/* * This function adds the TBB extensions to the internal extension list * maintained by OpenSSL so they can be used later. * * It also initializes the methods to print the contents of the extension. If an * alias is specified in the TBB extension, we reuse the methods of the alias. * Otherwise, only methods for V_ASN1_INTEGER and V_ASN1_OCTET_STRING are * provided. Any other type will be printed as a raw ascii string. * * Return: 0 = success, Otherwise: error */ int ext_init(void) { cmd_opt_t cmd_opt; ext_t *ext; X509V3_EXT_METHOD *m; int nid, ret; unsigned int i; for (i = 0; i < num_extensions; i++) { ext = &extensions[i]; /* Register command line option */ if (ext->opt) { cmd_opt.long_opt.name = ext->opt; cmd_opt.long_opt.has_arg = required_argument; cmd_opt.long_opt.flag = NULL; cmd_opt.long_opt.val = CMD_OPT_EXT; cmd_opt.help_msg = ext->help_msg; cmd_opt_add(&cmd_opt); } /* Register the extension OID in OpenSSL */ if (ext->oid == NULL) { continue; } nid = OBJ_create(ext->oid, ext->sn, ext->ln); if (ext->alias) { X509V3_EXT_add_alias(nid, ext->alias); } else { m = &ext->method; memset(m, 0x0, sizeof(X509V3_EXT_METHOD)); switch (ext->asn1_type) { case V_ASN1_INTEGER: m->it = ASN1_ITEM_ref(ASN1_INTEGER); m->i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER; m->s2i = (X509V3_EXT_S2I)s2i_ASN1_INTEGER; break; case V_ASN1_OCTET_STRING: m->it = ASN1_ITEM_ref(ASN1_OCTET_STRING); m->i2s = (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING; m->s2i = (X509V3_EXT_S2I)s2i_ASN1_OCTET_STRING; break; default: continue; } m->ext_nid = nid; ret = X509V3_EXT_add(m); if (!ret) { ERR_print_errors_fp(stdout); return 1; } } } return 0; }
#include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> #include "ext_dat.h" static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); const X509V3_EXT_METHOD v3_akey_id = { NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V) i2v_AUTHORITY_KEYID, (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, 0, 0, NULL }; static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) { char *tmp; if (akeyid->keyid) {
#include <string.h> #include <openssl/asn1.h> #include <openssl/conf.h> #include <openssl/err.h> #include <openssl/x509v3.h> static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); const X509V3_EXT_METHOD v3_ns_ia5_list[] = { { .ext_nid = NID_netscape_base_url, .ext_flags = 0, .it = ASN1_ITEM_ref(ASN1_IA5STRING), .ext_new = NULL, .ext_free = NULL, .d2i = NULL, .i2d = NULL, .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, .i2v = NULL, .v2i = NULL, .i2r = NULL, .r2i = NULL, .usr_data = NULL, }, { .ext_nid = NID_netscape_revocation_url, .ext_flags = 0,
static int i2r_ocsp_crlid(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); static int i2r_ocsp_acutoff(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent); static void *ocsp_nonce_new(void); static int i2d_ocsp_nonce(void *a, unsigned char **pp); static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); static void ocsp_nonce_free(void *a); static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str); static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); X509V3_EXT_METHOD v3_ocsp_crlid = { NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID), 0,0,0,0, 0,0, 0,0, i2r_ocsp_crlid,0, NULL }; X509V3_EXT_METHOD v3_ocsp_acutoff = { NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), 0,0,0,0, 0,0, 0,0, i2r_ocsp_acutoff,0, NULL };
* */ #include <stdio.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent); /* static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); */ const X509V3_EXT_METHOD v3_pkey_usage_period = { NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD), 0, 0, 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL, NULL }; ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = { ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0), ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1) } ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD) IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage,
