diff options
Diffstat (limited to 'lib/libcrypto/x509')
29 files changed, 1337 insertions, 2185 deletions
diff --git a/lib/libcrypto/x509/Makefile.ssl b/lib/libcrypto/x509/Makefile.ssl index 1c1ca2ffa07..14bb60d4114 100644 --- a/lib/libcrypto/x509/Makefile.ssl +++ b/lib/libcrypto/x509/Makefile.ssl @@ -7,16 +7,16 @@ TOP= ../.. CC= cc INCLUDES= -I.. -I../../include CFLAG=-g +INSTALL_PREFIX= +OPENSSLDIR= /usr/local/ssl INSTALLTOP=/usr/local/ssl MAKE= make -f Makefile.ssl -MAKEDEPEND= makedepend -f Makefile.ssl +MAKEDEPEND= $(TOP)/util/domd $(TOP) MAKEFILE= Makefile.ssl AR= ar r CFLAGS= $(INCLUDES) $(CFLAG) -ERR=x509 -ERRC=x509_err GENERAL=Makefile README TEST= APPS= @@ -24,18 +24,16 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ x509_obj.c x509_req.c x509_vfy.c \ - x509_set.c x509rset.c $(ERRC).c \ - x509name.c x509_v3.c x509_ext.c x509pack.c \ + x509_set.c x509rset.c x509_err.c \ + x509name.c x509_v3.c x509_ext.c \ x509type.c x509_lu.c x_all.c x509_txt.c \ - by_file.c by_dir.c \ - v3_net.c v3_x509.c + by_file.c by_dir.c LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \ x509_obj.o x509_req.o x509_vfy.o \ - x509_set.o x509rset.o $(ERRC).o \ - x509name.o x509_v3.o x509_ext.o x509pack.o \ + x509_set.o x509rset.o x509_err.o \ + x509name.o x509_v3.o x509_ext.o \ x509type.o x509_lu.o x_all.o x509_txt.o \ - by_file.o by_dir.o \ - v3_net.o v3_x509.o + by_file.o by_dir.o SRC= $(LIBSRC) @@ -51,24 +49,23 @@ all: lib lib: $(LIBOBJ) $(AR) $(LIB) $(LIBOBJ) - sh $(TOP)/util/ranlib.sh $(LIB) + $(RANLIB) $(LIB) @touch lib files: - perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO + $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO links: - /bin/rm -f Makefile - $(TOP)/util/point.sh Makefile.ssl Makefile ; - $(TOP)/util/mklink.sh ../../include $(EXHEADER) - $(TOP)/util/mklink.sh ../../test $(TEST) - $(TOP)/util/mklink.sh ../../apps $(APPS) + @$(TOP)/util/point.sh Makefile.ssl Makefile + @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) + @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) + @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) install: @for i in $(EXHEADER) ; \ do \ - (cp $$i $(INSTALLTOP)/include/$$i; \ - chmod 644 $(INSTALLTOP)/include/$$i ); \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ done; tags: @@ -80,17 +77,340 @@ lint: lint -DLINT $(INCLUDES) $(SRC)>fluff depend: - $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC) + $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) dclean: - perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new mv -f Makefile.new $(MAKEFILE) clean: - /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -errors: - perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h - perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c + rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff # DO NOT DELETE THIS LINE -- make depend depends on it. + +by_dir.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +by_dir.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +by_dir.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +by_dir.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h +by_dir.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +by_dir.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_dir.o: ../../include/openssl/stack.h ../../include/openssl/x509.h +by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +by_file.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +by_file.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h +by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +by_file.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +by_file.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h +by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +by_file.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +by_file.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +by_file.o: ../../include/openssl/stack.h ../../include/openssl/x509.h +by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_cmp.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_cmp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_cmp.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_cmp.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_cmp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_cmp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_cmp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_cmp.o: ../cryptlib.h +x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_d2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_d2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_d2.o: ../cryptlib.h +x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_def.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_def.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_def.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_def.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_def.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_def.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_def.o: ../cryptlib.h +x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +x509_err.o: ../../include/openssl/des.h ../../include/openssl/dh.h +x509_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_err.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_ext.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_ext.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_ext.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_ext.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_ext.o: ../cryptlib.h +x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_lu.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_lu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_lu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x509_lu.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/x509.h +x509_lu.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_obj.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_obj.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +x509_obj.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +x509_obj.o: ../../include/openssl/opensslconf.h +x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_obj.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_obj.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_obj.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_obj.o: ../cryptlib.h +x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_r2x.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_r2x.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_r2x.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_r2x.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_r2x.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_r2x.o: ../cryptlib.h +x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_req.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_req.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h +x509_req.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h +x509_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_req.o: ../cryptlib.h +x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_set.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_set.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_set.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_set.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_set.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_set.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_set.o: ../cryptlib.h +x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_txt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_txt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +x509_txt.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +x509_txt.o: ../../include/openssl/opensslconf.h +x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_txt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_txt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_txt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_txt.o: ../cryptlib.h +x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_v3.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_v3.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_v3.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509_v3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_v3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_v3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_v3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_v3.o: ../cryptlib.h +x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509_vfy.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x509_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md5.h +x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h +x509_vfy.o: ../../include/openssl/opensslconf.h +x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509_vfy.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509_vfy.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509_vfy.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509_vfy.o: ../cryptlib.h +x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509name.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509name.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509name.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509name.o: ../cryptlib.h +x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509rset.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509rset.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509rset.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509rset.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509rset.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509rset.o: ../cryptlib.h +x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509type.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509type.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x509type.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x509type.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x509type.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x509type.o: ../cryptlib.h +x_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +x_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +x_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +x_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_all.o: ../cryptlib.h diff --git a/lib/libcrypto/x509/attrib b/lib/libcrypto/x509/attrib deleted file mode 100644 index 37f6cd755ff..00000000000 --- a/lib/libcrypto/x509/attrib +++ /dev/null @@ -1,38 +0,0 @@ - -PKCS7 - STACK of X509_ATTRIBUTES - ASN1_OBJECT - STACK of ASN1_TYPE - -So it is - -p7.xa[].obj -p7.xa[].data[] - -get_obj_by_nid(STACK , nid) -get_num_by_nid(STACK , nid) -get_data_by_nid(STACK , nid, index) - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex, - int nid, STACK *value); - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex, - int nid, STACK *value); - -int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj); -int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index, - ASN1_TYPE *value); - -ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex); -int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne); -ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index); - -ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne, - ASN1_OBJECT *obj); - -X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid); -X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid); - diff --git a/lib/libcrypto/x509/by_dir.c b/lib/libcrypto/x509/by_dir.c index 11725ec94c6..734e39ac773 100644 --- a/lib/libcrypto/x509/by_dir.c +++ b/lib/libcrypto/x509/by_dir.c @@ -63,9 +63,8 @@ #include <sys/stat.h> #include "cryptlib.h" -#include "lhash.h" -#include "x509.h" -#include "pem.h" +#include <openssl/lhash.h> +#include <openssl/x509.h> typedef struct lookup_dir_st { @@ -76,21 +75,13 @@ typedef struct lookup_dir_st int num_dirs_alloced; } BY_DIR; -#ifndef NOPROTO -static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret); +static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, + char **ret); static int new_dir(X509_LOOKUP *lu); static void free_dir(X509_LOOKUP *lu); -static int add_cert_dir(BY_DIR *ctx,char *dir,int type); +static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, X509_OBJECT *ret); -#else -static int dir_ctrl(); -static int new_dir(); -static void free_dir(); -static int add_cert_dir(); -static int get_cert_by_subject(); -#endif - X509_LOOKUP_METHOD x509_dir_lookup= { "Load certs from files in a directory", @@ -105,17 +96,13 @@ X509_LOOKUP_METHOD x509_dir_lookup= NULL, /* get_by_alias */ }; -X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir() +X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) { return(&x509_dir_lookup); } -static int dir_ctrl(ctx,cmd,argp,argl,retp) -X509_LOOKUP *ctx; -int cmd; -long argl; -char *argp; -char **retp; +static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, + char **retp) { int ret=0; BY_DIR *ld; @@ -147,8 +134,7 @@ char **retp; return(ret); } -static int new_dir(lu) -X509_LOOKUP *lu; +static int new_dir(X509_LOOKUP *lu) { BY_DIR *a; @@ -167,8 +153,7 @@ X509_LOOKUP *lu; return(1); } -static void free_dir(lu) -X509_LOOKUP *lu; +static void free_dir(X509_LOOKUP *lu) { BY_DIR *a; int i; @@ -182,17 +167,18 @@ X509_LOOKUP *lu; Free(a); } -static int add_cert_dir(ctx,dir, type) -BY_DIR *ctx; -char *dir; -int type; +static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) { int j,len; int *ip; - char *s,*ss,*p; + const char *s,*ss,*p; char **pp; - if (dir == NULL) return(0); + if (dir == NULL || !*dir) + { + X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY); + return 0; + } s=dir; p=s; @@ -243,11 +229,8 @@ int type; return(1); } -static int get_cert_by_subject(xl,type,name,ret) -X509_LOOKUP *xl; -int type; -X509_NAME *name; -X509_OBJECT *ret; +static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, + X509_OBJECT *ret) { BY_DIR *ctx; union { @@ -266,7 +249,7 @@ X509_OBJECT *ret; BUF_MEM *b=NULL; struct stat st; X509_OBJECT stmp,*tmp; - char *postfix=""; + const char *postfix=""; if (name == NULL) return(0); diff --git a/lib/libcrypto/x509/by_file.c b/lib/libcrypto/x509/by_file.c index 09ebb9bf083..00ee5e8bbc4 100644 --- a/lib/libcrypto/x509/by_file.c +++ b/lib/libcrypto/x509/by_file.c @@ -63,20 +63,15 @@ #include <sys/stat.h> #include "cryptlib.h" -#include "lhash.h" -#include "buffer.h" -#include "x509.h" -#include "pem.h" +#include <openssl/lhash.h> +#include <openssl/buffer.h> +#include <openssl/x509.h> +#include <openssl/pem.h> #ifndef NO_STDIO -#ifndef NOPROTO -static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc, - long argl,char **ret); -#else -static int by_file_ctrl(); -#endif - +static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, + long argl, char **ret); X509_LOOKUP_METHOD x509_file_lookup= { "Load file into cache", @@ -91,17 +86,13 @@ X509_LOOKUP_METHOD x509_file_lookup= NULL, /* get_by_alias */ }; -X509_LOOKUP_METHOD *X509_LOOKUP_file() +X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return(&x509_file_lookup); } -static int by_file_ctrl(ctx,cmd,argp,argl,ret) -X509_LOOKUP *ctx; -int cmd; -char *argp; -long argl; -char **ret; +static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, + char **ret) { int ok=0,ok2=0; char *file; @@ -138,10 +129,7 @@ char **ret; return((ok && ok2)?ok:0); } -int X509_load_cert_file(ctx,file,type) -X509_LOOKUP *ctx; -char *file; -int type; +int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) { int ret=0; BIO *in=NULL; @@ -161,7 +149,7 @@ int type; { for (;;) { - x=PEM_read_bio_X509(in,NULL,NULL); + x=PEM_read_bio_X509(in,NULL,NULL,NULL); if (x == NULL) { if ((ERR_GET_REASON(ERR_peek_error()) == @@ -208,10 +196,7 @@ err: return(ret); } -int X509_load_crl_file(ctx,file,type) -X509_LOOKUP *ctx; -char *file; -int type; +int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) { int ret=0; BIO *in=NULL; @@ -231,7 +216,7 @@ int type; { for (;;) { - x=PEM_read_bio_X509_CRL(in,NULL,NULL); + x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); if (x == NULL) { if ((ERR_GET_REASON(ERR_peek_error()) == diff --git a/lib/libcrypto/x509/v3_net.c b/lib/libcrypto/x509/v3_net.c deleted file mode 100644 index 0c2d276d13d..00000000000 --- a/lib/libcrypto/x509/v3_net.c +++ /dev/null @@ -1,87 +0,0 @@ -/* crypto/x509/v3_net.