-}
 
-IMPLEMENT_STACK_OF(POLICYQUALINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
index 67feea40171fbe1e3fd1537d86e0dabab74c7983..b1963a26e4cecb0350a67d6b26bb65d875f27d62 100644 (file)
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
@@ -87,16 +87,16 @@ static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
        int i;
        for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
                point = sk_DIST_POINT_value(crld, i);
-               if(point->distpoint && point->distpoint->fullname) {
-                       exts = i2v_GENERAL_NAMES(NULL,
-                                        point->distpoint->fullname, exts);
+               if(point->distpoint) {
+                       if(point->distpoint->type == 0)
+                               exts = i2v_GENERAL_NAMES(NULL,
+                                        point->distpoint->name.fullname, exts);
+                       else X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
                }
                if(point->reasons) 
                        X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
                if(point->CRLissuer)
                        X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
-               if(point->distpoint && point->distpoint->relativename)
-                       X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
        }
        return exts;
 }
@@ -105,7 +105,7 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
        STACK_OF(DIST_POINT) *crld = NULL;
-       STACK_OF(GENERAL_NAME) *gens = NULL;
+       GENERAL_NAMES *gens = NULL;
        GENERAL_NAME *gen = NULL;
        CONF_VALUE *cnf;
        int i;
@@ -123,7 +123,8 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
                        goto merr;
                }
                if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
-               point->distpoint->fullname = gens;
+               point->distpoint->name.fullname = gens;
+               point->distpoint->type = 0;
                gens = NULL;
        }
        return crld;
@@ -137,149 +138,27 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
        return NULL;
 }
 
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE,
-                                                 V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void)
-{
-       return sk_DIST_POINT_new_null();
-}
-
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a)
-{
-       sk_DIST_POINT_pop_free(a, DIST_POINT_free);
-}
-
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
-               unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT,
-                         DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
 IMPLEMENT_STACK_OF(DIST_POINT)
 IMPLEMENT_ASN1_SET_OF(DIST_POINT)
 
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp)
-{
-       int v = 0;
-       M_ASN1_I2D_vars(a);
-       /* NB: underlying type is a CHOICE so need EXPLICIT tagging */
-       M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
-       M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING);
-       M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES);
 
-       M_ASN1_I2D_seq_total();
+ASN1_CHOICE(DIST_POINT_NAME) = {
+       ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
+       ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
+} ASN1_CHOICE_END(DIST_POINT_NAME);
 
-       M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
-       M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1);
-       M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2);
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
 
-       M_ASN1_I2D_finish();
-}
+ASN1_SEQUENCE(DIST_POINT) = {
+       ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+       ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
+       ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, distpoint, GENERAL_NAME, 2)
+} ASN1_SEQUENCE_END(DIST_POINT);
 
-DIST_POINT *DIST_POINT_new(void)
-{
-       DIST_POINT *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, DIST_POINT);
-       ret->distpoint = NULL;
-       ret->reasons = NULL;
-       ret->CRLissuer = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW);
-}
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
 
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0);
-       M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1,
-                                                       V_ASN1_BIT_STRING);
-       M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2,
-                                                       V_ASN1_SEQUENCE);
-       M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT);
-}
+ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = 
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT)
+ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS);
 
-void DIST_POINT_free(DIST_POINT *a)
-{
-       if (a == NULL) return;
-       DIST_POINT_NAME_free(a->distpoint);
-       M_ASN1_BIT_STRING_free(a->reasons);
-       sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free);
-       OPENSSL_free (a);
-}
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       if(a->fullname) {
-               M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES);
-       } else {
-               M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY,
-                               a->relativename, i2d_X509_NAME_ENTRY, 1);
-       }
-
-       /* Don't want a SEQUENCE so... */
-       if(pp == NULL) return ret;
-       p = *pp;
-
-       if(a->fullname) {
-               M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0);
-       } else {
-               M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY,
-                               a->relativename, i2d_X509_NAME_ENTRY, 1);
-       }
-       M_ASN1_I2D_finish();
-}
-
-DIST_POINT_NAME *DIST_POINT_NAME_new(void)
-{
-       DIST_POINT_NAME *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, DIST_POINT_NAME);
-       ret->fullname = NULL;
-       ret->relativename = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW);
-}
-
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a)
-{
-       if (a == NULL) return;
-       sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free);
-       sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free);
-       OPENSSL_free (a);
-}
-
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
-            long length)
-{
-        unsigned char _tmp, tag;
-        M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new);
-        M_ASN1_D2I_Init();
-        c.slen = length;
-
-        _tmp = M_ASN1_next;
-        tag = _tmp & ~V_ASN1_CONSTRUCTED;
-       
-       if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) {
-               M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES,
-                                                       V_ASN1_SEQUENCE);
-       } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) {
-               M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY,
-                       ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1);
-       } else {
-               c.error = ASN1_R_BAD_TAG;
-               goto err;
-       }
-
-       M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME);
-}
+IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
index 53ec40a027b36468869eec550d6a6c32ed70e43e..0b7bb77a4623838b3b132a36b67612a8225fade5 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
-               STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+               EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *extlist);
+
 X509V3_EXT_METHOD v3_ext_ku = {
 NID_ext_key_usage, 0,
-(X509V3_EXT_NEW)ext_ku_new,
-(X509V3_EXT_FREE)ext_ku_free,
-(X509V3_EXT_D2I)d2i_ext_ku,
-(X509V3_EXT_I2D)i2d_ext_ku,
+(X509V3_EXT_NEW)EXTENDED_KEY_USAGE_new,
+(X509V3_EXT_FREE)EXTENDED_KEY_USAGE_free,
+(X509V3_EXT_D2I)d2i_EXTENDED_KEY_USAGE,
+(X509V3_EXT_I2D)i2d_EXTENDED_KEY_USAGE,
 NULL, NULL,
-(X509V3_EXT_I2V)i2v_ext_ku,
-(X509V3_EXT_V2I)v2i_ext_ku,
+(X509V3_EXT_I2V)i2v_EXTENDED_KEY_USAGE,
+(X509V3_EXT_V2I)v2i_EXTENDED_KEY_USAGE,
 NULL,NULL,
 NULL
 };
 
