void X509_PKEY_free(X509_PKEY *x) { int i; if (x == NULL) return; i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY); #ifdef REF_PRINT REF_PRINT("X509_PKEY", x); #endif if (i > 0) return; #ifdef REF_CHECK if (i < 0) { fprintf(stderr, "X509_PKEY_free, bad reference count\n"); abort(); } #endif X509_ALGOR_free(x->enc_algor); ASN1_OCTET_STRING_free(x->enc_pkey); EVP_PKEY_free(x->dec_pkey); if (x->key_free) OPENSSL_free(x->key_data); OPENSSL_free(x); }
/* Make sure we do the right thing. Add here if you convert ones in tree */ int main(int argc, char **argv) { ASN1_INTEGER_free(NULL); ASN1_OBJECT_free(NULL); ASN1_OCTET_STRING_free(NULL); BIO_free_all(NULL); DIST_POINT_free(NULL); EVP_PKEY_free(NULL); GENERAL_NAME_free(NULL); GENERAL_SUBTREE_free(NULL); NAME_CONSTRAINTS_free(NULL); sk_GENERAL_NAME_pop_free(NULL, GENERAL_NAME_free); sk_X509_NAME_ENTRY_pop_free(NULL, X509_NAME_ENTRY_free); X509_NAME_ENTRY_free(NULL); printf("PASS\n"); return (0); }
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf) { ASN1_OCTET_STRING *oct = NULL; unsigned char *in = NULL; int inlen; if ((oct = ASN1_OCTET_STRING_new()) == NULL) { PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE); goto err; } inlen = ASN1_item_i2d(obj, &in, it); if (!in) { PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCODE_ERROR); goto err; } if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); OPENSSL_free(in); goto err; } if (zbuf) OPENSSL_cleanse(in, inlen); OPENSSL_free(in); return oct; err: ASN1_OCTET_STRING_free(oct); return NULL; }
static void * d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) { ASN1_OCTET_STRING *os, **pos; pos = a; if (pos == NULL || *pos == NULL) { os = ASN1_OCTET_STRING_new(); if (os == NULL) goto err; } else os = *pos; if (ASN1_OCTET_STRING_set(os, *pp, length) == 0) goto err; *pp += length; if (pos != NULL) *pos = os; return os; err: if (pos == NULL || *pos != os) ASN1_OCTET_STRING_free(os); OCSPerror(ERR_R_MALLOC_FAILURE); return NULL; }
int CMS_set_detached(CMS_ContentInfo *cms, int detached) { ASN1_OCTET_STRING **pos; pos = CMS_get0_content(cms); if (!pos) return 0; if (detached) { if (*pos) { ASN1_OCTET_STRING_free(*pos); *pos = NULL; } return 1; } if (!*pos) *pos = ASN1_OCTET_STRING_new(); if (*pos) { /* NB: special flag to show content is created and not * read in. */ (*pos)->flags |= ASN1_STRING_FLAG_CONT; return 1; } CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE); return 0; }
X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen, PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe) { X509_SIG *p8; ASN1_OCTET_STRING *enckey; enckey = PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass, passlen, p8inf, 1); if (!enckey) { PKCS12err(PKCS12_F_PKCS8_SET0_PBE, PKCS12_R_ENCRYPT_ERROR); return NULL; } p8 = OPENSSL_zalloc(sizeof(*p8)); if (p8 == NULL) { PKCS12err(PKCS12_F_PKCS8_SET0_PBE, ERR_R_MALLOC_FAILURE); ASN1_OCTET_STRING_free(enckey); return NULL; } p8->algor = pbe; p8->digest = enckey; return p8; }
/* ---------- Public key functions * --------------------------------------*/ static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub) { X509_ALGOR *palg = NULL; const unsigned char *pubkey_buf = NULL; unsigned char *databuf; ASN1_OBJECT *palgobj = NULL; int pub_len,i,j; DSA *dsa; ASN1_OCTET_STRING *octet= NULL; if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len, &palg, pub)) return 0; EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL); if (!decode_gost_algor_params(pk,palg)) return 0; octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len); if (!octet) { GOSTerr(GOST_F_PUB_DECODE_GOST94,ERR_R_MALLOC_FAILURE); return 0; } databuf = (unsigned char*)OPENSSL_malloc(octet->length); for (i=0,j=octet->length-1;i<octet->length;i++,j--) { databuf[j]=octet->data[i]; } dsa = (DSA*)EVP_PKEY_get0(pk); dsa->pub_key=BN_bin2bn(databuf,octet->length,NULL); ASN1_OCTET_STRING_free(octet); OPENSSL_free(databuf); return 1; }
