summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-04-20 15:06:12 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-04-20 15:06:12 +0000
commit65e3a16553a8df82ad3a0097d4473d1da8fc9b51 (patch)
tree284f5f6f0978ece54c0e8f08e8cad2387a882d28 /lib
parentbde886799ac760913314c3eb32114d9d348ca77d (diff)
KNF.
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/src/crypto/x509/x509_att.c277
-rw-r--r--lib/libssl/src/crypto/x509/x509_cmp.c231
-rw-r--r--lib/libssl/src/crypto/x509/x509_d2.c60
-rw-r--r--lib/libssl/src/crypto/x509/x509_def.c55
4 files changed, 359 insertions, 264 deletions
diff --git a/lib/libssl/src/crypto/x509/x509_att.c b/lib/libssl/src/crypto/x509/x509_att.c
index 7f924fbe396..56995689980 100644
--- a/lib/libssl/src/crypto/x509/x509_att.c
+++ b/lib/libssl/src/crypto/x509/x509_att.c
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -65,134 +65,152 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
+int
+X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
{
return sk_X509_ATTRIBUTE_num(x);
}
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
- int lastpos)
+int
+X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+ int lastpos)
{
ASN1_OBJECT *obj;
- obj=OBJ_nid2obj(nid);
- if (obj == NULL) return(-2);
- return(X509at_get_attr_by_OBJ(x,obj,lastpos));
+ obj = OBJ_nid2obj(nid);
+ if (obj == NULL)
+ return (-2);
+ return (X509at_get_attr_by_OBJ(x, obj, lastpos));
}
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
- int lastpos)
+int
+X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
+ int lastpos)
{
int n;
X509_ATTRIBUTE *ex;
- if (sk == NULL) return(-1);
+ if (sk == NULL)
+ return (-1);
lastpos++;
if (lastpos < 0)
- lastpos=0;
- n=sk_X509_ATTRIBUTE_num(sk);
- for ( ; lastpos < n; lastpos++) {
- ex=sk_X509_ATTRIBUTE_value(sk,lastpos);
- if (OBJ_cmp(ex->object,obj) == 0)
- return(lastpos);
- }
- return(-1);
+ lastpos = 0;
+ n = sk_X509_ATTRIBUTE_num(sk);
+ for (; lastpos < n; lastpos++) {
+ ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
+ if (OBJ_cmp(ex->object, obj) == 0)
+ return (lastpos);
+ }
+ return (-1);
}
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *
+X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
{
if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
return NULL;
else
- return sk_X509_ATTRIBUTE_value(x,loc);
+ return sk_X509_ATTRIBUTE_value(x, loc);
}
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *
+X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
{
X509_ATTRIBUTE *ret;
if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
- return(NULL);
- ret=sk_X509_ATTRIBUTE_delete(x,loc);
- return(ret);
+ return (NULL);
+ ret = sk_X509_ATTRIBUTE_delete(x, loc);
+ return (ret);
}
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr)
+STACK_OF(X509_ATTRIBUTE) *
+X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr)
{
- X509_ATTRIBUTE *new_attr=NULL;
- STACK_OF(X509_ATTRIBUTE) *sk=NULL;
+ X509_ATTRIBUTE *new_attr = NULL;
+ STACK_OF(X509_ATTRIBUTE) *sk = NULL;
if (x == NULL) {
X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
goto err2;
- }
+ }
if (*x == NULL) {
- if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
+ if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
goto err;
} else
sk= *x;
- if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
+ if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
goto err2;
- if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
+ if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
goto err;
if (*x == NULL)
- *x=sk;
- return(sk);
+ *x = sk;
+ return (sk);
+
err:
- X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE);
+ X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
err2:
- if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
- if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
- return(NULL);
+ if (new_attr != NULL)
+ X509_ATTRIBUTE_free(new_attr);
+ if (sk != NULL)
+ sk_X509_ATTRIBUTE_free(sk);
+ return (NULL);
}
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
- const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len)