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
-{
-       return sk_ASN1_OBJECT_new_null();
-}
-
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
-{
-       sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
-       return;
-}
-
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
-{
-       return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
-                               V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
-                                       unsigned char **pp, long length)
-{
-       return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
-                        ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
+ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = 
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
+ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE);
 
+IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
 
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
-               STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+               EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *ext_list)
 {
 int i;
 ASN1_OBJECT *obj;
@@ -120,10 +101,10 @@ for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
 return ext_list;
 }
 
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-STACK_OF(ASN1_OBJECT) *extku;
+EXTENDED_KEY_USAGE *extku;
 char *extval;
 ASN1_OBJECT *objtmp;
 CONF_VALUE *val;
index d44751458eb4f6507b1268fa6489e50f83db359d..dc5ceb09e10f3254e031d46813a49979a0bbc62f 100644 (file)
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
-{
-       unsigned char *p;
-       int ret;
-
-       ret = 0;
-
-       /* Save the location of initial TAG */
-       if(pp) p = *pp;
-       else p = NULL;
-
-       /* GEN_DNAME needs special treatment because of EXPLICIT tag */
-
-       if(a->type == GEN_DIRNAME) {
-               int v = 0;
-               M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
-               if(!p) return ret;
-               M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
-               *pp = p;
-               return ret;
-       }
-
-       switch(a->type) {
-
-               case GEN_X400:
-               case GEN_EDIPARTY:
-               ret = i2d_ASN1_TYPE(a->d.other, pp);
-               break;
-
-               case GEN_OTHERNAME:
-               ret = i2d_OTHERNAME(a->d.otherName, pp);
-               break;
-
-               case GEN_EMAIL:
-               case GEN_DNS:
-               case GEN_URI:
-               ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
-               break;
-
-               case GEN_IPADD:
-               ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
-               break;
-       
-               case GEN_RID:
-               ret = i2d_ASN1_OBJECT(a->d.rid, pp);
-               break;
-       }
-       /* Replace TAG with IMPLICIT value */
-       if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type;
-       return ret;
-}
-
-GENERAL_NAME *GENERAL_NAME_new()
-{
-       GENERAL_NAME *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, GENERAL_NAME);
-       ret->type = -1;
-       ret->d.ptr = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
-}
-
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
-                                                                long length)
-{
-       unsigned char _tmp;
-       M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
-       M_ASN1_D2I_Init();
-       c.slen = length;
-
-       _tmp = M_ASN1_next;
-       ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
-
-       switch(ret->type) {
-               /* Just put these in a "blob" for now */
-               case GEN_X400:
-               case GEN_EDIPARTY:
-               M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
-               break;
-
-               case GEN_OTHERNAME:
-               M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
-               break;
-
-               case GEN_EMAIL:
-               case GEN_DNS:
-               case GEN_URI:
-               M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
-                                                       V_ASN1_IA5STRING);
-               break;
-
-               case GEN_DIRNAME:
-               M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
-               break;
-
-               case GEN_IPADD:
-               M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
-                                                       V_ASN1_OCTET_STRING);
-               break;
-       
-               case GEN_RID:
-               M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
-               break;
-
-               default:
-               c.error = ASN1_R_BAD_TAG;
-               goto err;
-       }
-
-       c.slen = 0;
-       M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
-}
-
-void GENERAL_NAME_free(GENERAL_NAME *a)
-{
-       if (a == NULL) return;
-       switch(a->type) {
-               case GEN_X400:
-               case GEN_EDIPARTY:
-               ASN1_TYPE_free(a->d.other);
-               break;
-
-               case GEN_OTHERNAME:
-               OTHERNAME_free(a->d.otherName);
-               break;
-
-               case GEN_EMAIL:
-               case GEN_DNS:
-               case GEN_URI:
-
-               M_ASN1_IA5STRING_free(a->d.ia5);
-               break;
-
-               case GEN_DIRNAME:
-               X509_NAME_free(a->d.dirn);
-               break;
-
-               case GEN_IPADD:
-               M_ASN1_OCTET_STRING_free(a->d.ip);
-               break;
-       
-               case GEN_RID:
-               ASN1_OBJECT_free(a->d.rid);
-               break;
-
-       }
-       OPENSSL_free (a);
-}
-
-/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
- * explicit functions.
- */
-
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
-{
-       return sk_GENERAL_NAME_new_null();
-}
-
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
-{
-       sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
-}
-
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
-                                        unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
-                        GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
-                                                V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(GENERAL_NAME)
-IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
-
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
-{
-       int v = 0;
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
-       M_ASN1_I2D_finish();
-}
-
-OTHERNAME *OTHERNAME_new(void)
-{
-       OTHERNAME *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, OTHERNAME);
-       ret->type_id = OBJ_nid2obj(NID_undef);
-       M_ASN1_New(ret->value, ASN1_TYPE_new);
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
-}
-
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
-       M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
-       M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
-}
-
-void OTHERNAME_free(OTHERNAME *a)
-{
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->type_id);
-       ASN1_TYPE_free(a->value);
-       OPENSSL_free (a);
-}
-
+ASN1_SEQUENCE(OTHERNAME) = {
+       ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
+       /* Maybe have a true ANY DEFINED BY later */
+       ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
+} ASN1_SEQUENCE_END(OTHERNAME);
+
+IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
+
+ASN1_SEQUENCE(EDIPARTYNAME) = {
+       ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
+       ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
+} ASN1_SEQUENCE_END(EDIPARTYNAME);
+
+IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
+
+ASN1_CHOICE(GENERAL_NAME) = {
+       ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
+       ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
+       ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
+       /* Don't decode this */
+       ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
+       /* X509_NAME is a CHOICE type so use EXPLICIT */
+       ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
+       ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
+       ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
+       ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
+       ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
+} ASN1_CHOICE_END(GENERAL_NAME);
+
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
+
+ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = 
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
+ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES);
+
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
index 44d95a620594b0b3745ce9bb493ae130346cf346..35d95ad51cfc6acebf0fcd7a6d160190648cfdac 100644 (file)
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-                               STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+                               AUTHORITY_INFO_ACCESS *ainfo,
                                                STACK_OF(CONF_VALUE) *ret);
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
 X509V3_EXT_METHOD v3_info =
@@ -80,8 +80,21 @@ NULL, NULL,
 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
 NULL, NULL, NULL};
 
+ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
+       ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
+       ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME)
+} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION);
+
+IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+
+ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) = 
+       ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
+ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS);
+
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-                               STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+                               AUTHORITY_INFO_ACCESS *ainfo,
                                                STACK_OF(CONF_VALUE) *ret)
 {
        ACCESS_DESCRIPTION *desc;
@@ -111,10 +124,10 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method
        return ret;
 }
 
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-       STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL;
+       AUTHORITY_INFO_ACCESS *ainfo = NULL;
        CONF_VALUE *cnf, ctmp;
        ACCESS_DESCRIPTION *acc;
        int i, objlen;
@@ -162,51 +175,6 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
        return NULL;
 }
 
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT);
-       M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME);
-
-       M_ASN1_I2D_finish();
-}
-
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void)
-{
-       ACCESS_DESCRIPTION *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION);
-       ret->method = OBJ_nid2obj(NID_undef);
-       ret->location = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW);
-}
-
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
-            long length)
-{
-       M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT);
-       M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME);
-       M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION);
-}
-
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
-{
-       if (a == NULL) return;
-       ASN1_OBJECT_free(a->method);
-       GENERAL_NAME_free(a->location);
-       OPENSSL_free (a);
-}
-
 int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
         {
        i2a_ASN1_OBJECT(bp, a->method);
@@ -215,31 +183,3 @@ int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
 #endif
        return 2;
        }
-
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void)
-{
-       return sk_ACCESS_DESCRIPTION_new_null();
-}
-
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a)
-{
-       sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free);
-}
-
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
-                                        unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION,
-                        ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE,
-                                                V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION)
-IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-
index 47f9e8f123a965f2613470dff039780b58cf2180..600db6dab858f5482505d5bc398e3c62eafb3cf4 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
@@ -77,52 +77,12 @@ NULL, NULL, NULL, NULL,
 NULL
 };
 
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME);
-       M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0);
-       M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1);
-
-       M_ASN1_I2D_finish();
-}
-
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void)
-{
-       PKEY_USAGE_PERIOD *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD);
-       ret->notBefore = NULL;
-       ret->notAfter = NULL;
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW);
-}
+ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = {
+       ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0),
+       ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1)
+} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD);
 