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "stack.h" -#include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "x509.h" - -#define NETSCAPE_X509_EXT_NUM 8 - -static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={ -{NID_netscape_ca_policy_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_ssl_server_name, V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_revocation_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING}, -{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, -{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING}, - }; - -int X509v3_add_netscape_extensions() - { - int i; - - for (i=0; i<NETSCAPE_X509_EXT_NUM; i++) - if (!X509v3_add_extension(&(netscape_x509_ext[i]))) - return(0); - return(1); - } diff --git a/lib/libcrypto/x509/v3_x509.c b/lib/libcrypto/x509/v3_x509.c deleted file mode 100644 index f685aa4c71d..00000000000 --- a/lib/libcrypto/x509/v3_x509.c +++ /dev/null @@ -1,253 +0,0 @@ -/* crypto/x509/v3_x509.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <ctype.h> -#include "stack.h" -#include "cryptlib.h" -#include "bio.h" -#include "asn1.h" -#include "objects.h" -#include "x509.h" - -#if 0 -static int i2a_key_usage(BIO *bp, X509 *x); -static int a2i_key_usage(X509 *x, char *str, int len); -#endif - -int X509v3_get_key_usage(X509 *x); -int X509v3_set_key_usage(X509 *x,unsigned int use); -int i2a_X509v3_key_usage(BIO *bp, unsigned int use); -unsigned int a2i_X509v3_key_usage(char *p); - -#define STD_X509_EXT_NUM 9 - -#if 0 -static X509_OBJECTS std_x509_ext[STD_X509_EXT_NUM]={ -{NID_subject_key_identifier, NULL,NULL}, -{NID_key_usage, a2i_key_usage,i2a_key_usage}, /**/ -{NID_private_key_usage_period, NULL,NULL}, -{NID_subject_alt_name, NULL,NULL}, -{NID_issuer_alt_name, NULL,NULL}, -{NID_basic_constraints, NULL,NULL}, -{NID_crl_number, NULL,NULL}, -{NID_certificate_policies, NULL,NULL}, -{NID_authority_key_identifier, NULL,NULL}, - }; -#endif - -int X509v3_add_standard_extensions() - { - -#if 0 - for (i=0; i<STD_X509_EXT_NUM; i++) - if (!X509v3_add_extension(&(std_x509_ext[i]))) - return(0); -#endif - return(1); - } - -int X509v3_get_key_usage(x) -X509 *x; - { - X509_EXTENSION *ext; - ASN1_STRING *st; - char *p; - int i; - - i=X509_get_ext_by_NID(x,NID_key_usage,-1); - if (i < 0) return(X509v3_KU_UNDEF); - ext=X509_get_ext(x,i); - st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING, - X509_EXTENSION_get_data(X509_get_ext(x,i))); - - p=(char *)ASN1_STRING_data(st); - if (ASN1_STRING_length(st) == 1) - i=p[0]; - else if (ASN1_STRING_length(st) == 2) - i=p[0]|(p[1]<<8); - else - i=0; - return(i); - } - -static struct - { - char *name; - unsigned int value; - } key_usage_data[] ={ - {"digitalSignature", X509v3_KU_DIGITAL_SIGNATURE}, - {"nonRepudiation", X509v3_KU_NON_REPUDIATION}, - {"keyEncipherment", X509v3_KU_KEY_ENCIPHERMENT}, - {"dataEncipherment", X509v3_KU_DATA_ENCIPHERMENT}, - {"keyAgreement", X509v3_KU_KEY_AGREEMENT}, - {"keyCertSign", X509v3_KU_KEY_CERT_SIGN}, - {"cRLSign", X509v3_KU_CRL_SIGN}, - {"encipherOnly", X509v3_KU_ENCIPHER_ONLY}, - {"decipherOnly", X509v3_KU_DECIPHER_ONLY}, - {NULL,0}, - }; - -#if 0 -static int a2i_key_usage(x,str,len) -X509 *x; -char *str; -int len; - { - return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str))); - } - -static int i2a_key_usage(bp,x) -BIO *bp; -X509 *x; - { - return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x))); - } -#endif - -int i2a_X509v3_key_usage(bp,use) -BIO *bp; -unsigned int use; - { - int i=0,first=1; - - for (;;) - { - if (use | key_usage_data[i].value) - { - BIO_printf(bp,"%s%s",((first)?"":" "), - key_usage_data[i].name); - first=0; - } - } - return(1); - } - -unsigned int a2i_X509v3_key_usage(p) -char *p; - { - unsigned int ret=0; - char *q,*s; - int i,n; - - q=p; - for (;;) - { - while ((*q != '\0') && isalnum(*q)) - q++; - if (*q == '\0') break; - s=q++; - while (isalnum(*q)) - q++; - n=q-s; - i=0; - for (;;) - { - if (strncmp(key_usage_data[i].name,s,n) == 0) - { - ret|=key_usage_data[i].value; - break; - } - i++; - if (key_usage_data[i].name == NULL) - return(X509v3_KU_UNDEF); - } - } - return(ret); - } - -int X509v3_set_key_usage(x,use) -X509 *x; -unsigned int use; - { - ASN1_OCTET_STRING *os; - X509_EXTENSION *ext; - int i; - unsigned char data[4]; - - i=X509_get_ext_by_NID(x,NID_key_usage,-1); - if (i < 0) - { - i=X509_get_ext_count(x)+1; - if ((ext=X509_EXTENSION_new()) == NULL) return(0); - if (!X509_add_ext(x,ext,i)) - { - X509_EXTENSION_free(ext); - return(0); - } - } - else - ext=X509_get_ext(x,i); - - /* fill in 'ext' */ - os=X509_EXTENSION_get_data(ext); - - i=0; - if (use > 0) - { - i=1; - data[0]=use&0xff; - } - if (use > 0xff) - { - i=2; - data[1]=(use>>8)&0xff; - } - return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1); - } - diff --git a/lib/libcrypto/x509/x509.doc b/lib/libcrypto/x509/x509.doc deleted file mode 100644 index 73cfc9f034a..00000000000 --- a/lib/libcrypto/x509/x509.doc +++ /dev/null @@ -1,27 +0,0 @@ -X509_verify() -X509_sign() - -X509_get_version() -X509_get_serialNumber() -X509_get_issuer() -X509_get_subject() -X509_get_notBefore() -X509_get_notAfter() -X509_get_pubkey() - -X509_set_version() -X509_set_serialNumber() -X509_set_issuer() -X509_set_subject() -X509_set_notBefore() -X509_set_notAfter() -X509_set_pubkey() - -X509_get_extensions() -X509_set_extensions() - -X509_EXTENSIONS_clear() -X509_EXTENSIONS_retrieve() -X509_EXTENSIONS_add() -X509_EXTENSIONS_delete() - diff --git a/lib/libcrypto/x509/x509.err b/lib/libcrypto/x509/x509.err deleted file mode 100644 index 8d0862d7d1d..00000000000 --- a/lib/libcrypto/x509/x509.err +++ /dev/null @@ -1,46 +0,0 @@ -/* Error codes for the X509 functions. */ - -/* Function codes. */ -#define X509_F_ADD_CERT_DIR 100 -#define X509_F_BY_FILE_CTRL 101 -#define X509_F_DIR_CTRL 102 -#define X509_F_GET_CERT_BY_SUBJECT 103 -#define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509V3_ADD_EXTENSION 105 -#define X509_F_X509V3_PACK_STRING 106 -#define X509_F_X509V3_UNPACK_STRING 107 -#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 -#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 -#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 -#define X509_F_X509_LOAD_CERT_FILE 111 -#define X509_F_X509_LOAD_CRL_FILE 112 -#define X509_F_X509_NAME_ADD_ENTRY 113 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 -#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 -#define X509_F_X509_NAME_ONELINE 116 -#define X509_F_X509_NAME_PRINT 117 -#define X509_F_X509_PRINT_FP 118 -#define X509_F_X509_PUBKEY_GET 119 -#define X509_F_X509_PUBKEY_SET 120 -#define X509_F_X509_REQ_PRINT 121 -#define X509_F_X509_REQ_PRINT_FP 122 -#define X509_F_X509_REQ_TO_X509 123 -#define X509_F_X509_STORE_ADD_CERT 124 -#define X509_F_X509_STORE_ADD_CRL 125 -#define X509_F_X509_TO_X509_REQ 126 -#define X509_F_X509_VERIFY_CERT 127 - -/* Reason codes. */ -#define X509_R_BAD_X509_FILETYPE 100 -#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 -#define X509_R_ERR_ASN1_LIB 102 -#define X509_R_LOADING_CERT_DIR 103 -#define X509_R_LOADING_DEFAULTS 104 -#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 -#define X509_R_SHOULD_RETRY 106 -#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 -#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 -#define X509_R_UNKNOWN_NID 109 -#define X509_R_UNKNOWN_STRING_TYPE 110 -#define X509_R_UNSUPPORTED_ALGORITHM 111 -#define X509_R_WRONG_LOOKUP_TYPE 112 diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index 95114f7c43f..35f9484f8b9 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -63,28 +63,34 @@ extern "C" { #endif -#include "stack.h" -#include "asn1.h" +#ifdef VMS +#undef X509_REVOKED_get_ext_by_critical +#define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic +#endif + +#include <openssl/stack.h> +#include <openssl/asn1.h> +#include <openssl/safestack.h> #ifndef NO_RSA -#include "rsa.h" -#else -#define RSA long +#include <openssl/rsa.h> #endif #ifndef NO_DSA -#include "dsa.h" -#else -#define DSA long +#include <openssl/dsa.h> #endif #ifndef NO_DH -#include "dh.h" -#else -#define DH long +#include <openssl/dh.h> #endif -#include "evp.h" +#include <openssl/evp.h> + + +#ifdef WIN32 +/* Under Win32 this is defined in wincrypt.h */ +#undef X509_NAME +#endif #define X509_FILETYPE_PEM 1 #define X509_FILETYPE_ASN1 2 @@ -114,6 +120,9 @@ typedef struct X509_algor_st ASN1_TYPE *parameter; } X509_ALGOR; +DECLARE_STACK_OF(X509_ALGOR) +DECLARE_ASN1_SET_OF(X509_ALGOR) + typedef struct X509_val_st { ASN1_UTCTIME *notBefore; @@ -124,7 +133,7 @@ typedef struct X509_pubkey_st { X509_ALGOR *algor; ASN1_BIT_STRING *public_key; - struct evp_pkey_st /* EVP_PKEY*/ *pkey; + EVP_PKEY *pkey; } X509_PUBKEY; typedef struct X509_sig_st @@ -141,10 +150,13 @@ typedef struct X509_name_entry_st int size; /* temp variable */ } X509_NAME_ENTRY; +DECLARE_STACK_OF(X509_NAME_ENTRY) +DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) + /* we always keep X509_NAMEs in 2 forms. */ typedef struct X509_name_st { - STACK *entries; /* of X509_NAME_ENTRY */ + STACK_OF(X509_NAME_ENTRY) *entries; int modified; /* true if 'bytes' needs to be built */ #ifdef HEADER_BUFFER_H BUF_MEM *bytes; @@ -154,6 +166,8 @@ typedef struct X509_name_st unsigned long hash; /* Keep the hash around for lookups */ } X509_NAME; +DECLARE_STACK_OF(X509_NAME) + #define X509_EX_V_NETSCAPE_HACK 0x8000 #define X509_EX_V_INIT 0x0001 typedef struct X509_extension_st @@ -167,23 +181,23 @@ typedef struct X509_extension_st void (*ex_free)(); /* clear argp stuff */ } X509_EXTENSION; -/* #if 1 */ -typedef struct x509_extension_method_st +DECLARE_STACK_OF(X509_EXTENSION) +DECLARE_ASN1_SET_OF(X509_EXTENSION) + +/* a sequence of these are used */ +typedef struct x509_attributes_st { - int nid; - int data_type; - int pack_type; - void (*ex_clear)(); - int (*ex_get_bool)(); - int (*ex_set_bool)(); - int (*ex_get_str)(); - int (*ex_set_str)(); - char *(*ex_get_struct)(); - int (*ex_set_struct)(); - int (*a2i)(); - int (*i2a)(); - } X509_EXTENSION_METHOD; -/* #endif */ + ASN1_OBJECT *object; + int set; /* 1 for a set, 0 for a single item (which is wrong) */ + union { + char *ptr; +/* 1 */ STACK_OF(ASN1_TYPE) *set; +/* 0 */ ASN1_TYPE *single; + } value; + } X509_ATTRIBUTE; + +DECLARE_STACK_OF(X509_ATTRIBUTE) +DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) typedef struct X509_req_info_st { @@ -191,7 +205,7 @@ typedef struct X509_req_info_st X509_NAME *subject; X509_PUBKEY *pubkey; /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ + STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ int req_kludge; } X509_REQ_INFO; @@ -214,7 +228,7 @@ typedef struct x509_cinf_st X509_PUBKEY *key; ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK /* X509_EXTENSION */ *extensions; /* [ 3 ] optional in v3 */ + STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ } X509_CINF; typedef struct x509_st @@ -227,14 +241,20 @@ typedef struct x509_st char *name; } X509; +DECLARE_STACK_OF(X509) +DECLARE_ASN1_SET_OF(X509) + typedef struct X509_revoked_st { ASN1_INTEGER *serialNumber; ASN1_UTCTIME *revocationDate; - STACK /* optional X509_EXTENSION */ *extensions; + STACK_OF(X509_EXTENSION) /* optional */ *extensions; int sequence; /* load sequence */ } X509_REVOKED; +DECLARE_STACK_OF(X509_REVOKED) +DECLARE_ASN1_SET_OF(X509_REVOKED) + typedef struct X509_crl_info_st { ASN1_INTEGER *version; @@ -242,8 +262,8 @@ typedef struct X509_crl_info_st X509_NAME *issuer; ASN1_UTCTIME *lastUpdate; ASN1_UTCTIME *nextUpdate; - STACK /* X509_REVOKED */ *revoked; - STACK /* [0] X509_EXTENSION */ *extensions; + STACK_OF(X509_REVOKED) *revoked; + STACK_OF(X509_EXTENSION) /* [0] */ *extensions; } X509_CRL_INFO; typedef struct X509_crl_st @@ -255,17 +275,8 @@ typedef struct X509_crl_st int references; } X509_CRL; -/* a sequence of these are used */ -typedef struct x509_attributes_st - { - ASN1_OBJECT *object; - int set; /* 1 for a set, 0 for a single item (which is wrong) */ - union { - char *ptr; -/* 1 */ STACK /* ASN1_TYPE */ *set; -/* 0 */ ASN1_TYPE *single; - } value; - } X509_ATTRIBUTE; +DECLARE_STACK_OF(X509_CRL) +DECLARE_ASN1_SET_OF(X509_CRL) typedef struct private_key_st { @@ -301,6 +312,8 @@ typedef struct X509_info_st int references; } X509_INFO; + +DECLARE_STACK_OF(X509_INFO) #endif /* The next 2 structures and their 8 routines were sent to me by @@ -320,17 +333,55 @@ typedef struct Netscape_spki_st ASN1_BIT_STRING *signature; } NETSCAPE_SPKI; -#ifndef HEADER_BN_H -#define BIGNUM char -#endif +/* Netscape certificate sequence structure */ +typedef struct Netscape_certificate_sequence + { + ASN1_OBJECT *type; + STACK_OF(X509) *certs; + } NETSCAPE_CERT_SEQUENCE; typedef struct CBCParameter_st { unsigned char iv[8]; } CBC_PARAM; -#include "x509_vfy.h" -#include "pkcs7.h" +/* Password based encryption structure */ + +typedef struct PBEPARAM_st { +ASN1_OCTET_STRING *salt; +ASN1_INTEGER *iter; +} PBEPARAM; + +/* Password based encryption V2 structures */ + +typedef struct PBE2PARAM_st { +X509_ALGOR *keyfunc; +X509_ALGOR *encryption; +} PBE2PARAM; + +typedef struct PBKDF2PARAM_st { +ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ +ASN1_INTEGER *iter; +ASN1_INTEGER *keylength; +X509_ALGOR *prf; +} PBKDF2PARAM; + + +/* PKCS#8 private key info structure */ + +typedef struct pkcs8_priv_key_info_st + { + int broken; /* Flag for various broken formats */ +#define PKCS8_OK 0 +#define PKCS8_NO_OCTET 1 + ASN1_INTEGER *version; + X509_ALGOR *pkeyalg; + ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ + STACK_OF(X509_ATTRIBUTE) *attributes; + } PKCS8_PRIV_KEY_INFO; + +#include <openssl/x509_vfy.h> +#include <openssl/pkcs7.h> #ifdef SSLEAY_MACROS #define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ @@ -355,6 +406,9 @@ typedef struct CBCParameter_st #define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ (char *(*)())d2i_X509,(char *)x509) +#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ + (int (*)())i2d_X509_ATTRIBUTE, \ + (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) #define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ (int (*)())i2d_X509_EXTENSION, \ (char *(*)())d2i_X509_EXTENSION,(char *)ex) @@ -442,6 +496,9 @@ typedef struct CBCParameter_st #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ (unsigned char *)dsa) +#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ + (char *(*)())d2i_X509_ALGOR,(char *)xn) + #define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ (char *(*)())d2i_X509_NAME,(char *)xn) #define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ @@ -453,10 +510,12 @@ typedef struct CBCParameter_st ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) #define X509_NAME_digest(data,type,md,len) \ ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) +#ifndef PKCS7_ISSUER_AND_SERIAL_digest #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ (char *)data,md,len) #endif +#endif #define X509_EXT_PACK_UNKNOWN 1 #define X509_EXT_PACK_STRING 2 @@ -472,25 +531,31 @@ typedef struct CBCParameter_st #define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) #define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) +#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) +#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) +#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) +#define X509_CRL_get_issuer(x) ((x)->crl->issuer) +#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) + /* This one is only used so that a binary form can output, as in * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ #define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) -#ifndef NOPROTO + +const char *X509_verify_cert_error_string(long n); #ifndef SSLEAY_MACROS #ifdef HEADER_ENVELOPE_H int X509_verify(X509 *a, EVP_PKEY *r); -char *X509_verify_cert_error_string(long n); int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); -int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md); -int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md); -int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md); -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md); +int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); +int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); +int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); +int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len); int X509_NAME_digest(X509_NAME *data,EVP_MD *type, @@ -498,55 +563,77 @@ int X509_NAME_digest(X509_NAME *data,EVP_MD *type, #endif #ifndef NO_FP_API -X509 *d2i_X509_fp(FILE *fp, X509 *x509); +X509 *d2i_X509_fp(FILE *fp, X509 **x509); int i2d_X509_fp(FILE *fp,X509 *x509); -X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl); +X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req); +X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa); +#ifndef NO_RSA +RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa); +RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); #endif +#ifndef NO_DSA +DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); +int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); +X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); +int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, + PKCS8_PRIV_KEY_INFO **p8inf); +int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); +#endif +#endif #ifdef HEADER_BIO_H -X509 *d2i_X509_bio(BIO *bp,X509 *x509); +X509 *d2i_X509_bio(BIO *bp,X509 **x509); int i2d_X509_bio(BIO *bp,X509 *x509); -X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl); +X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req); +X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa); +#ifndef NO_RSA +RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa); +RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); #endif +#ifndef NO_DSA +DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); +int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); +#endif +X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); +int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, + PKCS8_PRIV_KEY_INFO **p8inf); +int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); +#endif X509 *X509_dup(X509 *x509); +X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); X509_CRL *X509_CRL_dup(X509_CRL *crl); X509_REQ *X509_REQ_dup(X509_REQ *req); +X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); X509_NAME *X509_NAME_dup(X509_NAME *xn); X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); +#ifndef NO_RSA RSA *RSAPublicKey_dup(RSA *rsa); RSA *RSAPrivateKey_dup(RSA *rsa); +#endif #endif /* !SSLEAY_MACROS */ int X509_cmp_current_time(ASN1_UTCTIME *s); ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj); -char * X509_get_default_cert_area(void ); -char * X509_get_default_cert_dir(void ); -char * X509_get_default_cert_file(void ); -char * X509_get_default_cert_dir_env(void ); -char * X509_get_default_cert_file_env(void ); -char * X509_get_default_private_dir(void ); +const char * X509_get_default_cert_area(void ); +const char * X509_get_default_cert_dir(void ); +const char * X509_get_default_cert_file(void ); +const char * X509_get_default_cert_dir_env(void ); +const char * X509_get_default_cert_file_env(void ); +const char * X509_get_default_private_dir(void ); X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md); X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); @@ -571,7 +658,8 @@ X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, long length); int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain); +int X509_get_pubkey_parameters(EVP_PKEY *pkey, + STACK_OF(X509) *chain); X509_SIG * X509_SIG_new(void ); @@ -595,6 +683,8 @@ void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, long length); +X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); + X509_EXTENSION *X509_EXTENSION_new(void ); void X509_EXTENSION_free(X509_EXTENSION *a); @@ -658,6 +748,12 @@ int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, long length); + +int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); +NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); +NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); +void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); + #ifdef HEADER_ENVELOPE_H X509_INFO * X509_INFO_new(void); void X509_INFO_free(X509_INFO *a); @@ -671,7 +767,7 @@ int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data, int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, - char *data,EVP_PKEY *pkey, EVP_MD *type); + char *data,EVP_PKEY *pkey, const EVP_MD *type); #endif int X509_set_version(X509 *x,long version); @@ -709,12 +805,14 @@ unsigned long X509_NAME_hash(X509_NAME *x); int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); #ifndef NO_FP_API int X509_print_fp(FILE *bp,X509 *x); +int X509_CRL_print_fp(FILE *bp,X509_CRL *x); int X509_REQ_print_fp(FILE *bp,X509_REQ *req); #endif #ifdef HEADER_BIO_H int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); int X509_print(BIO *bp,X509 *x); +int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print(BIO *bp,X509_REQ *req); #endif @@ -745,18 +843,17 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); -int X509v3_get_ext_count(STACK *x); -int X509v3_get_ext_by_NID(STACK *x, int nid, int lastpos); -int X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int lastpos); -int X509v3_get_ext_by_critical(STACK *x, int crit, int lastpos); -X509_EXTENSION *X509v3_get_ext(STACK *x, int loc); -X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc); -STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc); - -int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj); -int X509v3_data_type_by_NID(int nid); -int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj); -int X509v3_pack_type_by_NID(int nid); +int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); +int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, + int nid, int lastpos); +int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, + ASN1_OBJECT *obj,int lastpos); +int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, + int crit, int lastpos); +X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); +X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); +STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, + X509_EXTENSION *ex, int loc); int X509_get_ext_count(X509 *x); int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); @@ -793,311 +890,49 @@ int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); int X509_EXTENSION_get_critical(X509_EXTENSION *ex); -ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type, - unsigned char *bytes, int len); -ASN1_STRING * X509v3_unpack_string(ASN1_STRING **ex,int type, - ASN1_OCTET_STRING *os); int X509_verify_cert(X509_STORE_CTX *ctx); /* lookup a cert from a X509 STACK */ -X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name, - ASN1_INTEGER *serial); -X509 *X509_find_by_subject(STACK *sk,X509_NAME *name); - -#else - -#ifndef SSLEAY_MACROS -#ifdef HEADER_ENVELOPE_H -int X509_verify(); -int X509_REQ_verify(); -int X509_CRL_verify(); -int NETSCAPE_SPKI_verify(); - -int X509_sign(); -int X509_REQ_sign(); -int X509_CRL_sign(); -int NETSCAPE_SPKI_sign(); - -int X509_digest(); -int X509_NAME_digest(); -#endif - -#ifndef NO_FP_API -X509 *d2i_X509_fp(); -int i2d_X509_fp(); -X509_CRL *d2i_X509_CRL_fp(); -int i2d_X509_CRL_fp(); -X509_REQ *d2i_X509_REQ_fp(); -int i2d_X509_REQ_fp(); -RSA *d2i_RSAPrivateKey_fp(); -int i2d_RSAPrivateKey_fp(); -DSA *d2i_DSAPrivateKey_fp(); -int i2d_DSAPrivateKey_fp(); -RSA *d2i_RSAPublicKey_fp(); -int i2d_RSAPublicKey_fp(); -#endif - -X509 *d2i_X509_bio(); -int i2d_X509_bio(); -X509_CRL *d2i_X509_CRL_bio(); -int i2d_X509_CRL_bio(); -X509_REQ *d2i_X509_REQ_bio(); -int i2d_X509_REQ_bio(); -RSA *d2i_RSAPrivateKey_bio(); -int i2d_RSAPrivateKey_bio(); -DSA *d2i_DSAPrivateKey_bio(); -int i2d_DSAPrivateKey_bio(); -RSA *d2i_RSAPublicKey_bio(); -int i2d_RSAPublicKey_bio(); - -X509 *X509_dup(); -X509_EXTENSION *X509_EXTENSION_dup(); -X509_CRL *X509_CRL_dup(); -X509_REQ *X509_REQ_dup(); -X509_NAME *X509_NAME_dup(); -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(); -RSA *RSAPublicKey_dup(); -RSA *RSAPrivateKey_dup(); - -#endif /* !SSLEAY_MACROS */ - -int X509_cmp_current_time(); -ASN1_UTCTIME * X509_gmtime_adj(); - -char * X509_get_default_cert_area(); -char * X509_get_default_cert_dir(); -char * X509_get_default_cert_file(); -char * X509_get_default_cert_dir_env(); -char * X509_get_default_cert_file_env(); -char * X509_get_default_private_dir(); - -X509_REQ * X509_to_X509_REQ(); -X509 * X509_REQ_to_X509(); -void ERR_load_X509_strings(); - -X509_ALGOR * X509_ALGOR_new(); -void X509_ALGOR_free(); -int i2d_X509_ALGOR(); -X509_ALGOR * d2i_X509_ALGOR(); - -X509_VAL * X509_VAL_new(); -void X509_VAL_free(); -int i2d_X509_VAL(); -X509_VAL * d2i_X509_VAL(); - -X509_PUBKEY * X509_PUBKEY_new(); -void X509_PUBKEY_free(); -int i2d_X509_PUBKEY(); -X509_PUBKEY * d2i_X509_PUBKEY(); -int X509_PUBKEY_set(); -EVP_PKEY * X509_PUBKEY_get(); -int X509_get_pubkey_parameters(); - -X509_SIG * X509_SIG_new(); -void X509_SIG_free(); -int i2d_X509_SIG(); -X509_SIG * d2i_X509_SIG(); - -X509_REQ_INFO *X509_REQ_INFO_new(); -void X509_REQ_INFO_free(); -int i2d_X509_REQ_INFO(); -X509_REQ_INFO *d2i_X509_REQ_INFO(); - -X509_REQ * X509_REQ_new(); -void X509_REQ_free(); -int i2d_X509_REQ(); -X509_REQ * d2i_X509_REQ(); - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(); -void X509_ATTRIBUTE_free(); -int i2d_X509_ATTRIBUTE(); -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(); - -X509_EXTENSION *X509_EXTENSION_new(); -void X509_EXTENSION_free(); -int i2d_X509_EXTENSION(); -X509_EXTENSION *d2i_X509_EXTENSION(); - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(); -void X509_NAME_ENTRY_free(); -int i2d_X509_NAME_ENTRY(); -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(); - -X509_NAME * X509_NAME_new(); -void X509_NAME_free(); -int i2d_X509_NAME(); -X509_NAME * d2i_X509_NAME(); -int X509_NAME_set(); - - -X509_CINF * X509_CINF_new(); -void X509_CINF_free(); -int i2d_X509_CINF(); -X509_CINF * d2i_X509_CINF(); - -X509 * X509_new(); -void X509_free(); -int i2d_X509(); -X509 * d2i_X509(); - -X509_REVOKED * X509_REVOKED_new(); -void X509_REVOKED_free(); -int i2d_X509_REVOKED(); -X509_REVOKED * d2i_X509_REVOKED(); - -X509_CRL_INFO *X509_CRL_INFO_new(); -void X509_CRL_INFO_free(); -int i2d_X509_CRL_INFO(); -X509_CRL_INFO *d2i_X509_CRL_INFO(); - -X509_CRL * X509_CRL_new(); -void X509_CRL_free(); -int i2d_X509_CRL(); -X509_CRL * d2i_X509_CRL(); - -X509_PKEY * X509_PKEY_new(); -void X509_PKEY_free(); -int i2d_X509_PKEY(); -X509_PKEY * d2i_X509_PKEY(); - -NETSCAPE_SPKI * NETSCAPE_SPKI_new(); -void NETSCAPE_SPKI_free(); -int i2d_NETSCAPE_SPKI(); -NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(); - -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(); -void NETSCAPE_SPKAC_free(); -int i2d_NETSCAPE_SPKAC(); -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(); - -#ifdef HEADER_ENVELOPE_H -X509_INFO * X509_INFO_new(); -void X509_INFO_free(); -#endif - -char * X509_NAME_oneline(); - -int ASN1_verify(); -int ASN1_digest(); -int ASN1_sign(); - -int X509_set_version(); -int X509_set_serialNumber(); -ASN1_INTEGER * X509_get_serialNumber(); -int X509_set_issuer_name(); -X509_NAME * X509_get_issuer_name(); -int X509_set_subject_name(); -X509_NAME * X509_get_subject_name(); -int X509_set_notBefore(); -int X509_set_notAfter(); -int X509_set_pubkey(); -EVP_PKEY * X509_get_pubkey(); -int X509_certificate_type(); - -int X509_REQ_set_version(); -int X509_REQ_set_subject_name(); -int X509_REQ_set_pubkey(); -EVP_PKEY * X509_REQ_get_pubkey(); - -int X509_check_private_key(); - -int X509_issuer_and_serial_cmp(); -unsigned long X509_issuer_and_serial_hash(); - -int X509_issuer_name_cmp(); -unsigned long X509_issuer_name_hash(); - -int X509_subject_name_cmp(); -unsigned long X509_subject_name_hash(); - -int X509_NAME_cmp (); -unsigned long X509_NAME_hash(); - -int X509_CRL_cmp(); -#ifndef NO_FP_API -int X509_print_fp(); -int X509_REQ_print_fp(); -#endif - -int X509_NAME_print(); -int X509_print(); -int X509_REQ_print(); - -int X509_NAME_entry_count(); -int X509_NAME_get_text_by_NID(); -int X509_NAME_get_text_by_OBJ(); - -int X509_NAME_get_index_by_NID(); -int X509_NAME_get_index_by_OBJ(); -X509_NAME_ENTRY *X509_NAME_get_entry(); -X509_NAME_ENTRY *X509_NAME_delete_entry(); -int X509_NAME_add_entry(); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(); -int X509_NAME_ENTRY_set_object(); -int X509_NAME_ENTRY_set_data(); -ASN1_OBJECT * X509_NAME_ENTRY_get_object(); -ASN1_STRING * X509_NAME_ENTRY_get_data(); - -int X509v3_get_ext_count(); -int X509v3_get_ext_by_NID(); -int X509v3_get_ext_by_OBJ(); -int X509v3_get_ext_by_critical(); -X509_EXTENSION *X509v3_get_ext(); -X509_EXTENSION *X509v3_delete_ext(); -STACK * X509v3_add_ext(); - -int X509v3_data_type_by_OBJ(); -int X509v3_data_type_by_NID(); -int X509v3_pack_type_by_OBJ(); -int X509v3_pack_type_by_NID(); - -int X509_get_ext_count(); -int X509_get_ext_by_NID(); -int X509_get_ext_by_OBJ(); -int X509_get_ext_by_critical(); -X509_EXTENSION *X509_get_ext(); -X509_EXTENSION *X509_delete_ext(); -int X509_add_ext(); - -int X509_CRL_get_ext_count(); -int X509_CRL_get_ext_by_NID(); -int X509_CRL_get_ext_by_OBJ(); -int X509_CRL_get_ext_by_critical(); -X509_EXTENSION *X509_CRL_get_ext(); -X509_EXTENSION *X509_CRL_delete_ext(); -int X509_CRL_add_ext(); - -int X509_REVOKED_get_ext_count(); -int X509_REVOKED_get_ext_by_NID(); -int X509_REVOKED_get_ext_by_OBJ(); -int X509_REVOKED_get_ext_by_critical(); -X509_EXTENSION *X509_REVOKED_get_ext(); -X509_EXTENSION *X509_REVOKED_delete_ext(); -int X509_REVOKED_add_ext(); - -X509_EXTENSION *X509_EXTENSION_create_by_NID(); -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(); -int X509_EXTENSION_set_object(); -int X509_EXTENSION_set_critical(); -int X509_EXTENSION_set_data(); -ASN1_OBJECT * X509_EXTENSION_get_object(); -ASN1_OCTET_STRING *X509_EXTENSION_get_data(); -int X509_EXTENSION_get_critical(); -ASN1_OCTET_STRING *X509v3_pack_string(); -ASN1_STRING * X509v3_unpack_string(); - -int X509_verify_cert(); -char * X509_verify_cert_error_string(); - -/* lookup a cert from a X509 STACK */ -X509 *X509_find_by_issuer_and_serial(); -X509 *X509_find_by_subject(); - -#endif +X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, + ASN1_INTEGER *serial); +X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); + +int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp); +PBEPARAM *PBEPARAM_new(void); +PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length); +void PBEPARAM_free(PBEPARAM *a); +X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); +X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, + unsigned char *salt, int saltlen); + +int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp); +PBKDF2PARAM *PBKDF2PARAM_new(void); +PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length); +void PBKDF2PARAM_free(PBKDF2PARAM *a); + +int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp); +PBE2PARAM *PBE2PARAM_new(void); +PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length); +void PBE2PARAM_free(PBE2PARAM *a); + +/* PKCS#8 utilities */ + +int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp); +PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, + unsigned char **pp, long length); +void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); + +EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); +PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); +PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); /* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ + /* Error codes for the X509 functions. */ /* Function codes. */ @@ -1106,9 +941,7 @@ X509 *X509_find_by_subject(); #define X509_F_DIR_CTRL 102 #define X509_F_GET_CERT_BY_SUBJECT 103 #define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509V3_ADD_EXTENSION 105 -#define X509_F_X509V3_PACK_STRING 106 -#define X509_F_X509V3_UNPACK_STRING 107 +#define X509_F_X509_CHECK_PRIVATE_KEY 128 #define X509_F_X509_EXTENSION_CREATE_BY_NID 108 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 #define X509_F_X509_GET_PUBKEY_PARAMETERS 110 @@ -1132,19 +965,23 @@ X509 *X509_find_by_subject(); /* Reason codes. */ #define X509_R_BAD_X509_FILETYPE 100 +#define X509_R_CANT_CHECK_DH_KEY 114 #define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 #define X509_R_ERR_ASN1_LIB 102 +#define X509_R_INVALID_DIRECTORY 113 +#define X509_R_KEY_TYPE_MISMATCH 115 +#define X509_R_KEY_VALUES_MISMATCH 116 #define X509_R_LOADING_CERT_DIR 103 #define X509_R_LOADING_DEFAULTS 104 #define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 #define X509_R_SHOULD_RETRY 106 #define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 +#define X509_R_UNKNOWN_KEY_TYPE 117 #define X509_R_UNKNOWN_NID 109 -#define X509_R_UNKNOWN_STRING_TYPE 110 #define X509_R_UNSUPPORTED_ALGORITHM 111 #define X509_R_WRONG_LOOKUP_TYPE 112 - + #ifdef __cplusplus } #endif diff --git a/lib/libcrypto/x509/x509_cmp.c b/lib/libcrypto/x509/x509_cmp.c index f9d9510ac50..9a93bae3ff3 100644 --- a/lib/libcrypto/x509/x509_cmp.c +++ b/lib/libcrypto/x509/x509_cmp.c @@ -60,13 +60,11 @@ #include <sys/types.h> #include <sys/stat.