/** * @ingroup proxypolicy * * Sets the policy of the PROXYPOLICY * * @param proxypolicy the proxy policy to set the policy of * @param policy the policy to set it to * @param length the length of the policy * * @return 1 on success, 0 on error */ int PROXYPOLICY_set_policy( PROXYPOLICY * proxypolicy, unsigned char * policy, int length) { if(policy != NULL) { unsigned char * copy = malloc(length); memcpy(copy, policy, length); if(!proxypolicy->policy) { proxypolicy->policy = ASN1_OCTET_STRING_new(); } ASN1_OCTET_STRING_set(proxypolicy->policy, copy, length); } else { if(proxypolicy->policy) { ASN1_OCTET_STRING_free(proxypolicy->policy); } } return 1; }
/* For this case, I will malloc the return strings */ static int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) { ASN1_TYPE *so; #if 0 if (signed_seq2string_nid == -1) signed_seq2string_nid= OBJ_create("1.9.9999","OID_example","Our example OID"); /* To retrieve */ so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); if (so && (so->type == V_ASN1_SEQUENCE)) { ASN1_CTX c; ASN1_STRING *s; long length; ASN1_OCTET_STRING *os1,*os2; s=so->value.sequence; c.p=ASN1_STRING_data(s); c.max=c.p+ASN1_STRING_length(s); if (!asn1_GetSequence(&c,&length)) GOTO_ERR("") err; /* Length is the length of the seqence */ c.q=c.p; if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) GOTO_ERR(""); c.slen-=(c.p-c.q); c.q=c.p; if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) GOTO_ERR(""); c.slen-=(c.p-c.q); if (!asn1_Finish(&c)) GOTO_ERR("") err; *str1=Malloc(os1->length+1); *str2=Malloc(os2->length+1); memcpy(*str1,os1->data,os1->length); memcpy(*str2,os2->data,os2->length); (*str1)[os1->length]='\0'; (*str2)[os2->length]='\0'; ASN1_OCTET_STRING_free(os1); ASN1_OCTET_STRING_free(os2); return(1); } #endif err: return(0); }
static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub) { X509_ALGOR *palg = NULL; const unsigned char *pubkey_buf = NULL; unsigned char *databuf; ASN1_OBJECT *palgobj = NULL; int pub_len,i,j; EC_POINT *pub_key; BIGNUM *X,*Y; ASN1_OCTET_STRING *octet= NULL; int len; const EC_GROUP *group; if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len, &palg, pub)) return 0; EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL); if (!decode_gost_algor_params(pk,palg)) return 0; group = EC_KEY_get0_group(EVP_PKEY_get0(pk)); octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len); if (!octet) { GOSTerr(GOST_F_PUB_DECODE_GOST01,ERR_R_MALLOC_FAILURE); return 0; } databuf = OPENSSL_malloc(octet->length); for (i=0,j=octet->length-1;i<octet->length;i++,j--) { databuf[j]=octet->data[i]; } len=octet->length/2; ASN1_OCTET_STRING_free(octet); Y= getbnfrombuf(databuf,len); X= getbnfrombuf(databuf+len,len); OPENSSL_free(databuf); pub_key = EC_POINT_new(group); if (!EC_POINT_set_affine_coordinates_GFp(group ,pub_key,X,Y,NULL)) { GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); EC_POINT_free(pub_key); BN_free(X); BN_free(Y); return 0; } BN_free(X); BN_free(Y); if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk),pub_key)) { GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); EC_POINT_free(pub_key); return 0; } EC_POINT_free(pub_key); return 1; }
static size_t get_extension_by_object (X509 *x509, ASN1_OBJECT *obj, char **output) { int pos = X509_get_ext_by_OBJ (x509, obj, -1); if (pos < 0) { return 0; } X509_EXTENSION *ext = X509_get_ext (x509, pos); int tag; long len; int tc; const unsigned char *p = ext->value->data; ASN1_get_object (&p, &len, &tag, &tc, ext->value->length); size_t size; switch (tag) { case V_ASN1_UTF8STRING: { ASN1_UTF8STRING *str = ASN1_item_unpack (ext->value, ASN1_ITEM_rptr (ASN1_UTF8STRING)); *output = strndup ((const char *) ASN1_STRING_data (str), str->length); size = str->length; ASN1_UTF8STRING_free (str); return size; } case V_ASN1_OCTET_STRING: { ASN1_OCTET_STRING *octstr = ASN1_item_unpack (ext->value, ASN1_ITEM_rptr (ASN1_OCTET_STRING)); *output = malloc (octstr->length); memcpy (*output, octstr->data, octstr->length); size = octstr->length; ASN1_OCTET_STRING_free (octstr); return size; } default: { BIO *bio = BIO_new (BIO_s_mem ()); X509V3_EXT_print (bio, ext, 0, 0); size_t size = BIO_ctrl_pending (bio); char *buf = malloc (sizeof (char) * size); BIO_read (bio, buf, size); *output = buf; BIO_free (bio); return size; } } }