+STACK_OF(X509_ATTRIBUTE) *
+X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj,
+ int type, const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
+
attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
- if(!attr) return 0;
+ if (!attr)
+ return 0;
ret = X509at_add1_attr(x, attr);
X509_ATTRIBUTE_free(attr);
return ret;
}
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
- int nid, int type,
- const unsigned char *bytes, int len)
+STACK_OF(X509_ATTRIBUTE) *
+X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type,
+ const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
+
attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
- if(!attr) return 0;
+ if (!attr)
+ return 0;
ret = X509at_add1_attr(x, attr);
X509_ATTRIBUTE_free(attr);
return ret;
}
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
- const char *attrname, int type,
- const unsigned char *bytes, int len)
+STACK_OF(X509_ATTRIBUTE) *
+X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname,
+ int type, const unsigned char *bytes, int len)
{
X509_ATTRIBUTE *attr;
STACK_OF(X509_ATTRIBUTE) *ret;
+
attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
- if(!attr) return 0;
+ if (!attr)
+ return 0;
ret = X509at_add1_attr(x, attr);
X509_ATTRIBUTE_free(attr);
return ret;
}
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
- ASN1_OBJECT *obj, int lastpos, int type)
+void *
+X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
+ int lastpos, int type)
{
int i;
X509_ATTRIBUTE *at;
+
i = X509at_get_attr_by_OBJ(x, obj, lastpos);
if (i == -1)
return NULL;
@@ -204,96 +222,112 @@ void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
}
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, const void *data, int len)
+X509_ATTRIBUTE *
+X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype,
+ const void *data, int len)
{
ASN1_OBJECT *obj;
X509_ATTRIBUTE *ret;
- obj=OBJ_nid2obj(nid);
+ obj = OBJ_nid2obj(nid);
if (obj == NULL) {
- X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
- return(NULL);
+ X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,
+ X509_R_UNKNOWN_NID);
+ return (NULL);
}
- ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
- if (ret == NULL) ASN1_OBJECT_free(obj);
- return(ret);
+ ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
+ if (ret == NULL)
+ ASN1_OBJECT_free(obj);
+ return (ret);
}
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- const ASN1_OBJECT *obj, int atrtype, const void *data, int len)
+X509_ATTRIBUTE *
+X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj,
+ int atrtype, const void *data, int len)
{
X509_ATTRIBUTE *ret;
if ((attr == NULL) || (*attr == NULL)) {
- if ((ret=X509_ATTRIBUTE_new()) == NULL) {
- X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
- return(NULL);
+ if ((ret = X509_ATTRIBUTE_new()) == NULL) {
+ X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,
+ ERR_R_MALLOC_FAILURE);
+ return (NULL);
}
- }
- else
+ } else
ret= *attr;
- if (!X509_ATTRIBUTE_set1_object(ret,obj))
+ if (!X509_ATTRIBUTE_set1_object(ret, obj))
goto err;
- if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len))
+ if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
goto err;
- if ((attr != NULL) && (*attr == NULL)) *attr=ret;
- return(ret);
+ if ((attr != NULL) && (*attr == NULL))
+ *attr = ret;
+ return (ret);
+
err:
if ((attr == NULL) || (ret != *attr))
X509_ATTRIBUTE_free(ret);
- return(NULL);
+ return (NULL);
}
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
- const char *atrname, int type, const unsigned char *bytes, int len)
+X509_ATTRIBUTE *
+X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname,
+ int type, const unsigned char *bytes, int len)
{
ASN1_OBJECT *obj;
X509_ATTRIBUTE *nattr;
- obj=OBJ_txt2obj(atrname, 0);
+ obj = OBJ_txt2obj(atrname, 0);
if (obj == NULL) {
X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
- X509_R_INVALID_FIELD_NAME);
+ X509_R_INVALID_FIELD_NAME);
ERR_add_error_data(2, "name=", atrname);
- return(NULL);
+ return (NULL);
}
- nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
+ nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
ASN1_OBJECT_free(obj);
return nattr;
}
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
+int
+X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
{
if ((attr == NULL) || (obj == NULL))
- return(0);
+ return (0);
ASN1_OBJECT_free(attr->object);
- attr->object=OBJ_dup(obj);
- return(1);
+ attr->object = OBJ_dup(obj);
+ return (1);
}
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len)
+int
+X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
+ int len)
{
ASN1_TYPE *ttmp;
ASN1_STRING *stmp = NULL;
int atype = 0;
- if (!attr) return 0;
- if(attrtype & MBSTRING_FLAG) {
+
+ if (!attr)
+ return 0;
+ if (attrtype & MBSTRING_FLAG) {
stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
- OBJ_obj2nid(attr->object));
- if(!stmp) {
- X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
+ OBJ_obj2nid(attr->object));
+ if (!stmp) {
+ X509err(X509_F_X509_ATTRIBUTE_SET1_DATA,
+ ERR_R_ASN1_LIB);
return 0;
}
atype = stmp->type;
} else if (len != -1){
- if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
- if(!ASN1_STRING_set(stmp, data, len)) goto err;
+ if (!(stmp = ASN1_STRING_type_new(attrtype)))
+ goto err;
+ if (!ASN1_STRING_set(stmp, data, len))
+ goto err;
atype = attrtype;
}
- if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
+ if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
+ goto err;
attr->single = 0;
/* This is a bit naughty because the attribute should really have
* at least one value but some types use and zero length SET and
@@ -301,49 +335,64 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat
*/
if (attrtype == 0)
return 1;
- if(!(ttmp = ASN1_TYPE_new())) goto err;
+ if (!(ttmp = ASN1_TYPE_new()))
+ goto err;
if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
if (!ASN1_TYPE_set1(ttmp, attrtype, data))
goto err;
} else
ASN1_TYPE_set(ttmp, atype, stmp);
- if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
+ if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))
+ goto err;
return 1;
- err:
+
+err:
X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
return 0;
}
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
+int
+X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
{
- if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set);
- if(attr->value.single) return 1;
+ if (!attr->single)
+ return sk_ASN1_TYPE_num(attr->value.set);
+ if (attr->value.single)
+ return 1;
return 0;
}
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
+ASN1_OBJECT *
+X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
{
- if (attr == NULL) return(NULL);
- return(attr->object);
+ if (attr == NULL)
+ return (NULL);
+ return (attr->object);
}
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
- int atrtype, void *data)
+void *
+X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data)
{
ASN1_TYPE *ttmp;
+
ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
- if(!ttmp) return NULL;
- if(atrtype != ASN1_TYPE_get(ttmp)){
+ if (!ttmp)
+ return NULL;
+ if (atrtype != ASN1_TYPE_get(ttmp)){
X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
return NULL;
}
return ttmp->value.ptr;
}
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
+ASN1_TYPE *
+X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
{
- if (attr == NULL) return(NULL);
- if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
- if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx);
- else return attr->value.single;
+ if (attr == NULL)
+ return (NULL);
+ if (idx >= X509_ATTRIBUTE_count(attr))
+ return NULL;
+ if (!attr->single)
+ return sk_ASN1_TYPE_value(attr->value.set, idx);
+ else
+ return attr->value.single;
}
diff --git a/lib/libssl/src/crypto/x509/x509_cmp.c b/lib/libssl/src/crypto/x509/x509_cmp.c
index 87c45964148..b6b3423e3fd 100644
--- a/lib/libssl/src/crypto/x509/x509_cmp.c
+++ b/lib/libssl/src/crypto/x509/x509_cmp.c
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -64,105 +64,121 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
+int