void *a, BIO *bp, int ind); static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method, STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp, int ind, const char *name); static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip); static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc); static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen); static int nc_dn(X509_NAME *sub, X509_NAME *nm); static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns); static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml); static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base); CONST_X509V3_EXT_METHOD_item(v3_name_constraints, NID_name_constraints, 0, ASN1_ITEM_ref(NAME_CONSTRAINTS), 0,0,0,0, 0,0, 0, OPERA_V2I_DECLARE(v2i_NAME_CONSTRAINTS), i2r_NAME_CONSTRAINTS,0, NULL ) ASN1_SEQUENCE(GENERAL_SUBTREE) ASN1_SIMPLE(GENERAL_SUBTREE, base, GENERAL_NAME) ASN1_IMP_OPT(GENERAL_SUBTREE, minimum, ASN1_INTEGER, 0) ASN1_IMP_OPT(GENERAL_SUBTREE, maximum, ASN1_INTEGER, 1) ASN1_SEQUENCE_END(GENERAL_SUBTREE) ASN1_SEQUENCE(NAME_CONSTRAINTS) ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, permittedSubtrees,
#include <string.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/err.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); const X509V3_EXT_METHOD v3_bcons = { NID_basic_constraints, 0, ASN1_ITEM_ref(BASIC_CONSTRAINTS), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS, (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS, NULL, NULL, NULL }; ASN1_SEQUENCE(BASIC_CONSTRAINTS) = { ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN), ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER) } ASN1_SEQUENCE_END(BASIC_CONSTRAINTS) BASIC_CONSTRAINTS *
*/ #include <stdio.h> #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist); static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); X509V3_EXT_METHOD v3_crld = { NID_crl_distribution_points, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(CRL_DIST_POINTS), 0,0,0,0, 0,0, (X509V3_EXT_I2V)i2v_crld, (X509V3_EXT_V2I)v2i_crld, 0,0, NULL }; static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts) { DIST_POINT *point; int i; for(i = 0; i < sk_DIST_POINT_num(crld); i++) { point = sk_DIST_POINT_value(crld, i);
#include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/err.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS( X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret); static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS( X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); const X509V3_EXT_METHOD v3_info = { NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, 0, 0, NULL }; const X509V3_EXT_METHOD v3_sinfo = { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
#include <openssl/conf.h> #include <openssl/x509v3.h> #include "modules/libopeay/libopeay_arrays.h" #ifndef OPERA_SMALL_VERSION static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); #endif static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); OPENSSL_PREFIX_CONST_ARRAY(OPENSSL_EXTERN,X509V3_EXT_METHOD, v3_alt, libopeay) CONST_X509V3_EXT_METHOD_ENTRY( NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0,0,0,0, 0,0, (X509V3_EXT_I2V)i2v_GENERAL_NAMES, OPERA_V2I_DECLARE((X509V3_EXT_V2I)v2i_subject_alt), NULL, NULL, NULL) CONST_X509V3_EXT_METHOD_ENTRY( NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0,0,0,0, 0,0, (X509V3_EXT_I2V)i2v_GENERAL_NAMES, OPERA_V2I_DECLARE((X509V3_EXT_V2I)v2i_issuer_alt), NULL, NULL, NULL) CONST_X509V3_EXT_METHOD_ENTRY( NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0,0,0,0,