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a,
-            unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0,
-                                                       V_ASN1_GENERALIZEDTIME);
-       M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1,
-                                                       V_ASN1_GENERALIZEDTIME);
-       M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD);
-}
-
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a)
-{
-       if (a == NULL) return;
-       M_ASN1_GENERALIZEDTIME_free(a->notBefore);
-       M_ASN1_GENERALIZEDTIME_free(a->notAfter);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
 
 static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
             PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
index 867699b26f3a6c30442587897c1e41b1d3546414..717e23d5c6e4cc39c9ddcdfbc2e2095a4ec9a19f 100644 (file)
@@ -261,7 +261,7 @@ static void x509v3_cache_extensions(X509 *x)
        BASIC_CONSTRAINTS *bs;
        ASN1_BIT_STRING *usage;
        ASN1_BIT_STRING *ns;
-       STACK_OF(ASN1_OBJECT) *extusage;
+       EXTENDED_KEY_USAGE *extusage;
        
        int i;
        if(x->ex_flags & EXFLAG_SET) return;
@@ -511,7 +511,7 @@ int X509_check_issued(X509 *issuer, X509 *subject)
                         * There may be more than one but we only take any
                         * notice of the first.
                         */
-                       STACK_OF(GENERAL_NAME) *gens;
+                       GENERAL_NAMES *gens;
                        GENERAL_NAME *gen;
                        X509_NAME *nm = NULL;
                        int i;
index bfecacd3367d4f49e6584765ab8bbd10caac4078..bd38ad52d57746e1eb4d813cbc201907c5586915 100644 (file)
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 /* Support for Thawte strong extranet extension */
@@ -90,94 +90,19 @@ NULL,
 NULL
 };
 
+ASN1_SEQUENCE(SXNETID) = {
+       ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
+       ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(SXNETID);
 
-int i2d_SXNET(SXNET *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
+IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
 
-       M_ASN1_I2D_finish();
-}
-
-SXNET *SXNET_new(void)
-{
-       SXNET *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, SXNET);
-       M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
-       M_ASN1_New(ret->ids,sk_SXNETID_new_null);
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_SXNET_NEW);
-}
+ASN1_SEQUENCE(SXNET) = {
+       ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
+       ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
+} ASN1_SEQUENCE_END(SXNET);
 
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
-       M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
-}
-
-void SXNET_free(SXNET *a)
-{
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->version);
-       sk_SXNETID_pop_free(a->ids, SXNETID_free);
-       OPENSSL_free (a);
-}
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp)
-{
-       M_ASN1_I2D_vars(a);
-
-       M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_seq_total();
-
-       M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
-       M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
-
-       M_ASN1_I2D_finish();
-}
-
-SXNETID *SXNETID_new(void)
-{
-       SXNETID *ret=NULL;
-       ASN1_CTX c;
-       M_ASN1_New_Malloc(ret, SXNETID);
-       ret->zone = NULL;
-       M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new);
-       return (ret);
-       M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
-}
-
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length)
-{
-       M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
-       M_ASN1_D2I_Init();
-       M_ASN1_D2I_start_sequence();
-       M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
-       M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
-       M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
-}
-
-void SXNETID_free(SXNETID *a)
-{
-       if (a == NULL) return;
-       M_ASN1_INTEGER_free(a->zone);
-       M_ASN1_OCTET_STRING_free(a->user);
-       OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(SXNET)
 
 static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
             int indent)
index 619f161b588220873bcecdd02981b189ecdad2ca..727a93ff517b03c7d921917ec2efeb8328cbb837 100644 (file)
@@ -66,7 +66,7 @@
 
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens);
+static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
 static void str_free(void *str);
 static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
 
@@ -439,7 +439,7 @@ static int sk_strcmp(const char * const *a, const char * const *b)
 
 STACK *X509_get1_email(X509 *x)
 {
-       STACK_OF(GENERAL_NAME) *gens;
+       GENERAL_NAMES *gens;
        STACK *ret;
        gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
        ret = get_email(X509_get_subject_name(x), gens);
@@ -449,7 +449,7 @@ STACK *X509_get1_email(X509 *x)
 
 STACK *X509_REQ_get1_email(X509_REQ *x)
 {
-       STACK_OF(GENERAL_NAME) *gens;
+       GENERAL_NAMES *gens;
        STACK_OF(X509_EXTENSION) *exts;
        STACK *ret;
        exts = X509_REQ_get_extensions(x);
@@ -461,7 +461,7 @@ STACK *X509_REQ_get1_email(X509_REQ *x)
 }
 