+X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
{
int i;
- X509_CINF *ai,*bi;
-
- ai=a->cert_info;
- bi=b->cert_info;
- i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
- if (i) return(i);
- return(X509_NAME_cmp(ai->issuer,bi->issuer));
+ X509_CINF *ai, *bi;
+
+ ai = a->cert_info;
+ bi = b->cert_info;
+ i = M_ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
+ if (i)
+ return (i);
+ return (X509_NAME_cmp(ai->issuer, bi->issuer));
}
#ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_and_serial_hash(X509 *a)
+unsigned long
+X509_issuer_and_serial_hash(X509 *a)
{
- unsigned long ret=0;
+ unsigned long ret = 0;
EVP_MD_CTX ctx;
unsigned char md[16];
char *f;
EVP_MD_CTX_init(&ctx);
- f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
+ f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
goto err;
- if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f)))
+ if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
goto err;
free(f);
- if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
- (unsigned long)a->cert_info->serialNumber->length))
+ if (!EVP_DigestUpdate(&ctx,
+ (unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length))
goto err;
- if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL))
+ if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
goto err;
- ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
- err:
+ ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+ ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) &
+ 0xffffffffL;
+
+err:
EVP_MD_CTX_cleanup(&ctx);
- return(ret);
+ return (ret);
}
#endif
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b)
+
+int
+X509_issuer_name_cmp(const X509 *a, const X509 *b)
{
- return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
+ return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));
}
-int X509_subject_name_cmp(const X509 *a, const X509 *b)
+int
+X509_subject_name_cmp(const X509 *a, const X509 *b)
{
- return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
+ return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject));
}
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
+int
+X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
{
- return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
+ return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
}
#ifndef OPENSSL_NO_SHA
-int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
+int
+X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
{
return memcmp(a->sha1_hash, b->sha1_hash, 20);
}
#endif
-X509_NAME *X509_get_issuer_name(X509 *a)
+X509_NAME *
+X509_get_issuer_name(X509 *a)
{
- return(a->cert_info->issuer);
+ return (a->cert_info->issuer);
}
-unsigned long X509_issuer_name_hash(X509 *x)
+unsigned long
+X509_issuer_name_hash(X509 *x)
{
- return(X509_NAME_hash(x->cert_info->issuer));
+ return (X509_NAME_hash(x->cert_info->issuer));
}
#ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_name_hash_old(X509 *x)
+unsigned long
+X509_issuer_name_hash_old(X509 *x)
{
- return(X509_NAME_hash_old(x->cert_info->issuer));
+ return (X509_NAME_hash_old(x->cert_info->issuer));
}
#endif
-X509_NAME *X509_get_subject_name(X509 *a)
+X509_NAME *
+X509_get_subject_name(X509 *a)
{
- return(a->cert_info->subject);
+ return (a->cert_info->subject);
}
-ASN1_INTEGER *X509_get_serialNumber(X509 *a)
+ASN1_INTEGER *
+X509_get_serialNumber(X509 *a)
{
- return(a->cert_info->serialNumber);
+ return (a->cert_info->serialNumber);
}
-unsigned long X509_subject_name_hash(X509 *x)
+unsigned long
+X509_subject_name_hash(X509 *x)
{
- return(X509_NAME_hash(x->cert_info->subject));
+ return (X509_NAME_hash(x->cert_info->subject));
}
#ifndef OPENSSL_NO_MD5
-unsigned long X509_subject_name_hash_old(X509 *x)
+unsigned long
+X509_subject_name_hash_old(X509 *x)
{
- return(X509_NAME_hash_old(x->cert_info->subject));
+ return (X509_NAME_hash_old(x->cert_info->subject));
}
#endif
@@ -176,7 +192,8 @@ unsigned long X509_subject_name_hash_old(X509 *x)
* where the "depth-first" constification tree has to halt
* with an evil cast.