/* * Usage: d2i_test <type> <file>, e.g. * d2i_test generalname bad_generalname.der */ int main(int argc, char **argv) { int result = 0; const char *test_type_name; const char *expected_error_string; const char *p = getenv("OPENSSL_DEBUG_MEMORY"); size_t i; static ASN1_ITEM_EXP *items[] = { ASN1_ITEM_ref(ASN1_ANY), ASN1_ITEM_ref(X509), ASN1_ITEM_ref(GENERAL_NAME), ASN1_ITEM_ref(ASN1_INTEGER), #ifndef OPENSSL_NO_CMS ASN1_ITEM_ref(CMS_ContentInfo) #endif }; static error_enum expected_errors[] = { {"OK", ASN1_OK}, {"BIO", ASN1_BIO}, {"decode", ASN1_DECODE}, {"encode", ASN1_ENCODE}, {"compare", ASN1_COMPARE} }; if (p != NULL && strcmp(p, "on") == 0) CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); if (argc != 4) { fprintf(stderr, "Usage: d2i_test item_name expected_error file.der\n"); return 1; } test_type_name = argv[1]; expected_error_string = argv[2]; test_file = argv[3]; for (i = 0; i < OSSL_NELEM(items); i++) { const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]); if (strcmp(test_type_name, it->sname) == 0) { item_type = it; break; } } if (item_type == NULL) { fprintf(stderr, "Unknown type %s\n", test_type_name); fprintf(stderr, "Supported types:\n"); for (i = 0; i < OSSL_NELEM(items); i++) { const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]); fprintf(stderr, "\t%s\n", it->sname); } return 1; } for (i = 0; i < OSSL_NELEM(expected_errors); i++) { if (strcmp(expected_errors[i].str, expected_error_string) == 0) { expected_error = expected_errors[i].code; break; } } if (expected_error == ASN1_UNKNOWN) { fprintf(stderr, "Unknown expected error %s\n", expected_error_string); return 1; } ADD_TEST(test_bad_asn1); result = run_tests(argv[0]); #ifndef OPENSSL_NO_CRYPTO_MDEBUG if (CRYPTO_mem_leaks_fp(stderr) <= 0) result = 1; #endif return result; }
BIO *out, int indent); static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value); static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); static void print_notice(BIO *out, USERNOTICE *notice, int indent); static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org); static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org); static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); const X509V3_EXT_METHOD v3_cpols = { .ext_nid = NID_certificate_policies, .ext_flags = 0, .it = ASN1_ITEM_ref(CERTIFICATEPOLICIES), .ext_new = NULL, .ext_free = NULL, .d2i = NULL, .i2d = NULL, .i2s = NULL, .s2i = NULL, .i2v = NULL, .v2i = NULL, .i2r = (X509V3_EXT_I2R)i2r_certpol, .r2i = (X509V3_EXT_R2I)r2i_certpol, .usr_data = NULL, }; static const ASN1_TEMPLATE CERTIFICATEPOLICIES_item_tt = { .flags = ASN1_TFLG_SEQUENCE_OF,
*/ #include <stdio.h> #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); X509V3_EXT_METHOD v3_akey_id = { NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), 0,0,0,0, 0,0, (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, 0,0, NULL }; static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) { char *tmp; if(akeyid->keyid) { tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); X509V3_add_value("keyid", tmp, &extlist);
#include <openssl/conf.h> #include <openssl/x509v3.h> static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); const X509V3_EXT_METHOD v3_alt[] = { {NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V) i2v_GENERAL_NAMES, (X509V3_EXT_V2I)v2i_subject_alt, NULL, NULL, NULL}, {NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2V) i2v_GENERAL_NAMES, (X509V3_EXT_V2I)v2i_issuer_alt, NULL, NULL, NULL}, {NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES), 0, 0, 0, 0,
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_5_negpad */ CUSTOM_EXPECTED_FAILURE, /* t_5bytes_1 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_1 (too large positive) */ CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */ CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */ CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */ }; static ASN1_LONG_DATA long_encdec_data_32bit[] = { ENCDEC_ARRAY(LONG_MAX - 1, LONG_MAX, LONG_MIN, LONG_MIN), /* Check that default numbers fail */ { 0, ASN1_LONG_UNDEF, 1 }, { 0, 1, 0 } }; static TEST_PACKAGE long_test_package_32bit = { ASN1_ITEM_ref(ASN1_LONG_DATA), "LONG", sizeof(long) != 4, long_expected_32bit, sizeof(long_expected_32bit), sizeof(long_expected_32bit[0]), long_encdec_data_32bit, sizeof(long_encdec_data_32bit), sizeof(long_encdec_data_32bit[0]), (i2d_fn *)i2d_ASN1_LONG_DATA, (d2i_fn *)d2i_ASN1_LONG_DATA, (ifree_fn *)ASN1_LONG_DATA_free }; static ASN1_LONG_DATA long_expected_64bit[] = { /* The following should fail on the second because it's the default */ { 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */ { 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */ CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */ CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */ CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