 
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens)
+static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
 {
        STACK *ret = NULL;
        X509_NAME_ENTRY *ne;
index 21cf746f459c51908d2be6db319de089ddc34007..67ee14f3348490ca6aba5368bdc6eaf2b157525e 100644 (file)
@@ -60,7 +60,6 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
 #include <openssl/conf.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
index ee798859f0b336e8be3a205ed6c865bf4c055f75..b529814319b109dc0992f715e4d0ef021f257884 100644 (file)
@@ -59,9 +59,7 @@
 
 
 #include <stdio.h>
-#include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
 #include <openssl/conf.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
index 908c3ae1855a11a97ca865a46590756ac8f03e95..fb70fde1b5867c757ee4b61b86e5581ebdd794b4 100644 (file)
@@ -156,35 +156,56 @@ ASN1_OBJECT *type_id;
 ASN1_TYPE *value;
 } OTHERNAME;
 
+typedef struct EDIPartyName_st {
+       ASN1_STRING *nameAssigner;
+       ASN1_STRING *partyName;
+} EDIPARTYNAME;
+
 typedef struct GENERAL_NAME_st {
 
-#define GEN_OTHERNAME  (0|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EMAIL      (1|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DNS                (2|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_X400       (3|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DIRNAME    (4|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EDIPARTY   (5|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_URI                (6|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_IPADD      (7|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_RID                (8|V_ASN1_CONTEXT_SPECIFIC)
+#define GEN_OTHERNAME  0
+#define GEN_EMAIL      1
+#define GEN_DNS                2
+#define GEN_X400       3
+#define GEN_DIRNAME    4
+#define GEN_EDIPARTY   5
+#define GEN_URI                6
+#define GEN_IPADD      7
+#define GEN_RID                8
 
 int type;
 union {
        char *ptr;
-       ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
+       OTHERNAME *otherName; /* otherName */
+       ASN1_IA5STRING *rfc822Name;
+       ASN1_IA5STRING *dNSName;
+       ASN1_TYPE *x400Address;
+       X509_NAME *directoryName;
+       EDIPARTYNAME *ediPartyName;
+       ASN1_IA5STRING *uniformResourceIdentifier;
+       ASN1_OCTET_STRING *iPAddress;
+       ASN1_OBJECT *registeredID;
+
+       /* Old names */
        ASN1_OCTET_STRING *ip; /* iPAddress */
        X509_NAME *dirn;                /* dirn */
+       ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
        ASN1_OBJECT *rid; /* registeredID */
-       OTHERNAME *otherName; /* otherName */
-       ASN1_TYPE *other; /* ediPartyName, x400Address */
+       ASN1_TYPE *other; /* x400Address */
 } d;
 } GENERAL_NAME;
 
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+
 typedef struct ACCESS_DESCRIPTION_st {
        ASN1_OBJECT *method;
        GENERAL_NAME *location;
 } ACCESS_DESCRIPTION;
 
+typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
 DECLARE_STACK_OF(GENERAL_NAME)
 DECLARE_ASN1_SET_OF(GENERAL_NAME)
 
@@ -192,23 +213,27 @@ DECLARE_STACK_OF(ACCESS_DESCRIPTION)
 DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
 
 typedef struct DIST_POINT_NAME_st {
-/* NB: this is a CHOICE type and only one of these should be set */
-STACK_OF(GENERAL_NAME) *fullname;
-STACK_OF(X509_NAME_ENTRY) *relativename;
+int type;
+union {
+       GENERAL_NAMES *fullname;
+       STACK_OF(X509_NAME_ENTRY) *relativename;
+} name;
 } DIST_POINT_NAME;
 
 typedef struct DIST_POINT_st {
 DIST_POINT_NAME        *distpoint;
 ASN1_BIT_STRING *reasons;
-STACK_OF(GENERAL_NAME) *CRLissuer;
+GENERAL_NAMES *CRLissuer;
 } DIST_POINT;
 
+typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
 DECLARE_STACK_OF(DIST_POINT)
 DECLARE_ASN1_SET_OF(DIST_POINT)
 
 typedef struct AUTHORITY_KEYID_st {
 ASN1_OCTET_STRING *keyid;
-STACK_OF(GENERAL_NAME) *issuer;
+GENERAL_NAMES *issuer;
 ASN1_INTEGER *serial;
 } AUTHORITY_KEYID;
 
@@ -254,6 +279,8 @@ typedef struct POLICYINFO_st {
        STACK_OF(POLICYQUALINFO) *qualifiers;
 } POLICYINFO;
 
+typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+
 DECLARE_STACK_OF(POLICYINFO)
 DECLARE_ASN1_SET_OF(POLICYINFO)
 
@@ -372,21 +399,8 @@ BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **
 BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
 void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
 
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp);
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length);
-GENERAL_NAME *GENERAL_NAME_new(void);
-void GENERAL_NAME_free(GENERAL_NAME *a);
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-
-int i2d_SXNET(SXNET *a, unsigned char **pp);
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
-SXNET *SXNET_new(void);
-void SXNET_free(SXNET *a);
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp);
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
-SXNETID *SXNETID_new(void);
-void SXNETID_free(SXNETID *a);
+DECLARE_ASN1_FUNCTIONS(SXNET)
+DECLARE_ASN1_FUNCTIONS(SXNETID)
 
 int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 
 int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 
@@ -396,96 +410,42 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
 ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
 ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
 