*/
-int X509_cmp(const X509 *a, const X509 *b)
+int
+X509_cmp(const X509 *a, const X509 *b)
{
/* ensure hash is valid */
X509_check_purpose((X509 *)a, -1, 0);
@@ -186,49 +203,44 @@ int X509_cmp(const X509 *a, const X509 *b)
}
#endif
-
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
+int
+X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
{
int ret;
/* Ensure canonical encoding is present and up to date */
-
if (!a->canon_enc || a->modified) {
ret = i2d_X509_NAME((X509_NAME *)a, NULL);
if (ret < 0)
return -2;
}
-
if (!b->canon_enc || b->modified) {
ret = i2d_X509_NAME((X509_NAME *)b, NULL);
if (ret < 0)
return -2;
}
-
ret = a->canon_enclen - b->canon_enclen;
-
if (ret)
return ret;
-
return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
-
}
-unsigned long X509_NAME_hash(X509_NAME *x)
+unsigned long
+X509_NAME_hash(X509_NAME *x)
{
- unsigned long ret=0;
+ unsigned long ret = 0;
unsigned char md[SHA_DIGEST_LENGTH];
/* Make sure X509_NAME structure contains valid cached encoding */
- i2d_X509_NAME(x,NULL);
+ i2d_X509_NAME(x, NULL);
if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
- NULL))
+ NULL))
return 0;
- ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
- return(ret);
+ ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+ ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) &
+ 0xffffffffL;
+ return (ret);
}
@@ -236,82 +248,92 @@ unsigned long X509_NAME_hash(X509_NAME *x)
/* I now DER encode the name and hash it. Since I cache the DER encoding,
* this is reasonably efficient. */
-unsigned long X509_NAME_hash_old(X509_NAME *x)
+unsigned long
+X509_NAME_hash_old(X509_NAME *x)
{
EVP_MD_CTX md_ctx;
- unsigned long ret=0;
+ unsigned long ret = 0;
unsigned char md[16];
/* Make sure X509_NAME structure contains valid cached encoding */
- i2d_X509_NAME(x,NULL);
+ i2d_X509_NAME(x, NULL);
EVP_MD_CTX_init(&md_ctx);
EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
- && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
- && EVP_DigestFinal_ex(&md_ctx,md,NULL))
- ret=(((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
- ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
- )&0xffffffffL;
+ if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) &&
+ EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) &&
+ EVP_DigestFinal_ex(&md_ctx, md, NULL))
+ ret = (((unsigned long)md[0]) |
+ ((unsigned long)md[1] << 8L) |
+ ((unsigned long)md[2] << 16L) |
+ ((unsigned long)md[3] << 24L)) &
+ 0xffffffffL;
EVP_MD_CTX_cleanup(&md_ctx);
- return(ret);
+ return (ret);
}
#endif
/* Search a stack of X509 for a match */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
- ASN1_INTEGER *serial)
+X509 *
+X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
+ ASN1_INTEGER *serial)
{
int i;
X509_CINF cinf;
- X509 x,*x509=NULL;
+ X509 x, *x509 = NULL;
- if(!sk) return NULL;
+ if (!sk)
+ return NULL;
- x.cert_info= &cinf;
- cinf.serialNumber=serial;
- cinf.issuer=name;
+ x.cert_info = &cinf;
+ cinf.serialNumber = serial;
+ cinf.issuer = name;
- for (i=0; i<sk_X509_num(sk); i++) {
- x509=sk_X509_value(sk,i);
- if (X509_issuer_and_serial_cmp(x509,&x) == 0)
- return(x509);
+ for (i = 0; i < sk_X509_num(sk); i++) {
+ x509 = sk_X509_value(sk, i);
+ if (X509_issuer_and_serial_cmp(x509, &x) == 0)
+ return (x509);
}
- return(NULL);
+ return (NULL);
}
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
+X509 *
+X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
{
X509 *x509;
int i;
- for (i=0; i<sk_X509_num(sk); i++) {
- x509=sk_X509_value(sk,i);
- if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
- return(x509);
+ for (i = 0; i < sk_X509_num(sk); i++) {
+ x509 = sk_X509_value(sk, i);
+ if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0)
+ return (x509);
}
- return(NULL);
+ return (NULL);
}
-EVP_PKEY *X509_get_pubkey(X509 *x)
+EVP_PKEY *
+X509_get_pubkey(X509 *x)
{
if ((x == NULL) || (x->cert_info == NULL))
- return(NULL);
- return(X509_PUBKEY_get(x->cert_info->key));
+ return (NULL);
+ return (X509_PUBKEY_get(x->cert_info->key));
}
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
+ASN1_BIT_STRING *
+X509_get0_pubkey_bitstr(const X509 *x)
{
- if(!x) return NULL;