#include <openssl/conf.h> #include <openssl/err.h> #include <openssl/obj.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) * i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *bcons, STACK_OF(CONF_VALUE) *extlist); static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); const X509V3_EXT_METHOD v3_policy_constraints = { NID_policy_constraints, 0, ASN1_ITEM_ref(POLICY_CONSTRAINTS), 0,0,0,0, 0,0, i2v_POLICY_CONSTRAINTS, v2i_POLICY_CONSTRAINTS, NULL,NULL, NULL }; ASN1_SEQUENCE(POLICY_CONSTRAINTS) = { ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0), ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1) } ASN1_SEQUENCE_END(POLICY_CONSTRAINTS) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
* asn1 <data structure> */ #include <stdio.h> #include <string.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/ec.h> #include <openssl/ocsp.h> #include <openssl/pkcs12.h> #include <openssl/ts.h> #include <openssl/x509v3.h> #include "fuzzer.h" static ASN1_ITEM_EXP *item_type[] = { ASN1_ITEM_ref(ASN1_SEQUENCE), ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), ASN1_ITEM_ref(BIGNUM), ASN1_ITEM_ref(ECPARAMETERS), ASN1_ITEM_ref(ECPKPARAMETERS), ASN1_ITEM_ref(GENERAL_NAME), ASN1_ITEM_ref(GENERAL_SUBTREE), ASN1_ITEM_ref(NAME_CONSTRAINTS), ASN1_ITEM_ref(OCSP_BASICRESP), ASN1_ITEM_ref(OCSP_RESPONSE), ASN1_ITEM_ref(PKCS12), ASN1_ITEM_ref(PKCS12_AUTHSAFES), ASN1_ITEM_ref(PKCS12_SAFEBAGS), ASN1_ITEM_ref(PKCS7), ASN1_ITEM_ref(PKCS7_ATTR_SIGN), ASN1_ITEM_ref(PKCS7_ATTR_VERIFY),
static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value); static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); static void print_notice(BIO *out, USERNOTICE *notice, int indent); static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org); static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org); static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); const X509V3_EXT_METHOD v3_cpols = { NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES), 0, 0, 0, 0, 0, 0, 0, 0, (X509V3_EXT_I2R)i2r_certpol, (X509V3_EXT_R2I)r2i_certpol, NULL }; ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO) ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES) IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <stdio.h> #include "cryptlib.h" #include <openssl/x509v3.h> X509V3_EXT_METHOD v3_crl_num = { NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 0, 0,0,0,0, NULL}; X509V3_EXT_METHOD v3_delta_crl = { NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_INTEGER, 0, 0,0,0,0, NULL}; static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) { return s2i_ASN1_INTEGER(meth, value);
#include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> /* Support for Thawte strong extranet extension */ #define SXNET_TEST static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent); #ifdef SXNET_TEST static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); #endif const X509V3_EXT_METHOD v3_sxnet = { NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), 0,0,0,0, 0,0, 0, #ifdef SXNET_TEST (X509V3_EXT_V2I)sxnet_v2i, #else 0, #endif (X509V3_EXT_I2R)sxnet_i2r, 0, NULL }; ASN1_SEQUENCE(SXNETID) = { ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