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
 
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp);
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length);
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
 STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-               STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist);
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+               GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
+GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
-OTHERNAME *OTHERNAME_new(void);
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
-void OTHERNAME_free(OTHERNAME *a);
+DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
 
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
-                                       unsigned char **pp, long length);
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
-POLICYINFO *POLICYINFO_new(void);
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
-void POLICYINFO_free(POLICYINFO *a);
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
-POLICYQUALINFO *POLICYQUALINFO_new(void);
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
-                                                                long length);
-void POLICYQUALINFO_free(POLICYQUALINFO *a);
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
-USERNOTICE *USERNOTICE_new(void);
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
-void USERNOTICE_free(USERNOTICE *a);
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
-NOTICEREF *NOTICEREF_new(void);
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
-void NOTICEREF_free(NOTICEREF *a);
-
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp);
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void);
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a);
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
-                unsigned char **pp,long length);
-
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp);
-DIST_POINT *DIST_POINT_new(void);
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length);
-void DIST_POINT_free(DIST_POINT *a);
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp);
-DIST_POINT_NAME *DIST_POINT_NAME_new(void);
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
-             long length);
-
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
-             long length);
+DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
 int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a);
 
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
-                                        unsigned char **pp, long length);
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS(NOTICEREF)
 
+DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
 
+DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
 
 #ifdef HEADER_CONF_H
 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
diff --git a/demos/asn1/README.ASN1 b/demos/asn1/README.ASN1
new file mode 100644 (file)
index 0000000..ac497be
--- /dev/null
@@ -0,0 +1,7 @@
+This is a demo of the new ASN1 code. Its an OCSP ASN1 module. Doesn't
+do much yet other than demonstrate what the new ASN1 modules might look
+like.
+
+It wont even compile yet: the new code isn't in place.
+
+
diff --git a/demos/asn1/ocsp.c b/demos/asn1/ocsp.c
new file mode 100644 (file)
index 0000000..0199fe1
--- /dev/null
@@ -0,0 +1,366 @@
+/* ocsp.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+
+
+
+/* Example of new ASN1 code, OCSP request
+
+       OCSPRequest     ::=     SEQUENCE {
+           tbsRequest                  TBSRequest,
+           optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+
+       TBSRequest      ::=     SEQUENCE {
+           version             [0] EXPLICIT Version DEFAULT v1,
+           requestorName       [1] EXPLICIT GeneralName OPTIONAL,
+           requestList             SEQUENCE OF Request,
+           requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
+
+       Signature       ::=     SEQUENCE {
+           signatureAlgorithm   AlgorithmIdentifier,
+           signature            BIT STRING,
+           certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+       Version  ::=  INTEGER  {  v1(0) }
+
+       Request ::=     SEQUENCE {
+           reqCert                    CertID,
+           singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
+
+       CertID ::= SEQUENCE {
+           hashAlgorithm            AlgorithmIdentifier,
+           issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
+           issuerKeyHash      OCTET STRING, -- Hash of Issuers public key
+           serialNumber       CertificateSerialNumber }
+
+       OCSPResponse ::= SEQUENCE {
+          responseStatus         OCSPResponseStatus,
+          responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+