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/x509.h> -int X509_issuer_and_serial_cmp(a,b) -X509 *a; -X509 *b; +int X509_issuer_and_serial_cmp(X509 *a, X509 *b) { int i; X509_CINF *ai,*bi; @@ -79,8 +77,7 @@ X509 *b; } #ifndef NO_MD5 -unsigned long X509_issuer_and_serial_hash(a) -X509 *a; +unsigned long X509_issuer_and_serial_hash(X509 *a) { unsigned long ret=0; MD5_CTX ctx; @@ -101,70 +98,59 @@ X509 *a; } #endif -int X509_issuer_name_cmp(a, b) -X509 *a; -X509 *b; +int X509_issuer_name_cmp(X509 *a, X509 *b) { return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); } -int X509_subject_name_cmp(a, b) -X509 *a; -X509 *b; +int X509_subject_name_cmp(X509 *a, X509 *b) { return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); } -int X509_CRL_cmp(a, b) -X509_CRL *a; -X509_CRL *b; +int X509_CRL_cmp(X509_CRL *a, X509_CRL *b) { return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); } -X509_NAME *X509_get_issuer_name(a) -X509 *a; +X509_NAME *X509_get_issuer_name(X509 *a) { return(a->cert_info->issuer); } -unsigned long X509_issuer_name_hash(x) -X509 *x; +unsigned long X509_issuer_name_hash(X509 *x) { return(X509_NAME_hash(x->cert_info->issuer)); } -X509_NAME *X509_get_subject_name(a) -X509 *a; +X509_NAME *X509_get_subject_name(X509 *a) { return(a->cert_info->subject); } -ASN1_INTEGER *X509_get_serialNumber(a) -X509 *a; +ASN1_INTEGER *X509_get_serialNumber(X509 *a) { return(a->cert_info->serialNumber); } -unsigned long X509_subject_name_hash(x) -X509 *x; +unsigned long X509_subject_name_hash(X509 *x) { return(X509_NAME_hash(x->cert_info->subject)); } -int X509_NAME_cmp(a, b) -X509_NAME *a; -X509_NAME *b; +int X509_NAME_cmp(X509_NAME *a, X509_NAME *b) { int i,j; X509_NAME_ENTRY *na,*nb; - if (sk_num(a->entries) != sk_num(b->entries)) - return(sk_num(a->entries)-sk_num(b->entries)); - for (i=sk_num(a->entries)-1; i>=0; i--) + if (sk_X509_NAME_ENTRY_num(a->entries) + != sk_X509_NAME_ENTRY_num(b->entries)) + return sk_X509_NAME_ENTRY_num(a->entries) + -sk_X509_NAME_ENTRY_num(b->entries); + for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) { - na=(X509_NAME_ENTRY *)sk_value(a->entries,i); - nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); + na=sk_X509_NAME_ENTRY_value(a->entries,i); + nb=sk_X509_NAME_ENTRY_value(b->entries,i); j=na->value->length-nb->value->length; if (j) return(j); j=memcmp(na->value->data,nb->value->data, @@ -177,10 +163,10 @@ X509_NAME *b; /* We will check the object types after checking the values * since the values will more often be different than the object * types. */ - for (i=sk_num(a->entries)-1; i>=0; i--) + for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) { - na=(X509_NAME_ENTRY *)sk_value(a->entries,i); - nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); + na=sk_X509_NAME_ENTRY_value(a->entries,i); + nb=sk_X509_NAME_ENTRY_value(b->entries,i); j=OBJ_cmp(na->object,nb->object); if (j) return(j); } @@ -190,8 +176,7 @@ X509_NAME *b; #ifndef NO_MD5 /* I now DER encode the name and hash it. Since I cache the DER encoding, * this is reasonably effiecent. */ -unsigned long X509_NAME_hash(x) -X509_NAME *x; +unsigned long X509_NAME_hash(X509_NAME *x) { unsigned long ret=0; unsigned char md[16]; @@ -217,10 +202,8 @@ X509_NAME *x; #endif /* Search a stack of X509 for a match */ -X509 *X509_find_by_issuer_and_serial(sk,name,serial) -STACK *sk; -X509_NAME *name; -ASN1_INTEGER *serial; +X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, + ASN1_INTEGER *serial) { int i; X509_CINF cinf; @@ -230,28 +213,81 @@ ASN1_INTEGER *serial; cinf.serialNumber=serial; cinf.issuer=name; - for (i=0; i<sk_num(sk); i++) + for (i=0; i<sk_X509_num(sk); i++) { - x509=(X509 *)sk_value(sk,i); + x509=sk_X509_value(sk,i); if (X509_issuer_and_serial_cmp(x509,&x) == 0) return(x509); } return(NULL); } -X509 *X509_find_by_subject(sk,name) -STACK *sk; -X509_NAME *name; +X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) { X509 *x509; int i; - for (i=0; i<sk_num(sk); i++) + for (i=0; i<sk_X509_num(sk); i++) { - x509=(X509 *)sk_value(sk,i); + x509=sk_X509_value(sk,i); if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0) return(x509); } return(NULL); } +EVP_PKEY *X509_get_pubkey(X509 *x) + { + if ((x == NULL) || (x->cert_info == NULL)) + return(NULL); + return(X509_PUBKEY_get(x->cert_info->key)); + } + +int X509_check_private_key(X509 *x, EVP_PKEY *k) + { + EVP_PKEY *xk=NULL; + int ok=0; + + xk=X509_get_pubkey(x); + if (xk->type != k->type) + { + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); + goto err; + } + switch (k->type) + { +#ifndef NO_RSA + case EVP_PKEY_RSA: + if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0 + || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) + { + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); + goto err; + } + break; +#endif +#ifndef NO_DSA + case EVP_PKEY_DSA: + if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) + { + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); + goto err; + } + break; +#endif +#ifndef NO_DH + case EVP_PKEY_DH: + /* No idea */ + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); + goto err; +#endif + default: + X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); + goto err; + } + + ok=1; +err: + EVP_PKEY_free(xk); + return(ok); + } diff --git a/lib/libcrypto/x509/x509_d2.c b/lib/libcrypto/x509/x509_d2.c index 01e22f4cb42..3e7ec5b4326 100644 --- a/lib/libcrypto/x509/x509_d2.c +++ b/lib/libcrypto/x509/x509_d2.c @@ -60,12 +60,11 @@ #include <sys/types.h> #include <sys/stat.h> #include "cryptlib.h" -#include "crypto.h" -#include "x509.h" +#include <openssl/crypto.h> +#include <openssl/x509.h> #ifndef NO_STDIO -int X509_STORE_set_default_paths(ctx) -X509_STORE *ctx; +int X509_STORE_set_default_paths(X509_STORE *ctx) { X509_LOOKUP *lookup; @@ -83,10 +82,8 @@ X509_STORE *ctx; return(1); } -int X509_STORE_load_locations(ctx,file,path) -X509_STORE *ctx; -char *file; -char *path; +int X509_STORE_load_locations(X509_STORE *ctx, const char *file, + const char *path) { X509_LOOKUP *lookup; diff --git a/lib/libcrypto/x509/x509_def.c b/lib/libcrypto/x509/x509_def.c index d9ab39b15af..c4bee715698 100644 --- a/lib/libcrypto/x509/x509_def.c +++ b/lib/libcrypto/x509/x509_def.c @@ -60,24 +60,24 @@ #include <sys/types.h> #include <sys/stat.h> #include "cryptlib.h" -#include "crypto.h" -#include "x509.h" +#include <openssl/crypto.h> +#include <openssl/x509.h> -char *X509_get_default_private_dir() +const char *X509_get_default_private_dir(void) { return(X509_PRIVATE_DIR); } -char *X509_get_default_cert_area() +const char *X509_get_default_cert_area(void) { return(X509_CERT_AREA); } -char *X509_get_default_cert_dir() +const char *X509_get_default_cert_dir(void) { return(X509_CERT_DIR); } -char *X509_get_default_cert_file() +const char *X509_get_default_cert_file(void) { return(X509_CERT_FILE); } -char *X509_get_default_cert_dir_env() +const char *X509_get_default_cert_dir_env(void) { return(X509_CERT_DIR_EVP); } -char *X509_get_default_cert_file_env() +const char *X509_get_default_cert_file_env(void) { return(X509_CERT_FILE_EVP); } diff --git a/lib/libcrypto/x509/x509_err.c b/lib/libcrypto/x509/x509_err.c index 9304721612f..9afd4ccde5f 100644 --- a/lib/libcrypto/x509/x509_err.c +++ b/lib/libcrypto/x509/x509_err.c @@ -1,63 +1,65 @@ -/* lib/x509/x509_err.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* crypto/x509/x509_err.c */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file. + */ + #include <stdio.h> -#include "err.h" -#include "x509.h" +#include <openssl/err.h> +#include <openssl/x509.h> /* BEGIN ERROR CODES */ #ifndef NO_ERR @@ -68,14 +70,12 @@ static ERR_STRING_DATA X509_str_functs[]= {ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, {ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, {ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, -{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"}, -{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"}, -{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"}, +{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"}, {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, {ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, -{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_LOAD_CERT_FILE"}, -{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_LOAD_CRL_FILE"}, +{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"}, +{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"}, {ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, {ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, {ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, @@ -87,39 +87,43 @@ static ERR_STRING_DATA X509_str_functs[]= {ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, {ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, {ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, -{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_ADD_CERT"}, -{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_ADD_CRL"}, +{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"}, +{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"}, {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, -{0,NULL}, +{0,NULL} }; static ERR_STRING_DATA X509_str_reasons[]= { {X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, +{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"}, {X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, {X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, +{X509_R_INVALID_DIRECTORY ,"invalid directory"}, +{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, +{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, {X509_R_LOADING_CERT_DIR ,"loading cert dir"}, {X509_R_LOADING_DEFAULTS ,"loading defaults"}, {X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, {X509_R_SHOULD_RETRY ,"should retry"}, {X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, {X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, +{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"}, {X509_R_UNKNOWN_NID ,"unknown nid"}, -{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"}, {X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, {X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, -{0,NULL}, +{0,NULL} }; #endif -void ERR_load_X509_strings() +void ERR_load_X509_strings(void) { static int init=1; - if (init); - {; + if (init) + { init=0; #ifndef NO_ERR ERR_load_strings(ERR_LIB_X509,X509_str_functs); diff --git a/lib/libcrypto/x509/x509_ext.c b/lib/libcrypto/x509/x509_ext.c index 1d76ecfcfdc..f8565a60b20 100644 --- a/lib/libcrypto/x509/x509_ext.c +++ b/lib/libcrypto/x509/x509_ext.c @@ -57,166 +57,118 @@ */ #include <stdio.h> -#include "stack.h" +#include <openssl/stack.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -int X509_CRL_get_ext_count(x) -X509_CRL *x; +int X509_CRL_get_ext_count(X509_CRL *x) { return(X509v3_get_ext_count(x->crl->extensions)); } -int X509_CRL_get_ext_by_NID(x,nid,lastpos) -X509_CRL *x; -int nid; -int lastpos; +int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos) { return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos)); } -int X509_CRL_get_ext_by_OBJ(x,obj,lastpos) -X509_CRL *x; -ASN1_OBJECT *obj; -int lastpos; +int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos) { return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos)); } -int X509_CRL_get_ext_by_critical(x,crit,lastpos) -X509_CRL *x; -int crit; -int lastpos; +int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos) { return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos)); } -X509_EXTENSION *X509_CRL_get_ext(x,loc) -X509_CRL *x; -int loc; +X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc) { return(X509v3_get_ext(x->crl->extensions,loc)); } -X509_EXTENSION *X509_CRL_delete_ext(x,loc) -X509_CRL *x; -int loc; +X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc) { return(X509v3_delete_ext(x->crl->extensions,loc)); } -int X509_CRL_add_ext(x,ex,loc) -X509_CRL *x; -X509_EXTENSION *ex; -int loc; +int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc) { return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL); } -int X509_get_ext_count(x) -X509 *x; +int X509_get_ext_count(X509 *x) { return(X509v3_get_ext_count(x->cert_info->extensions)); } -int X509_get_ext_by_NID(x,nid,lastpos) -X509 *x; -int nid; -int lastpos; +int X509_get_ext_by_NID(X509 *x, int nid, int lastpos) { return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos)); } -int X509_get_ext_by_OBJ(x,obj,lastpos) -X509 *x; -ASN1_OBJECT *obj; -int lastpos; +int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos) { return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos)); } -int X509_get_ext_by_critical(x,crit,lastpos) -X509 *x; -int crit; -int lastpos; +int X509_get_ext_by_critical(X509 *x, int crit, int lastpos) { return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos)); } -X509_EXTENSION *X509_get_ext(x,loc) -X509 *x; -int loc; +X509_EXTENSION *X509_get_ext(X509 *x, int loc) { return(X509v3_get_ext(x->cert_info->extensions,loc)); } -X509_EXTENSION *X509_delete_ext(x,loc) -X509 *x; -int loc; +X509_EXTENSION *X509_delete_ext(X509 *x, int loc) { return(X509v3_delete_ext(x->cert_info->extensions,loc)); } -int X509_add_ext(x,ex,loc) -X509 *x; -X509_EXTENSION *ex; -int loc; +int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) { return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL); } -int X509_REVOKED_get_ext_count(x) -X509_REVOKED *x; +int X509_REVOKED_get_ext_count(X509_REVOKED *x) { return(X509v3_get_ext_count(x->extensions)); } -int X509_REVOKED_get_ext_by_NID(x,nid,lastpos) -X509_REVOKED *x; -int nid; -int lastpos; +int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos) { return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos)); } -int X509_REVOKED_get_ext_by_OBJ(x,obj,lastpos) -X509_REVOKED *x; -ASN1_OBJECT *obj; -int lastpos; +int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj, + int lastpos) { return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos)); } -int X509_REVOKED_get_ext_by_critical(x,crit,lastpos) -X509_REVOKED *x; -int crit; -int lastpos; +int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos) { return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos)); } -X509_EXTENSION *X509_REVOKED_get_ext(x,loc) -X509_REVOKED *x; -int loc; +X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc) { return(X509v3_get_ext(x->extensions,loc)); } -X509_EXTENSION *X509_REVOKED_delete_ext(x,loc) -X509_REVOKED *x; -int loc; +X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc) { return(X509v3_delete_ext(x->extensions,loc)); } -int X509_REVOKED_add_ext(x,ex,loc) -X509_REVOKED *x; -X509_EXTENSION *ex; -int loc; +int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc) { return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL); } +IMPLEMENT_STACK_OF(X509_EXTENSION) +IMPLEMENT_ASN1_SET_OF(X509_EXTENSION) diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 2c7e10a46e3..18bfecb11ed 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -58,14 +58,13 @@ #include <stdio.h> #include "cryptlib.h" -#include "lhash.h" -#include "x509.h" +#include <openssl/lhash.h> +#include <openssl/x509.h> static STACK *x509_store_meth=NULL; static STACK *x509_store_ctx_meth=NULL; -X509_LOOKUP *X509_LOOKUP_new(method) -X509_LOOKUP_METHOD *method; +X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret; @@ -85,8 +84,7 @@ X509_LOOKUP_METHOD *method; return(ret); } -void X509_LOOKUP_free(ctx) -X509_LOOKUP *ctx; +void X509_LOOKUP_free(X509_LOOKUP *ctx) { if (ctx == NULL) return; if ( (ctx->method != NULL) && @@ -95,8 +93,7 @@ X509_LOOKUP *ctx; Free(ctx); } -int X509_LOOKUP_init(ctx) -X509_LOOKUP *ctx; +int X509_LOOKUP_init(X509_LOOKUP *ctx) { if (ctx->method == NULL) return(0); if (ctx->method->init != NULL) @@ -105,22 +102,17 @@ X509_LOOKUP *ctx; return(1); } -int X509_LOOKUP_shutdown(ctx) -X509_LOOKUP *ctx; +int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) { if (ctx->method == NULL) return(0); - if (ctx->method->init != NULL) + if (ctx->method->shutdown != NULL) return(ctx->method->shutdown(ctx)); else return(1); } -int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret) -X509_LOOKUP *ctx; -int cmd; -char *argc; -long argl; -char **ret; +int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, + char **ret) { if (ctx->method == NULL) return(-1); if (ctx->method->ctrl != NULL) @@ -129,11 +121,8 @@ char **ret; return(1); } -int X509_LOOKUP_by_subject(ctx,type,name,ret) -X509_LOOKUP *ctx; -int type; -X509_NAME *name; -X509_OBJECT *ret; +int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, + X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) return(X509_LU_FAIL); @@ -141,12 +130,8 @@ X509_OBJECT *ret; return(ctx->method->get_by_subject(ctx,type,name,ret)); } -int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret) -X509_LOOKUP *ctx; -int type; -X509_NAME *name; -ASN1_INTEGER *serial; -X509_OBJECT *ret; +int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, + ASN1_INTEGER *serial, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL)) @@ -154,32 +139,23 @@ X509_OBJECT *ret; return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret)); } -int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret) -X509_LOOKUP *ctx; -int type; -unsigned char *bytes; -int len; -X509_OBJECT *ret; +int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, + unsigned char *bytes, int len, X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) return(X509_LU_FAIL); return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret)); } -int X509_LOOKUP_by_alias(ctx,type,str,len,ret) -X509_LOOKUP *ctx; -int type; -char *str; -int len; -X509_OBJECT *ret; +int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len, + X509_OBJECT *ret) { if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) return(X509_LU_FAIL); - return(ctx->method->get_by_alias(ctx,str,len,ret)); + return(ctx->method->get_by_alias(ctx,type,str,len,ret)); } -static unsigned long x509_object_hash(a) -X509_OBJECT *a; +static unsigned long x509_object_hash(X509_OBJECT *a) { unsigned long h; @@ -197,8 +173,7 @@ X509_OBJECT *a; return(h); } -static int x509_object_cmp(a,b) -X509_OBJECT *a,*b; +static int x509_object_cmp(X509_OBJECT *a, X509_OBJECT *b) { int ret; @@ -218,7 +193,7 @@ X509_OBJECT *a,*b; return(ret); } -X509_STORE *X509_STORE_new() +X509_STORE *X509_STORE_new(void) { X509_STORE *ret; @@ -226,16 +201,16 @@ X509_STORE *X509_STORE_new() return(NULL); ret->certs=lh_new(x509_object_hash,x509_object_cmp); ret->cache=1; - ret->get_cert_methods=sk_new_null(); + ret->get_cert_methods=sk_X509_LOOKUP_new_null(); ret->verify=NULL; ret->verify_cb=NULL; memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA)); ret->references=1; + ret->depth=0; return(ret); } -static void cleanup(a) -X509_OBJECT *a; +static void cleanup(X509_OBJECT *a) { if (a->type == X509_LU_X509) { @@ -251,21 +226,23 @@ X509_OBJECT *a; Free(a); } -void X509_STORE_free(vfy) -X509_STORE *vfy; +void X509_STORE_free(X509_STORE *vfy) { int i; - STACK *sk; + STACK_OF(X509_LOOKUP) *sk; X509_LOOKUP *lu; + if(vfy == NULL) + return; + sk=vfy->get_cert_methods; - for (i=0; i<sk_num(sk); i++) + for (i=0; i<sk_X509_LOOKUP_num(sk); i++) { - lu=(X509_LOOKUP *)sk_value(sk,i); + lu=sk_X509_LOOKUP_value(sk,i); X509_LOOKUP_shutdown(lu); X509_LOOKUP_free(lu); } - sk_free(sk); + sk_X509_LOOKUP_free(sk); CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data); lh_doall(vfy->certs,cleanup); @@ -273,18 +250,16 @@ X509_STORE *vfy; Free(vfy); } -X509_LOOKUP *X509_STORE_add_lookup(v,m) -X509_STORE *v; -X509_LOOKUP_METHOD *m; +X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { int i; - STACK *sk; + STACK_OF(X509_LOOKUP) *sk; X509_LOOKUP *lu; sk=v->get_cert_methods; - for (i=0; i<sk_num(sk); i++) + for (i=0; i<sk_X509_LOOKUP_num(sk); i++) { - lu=(X509_LOOKUP *)sk_value(sk,i); + lu=sk_X509_LOOKUP_value(sk,i); if (m == lu->method) { return(lu); @@ -297,7 +272,7 @@ X509_LOOKUP_METHOD *m; else { lu->store_ctx=v; - if (sk_push(v->get_cert_methods,(char *)lu)) + if (sk_X509_LOOKUP_push(v->get_cert_methods,lu)) return(lu); else { @@ -307,24 +282,21 @@ X509_LOOKUP_METHOD *m; } } -int X509_STORE_get_by_subject(vs,type,name,ret) -X509_STORE_CTX *vs; -int type; -X509_NAME *name; -X509_OBJECT *ret; +int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, + X509_OBJECT *ret) { X509_STORE *ctx=vs->ctx; X509_LOOKUP *lu; X509_OBJECT stmp,*tmp; int i,j; - tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name); + tmp=X509_OBJECT_retrieve_by_subject(ctx->certs,type,name); if (tmp == NULL) { - for (i=vs->current_method; i<sk_num(ctx->get_cert_methods); i++) + for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) { - lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i); + lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i); j=X509_LOOKUP_by_subject(lu,type,name,&stmp); if (j < 0) { @@ -353,8 +325,7 @@ X509_OBJECT *ret; return(1); } -void X509_OBJECT_up_ref_count(a) -X509_OBJECT *a; +void X509_OBJECT_up_ref_count(X509_OBJECT *a) { switch (a->type) { @@ -367,8 +338,7 @@ X509_OBJECT *a; } } -void X509_OBJECT_free_contents(a) -X509_OBJECT *a; +void X509_OBJECT_free_contents(X509_OBJECT *a) { switch (a->type) { @@ -381,10 +351,8 @@ X509_OBJECT *a; } } -X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name) -LHASH *h; -int type; -X509_NAME *name; +X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h, int type, + X509_NAME *name) { X509_OBJECT stmp,*tmp; X509 x509_s; @@ -413,11 +381,8 @@ X509_NAME *name; return(tmp); } -void X509_STORE_CTX_init(ctx,store,x509,chain) -X509_STORE_CTX *ctx; -X509_STORE *store; -X509 *x509; -STACK *chain; +void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, + STACK_OF(X509) *chain) { ctx->ctx=store; ctx->current_method=0; @@ -426,21 +391,21 @@ STACK *chain; ctx->last_untrusted=0; ctx->valid=0; ctx->chain=NULL; - ctx->depth=10; + ctx->depth=9; ctx->error=0; ctx->current_cert=NULL; memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); } -void X509_STORE_CTX_cleanup(ctx) -X509_STORE_CTX *ctx; +void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) { if (ctx->chain != NULL) { - sk_pop_free(ctx->chain,X509_free); + sk_X509_pop_free(ctx->chain,X509_free); ctx->chain=NULL; } CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data)); memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); } +IMPLEMENT_STACK_OF(X509_LOOKUP) diff --git a/lib/libcrypto/x509/x509_obj.c b/lib/libcrypto/x509/x509_obj.c index c0576fd6f6f..691b71f0315 100644 --- a/lib/libcrypto/x509/x509_obj.c +++ b/lib/libcrypto/x509/x509_obj.c @@ -58,27 +58,27 @@ #include <stdio.h> #include "cryptlib.h" -#include "lhash.h" -#include "objects.h" -#include "x509.h" -#include "buffer.h" +#include <openssl/lhash.h> +#include <openssl/objects.h> +#include <openssl/x509.h> +#include <openssl/buffer.h> -char *X509_NAME_oneline(a,buf,len) -X509_NAME *a; -char *buf; -int len; +char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) { X509_NAME_ENTRY *ne; - unsigned int i; +int i; int n,lold,l,l1,l2,num,j,type; - char *s,*p; + const char *s; + char *p; unsigned char *q; BUF_MEM *b=NULL; static char hex[17]="0123456789ABCDEF"; int gs_doit[4]; char tmp_buf[80]; +#ifdef CHARSET_EBCDIC + char ebcdic_buf[1024]; +#endif - if (a == NULL) return("NO X509_NAME"); if (buf == NULL) { if ((b=BUF_MEM_new()) == NULL) goto err; @@ -86,12 +86,22 @@ int len; b->data[0]='\0'; len=200; } + if (a == NULL) + { + if(b) + { + buf=b->data; + Free(b); + } + strncpy(buf,"NO X509_NAME",len); + return buf; + } len--; /* space for '\0' */ l=0; - for (i=0; (int)i<sk_num(a->entries); i++) + for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++) { - ne=(X509_NAME_ENTRY *)sk_value(a->entries,i); + ne=sk_X509_NAME_ENTRY_value(a->entries,i); n=OBJ_obj2nid(ne->object); if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL)) { @@ -103,6 +113,19 @@ int len; type=ne->value->type; num=ne->value->length; q=ne->value->data; +#ifdef CHARSET_EBCDIC + if (type == V_ASN1_GENERALSTRING || + type == V_ASN1_VISIBLESTRING || + type == V_ASN1_PRINTABLESTRING || + type == V_ASN1_TELETEXSTRING || + type == V_ASN1_VISIBLESTRING || + type == V_ASN1_IA5STRING) { + ascii2ebcdic(ebcdic_buf, q, + (num > sizeof ebcdic_buf) + ? sizeof ebcdic_buf : num); + q=ebcdic_buf; + } +#endif if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0)) { @@ -125,7 +148,12 @@ int len; { if (!gs_doit[j&3]) continue; l2++; +#ifndef CHARSET_EBCDIC if ((q[j] < ' ') || (q[j] > '~')) l2+=3; +#else + if ((os_toascii[q[j]] < os_toascii[' ']) || + (os_toascii[q[j]] > os_toascii['~'])) l2+=3; +#endif } lold=l; @@ -145,11 +173,14 @@ int len; memcpy(p,s,(unsigned int)l1); p+=l1; *(p++)='='; +#ifndef CHARSET_EBCDIC /* q was assigned above already. */ q=ne->value->data; +#endif for (j=0; j<num; j++) { if (!gs_doit[j&3]) continue; +#ifndef CHARSET_EBCDIC n=q[j]; if ((n < ' ') || (n > '~')) { @@ -160,13 +191,26 @@ int len; } else *(p++)=n; +#else + n=os_toascii[q[j]]; + if ((n < os_toascii[' ']) || + (n > os_toascii['~'])) + { + *(p++)='\\'; + *(p++)='x'; + *(p++)=hex[(n>>4)&0x0f]; + *(p++)=hex[n&0x0f]; + } + else + *(p++)=q[j]; +#endif } *p='\0'; } if (b != NULL) { p=b->data; - Free((char *)b); + Free(b); } else p=buf; diff --git a/lib/libcrypto/x509/x509_r2x.c b/lib/libcrypto/x509/x509_r2x.c index 6aec2427f78..bb4697ae60d 100644 --- a/lib/libcrypto/x509/x509_r2x.c +++ b/lib/libcrypto/x509/x509_r2x.c @@ -58,22 +58,16 @@ #include <stdio.h> #include "cryptlib.h" -#include "bn.h" -#include "evp.h" -#include "asn1.h" -#include "x509.h" -#include "objects.h" -#include "buffer.h" -#include "pem.h" +#include <openssl/bn.h> +#include <openssl/evp.h> +#include <openssl/asn1.h> +#include <openssl/x509.h> +#include <openssl/objects.h> +#include <openssl/buffer.h> -X509 *X509_REQ_to_X509(r,days,pkey) -X509_REQ *r; -int days; -EVP_PKEY *pkey; +X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) { X509 *ret=NULL; - int er=1; - X509_REQ_INFO *ri=NULL; X509_CINF *xi=NULL; X509_NAME *xn; @@ -84,13 +78,9 @@ EVP_PKEY *pkey; } /* duplicate the request */ - ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO, - (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info); - if (ri == NULL) goto err; - xi=ret->cert_info; - if (sk_num(ri->attributes) != 0) + if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) { if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err; if (!ASN1_INTEGER_set(xi->version,2)) goto err; @@ -109,13 +99,11 @@ EVP_PKEY *pkey; if (!X509_sign(ret,pkey,EVP_md5())) goto err; - er=0; -err: - if (er) + if (0) { +err: X509_free(ret); - X509_REQ_INFO_free(ri); - return(NULL); + ret=NULL; } return(ret); } diff --git a/lib/libcrypto/x509/x509_req.c b/lib/libcrypto/x509/x509_req.c index 5004365bad4..2ef94decd14 100644 --- a/lib/libcrypto/x509/x509_req.c +++ b/lib/libcrypto/x509/x509_req.c @@ -58,22 +58,20 @@ #include <stdio.h> #include "cryptlib.h" -#include "bn.h" -#include "evp.h" -#include "asn1.h" -#include "x509.h" -#include "objects.h" -#include "buffer.h" -#include "pem.h" +#include <openssl/bn.h> +#include <openssl/evp.h> +#include <openssl/asn1.h> +#include <openssl/x509.h> +#include <openssl/objects.h> +#include <openssl/buffer.h> +#include <openssl/pem.h> -X509_REQ *X509_to_X509_REQ(x,pkey,md) -X509 *x; -EVP_PKEY *pkey; -EVP_MD *md; +X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md) { X509_REQ *ret; X509_REQ_INFO *ri; int i; + EVP_PKEY *pktmp; ret=X509_REQ_new(); if (ret == NULL) @@ -92,7 +90,9 @@ EVP_MD *md; if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x))) goto err; - i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x)); + pktmp = X509_get_pubkey(x); + i=X509_REQ_set_pubkey(ret,pktmp); + EVP_PKEY_free(pktmp); if (!i) goto err; if (pkey != NULL) @@ -106,8 +106,7 @@ err: return(NULL); } -EVP_PKEY *X509_REQ_get_pubkey(req) -X509_REQ *req; +EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) { if ((req == NULL) || (req->req_info == NULL)) return(NULL); diff --git a/lib/libcrypto/x509/x509_set.c b/lib/libcrypto/x509/x509_set.c index 5d0a3a0c0e0..5a6f7b414f4 100644 --- a/lib/libcrypto/x509/x509_set.c +++ b/lib/libcrypto/x509/x509_set.c @@ -58,14 +58,12 @@ #include <stdio.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -int X509_set_version(x,version) -X509 *x; -long version; +int X509_set_version(X509 *x, long version) { if (x == NULL) return(0); if (x->cert_info->version == NULL) @@ -76,9 +74,7 @@ long version; return(ASN1_INTEGER_set(x->cert_info->version,version)); } -int X509_set_serialNumber(x,serial) -X509 *x; -ASN1_INTEGER *serial; +int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) { ASN1_INTEGER *in; @@ -96,25 +92,19 @@ ASN1_INTEGER *serial; return(in != NULL); } -int X509_set_issuer_name(x,name) -X509 *x; -X509_NAME *name; +int X509_set_issuer_name(X509 *x, X509_NAME *name) { if ((x == NULL) || (x->cert_info == NULL)) return(0); return(X509_NAME_set(&x->cert_info->issuer,name)); } -int X509_set_subject_name(x,name) -X509 *x; -X509_NAME *name; +int X509_set_subject_name(X509 *x, X509_NAME *name) { if ((x == NULL) || (x->cert_info == NULL)) return(0); return(X509_NAME_set(&x->cert_info->subject,name)); } -int X509_set_notBefore(x,tm) -X509 *x; -ASN1_UTCTIME *tm; +int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm) { ASN1_UTCTIME *in; @@ -132,9 +122,7 @@ ASN1_UTCTIME *tm; return(in != NULL); } -int X509_set_notAfter(x,tm) -X509 *x; -ASN1_UTCTIME *tm; +int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm) { ASN1_UTCTIME *in; @@ -152,9 +140,7 @@ ASN1_UTCTIME *tm; return(in != NULL); } -int X509_set_pubkey(x,pkey) -X509 *x; -EVP_PKEY *pkey; +int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) { if ((x == NULL) || (x->cert_info == NULL)) return(0); return(X509_PUBKEY_set(&(x->cert_info->key),pkey)); diff --git a/lib/libcrypto/x509/x509_txt.c b/lib/libcrypto/x509/x509_txt.c index 408d1c277c5..11a3d2012fb 100644 --- a/lib/libcrypto/x509/x509_txt.c +++ b/lib/libcrypto/x509/x509_txt.c @@ -62,16 +62,14 @@ #include <sys/types.h> #include "cryptlib.h" -#include "lhash.h" -#include "buffer.h" -#include "evp.h" -#include "asn1.h" -#include "x509.h" -#include "objects.h" -#include "pem.h" +#include <openssl/lhash.h> +#include <openssl/buffer.h> +#include <openssl/evp.h> +#include <openssl/asn1.h> +#include <openssl/x509.h> +#include <openssl/objects.h> -char *X509_verify_cert_error_string(n) -long n; +const char *X509_verify_cert_error_string(long n) { static char buf[100]; @@ -121,6 +119,8 @@ long n; return("unable to verify the first certificate"); case X509_V_ERR_CERT_CHAIN_TOO_LONG: return("certificate chain too long"); + case X509_V_ERR_CERT_REVOKED: + return("certificate revoked"); case X509_V_ERR_APPLICATION_VERIFICATION: return("application verification failure"); default: diff --git a/lib/libcrypto/x509/x509_v3.c b/lib/libcrypto/x509/x509_v3.c index 1c03602f0bb..dd2f9f1b177 100644 --- a/lib/libcrypto/x509/x509_v3.c +++ b/lib/libcrypto/x509/x509_v3.c @@ -57,34 +57,21 @@ */ #include <stdio.h> -#include "stack.h" +#include <openssl/stack.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -#ifndef NOPROTO -static X509_EXTENSION_METHOD *find_by_nid(int nid); -static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b); -#else -static X509_EXTENSION_METHOD *find_by_nid(); -static int xem_cmp(); -#endif - -static STACK *extensions=NULL; - -int X509v3_get_ext_count(x) -STACK *x; +int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) { if (x == NULL) return(0); - return(sk_num(x)); + return(sk_X509_EXTENSION_num(x)); } -int X509v3_get_ext_by_NID(x,nid,lastpos) -STACK *x; -int nid; -int lastpos; +int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, + int lastpos) { ASN1_OBJECT *obj; @@ -93,10 +80,8 @@ int lastpos; return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); } -int X509v3_get_ext_by_OBJ(sk,obj,lastpos) -STACK *sk; -ASN1_OBJECT *obj; -int lastpos; +int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj, + int lastpos) { int n; X509_EXTENSION *ex; @@ -105,20 +90,18 @@ int lastpos; lastpos++; if (lastpos < 0) lastpos=0; - n=sk_num(sk); + n=sk_X509_EXTENSION_num(sk); for ( ; lastpos < n; lastpos++) { - ex=(X509_EXTENSION *)sk_value(sk,lastpos); + ex=sk_X509_EXTENSION_value(sk,lastpos); if (OBJ_cmp(ex->object,obj) == 0) return(lastpos); } return(-1); } -int X509v3_get_ext_by_critical(sk,crit,lastpos) -STACK *sk; -int crit; -int lastpos; +int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, + int lastpos) { int n; X509_EXTENSION *ex; @@ -127,10 +110,10 @@ int lastpos; lastpos++; if (lastpos < 0) lastpos=0; - n=sk_num(sk); + n=sk_X509_EXTENSION_num(sk); for ( ; lastpos < n; lastpos++) { - ex=(X509_EXTENSION *)sk_value(sk,lastpos); + ex=sk_X509_EXTENSION_value(sk,lastpos); if ( (ex->critical && crit) || (!ex->critical && !crit)) return(lastpos); @@ -138,52 +121,46 @@ int lastpos; return(-1); } -X509_EXTENSION *X509v3_get_ext(x,loc) -STACK *x; -int loc; +X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc) { - if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) - return(NULL); + if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) + return NULL; else - return((X509_EXTENSION *)sk_value(x,loc)); + return sk_X509_EXTENSION_value(x,loc); } -X509_EXTENSION *X509v3_delete_ext(x,loc) -STACK *x; -int loc; +X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) { X509_EXTENSION *ret; - if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) + if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) return(NULL); - ret=(X509_EXTENSION *)sk_delete(x,loc); + ret=sk_X509_EXTENSION_delete(x,loc); return(ret); } -STACK *X509v3_add_ext(x,ex,loc) -STACK **x; -X509_EXTENSION *ex; -int loc; +STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, + X509_EXTENSION *ex, int loc) { X509_EXTENSION *new_ex=NULL; int n; - STACK *sk=NULL; + STACK_OF(X509_EXTENSION) *sk=NULL; if ((x != NULL) && (*x == NULL)) { - if ((sk=sk_new_null()) == NULL) + if ((sk=sk_X509_EXTENSION_new_null()) == NULL) goto err; } else sk= *x; - n=sk_num(sk); + n=sk_X509_EXTENSION_num(sk); if (loc > n) loc=n; else if (loc < 0) loc=n; if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) goto err2; - if (!sk_insert(sk,(char *)new_ex,loc)) + if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) goto err; if ((x != NULL) && (*x == NULL)) *x=sk; @@ -192,15 +169,12 @@ err: X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); err2: if (new_ex != NULL) X509_EXTENSION_free(new_ex); - if (sk != NULL) sk_free(sk); + if (sk != NULL) sk_X509_EXTENSION_free(sk); return(NULL); } -X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data) -X509_EXTENSION **ex; -int nid; -int crit; -ASN1_OCTET_STRING *data; +X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, + int crit, ASN1_OCTET_STRING *data) { ASN1_OBJECT *obj; X509_EXTENSION *ret; @@ -216,11 +190,8 @@ ASN1_OCTET_STRING *data; return(ret); } -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data) -X509_EXTENSION **ex; -ASN1_OBJECT *obj; -int crit; -ASN1_OCTET_STRING *data; +X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, + ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data) { X509_EXTENSION *ret; @@ -250,9 +221,7 @@ err: return(NULL); } -int X509_EXTENSION_set_object(ex,obj) -X509_EXTENSION *ex; -ASN1_OBJECT *obj; +int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj) { if ((ex == NULL) || (obj == NULL)) return(0); @@ -261,18 +230,14 @@ ASN1_OBJECT *obj; return(1); } -int X509_EXTENSION_set_critical(ex,crit) -X509_EXTENSION *ex; -int crit; +int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) { if (ex == NULL) return(0); ex->critical=(crit)?0xFF:0; return(1); } -int X509_EXTENSION_set_data(ex,data) -X509_EXTENSION *ex; -ASN1_OCTET_STRING *data; +int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data) { int i; @@ -282,128 +247,20 @@ ASN1_OCTET_STRING *data; return(1); } -ASN1_OBJECT *X509_EXTENSION_get_object(ex) -X509_EXTENSION *ex; +ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex) { if (ex == NULL) return(NULL); return(ex->object); } -ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex) -X509_EXTENSION *ex; +ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex) { if (ex == NULL) return(NULL); return(ex->value); } -int X509_EXTENSION_get_critical(ex) -X509_EXTENSION *ex; +int X509_EXTENSION_get_critical(X509_EXTENSION *ex) { if (ex == NULL) return(0); return(ex->critical); } - -int X509v3_data_type_by_OBJ(obj) -ASN1_OBJECT *obj; - { - int nid; - - nid=OBJ_obj2nid(obj); - if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF); - return(X509v3_data_type_by_NID(nid)); - } - -int X509v3_data_type_by_NID(nid) -int nid; - { - X509_EXTENSION_METHOD *x; - - x=find_by_nid(nid); - if (x == NULL) - return(V_ASN1_UNDEF); - else - return(x->data_type); - } - -int X509v3_pack_type_by_OBJ(obj) -ASN1_OBJECT *obj; - { - int nid; - - nid=OBJ_obj2nid(obj); - if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN); - return(X509v3_pack_type_by_NID(nid)); - } - -int X509v3_pack_type_by_NID(nid) -int nid; - { - X509_EXTENSION_METHOD *x; - - x=find_by_nid(nid); - if (x == NULL) - return(X509_EXT_PACK_UNKNOWN); - else - return(x->pack_type); - } - -static X509_EXTENSION_METHOD *find_by_nid(nid) -int nid; - { - X509_EXTENSION_METHOD x; - int i; - - x.nid=nid; - if (extensions == NULL) return(NULL); - i=sk_find(extensions,(char *)&x); - if (i < 0) - return(NULL); - else - return((X509_EXTENSION_METHOD *)sk_value(extensions,i)); - } - -static int xem_cmp(a,b) -X509_EXTENSION_METHOD **a,**b; - { - return((*a)->nid-(*b)->nid); - } - -void X509v3_cleanup_extensions() - { - int i; - - if (extensions != NULL) - { - for (i=0; i<sk_num(extensions); i++) - Free(sk_value(extensions,i)); - sk_free(extensions); - extensions=NULL; - } - } - -int X509v3_add_extension(x) -X509_EXTENSION_METHOD *x; - { - X509_EXTENSION_METHOD *newx; - - if (extensions == NULL) - { - extensions=sk_new(xem_cmp); - if (extensions == NULL) goto err; - } - newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD)); - if (newx == NULL) goto err; - newx->nid=x->nid; - newx->data_type=x->data_type; - newx->pack_type=x->pack_type; - if (!sk_push(extensions,(char *)newx)) - { - Free(newx); - goto err; - } - return(1); -err: - X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE); - return(0); - } - diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index c1be91edba5..c72ee4a3855 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -62,25 +62,19 @@ #include <sys/types.h> #include <sys/stat.h> -#include "crypto.h" +#include <openssl/crypto.h> #include "cryptlib.h" -#include "lhash.h" -#include "buffer.h" -#include "evp.h" -#include "asn1.h" -#include "x509.h" -#include "objects.h" -#include "pem.h" - -#ifndef NOPROTO +#include <openssl/lhash.h> +#include <openssl/buffer.h> +#include <openssl/evp.h> +#include <openssl/asn1.h> +#include <openssl/x509.h> +#include <openssl/objects.h> + static int null_callback(int ok,X509_STORE_CTX *e); static int internal_verify(X509_STORE_CTX *ctx); -#else -static int null_callback(); -static int internal_verify(); -#endif +const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; -char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998"; static STACK *x509_store_ctx_method=NULL; static int x509_store_ctx_num=0; #if 0 @@ -88,23 +82,19 @@ static int x509_store_num=1; static STACK *x509_store_method=NULL; #endif -static int null_callback(ok,e) -int ok; -X509_STORE_CTX *e; +static int null_callback(int ok, X509_STORE_CTX *e) { return(ok); } #if 0 -static int x509_subject_cmp(a,b) -X509 **a,**b; +static int x509_subject_cmp(X509 **a, X509 **b) { return(X509_subject_name_cmp(*a,*b)); } #endif -int X509_verify_cert(ctx) -X509_STORE_CTX *ctx; +int X509_verify_cert(X509_STORE_CTX *ctx) { X509 *x,*xtmp,*chain_ss=NULL; X509_NAME *xn; @@ -112,7 +102,7 @@ X509_STORE_CTX *ctx; int depth,i,ok=0; int num; int (*cb)(); - STACK *sktmp=NULL; + STACK_OF(X509) *sktmp=NULL; if (ctx->cert == NULL) { @@ -127,8 +117,8 @@ X509_STORE_CTX *ctx; * present and that the first entry is in place */ if (ctx->chain == NULL) { - if ( ((ctx->chain=sk_new_null()) == NULL) || - (!sk_push(ctx->chain,(char *)ctx->cert))) + if ( ((ctx->chain=sk_X509_new_null()) == NULL) || + (!sk_X509_push(ctx->chain,ctx->cert))) { X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); goto end; @@ -138,21 +128,26 @@ X509_STORE_CTX *ctx; } /* We use a temporary so we can chop and hack at it */ - if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL) + if (ctx->untrusted != NULL + && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) { X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); goto end; } - num=sk_num(ctx->chain); - x=(X509 *)sk_value(ctx->chain,num-1); + num=sk_X509_num(ctx->chain); + x=sk_X509_value(ctx->chain,num-1); depth=ctx->depth; for (;;) { /* If we have enough, we break */ - if (depth <= num) break; + if (depth < num) break; /* FIXME: If this happens, we should take + * note of it and, if appropriate, use the + * X509_V_ERR_CERT_CHAIN_TOO_LONG error + * code later. + */ /* If we are self signed, we break */ xn=X509_get_issuer_name(x); @@ -165,13 +160,13 @@ X509_STORE_CTX *ctx; xtmp=X509_find_by_subject(sktmp,xn); if (xtmp != NULL) { - if (!sk_push(ctx->chain,(char *)xtmp)) + if (!sk_X509_push(ctx->chain,xtmp)) { X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); goto end; } CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); - sk_delete_ptr(sktmp,(char *)xtmp); + sk_X509_delete_ptr(sktmp,xtmp); ctx->last_untrusted++; x=xtmp; num++; @@ -187,13 +182,13 @@ X509_STORE_CTX *ctx; * certificates. We now need to add at least one trusted one, * if possible, otherwise we complain. */ - i=sk_num(ctx->chain); - x=(X509 *)sk_value(ctx->chain,i-1); + i=sk_X509_num(ctx->chain); + x=sk_X509_value(ctx->chain,i-1); if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x)) == 0) { /* we have a self signed certificate */ - if (sk_num(ctx->chain) == 1) + if (sk_X509_num(ctx->chain) == 1) { ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; ctx->current_cert=x; @@ -204,10 +199,10 @@ X509_STORE_CTX *ctx; else { /* worry more about this one elsewhere */ - chain_ss=(X509 *)sk_pop(ctx->chain); + chain_ss=sk_X509_pop(ctx->chain); ctx->last_untrusted--; num--; - x=(X509 *)sk_value(ctx->chain,num-1); + x=sk_X509_value(ctx->chain,num-1); } } @@ -215,7 +210,7 @@ X509_STORE_CTX *ctx; for (;;) { /* If we have enough, we break */ - if (depth <= num) break; + if (depth < num) break; /* If we are self signed, we break */ xn=X509_get_issuer_name(x); @@ -240,7 +235,7 @@ X509_STORE_CTX *ctx; break; } x=obj.data.x509; - if (!sk_push(ctx->chain,(char *)obj.data.x509)) + if (!sk_X509_push(ctx->chain,obj.data.x509)) { X509_OBJECT_free_contents(&obj); X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); @@ -264,7 +259,7 @@ X509_STORE_CTX *ctx; else { - sk_push(ctx->chain,(char *)chain_ss); + sk_X509_push(ctx->chain,chain_ss); num++; ctx->last_untrusted=num; ctx->current_cert=chain_ss; @@ -285,14 +280,17 @@ X509_STORE_CTX *ctx; ok=ctx->ctx->verify(ctx); else ok=internal_verify(ctx); + if (0) + { end: - if (sktmp != NULL) sk_free(sktmp); + X509_get_pubkey_parameters(NULL,ctx->chain); + } + if (sktmp != NULL) sk_X509_free(sktmp); if (chain_ss != NULL) X509_free(chain_ss); return(ok); } -static int internal_verify(ctx) -X509_STORE_CTX *ctx; +static int internal_verify(X509_STORE_CTX *ctx) { int i,ok=0,n; X509 *xs,*xi; @@ -302,10 +300,10 @@ X509_STORE_CTX *ctx; cb=ctx->ctx->verify_cb; if (cb == NULL) cb=null_callback; - n=sk_num(ctx->chain); + n=sk_X509_num(ctx->chain); ctx->error_depth=n-1; n--; - xi=(X509 *)sk_value(ctx->chain,n); + xi=sk_X509_value(ctx->chain,n); if (X509_NAME_cmp(X509_get_subject_name(xi), X509_get_issuer_name(xi)) == 0) xs=xi; @@ -322,7 +320,7 @@ X509_STORE_CTX *ctx; { n--; ctx->error_depth=n; - xs=(X509 *)sk_value(ctx->chain,n); + xs=sk_X509_value(ctx->chain,n); } } @@ -341,11 +339,13 @@ X509_STORE_CTX *ctx; } if (X509_verify(xs,pkey) <= 0) { + EVP_PKEY_free(pkey); ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->current_cert=xs; ok=(*cb)(0,ctx); if (!ok) goto end; } + EVP_PKEY_free(pkey); pkey=NULL; i=X509_cmp_current_time(X509_get_notBefore(xs)); @@ -394,7 +394,7 @@ X509_STORE_CTX *ctx; if (n >= 0) { xi=xs; - xs=(X509 *)sk_value(ctx->chain,n); + xs=sk_X509_value(ctx->chain,n); } } ok=1; @@ -402,8 +402,7 @@ end: return(ok); } -int X509_cmp_current_time(ctm) -ASN1_UTCTIME *ctm; +int X509_cmp_current_time(ASN1_UTCTIME *ctm) { char *str; ASN1_UTCTIME atm; @@ -434,7 +433,7 @@ ASN1_UTCTIME *ctm; offset=((str[1]-'0')*10+(str[2]-'0'))*60; offset+=(str[3]-'0')*10+(str[4]-'0'); if (*str == '-') - offset=-offset; + offset= -offset; } atm.type=V_ASN1_UTCTIME; atm.length=sizeof(buff2); @@ -443,9 +442,9 @@ ASN1_UTCTIME *ctm; X509_gmtime_adj(&atm,-offset); i=(buff1[0]-'0')*10+(buff1[1]-'0'); - if (i < 70) i+=100; + if (i < 50) i+=100; /* cf. RFC 2459 */ j=(buff2[0]-'0')*10+(buff2[1]-'0'); - if (j < 70) j+=100; + if (j < 50) j+=100; if (i < j) return (-1); if (i > j) return (1); @@ -456,9 +455,7 @@ ASN1_UTCTIME *ctm; return(i); } -ASN1_UTCTIME *X509_gmtime_adj(s, adj) -ASN1_UTCTIME *s; -long adj; +ASN1_UTCTIME *X509_gmtime_adj(ASN1_UTCTIME *s, long adj) { time_t t; @@ -467,18 +464,16 @@ long adj; return(ASN1_UTCTIME_set(s,t)); } -int X509_get_pubkey_parameters(pkey,chain) -EVP_PKEY *pkey; -STACK *chain; +int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) { EVP_PKEY *ktmp=NULL,*ktmp2; int i,j; if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1); - for (i=0; i<sk_num(chain); i++) + for (i=0; i<sk_X509_num(chain); i++) { - ktmp=X509_get_pubkey((X509 *)sk_value(chain,i)); + ktmp=X509_get_pubkey(sk_X509_value(chain,i)); if (ktmp == NULL) { X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); @@ -488,6 +483,7 @@ STACK *chain; break; else { + EVP_PKEY_free(ktmp); ktmp=NULL; } } @@ -500,63 +496,17 @@ STACK *chain; /* first, populate the other certs */ for (j=i-1; j >= 0; j--) { - ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j)); + ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); EVP_PKEY_copy_parameters(ktmp2,ktmp); + EVP_PKEY_free(ktmp2); } - if (pkey != NULL) - EVP_PKEY_copy_parameters(pkey,ktmp); + if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); + EVP_PKEY_free(ktmp); return(1); } -EVP_PKEY *X509_get_pubkey(x) -X509 *x; - { - if ((x == NULL) || (x->cert_info == NULL)) - return(NULL); - return(X509_PUBKEY_get(x->cert_info->key)); - } - -int X509_check_private_key(x,k) -X509 *x; -EVP_PKEY *k; - { - EVP_PKEY *xk=NULL; - int ok=0; - - xk=X509_get_pubkey(x); - if (xk->type != k->type) goto err; - switch (k->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err; - if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err; - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) - goto err; - break; -#endif -#ifndef NO_DH - case EVP_PKEY_DH: - /* No idea */ - goto err; -#endif - default: - goto err; - } - - ok=1; -err: - return(ok); - } - -int X509_STORE_add_cert(ctx,x) -X509_STORE *ctx; -X509 *x; +int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { X509_OBJECT *obj,*r; int ret=1; @@ -591,9 +541,7 @@ X509 *x; return(ret); } -int X509_STORE_add_crl(ctx,x) -X509_STORE *ctx; -X509_CRL *x; +int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT *obj,*r; int ret=1; @@ -628,12 +576,8 @@ X509_CRL *x; return(ret); } -int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func) -long argl; -char *argp; -int (*new_func)(); -int (*dup_func)(); -void (*free_func)(); +int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), + int (*dup_func)(), void (*free_func)()) { x509_store_ctx_num++; return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1, @@ -641,64 +585,55 @@ void (*free_func)(); argl,argp,new_func,dup_func,free_func)); } -int X509_STORE_CTX_set_ex_data(ctx,idx,data) -X509_STORE_CTX *ctx; -int idx; -char *data; +int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) { return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data)); } -char *X509_STORE_CTX_get_ex_data(ctx,idx) -X509_STORE_CTX *ctx; -int idx; +void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) { return(CRYPTO_get_ex_data(&ctx->ex_data,idx)); } -int X509_STORE_CTX_get_error(ctx) -X509_STORE_CTX *ctx; +int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) { return(ctx->error); } -void X509_STORE_CTX_set_error(ctx,err) -X509_STORE_CTX *ctx; -int err; +void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) { ctx->error=err; } -int X509_STORE_CTX_get_error_depth(ctx) -X509_STORE_CTX *ctx; +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) { return(ctx->error_depth); } -X509 *X509_STORE_CTX_get_current_cert(ctx) -X509_STORE_CTX *ctx; +X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) { return(ctx->current_cert); } -STACK *X509_STORE_CTX_get_chain(ctx) -X509_STORE_CTX *ctx; +STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) { return(ctx->chain); } -void X509_STORE_CTX_set_cert(ctx,x) -X509_STORE_CTX *ctx; -X509 *x; +void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) { ctx->cert=x; } -void X509_STORE_CTX_set_chain(ctx,sk) -X509_STORE_CTX *ctx; -STACK *sk; +void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) { ctx->untrusted=sk; } +IMPLEMENT_STACK_OF(X509) +IMPLEMENT_ASN1_SET_OF(X509) + +IMPLEMENT_STACK_OF(X509_NAME) +IMPLEMENT_STACK_OF(X509_ATTRIBUTE) +IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) diff --git a/lib/libcrypto/x509/x509_vfy.h b/lib/libcrypto/x509/x509_vfy.h index dfc060f8998..ecfd4cf9eda 100644 --- a/lib/libcrypto/x509/x509_vfy.h +++ b/lib/libcrypto/x509/x509_vfy.h @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +#ifndef HEADER_X509_H +#include <openssl/x509.h> +/* openssl/x509.h ends up #include-ing this file at about the only + * appropriate moment. */ +#endif + #ifndef HEADER_X509_VFY_H #define HEADER_X509_VFY_H @@ -63,8 +69,8 @@ extern "C" { #endif -#include "bio.h" -#include "crypto.h" +#include <openssl/bio.h> +#include <openssl/crypto.h> /* Outer object */ typedef struct x509_hash_dir_st @@ -119,21 +125,33 @@ typedef struct x509_object_st } data; } X509_OBJECT; +typedef struct x509_lookup_st X509_LOOKUP; + +DECLARE_STACK_OF(X509_LOOKUP) + /* This is a static that defines the function