ASN1_OPT(ADMISSION_SYNTAX, admissionAuthority, GENERAL_NAME), ASN1_SEQUENCE_OF(ADMISSION_SYNTAX, contentsOfAdmissions, ADMISSIONS), } ASN1_SEQUENCE_END(ADMISSION_SYNTAX) IMPLEMENT_ASN1_FUNCTIONS(NAMING_AUTHORITY) IMPLEMENT_ASN1_FUNCTIONS(PROFESSION_INFO) IMPLEMENT_ASN1_FUNCTIONS(ADMISSIONS) IMPLEMENT_ASN1_FUNCTIONS(ADMISSION_SYNTAX) static int i2r_ADMISSION_SYNTAX(const struct v3_ext_method *method, void *in, BIO *bp, int ind); const X509V3_EXT_METHOD v3_ext_admission = { NID_x509ExtAdmission, /* .ext_nid = */ 0, /* .ext_flags = */ ASN1_ITEM_ref(ADMISSION_SYNTAX), /* .it = */ NULL, NULL, NULL, NULL, NULL, /* .i2s = */ NULL, /* .s2i = */ NULL, /* .i2v = */ NULL, /* .v2i = */ &i2r_ADMISSION_SYNTAX, /* .i2r = */ NULL, /* .r2i = */ NULL /* extension-specific data */ }; static int i2r_NAMING_AUTHORITY(const struct v3_ext_method *method, void *in, BIO *bp, int ind) { NAMING_AUTHORITY * namingAuthority = (NAMING_AUTHORITY*) in;
*/ #include <stdio.h> #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> static void *v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, int indent); const X509V3_EXT_METHOD v3_crld = { NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), 0, 0, 0, 0, 0, 0, 0, v2i_crld, i2r_crldp, 0, NULL }; const X509V3_EXT_METHOD v3_freshest_crl = { NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), 0, 0, 0, 0, 0, 0, 0, v2i_crld, i2r_crldp, 0,
* SUCH DAMAGE. */ #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/conf.h> #include <openssl/x509v3.h> #include "ext_dat.h" static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, BIO *out, int indent); static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); const X509V3_EXT_METHOD v3_pci = { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), 0, 0, 0, 0, 0, 0, NULL, NULL, (X509V3_EXT_I2R)i2r_pci, (X509V3_EXT_R2I)r2i_pci, NULL, }; static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci, BIO *out, int indent) { BIO_printf(out, "%*sPath Length Constraint: ", indent, ""); if (pci->pcPathLengthConstraint) i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint); else
{CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, {CRL_REASON_CESSATION_OF_OPERATION, "Cessation Of Operation", "cessationOfOperation"}, {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, {-1, NULL, NULL} }; #ifdef __cplusplus extern "C" { #endif extern X509V3_EXT_METHOD v3_crl_reason = { NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), 0,0,0,0, (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, 0, 0,0,0,0, crl_reasons}; char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e) { ENUMERATED_NAMES *enam; long strval; strval = ASN1_ENUMERATED_get(e); for(enam = (ENUMERATED_NAMES*)method->usr_data; enam->lname; enam++) { if(strval == enam->bitnum) return BUF_strdup(enam->lname);
#include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/err.h> #include <openssl/x509v3.h> static void *v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, int indent); const X509V3_EXT_METHOD v3_crld = { .ext_nid = NID_crl_distribution_points, .ext_flags = 0, .it = ASN1_ITEM_ref(CRL_DIST_POINTS), .ext_new = NULL, .ext_free = NULL, .d2i = NULL, .i2d = NULL, .i2s = NULL, .s2i = NULL, .i2v = NULL, .v2i = v2i_crld, .i2r = i2r_crldp, .r2i = NULL, .usr_data = NULL, }; const X509V3_EXT_METHOD v3_freshest_crl = { .ext_nid = NID_freshest_crl,
* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #include <string.h> #include <openssl/err.h> #include <openssl/x509v3.h> static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); const X509V3_EXT_METHOD v3_skey_id = { NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), 0, 0, 0, 0, (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, (X509V3_EXT_S2I)s2i_skey_id, 0, 0, 0, 0, NULL }; char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct) { return hex_to_string(oct->data, oct->length); } ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
#include <openssl/x509v3.h> static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx); const X509V3_EXT_METHOD v3_alt[] = { { .ext_nid = NID_subject_alt_name, .ext_flags = 0, .it = ASN1_ITEM_ref(GENERAL_NAMES), .ext_new = NULL, .ext_free = NULL, .d2i = NULL, .i2d = NULL, .i2s = NULL, .s2i = NULL, .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES, .v2i = (X509V3_EXT_V2I)v2i_subject_alt, .i2r = NULL, .r2i = NULL, .usr_data = NULL, }, { .ext_nid = NID_issuer_alt_name, .ext_flags = 0,