+       OCSPResponseStatus ::= ENUMERATED {
+           successful            (0),      --Response has valid confirmations
+           malformedRequest      (1),      --Illegal confirmation request
+           internalError         (2),      --Internal error in issuer
+           tryLater              (3),      --Try again later
+                                           --(4) is not used
+           sigRequired           (5),      --Must sign the request
+           unauthorized          (6)       --Request unauthorized
+       }
+
+       ResponseBytes ::=       SEQUENCE {
+           responseType   OBJECT IDENTIFIER,
+           response       OCTET STRING }
+
+       BasicOCSPResponse       ::= SEQUENCE {
+          tbsResponseData      ResponseData,
+          signatureAlgorithm   AlgorithmIdentifier,
+          signature            BIT STRING,
+          certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+       ResponseData ::= SEQUENCE {
+          version              [0] EXPLICIT Version DEFAULT v1,
+          responderID              ResponderID,
+          producedAt               GeneralizedTime,
+          responses                SEQUENCE OF SingleResponse,
+          responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+
+       ResponderID ::= CHOICE {
+          byName   [1] Name,    --EXPLICIT
+          byKey    [2] KeyHash }
+
+       KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
+                                --(excluding the tag and length fields)
+
+       SingleResponse ::= SEQUENCE {
+          certID                       CertID,
+          certStatus                   CertStatus,
+          thisUpdate                   GeneralizedTime,
+          nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
+          singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
+
+       CertStatus ::= CHOICE {
+           good                [0]     IMPLICIT NULL,
+           revoked             [1]     IMPLICIT RevokedInfo,
+           unknown             [2]     IMPLICIT UnknownInfo }
+
+       RevokedInfo ::= SEQUENCE {
+           revocationTime              GeneralizedTime,
+           revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
+
+       UnknownInfo ::= NULL -- this can be replaced with an enumeration
+
+       ArchiveCutoff ::= GeneralizedTime
+
+       AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER
+
+       ServiceLocator ::= SEQUENCE {
+           issuer    Name,
+           locator   AuthorityInfoAccessSyntax }
+
+       -- Object Identifiers
+
+       id-kp-OCSPSigning            OBJECT IDENTIFIER ::= { id-kp 9 }
+       id-pkix-ocsp                 OBJECT IDENTIFIER ::= { id-ad-ocsp }
+       id-pkix-ocsp-basic           OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 }
+       id-pkix-ocsp-nonce           OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
+       id-pkix-ocsp-crl             OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 }
+       id-pkix-ocsp-response        OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 }
+       id-pkix-ocsp-nocheck         OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
+       id-pkix-ocsp-archive-cutoff  OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 }
+       id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 }
+
+*/
+
+/* Request Structures */
+
+DECLARE_STACK_OF(Request)
+
+typedef struct {
+       ASN1_INTEGER *version;
+       GENERAL_NAME *requestorName;
+       STACK_OF(Request) *requestList;
+       STACK_OF(X509_EXTENSION) *requestExtensions;
+} TBSRequest;
+
+typedef struct {
+       X509_ALGOR *signatureAlgorithm;
+       ASN1_BIT_STRING *signature;
+       STACK_OF(X509) *certs;
+} Signature;
+
+typedef struct {
+       TBSRequest *tbsRequest;
+       Signature *optionalSignature;
+} OCSPRequest;
+
+typedef struct {
+       X509_ALGOR *hashAlgorithm;
+       ASN1_OCTET_STRING *issuerNameHash;
+       ASN1_OCTET_STRING *issuerKeyHash;
+       ASN1_INTEGER *certificateSerialNumber;
+} CertID;
+
+typedef struct {
+       CertID *reqCert;
+       STACK_OF(X509_EXTENSION) *singleRequestExtensions;
+} Request;
+
+/* Response structures */
+
+typedef struct {
+       ASN1_OBJECT *responseType;
+       ASN1_OCTET_STRING *response;
+} ResponseBytes;
+
+typedef struct {
+       ASN1_ENUMERATED *responseStatus;
+       ResponseBytes *responseBytes;
+} OCSPResponse;
+
+typedef struct {
+       int type;
+       union {
+          X509_NAME *byName;
+          ASN1_OCTET_STRING *byKey;
+       }d;
+} ResponderID;
+
+typedef struct {
+          ASN1_INTEGER *version;
+          ResponderID *responderID;
+          ASN1_GENERALIZEDTIME *producedAt;
+          STACK_OF(SingleResponse) *responses;
+          STACK_OF(X509_EXTENSION) *responseExtensions;
+} ResponseData;
+
+typedef struct {