interface */ typedef struct x509_lookup_method_st { - char *name; - int (*new_item)(); - void (*free)(); - int (*init)(/* meth, char ** */); - int (*shutdown)( /* meth, char ** */); - int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */); - int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */); - int (*get_by_issuer_serial)(); - int (*get_by_fingerprint)(); - int (*get_by_alias)(); + const char *name; + int (*new_item)(X509_LOOKUP *ctx); + void (*free)(X509_LOOKUP *ctx); + int (*init)(X509_LOOKUP *ctx); + int (*shutdown)(X509_LOOKUP *ctx); + int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl, + char **ret); + int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name, + X509_OBJECT *ret); + int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name, + ASN1_INTEGER *serial,X509_OBJECT *ret); + int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type, + unsigned char *bytes,int len, + X509_OBJECT *ret); + int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len, + X509_OBJECT *ret); } X509_LOOKUP_METHOD; +typedef struct x509_store_state_st X509_STORE_CTX; + /* This is used to hold everything. It is used for all certificate * validation. Once we have a certificate chain, the 'verify' * function is then called to actually check the cert chain. */ @@ -148,13 +166,13 @@ typedef struct x509_store_st #endif /* These are external lookup methods */ - STACK *get_cert_methods;/* X509_LOOKUP */ - int (*verify)(); /* called to verify a certificate */ - int (*verify_cb)(); /* error callback */ + STACK_OF(X509_LOOKUP) *get_cert_methods; + int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ + int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ CRYPTO_EX_DATA ex_data; int references; - int depth; /* how deep to look */ + int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */ } X509_STORE; #define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) @@ -163,7 +181,7 @@ typedef struct x509_store_st #define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) /* This is the functions plus an instance of the local variables. */ -typedef struct x509_lookup_st +struct x509_lookup_st { int init; /* have we been started */ int skip; /* don't use us. */ @@ -171,25 +189,25 @@ typedef struct x509_lookup_st char *method_data; /* method data */ X509_STORE *store_ctx; /* who owns us */ - } X509_LOOKUP; + }; /* This is a temporary used when processing cert chains. Since the * gathering of the cert chain can take some time (and have to be * 'retried', this needs to be kept and passed around. */ -typedef struct x509_store_state_st +struct x509_store_state_st /* X509_STORE_CTX */ { X509_STORE *ctx; int current_method; /* used when looking up certs */ /* The following are set by the caller */ X509 *cert; /* The cert to check */ - STACK *untrusted; /* chain of X509s - untrusted - passed in */ + STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ /* The following is built up */ int depth; /* how far to go looking up certs */ int valid; /* if 0, rebuild chain */ int last_untrusted; /* index of last untrusted cert */ - STACK *chain; /* chain of X509s - built up and trusted */ + STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ /* When something goes wrong, this is why */ int error_depth; @@ -197,7 +215,9 @@ typedef struct x509_store_state_st X509 *current_cert; CRYPTO_EX_DATA ex_data; - } X509_STORE_CTX; + }; + +#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d)) #define X509_STORE_CTX_set_app_data(ctx,data) \ X509_STORE_CTX_set_ex_data(ctx,0,data) @@ -207,11 +227,9 @@ typedef struct x509_store_state_st #define X509_L_FILE_LOAD 1 #define X509_L_ADD_DIR 2 -X509_LOOKUP_METHOD *X509_LOOKUP_file(); #define X509_LOOKUP_load_file(x,name,type) \ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) -X509_LOOKUP_METHOD *X509_LOOKUP_dir(); #define X509_LOOKUP_add_dir(x,name,type) \ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) @@ -243,9 +261,23 @@ X509_LOOKUP_METHOD *X509_LOOKUP_dir(); /* The application is not happy */ #define X509_V_ERR_APPLICATION_VERIFICATION 50 -#ifndef NOPROTO + /* These functions are being redefined in another directory, + and clash when the linker is case-insensitive, so let's + hide them a little, by giving them an extra 'o' at the + beginning of the name... */ +#ifdef VMS +#undef X509v3_cleanup_extensions +#define X509v3_cleanup_extensions oX509v3_cleanup_extensions +#undef X509v3_add_extension +#define X509v3_add_extension oX509v3_add_extension +#undef X509v3_add_netscape_extensions +#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions +#undef X509v3_add_standard_extensions +#define X509v3_add_standard_extensions oX509v3_add_standard_extensions +#endif + #ifdef HEADER_LHASH_H -X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name); +X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name); #endif void X509_OBJECT_up_ref_count(X509_OBJECT *a); void X509_OBJECT_free_contents(X509_OBJECT *a); @@ -253,7 +285,7 @@ X509_STORE *X509_STORE_new(void ); void X509_STORE_free(X509_STORE *v); void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *x509, STACK *chain); + X509 *x509, STACK_OF(X509) *chain); void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); @@ -267,17 +299,14 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, X509_OBJECT *ret); -int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret); +int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, + long argl, char **ret); #ifndef NO_STDIO -int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type); -int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type); +int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); +int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); #endif -void X509v3_cleanup_extensions(void ); -int X509v3_add_extension(X509_EXTENSION_METHOD *x); -int X509v3_add_netscape_extensions(void ); -int X509v3_add_standard_extensions(void ); X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); void X509_LOOKUP_free(X509_LOOKUP *ctx); @@ -294,82 +323,21 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); #ifndef NO_STDIO int X509_STORE_load_locations (X509_STORE *ctx, - char *file, char *dir); + const char *file, const char *dir); int X509_STORE_set_default_paths(X509_STORE *ctx); #endif int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), int (*dup_func)(), void (*free_func)()); -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data); -char * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); +int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); +void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -STACK * X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); +STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); -void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk); - -#else - -#ifdef HEADER_LHASH_H -X509_OBJECT *X509_OBJECT_retrive_by_subject(); -#endif -void X509_OBJECT_up_ref_count(); -void X509_OBJECT_free_contents(); -X509_STORE *X509_STORE_new(); -void X509_STORE_free(); - -void X509_STORE_CTX_init(); -void X509_STORE_CTX_cleanup(); - -X509_LOOKUP *X509_STORE_add_lookup(); - -X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(); -X509_LOOKUP_METHOD *X509_LOOKUP_file(); - -int X509_STORE_add_cert(); -int X509_STORE_add_crl(); - -int X509_STORE_get_by_subject(); - -int X509_LOOKUP_ctrl(); - -#ifndef NO_STDIO -int X509_load_cert_file(); -int X509_load_crl_file(); -#endif - -void X509v3_cleanup_extensions(); -int X509v3_add_extension(); -int X509v3_add_netscape_extensions(); -int X509v3_add_standard_extensions(); - -X509_LOOKUP *X509_LOOKUP_new(); -void X509_LOOKUP_free(); -int X509_LOOKUP_init(); -int X509_LOOKUP_by_subject(); -int X509_LOOKUP_by_issuer_serial(); -int X509_LOOKUP_by_fingerprint(); -int X509_LOOKUP_by_alias(); -int X509_LOOKUP_shutdown(); - -#ifndef NO_STDIO -int X509_STORE_load_locations (); -int X509_STORE_set_default_paths(); -#endif - -int X509_STORE_CTX_set_ex_data(); -char * X509_STORE_CTX_get_ex_data(); -int X509_STORE_CTX_get_error(); -void X509_STORE_CTX_set_error(); -int X509_STORE_CTX_get_error_depth(); -X509 * X509_STORE_CTX_get_current_cert(); -STACK * X509_STORE_CTX_get_chain(); -void X509_STORE_CTX_set_cert(); -void X509_STORE_CTX_set_chain(); - -#endif +void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); #ifdef __cplusplus } diff --git a/lib/libcrypto/x509/x509name.c b/lib/libcrypto/x509/x509name.c index 650e71b1b5e..2a422be3502 100644 --- a/lib/libcrypto/x509/x509name.c +++ b/lib/libcrypto/x509/x509name.c @@ -57,18 +57,14 @@ */ #include <stdio.h> -#include "stack.h" +#include <openssl/stack.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -int X509_NAME_get_text_by_NID(name,nid,buf,len) -X509_NAME *name; -int nid; -char *buf; -int len; +int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len) { ASN1_OBJECT *obj; @@ -77,11 +73,8 @@ int len; return(X509_NAME_get_text_by_OBJ(name,obj,buf,len)); } -int X509_NAME_get_text_by_OBJ(name,obj,buf,len) -X509_NAME *name; -ASN1_OBJECT *obj; -char *buf; -int len; +int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf, + int len) { int i; ASN1_STRING *data; @@ -96,17 +89,13 @@ int len; return(i); } -int X509_NAME_entry_count(name) -X509_NAME *name; +int X509_NAME_entry_count(X509_NAME *name) { if (name == NULL) return(0); - return(sk_num(name->entries)); + return(sk_X509_NAME_ENTRY_num(name->entries)); } -int X509_NAME_get_index_by_NID(name,nid,lastpos) -X509_NAME *name; -int nid; -int lastpos; +int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos) { ASN1_OBJECT *obj; @@ -116,61 +105,57 @@ int lastpos; } /* NOTE: you should be passsing -1, not 0 as lastpos */ -int X509_NAME_get_index_by_OBJ(name,obj,lastpos) -X509_NAME *name; -ASN1_OBJECT *obj; -int lastpos; +int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, + int lastpos) { int n; X509_NAME_ENTRY *ne; - STACK *sk; + STACK_OF(X509_NAME_ENTRY) *sk; if (name == NULL) return(-1); if (lastpos < 0) lastpos= -1; sk=name->entries; - n=sk_num(sk); + n=sk_X509_NAME_ENTRY_num(sk); for (lastpos++; lastpos < n; lastpos++) { - ne=(X509_NAME_ENTRY *)sk_value(sk,lastpos); + ne=sk_X509_NAME_ENTRY_value(sk,lastpos); if (OBJ_cmp(ne->object,obj) == 0) return(lastpos); } return(-1); } -X509_NAME_ENTRY *X509_NAME_get_entry(name,loc) -X509_NAME *name; -int loc; +X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc) { - if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) + if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc + || loc < 0) return(NULL); else - return((X509_NAME_ENTRY *)sk_value(name->entries,loc)); + return(sk_X509_NAME_ENTRY_value(name->entries,loc)); } -X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc) -X509_NAME *name; -int loc; +X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) { X509_NAME_ENTRY *ret; - int i,j,n,set_prev,set_next; - STACK *sk; + int i,n,set_prev,set_next; + STACK_OF(X509_NAME_ENTRY) *sk; - if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) + if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc + || loc < 0) return(NULL); sk=name->entries; - ret=(X509_NAME_ENTRY *)sk_delete(sk,loc); - n=sk_num(sk); + ret=sk_X509_NAME_ENTRY_delete(sk,loc); + n=sk_X509_NAME_ENTRY_num(sk); name->modified=1; if (loc == n) return(ret); /* else we need to fixup the set field */ if (loc != 0) - set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; + set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set; else set_prev=ret->set-1; - set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; + set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set; /* set_prev is the previous set * set is the current set @@ -181,29 +166,23 @@ int loc; * so basically only if prev and next differ by 2, then * re-number down by 1 */ if (set_prev+1 < set_next) - { - j=set_next-set_prev-1; for (i=loc; i<n; i++) - ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j; - } + sk_X509_NAME_ENTRY_value(sk,i)->set--; return(ret); } /* if set is -1, append to previous set, 0 'a new one', and 1, * prepend to the guy we are about to stomp on. */ -int X509_NAME_add_entry(name,ne,loc,set) -X509_NAME *name; -X509_NAME_ENTRY *ne; -int loc; -int set; +int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, + int set) { X509_NAME_ENTRY *new_name=NULL; int n,i,inc; - STACK *sk; + STACK_OF(X509_NAME_ENTRY) *sk; if (name == NULL) return(0); sk=name->entries; - n=sk_num(sk); + n=sk_X509_NAME_ENTRY_num(sk); if (loc > n) loc=n; else if (loc < 0) loc=n; @@ -218,7 +197,7 @@ int set; } else { - set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; + set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set; inc=0; } } @@ -227,43 +206,38 @@ int set; if (loc >= n) { if (loc != 0) - set=((X509_NAME_ENTRY *) - sk_value(sk,loc-1))->set+1; + set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1; else set=0; } else - set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; + set=sk_X509_NAME_ENTRY_value(sk,loc)->set; inc=(set == 0)?1:0; } if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL) goto err; new_name->set=set; - if (!sk_insert(sk,(char *)new_name,loc)) + if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) { X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE); goto err; } if (inc) { - n=sk_num(sk); + n=sk_X509_NAME_ENTRY_num(sk); for (i=loc+1; i<n; i++) - ((X509_NAME_ENTRY *)sk_value(sk,i-1))->set+=1; + sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1; } return(1); err: if (new_name != NULL) - X509_NAME_ENTRY_free(ne); + X509_NAME_ENTRY_free(new_name); return(0); } -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len) -X509_NAME_ENTRY **ne; -int nid; -int type; -unsigned char *bytes; -int len; +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, + int type, unsigned char *bytes, int len) { ASN1_OBJECT *obj; @@ -276,12 +250,8 @@ int len; return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)); } -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len) -X509_NAME_ENTRY **ne; -ASN1_OBJECT *obj; -int type; -unsigned char *bytes; -int len; +X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, + ASN1_OBJECT *obj, int type, unsigned char *bytes, int len) { X509_NAME_ENTRY *ret; @@ -306,9 +276,7 @@ err: return(NULL); } -int X509_NAME_ENTRY_set_object(ne,obj) -X509_NAME_ENTRY *ne; -ASN1_OBJECT *obj; +int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj) { if ((ne == NULL) || (obj == NULL)) { @@ -320,11 +288,8 @@ ASN1_OBJECT *obj; return((ne->object == NULL)?0:1); } -int X509_NAME_ENTRY_set_data(ne,type,bytes,len) -X509_NAME_ENTRY *ne; -int type; -unsigned char *bytes; -int len; +int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, + unsigned char *bytes, int len) { int i; @@ -342,15 +307,13 @@ int len; return(1); } -ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne) -X509_NAME_ENTRY *ne; +ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne) { if (ne == NULL) return(NULL); return(ne->object); } -ASN1_STRING *X509_NAME_ENTRY_get_data(ne) -X509_NAME_ENTRY *ne; +ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne) { if (ne == NULL) return(NULL); return(ne->value); diff --git a/lib/libcrypto/x509/x509pack.c b/lib/libcrypto/x509/x509pack.c deleted file mode 100644 index 846f1258595..00000000000 --- a/lib/libcrypto/x509/x509pack.c +++ /dev/null @@ -1,157 +0,0 @@ -/* crypto/x509/x509pack.