+ if (!x)
+ return NULL;
return x->cert_info->key->public_key;
}
-int X509_check_private_key(X509 *x, EVP_PKEY *k)
+int
+X509_check_private_key(X509 *x, EVP_PKEY *k)
{
EVP_PKEY *xk;
int ret;
- xk=X509_get_pubkey(x);
+ xk = X509_get_pubkey(x);
if (xk)
ret = EVP_PKEY_cmp(xk, k);
@@ -322,13 +344,16 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
case 1:
break;
case 0:
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
+ X509err(X509_F_X509_CHECK_PRIVATE_KEY,
+ X509_R_KEY_VALUES_MISMATCH);
break;
case -1:
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
+ X509err(X509_F_X509_CHECK_PRIVATE_KEY,
+ X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
- X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
+ X509err(X509_F_X509_CHECK_PRIVATE_KEY,
+ X509_R_UNKNOWN_KEY_TYPE);
}
if (xk)
EVP_PKEY_free(xk);
diff --git a/lib/libssl/src/crypto/x509/x509_d2.c b/lib/libssl/src/crypto/x509/x509_d2.c
index ed051093ac9..5ccd4346655 100644
--- a/lib/libssl/src/crypto/x509/x509_d2.c
+++ b/lib/libssl/src/crypto/x509/x509_d2.c
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -62,44 +62,48 @@
#include <openssl/x509.h>
#ifndef OPENSSL_NO_STDIO
-int X509_STORE_set_default_paths(X509_STORE *ctx)
+int
+X509_STORE_set_default_paths(X509_STORE *ctx)
{
X509_LOOKUP *lookup;
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
- if (lookup == NULL) return(0);
- X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+ lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
+ if (lookup == NULL)
+ return (0);
+ X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+ lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
+ if (lookup == NULL)
+ return (0);
+ X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
- if (lookup == NULL) return(0);
- X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
-
/* clear any errors */
ERR_clear_error();
- return(1);
+ return (1);
}
-int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
- const char *path)
+int
+X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path)
{
X509_LOOKUP *lookup;
if (file != NULL) {
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
- if (lookup == NULL) return(0);
- if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1)
- return(0);
+ lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
+ if (lookup == NULL)
+ return (0);
+ if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1)
+ return (0);
}
if (path != NULL) {
- lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
- if (lookup == NULL) return(0);
- if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1)
- return(0);
+ lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
+ if (lookup == NULL)
+ return (0);
+ if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1)
+ return (0);
}
if ((path == NULL) && (file == NULL))
- return(0);
- return(1);
+ return (0);
+ return (1);
}
-
#endif
diff --git a/lib/libssl/src/crypto/x509/x509_def.c b/lib/libssl/src/crypto/x509/x509_def.c
index e0ac151a768..66cbe37bac3 100644
--- a/lib/libssl/src/crypto/x509/x509_def.c
+++ b/lib/libssl/src/crypto/x509/x509_def.c
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -61,21 +61,38 @@
#include <openssl/crypto.h>
#include <openssl/x509.h>
-const char *X509_get_default_private_dir(void)
- { return(X509_PRIVATE_DIR); }
-
-const char *X509_get_default_cert_area(void)
- { return(X509_CERT_AREA); }
+const char *
+X509_get_default_private_dir(void)
+{
+ return (X509_PRIVATE_DIR);
+}
-const char *X509_get_default_cert_dir(void)
- { return(X509_CERT_DIR); }
+const char *
+X509_get_default_cert_area(void)
+{
+ return (X509_CERT_AREA);
+}
-const char *X509_get_default_cert_file(void)
- { return(X509_CERT_FILE); }
+const char *
+X509_get_default_cert_dir(void)
+{
+ return (X509_CERT_DIR);
+}
-const char *X509_get_default_cert_dir_env(void)
- { return(X509_CERT_DIR_EVP); }
+const char *
+X509_get_default_cert_file(void)
+{
+ return (X509_CERT_FILE);
+}
-const char *X509_get_default_cert_file_env(void)
- { return(X509_CERT_FILE_EVP); }
+const char *
+X509_get_default_cert_dir_env(void)
+{
+ return (X509_CERT_DIR_EVP);
+}
+const char *
+X509_get_default_cert_file_env(void)
+{
+ return (X509_CERT_FILE_EVP);
+}