+          ResponseData *tbsResponseData;
+          X509_ALGOR *signatureAlgorithm;
+          ASN1_BIT_STRING *signature;
+          STACK_OF(X509) *certs;
+} BasicOCSPResponse;
+
+typedef struct {
+       ASN1_GENERALIZEDTIME *revocationTime;
+       ASN1_ENUMERATED * revocationReason;
+} RevokedInfo;
+
+typedef struct {
+       int type;
+       union {
+           ASN1_NULL *good;
+           RevokedInfo *revoked;
+           ASN1_NULL *unknown;
+       } d;
+} CertStatus;
+
+typedef struct {
+          CertID *certID;
+          CertStatus *certStatus;
+          ASN1_GENERALIZEDTIME *thisUpdate;
+          ASN1_GENERALIZEDTIME *nextUpdate;
+          STACK_OF(X509_EXTENSION) *singleExtensions;
+} SingleResponse;
+
+
+typedef struct {
+    X509_NAME *issuer;
+    STACK_OF(ACCESS_DESCRIPTION) *locator;
+} ServiceLocator;
+
+
+/* Now the ASN1 templates */
+
+IMPLEMENT_COMPAT_ASN1(X509);
+IMPLEMENT_COMPAT_ASN1(X509_ALGOR);
+//IMPLEMENT_COMPAT_ASN1(X509_EXTENSION);
+IMPLEMENT_COMPAT_ASN1(GENERAL_NAME);
+IMPLEMENT_COMPAT_ASN1(X509_NAME);
+
+ASN1_SEQUENCE(X509_EXTENSION) = {
+       ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+       ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+       ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION);
+       
+
+ASN1_SEQUENCE(Signature) = {
+       ASN1_SIMPLE(Signature, signatureAlgorithm, X509_ALGOR),
+       ASN1_SIMPLE(Signature, signature, ASN1_BIT_STRING),
+       ASN1_SEQUENCE_OF(Signature, certs, X509)
+} ASN1_SEQUENCE_END(Signature);
+
+ASN1_SEQUENCE(CertID) = {
+       ASN1_SIMPLE(CertID, hashAlgorithm, X509_ALGOR),
+       ASN1_SIMPLE(CertID, issuerNameHash, ASN1_OCTET_STRING),
+       ASN1_SIMPLE(CertID, issuerKeyHash, ASN1_OCTET_STRING),
+       ASN1_SIMPLE(CertID, certificateSerialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(CertID);
+
+ASN1_SEQUENCE(Request) = {
+       ASN1_SIMPLE(Request, reqCert, CertID),
+       ASN1_EXP_SEQUENCE_OF_OPT(Request, singleRequestExtensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(Request);
+
+ASN1_SEQUENCE(TBSRequest) = {
+       ASN1_EXP_OPT(TBSRequest, version, ASN1_INTEGER, 0),
+       ASN1_EXP_OPT(TBSRequest, requestorName, GENERAL_NAME, 1),
+       ASN1_SEQUENCE_OF(TBSRequest, requestList, Request),
+       ASN1_EXP_SEQUENCE_OF_OPT(TBSRequest, requestExtensions, X509_EXTENSION, 2)
+} ASN1_SEQUENCE_END(TBSRequest);
+
+ASN1_SEQUENCE(OCSPRequest) = {
+       ASN1_SIMPLE(OCSPRequest, tbsRequest, TBSRequest),
+       ASN1_EXP_OPT(OCSPRequest, optionalSignature, Signature, 0)
+} ASN1_SEQUENCE_END(OCSPRequest);
+
+
+/* Response templates */
+
+ASN1_SEQUENCE(ResponseBytes) = {
+           ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT),
+           ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(ResponseBytes);
+
+ASN1_SEQUENCE(OCSPResponse) = {
+       ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED),
+       ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0)
+} ASN1_SEQUENCE_END(OCSPResponse);
+
+ASN1_CHOICE(ResponderID) = {
+          ASN1_EXP(ResponderID, d.byName, X509_NAME, 1),
+          ASN1_IMP(ResponderID, d.byKey, ASN1_OCTET_STRING, 2)
+} ASN1_CHOICE_END(ResponderID);
+
+ASN1_SEQUENCE(RevokedInfo) = {
+       ASN1_SIMPLE(RevokedInfo, revocationTime, ASN1_GENERALIZEDTIME),
+       ASN1_EXP_OPT(RevokedInfo, revocationReason, ASN1_ENUMERATED, 0)
+} ASN1_SEQUENCE_END(RevokedInfo);
+
+ASN1_CHOICE(CertStatus) = {
+       ASN1_IMP(CertStatus, d.good, ASN1_NULL, 0),
+       ASN1_IMP(CertStatus, d.revoked, RevokedInfo, 1),
+       ASN1_IMP(CertStatus, d.unknown, ASN1_NULL, 2)
+} ASN1_CHOICE_END(CertStatus);
+
+ASN1_SEQUENCE(SingleResponse) = {
+          ASN1_SIMPLE(SingleResponse, certID, CertID),
+          ASN1_SIMPLE(SingleResponse, certStatus, CertStatus),
+          ASN1_SIMPLE(SingleResponse, thisUpdate, ASN1_GENERALIZEDTIME),
+          ASN1_EXP_OPT(SingleResponse, nextUpdate, ASN1_GENERALIZEDTIME, 0),
+          ASN1_EXP_SEQUENCE_OF_OPT(SingleResponse, singleExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(SingleResponse);
+
+ASN1_SEQUENCE(ResponseData) = {
+          ASN1_EXP_OPT(ResponseData, version, ASN1_INTEGER, 0),
+          ASN1_SIMPLE(ResponseData, responderID, ResponderID),
+          ASN1_SIMPLE(ResponseData, producedAt, ASN1_GENERALIZEDTIME),
+          ASN1_SEQUENCE_OF(ResponseData, responses, SingleResponse),
+          ASN1_EXP_SEQUENCE_OF_OPT(ResponseData, responseExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(ResponseData);
+
+ASN1_SEQUENCE(BasicOCSPResponse) = {
+          ASN1_SIMPLE(BasicOCSPResponse, tbsResponseData, ResponseData),
+          ASN1_SIMPLE(BasicOCSPResponse, signatureAlgorithm, X509_ALGOR),
+          ASN1_SIMPLE(BasicOCSPResponse, signature, ASN1_BIT_STRING),
+          ASN1_EXP_SEQUENCE_OF_OPT(BasicOCSPResponse, certs, X509, 0)
+} ASN1_SEQUENCE_END(BasicOCSPResponse);
+