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "stack.h" -#include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" - -ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len) -ASN1_OCTET_STRING **ex; -int type; -unsigned char *bytes; -int len; - { - ASN1_OCTET_STRING *os; - ASN1_STRING str; - unsigned char *p; - int i; - - if ((ex == NULL) || (*ex == NULL)) - os=ASN1_OCTET_STRING_new(); - else - os= *ex; - - if (len < 0) len=strlen((char *)bytes); - str.length=len; - str.type=type; - str.data=bytes; - - /* str now holds the data, we just have to copy it into ->value */ - - switch (type) - { - case V_ASN1_BIT_STRING: - i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL); - if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i)) - goto err; - p=(unsigned char *)os->data; - i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p); - break; - case V_ASN1_OCTET_STRING: - i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL); - if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i)) - goto err; - p=(unsigned char *)os->data; - i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p); - break; - case V_ASN1_IA5STRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL); - if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i)) - goto err; - p=(unsigned char *)os->data; - i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL); - break; - default: - X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE); - goto err; - } - os->length=i; - - if ((ex != NULL) && (os != *ex)) - *ex=os; - return(os); -err: - return(NULL); - } - -ASN1_STRING *X509v3_unpack_string(ex,type,os) -ASN1_STRING **ex; -int type; -ASN1_OCTET_STRING *os; - { - unsigned char *p; - ASN1_STRING *ret=NULL; - - p=os->data; - switch (type) - { - case V_ASN1_BIT_STRING: - ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING( - (ASN1_BIT_STRING **)ex,&p,os->length); - break; - case V_ASN1_OCTET_STRING: - ret=(ASN1_STRING *)d2i_ASN1_OCTET_STRING( - (ASN1_BIT_STRING **)ex,&p,os->length); - break; - case V_ASN1_IA5STRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length); - break; - default: - X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE); - } - return(ret); - } - diff --git a/lib/libcrypto/x509/x509rset.c b/lib/libcrypto/x509/x509rset.c index 323b25470a1..d9f6b573729 100644 --- a/lib/libcrypto/x509/x509rset.c +++ b/lib/libcrypto/x509/x509rset.c @@ -58,30 +58,24 @@ #include <stdio.h> #include "cryptlib.h" -#include "asn1.h" -#include "objects.h" -#include "evp.h" -#include "x509.h" +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -int X509_REQ_set_version(x,version) -X509_REQ *x; -long version; +int X509_REQ_set_version(X509_REQ *x, long version) { if (x == NULL) return(0); return(ASN1_INTEGER_set(x->req_info->version,version)); } -int X509_REQ_set_subject_name(x,name) -X509_REQ *x; -X509_NAME *name; +int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) { if ((x == NULL) || (x->req_info == NULL)) return(0); return(X509_NAME_set(&x->req_info->subject,name)); } -int X509_REQ_set_pubkey(x,pkey) -X509_REQ *x; -EVP_PKEY *pkey; +int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { if ((x == NULL) || (x->req_info == NULL)) return(0); return(X509_PUBKEY_set(&x->req_info->pubkey,pkey)); diff --git a/lib/libcrypto/x509/x509type.c b/lib/libcrypto/x509/x509type.c index 42c23bcfca0..8e78b344581 100644 --- a/lib/libcrypto/x509/x509type.c +++ b/lib/libcrypto/x509/x509type.c @@ -58,13 +58,11 @@ #include <stdio.h> #include "cryptlib.h" -#include "evp.h" -#include "objects.h" -#include "x509.h" +#include <openssl/evp.h> +#include <openssl/objects.h> +#include <openssl/x509.h> -int X509_certificate_type(x,pkey) -X509 *x; -EVP_PKEY *pkey; +int X509_certificate_type(X509 *x, EVP_PKEY *pkey) { EVP_PKEY *pk; int ret=0,i; @@ -108,8 +106,9 @@ EVP_PKEY *pkey; break; } - if (EVP_PKEY_size(pkey) <= 512) + if (EVP_PKEY_size(pk) <= 512) ret|=EVP_PKT_EXP; + if(pkey==NULL) EVP_PKEY_free(pk); return(ret); } diff --git a/lib/libcrypto/x509/x509v3.doc b/lib/libcrypto/x509/x509v3.doc deleted file mode 100644 index 1e760a94690..00000000000 --- a/lib/libcrypto/x509/x509v3.doc +++ /dev/null @@ -1,24 +0,0 @@ -The 'new' system. - -The X509_EXTENSION_METHOD includes extensions and attributes and/or names. -Basically everthing that can be added to an X509 with an OID identifying it. - -It operates via 2 methods per object id. -int a2i_XXX(X509 *x,char *str,int len); -int i2a_XXX(BIO *bp,X509 *x); - -The a2i_XXX function will add the object with a value converted from the -string into the X509. Len can be -1 in which case the length is calculated -via strlen(str). Applications can always use direct knowledge to load and -unload the relevent objects themselves. - -i2a_XXX will print to the passed BIO, a text representation of the -relevet object. Use a memory BIO if you want it printed to a buffer :-). - -X509_add_by_NID(X509 *x,int nid,char *str,int len); -X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len); - -X509_print_by_name(BIO *bp,X509 *x); -X509_print_by_NID(BIO *bp,X509 *x); -X509_print_by_OBJ(BIO *bp,X509 *x); - diff --git a/lib/libcrypto/x509/x_all.c b/lib/libcrypto/x509/x_all.c index b7dde23e9a9..f2af895df00 100644 --- a/lib/libcrypto/x509/x_all.c +++ b/lib/libcrypto/x509/x_all.c @@ -58,90 +58,74 @@ #include <stdio.h> #undef SSLEAY_MACROS -#include "stack.h" +#include <openssl/stack.h> #include "cryptlib.h" -#include "buffer.h" -#include "asn1.h" -#include "evp.h" -#include "x509.h" +#include <openssl/buffer.h> +#include <openssl/asn1.h> +#include <openssl/evp.h> +#include <openssl/x509.h> -int X509_verify(a,r) -X509 *a; -EVP_PKEY *r; +int X509_verify(X509 *a, EVP_PKEY *r) { return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, a->signature,(char *)a->cert_info,r)); } -int X509_REQ_verify(a,r) -X509_REQ *a; -EVP_PKEY *r; +int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) { return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, a->sig_alg,a->signature,(char *)a->req_info,r)); } -int X509_CRL_verify(a,r) -X509_CRL *a; -EVP_PKEY *r; +int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) { return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, a->sig_alg, a->signature,(char *)a->crl,r)); } -int NETSCAPE_SPKI_verify(a,r) -NETSCAPE_SPKI *a; -EVP_PKEY *r; +int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) { return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, a->sig_algor,a->signature, (char *)a->spkac,r)); } -int X509_sign(x,pkey,md) -X509 *x; -EVP_PKEY *pkey; -EVP_MD *md; +int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) { return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); } -int X509_REQ_sign(x,pkey,md) -X509_REQ *x; -EVP_PKEY *pkey; -EVP_MD *md; +int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, x->signature, (char *)x->req_info,pkey,md)); } -int X509_CRL_sign(x,pkey,md) -X509_CRL *x; -EVP_PKEY *pkey; -EVP_MD *md; +int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) { return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, x->sig_alg, x->signature, (char *)x->crl,pkey,md)); } -int NETSCAPE_SPKI_sign(x,pkey,md) -NETSCAPE_SPKI *x; -EVP_PKEY *pkey; -EVP_MD *md; +int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) { return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, x->signature, (char *)x->spkac,pkey,md)); } -X509 *X509_dup(x509) -X509 *x509; +X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa) + { + return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE, + (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)); + } + +X509 *X509_dup(X509 *x509) { return((X509 *)ASN1_dup((int (*)())i2d_X509, (char *(*)())d2i_X509,(char *)x509)); } -X509_EXTENSION *X509_EXTENSION_dup(ex) -X509_EXTENSION *ex; +X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex) { return((X509_EXTENSION *)ASN1_dup( (int (*)())i2d_X509_EXTENSION, @@ -149,237 +133,184 @@ X509_EXTENSION *ex; } #ifndef NO_FP_API -X509 *d2i_X509_fp(fp,x509) -FILE *fp; -X509 *x509; +X509 *d2i_X509_fp(FILE *fp, X509 **x509) { return((X509 *)ASN1_d2i_fp((char *(*)())X509_new, (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))); } -int i2d_X509_fp(fp,x509) -FILE *fp; -X509 *x509; +int i2d_X509_fp(FILE *fp, X509 *x509) { return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)); } #endif -X509 *d2i_X509_bio(bp,x509) -BIO *bp; -X509 *x509; +X509 *d2i_X509_bio(BIO *bp, X509 **x509) { return((X509 *)ASN1_d2i_bio((char *(*)())X509_new, (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))); } -int i2d_X509_bio(bp,x509) -BIO *bp; -X509 *x509; +int i2d_X509_bio(BIO *bp, X509 *x509) { return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)); } -X509_CRL *X509_CRL_dup(crl) -X509_CRL *crl; +X509_CRL *X509_CRL_dup(X509_CRL *crl) { return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, (char *(*)())d2i_X509_CRL,(char *)crl)); } #ifndef NO_FP_API -X509_CRL *d2i_X509_CRL_fp(fp,crl) -FILE *fp; -X509_CRL *crl; +X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) { return((X509_CRL *)ASN1_d2i_fp((char *(*)()) X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp), (unsigned char **)(crl))); } -int i2d_X509_CRL_fp(fp,crl) -FILE *fp; -X509_CRL *crl; +int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) { return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl)); } #endif -X509_CRL *d2i_X509_CRL_bio(bp,crl) -BIO *bp; -X509_CRL *crl; +X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) { return((X509_CRL *)ASN1_d2i_bio((char *(*)()) X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp), (unsigned char **)(crl))); } -int i2d_X509_CRL_bio(bp,crl) -BIO *bp; -X509_CRL *crl; +int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) { return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl)); } -PKCS7 *PKCS7_dup(p7) -PKCS7 *p7; +PKCS7 *PKCS7_dup(PKCS7 *p7) { return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, (char *(*)())d2i_PKCS7,(char *)p7)); } #ifndef NO_FP_API -PKCS7 *d2i_PKCS7_fp(fp,p7) -FILE *fp; -PKCS7 *p7; +PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) { return((PKCS7 *)ASN1_d2i_fp((char *(*)()) PKCS7_new,(char *(*)())d2i_PKCS7, (fp), (unsigned char **)(p7))); } -int i2d_PKCS7_fp(fp,p7) -FILE *fp; -PKCS7 *p7; +int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) { return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7)); } #endif -PKCS7 *d2i_PKCS7_bio(bp,p7) -BIO *bp; -PKCS7 *p7; +PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) { return((PKCS7 *)ASN1_d2i_bio((char *(*)()) PKCS7_new,(char *(*)())d2i_PKCS7, (bp), (unsigned char **)(p7))); } -int i2d_PKCS7_bio(bp,p7) -BIO *bp; -PKCS7 *p7; +int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) { return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7)); } -X509_REQ *X509_REQ_dup(req) -X509_REQ *req; +X509_REQ *X509_REQ_dup(X509_REQ *req) { return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, (char *(*)())d2i_X509_REQ,(char *)req)); } #ifndef NO_FP_API -X509_REQ *d2i_X509_REQ_fp(fp,req) -FILE *fp; -X509_REQ *req; +X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) { return((X509_REQ *)ASN1_d2i_fp((char *(*)()) X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp), (unsigned char **)(req))); } -int i2d_X509_REQ_fp(fp,req) -FILE *fp; -X509_REQ *req; +int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) { return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req)); } #endif -X509_REQ *d2i_X509_REQ_bio(bp,req) -BIO *bp; -X509_REQ *req; +X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) { return((X509_REQ *)ASN1_d2i_bio((char *(*)()) X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp), (unsigned char **)(req))); } -int i2d_X509_REQ_bio(bp,req) -BIO *bp; -X509_REQ *req; +int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) { return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req)); } #ifndef NO_RSA -RSA *RSAPublicKey_dup(rsa) -RSA *rsa; +RSA *RSAPublicKey_dup(RSA *rsa) { return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, (char *(*)())d2i_RSAPublicKey,(char *)rsa)); } -RSA *RSAPrivateKey_dup(rsa) -RSA *rsa; +RSA *RSAPrivateKey_dup(RSA *rsa) { return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, (char *(*)())d2i_RSAPrivateKey,(char *)rsa)); } #ifndef NO_FP_API -RSA *d2i_RSAPrivateKey_fp(fp,rsa) -FILE *fp; -RSA *rsa; +RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) { return((RSA *)ASN1_d2i_fp((char *(*)()) RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), (unsigned char **)(rsa))); } -int i2d_RSAPrivateKey_fp(fp,rsa) -FILE *fp; -RSA *rsa; +int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) { return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa)); } -RSA *d2i_RSAPublicKey_fp(fp,rsa) -FILE *fp; -RSA *rsa; +RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) { return((RSA *)ASN1_d2i_fp((char *(*)()) RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), (unsigned char **)(rsa))); } -int i2d_RSAPublicKey_fp(fp,rsa) -FILE *fp; -RSA *rsa; +int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) { return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa)); } #endif -RSA *d2i_RSAPrivateKey_bio(bp,rsa) -BIO *bp; -RSA *rsa; +RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) { return((RSA *)ASN1_d2i_bio((char *(*)()) RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), (unsigned char **)(rsa))); } -int i2d_RSAPrivateKey_bio(bp,rsa) -BIO *bp; -RSA *rsa; +int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) { return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa)); } -RSA *d2i_RSAPublicKey_bio(bp,rsa) -BIO *bp; -RSA *rsa; +RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) { return((RSA *)ASN1_d2i_bio((char *(*)()) RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), (unsigned char **)(rsa))); } -int i2d_RSAPublicKey_bio(bp,rsa) -BIO *bp; -RSA *rsa; +int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) { return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa)); } @@ -387,79 +318,120 @@ RSA *rsa; #ifndef NO_DSA #ifndef NO_FP_API -DSA *d2i_DSAPrivateKey_fp(fp,dsa) -FILE *fp; -DSA *dsa; +DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) { return((DSA *)ASN1_d2i_fp((char *(*)()) DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), (unsigned char **)(dsa))); } -int i2d_DSAPrivateKey_fp(fp,dsa) -FILE *fp; -DSA *dsa; +int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) { return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); } #endif -DSA *d2i_DSAPrivateKey_bio(bp,dsa) -BIO *bp; -DSA *dsa; +DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) { return((DSA *)ASN1_d2i_bio((char *(*)()) DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), (unsigned char **)(dsa))); } -int i2d_DSAPrivateKey_bio(bp,dsa) -BIO *bp; -DSA *dsa; +int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) { return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); } #endif -X509_NAME *X509_NAME_dup(xn) -X509_NAME *xn; +X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn) + { + return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR, + (char *(*)())d2i_X509_ALGOR,(char *)xn)); + } + +X509_NAME *X509_NAME_dup(X509_NAME *xn) { return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, (char *(*)())d2i_X509_NAME,(char *)xn)); } -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne) -X509_NAME_ENTRY *ne; +X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) { return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY, (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); } -int X509_digest(data,type,md,len) -X509 *data; -EVP_MD *type; -unsigned char *md; -unsigned int *len; +int X509_digest(X509 *data, EVP_MD *type, unsigned char *md, + unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); } -int X509_NAME_digest(data,type,md,len) -X509_NAME *data; -EVP_MD *type; -unsigned char *md; -unsigned int *len; +int X509_NAME_digest(X509_NAME *data, EVP_MD *type, unsigned char *md, + unsigned int *len) { return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); } -int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) -PKCS7_ISSUER_AND_SERIAL *data; -EVP_MD *type; -unsigned char *md; -unsigned int *len; +int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, EVP_MD *type, + unsigned char *md, unsigned int *len) { return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, (char *)data,md,len)); } + +#ifndef NO_FP_API +X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) + { + return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new, + (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8))); + } + +int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) + { + return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8)); + } +#endif + +X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) + { + return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new, + (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8))); + } + +int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) + { + return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8)); + } + +#ifndef NO_FP_API +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, + PKCS8_PRIV_KEY_INFO **p8inf) + { + return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp( + (char *(*)())PKCS8_PRIV_KEY_INFO_new, + (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp), + (unsigned char **)(p8inf))); + } + +int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) + { + return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf)); + } +#endif + +PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, + PKCS8_PRIV_KEY_INFO **p8inf) + { + return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio( + (char *(*)())PKCS8_PRIV_KEY_INFO_new, + (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp), + (unsigned char **)(p8inf))); + } + +int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) + { + return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf)); + } |