static void hmac_key_free(EVP_PKEY *pkey) { ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; if (os) { if (os->data) OPENSSL_cleanse(os->data, os->length); ASN1_OCTET_STRING_free(os); } }
static void hmac_key_free(EVP_PKEY *pkey) { ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; if (os) { if (os->data) vigortls_zeroize(os->data, os->length); ASN1_OCTET_STRING_free(os); } }
static void hmac_key_free(EVP_PKEY *pkey) { ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey); if (os) { if (os->data) OPENSSL_cleanse(os->data, os->length); ASN1_OCTET_STRING_free(os); } }
static void siphash_key_free(EVP_PKEY *pkey) { ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey); if (os != NULL) { if (os->data != NULL) OPENSSL_cleanse(os->data, os->length); ASN1_OCTET_STRING_free(os); } }
static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, int crit, void *ext_struc) { unsigned char *ext_der = NULL; int ext_len; ASN1_OCTET_STRING *ext_oct = NULL; X509_EXTENSION *ext; /* Convert internal representation to DER */ if (method->it) { ext_der = NULL; ext_len = ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it)); if (ext_len < 0) goto merr; } else { unsigned char *p; ext_len = method->i2d(ext_struc, NULL); if ((ext_der = OPENSSL_malloc(ext_len)) == NULL) goto merr; p = ext_der; method->i2d(ext_struc, &p); } if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL) goto merr; ext_oct->data = ext_der; ext_der = NULL; ext_oct->length = ext_len; ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); if (!ext) goto merr; ASN1_OCTET_STRING_free(ext_oct); return ext; merr: X509V3err(X509V3_F_DO_EXT_I2D, ERR_R_MALLOC_FAILURE); OPENSSL_free(ext_der); ASN1_OCTET_STRING_free(ext_oct); return NULL; }
SubjectKeyIdentifierExtension::SubjectKeyIdentifierExtension(X509_EXTENSION *ext) throw (CertificationException) : Extension(ext) { ASN1_OCTET_STRING *octetString; if (OBJ_obj2nid(ext->object) != NID_subject_key_identifier) { throw CertificationException(CertificationException::INVALID_TYPE, "SubjectKeyIdentifierExtension::SubjectKeyIdentifierExtension"); } octetString = (ASN1_OCTET_STRING *)X509V3_EXT_d2i(ext); keyIdentifier = ByteArray(octetString->data, octetString->length); ASN1_OCTET_STRING_free(octetString); }
void X509_PKEY_free(X509_PKEY *x) { if (x == NULL) return; X509_ALGOR_free(x->enc_algor); ASN1_OCTET_STRING_free(x->enc_pkey); EVP_PKEY_free(x->dec_pkey); if (x->key_free) OPENSSL_free(x->key_data); OPENSSL_free(x); }
/* int max_len: for returned value */ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, int max_len) { int ret = -1, n; ASN1_INTEGER *ai = NULL; ASN1_OCTET_STRING *os = NULL; const unsigned char *p; long length; ASN1_const_CTX c; if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) { goto err; } p = ASN1_STRING_data(a->value.sequence); length = ASN1_STRING_length(a->value.sequence); c.pp = &p; c.p = p; c.max = p + length; c.error = ASN1_R_DATA_IS_WRONG; M_ASN1_D2I_start_sequence(); c.q = c.p; if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL) goto err; c.slen -= (c.p - c.q); c.q = c.p; if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) goto err; c.slen -= (c.p - c.q); if (!M_ASN1_D2I_end_sequence()) goto err; if (num != NULL) *num = ASN1_INTEGER_get(ai); ret = ASN1_STRING_length(os); if (max_len > ret) n = ret; else n = max_len; if (data != NULL) memcpy(data, ASN1_STRING_data(os), n); if (0) { err: ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, ASN1_R_DATA_IS_WRONG); } ASN1_OCTET_STRING_free(os); if (ai != NULL) ASN1_INTEGER_free(ai); return (ret); }
int gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params) { int len = 0; unsigned char *buf = NULL; unsigned char *p = NULL; EVP_GOST2814789_CTX *c = ctx->cipher_data; ASN1_OCTET_STRING *os = NULL; GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); if (gcp == NULL) { GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); return 0; } if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) { GOST_CIPHER_PARAMS_free(gcp); GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB); return 0; } ASN1_OBJECT_free(gcp->enc_param_set); gcp->enc_param_set = OBJ_nid2obj(c->param_nid); len = i2d_GOST_CIPHER_PARAMS(gcp, NULL); p = buf = malloc(len); if (buf == NULL) { GOST_CIPHER_PARAMS_free(gcp); GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); return 0; } i2d_GOST_CIPHER_PARAMS(gcp, &p); GOST_CIPHER_PARAMS_free(gcp); os = ASN1_OCTET_STRING_new(); if (os == NULL) { free(buf); GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_MALLOC_FAILURE); return 0; } if (ASN1_OCTET_STRING_set(os, buf, len) == 0) { ASN1_OCTET_STRING_free(os); free(buf); GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB); return 0; } free(buf); ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os); return 1; }
static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) { ASN1_OCTET_STRING *oct; X509_PUBKEY *pubkey; const unsigned char *pk; int pklen; unsigned char pkey_dig[EVP_MAX_MD_SIZE]; unsigned int diglen; if (strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if ((oct = ASN1_OCTET_STRING_new()) == NULL) { X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); return NULL; } if (ctx && (ctx->flags == CTX_TEST)) return oct; if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) { X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); goto err; } if (ctx->subject_req) pubkey = ctx->subject_req->req_info.pubkey; else pubkey = ctx->subject_cert->cert_info.key; if (pubkey == NULL) { X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); goto err; } X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey); if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, EVP_sha1(), NULL)) goto err; if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); goto err; } return oct; err: ASN1_OCTET_STRING_free(oct); return NULL; }
static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { X509 *ret = (X509 *)*pval; switch (operation) { case ASN1_OP_NEW_POST: ret->valid = 0; ret->name = NULL; ret->ex_flags = 0; ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; #ifndef OPENSSL_NO_RFC3779 ret->rfc3779_addr = NULL; ret->rfc3779_asid = NULL; #endif ret->aux = NULL; ret->crldp = NULL; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); break; case ASN1_OP_D2I_POST: if (ret->name != NULL) OPENSSL_free(ret->name); ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0); break; case ASN1_OP_FREE_POST: CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); X509_CERT_AUX_free(ret->aux); ASN1_OCTET_STRING_free(ret->skid); AUTHORITY_KEYID_free(ret->akid); CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); GENERAL_NAMES_free(ret->altname); NAME_CONSTRAINTS_free(ret->nc); #ifndef OPENSSL_NO_RFC3779 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); #endif if (ret->name != NULL) OPENSSL_free(ret->name); break; } return 1; }
/* ########################################### */ int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) { /* To add an object of OID 1.9.999, which is a sequence containing * 2 octet strings */ unsigned char *p; ASN1_OCTET_STRING *os1, *os2; ASN1_STRING *seq; unsigned char *data; int i, total; if (signed_seq2string_nid == -1) signed_seq2string_nid = OBJ_create("1.9.9999","OID_example","Our example OID"); os1 = ASN1_OCTET_STRING_new(); os2 = ASN1_OCTET_STRING_new(); ASN1_OCTET_STRING_set(os1, (unsigned char*)str1, strlen(str1)); ASN1_OCTET_STRING_set(os2, (unsigned char*)str1, strlen(str1)); i = i2d_ASN1_OCTET_STRING(os1, NULL); i += i2d_ASN1_OCTET_STRING(os2, NULL); total = ASN1_object_size(1, i, V_ASN1_SEQUENCE); data = malloc(total); p = data; ASN1_put_object(&p, 1,i, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); i2d_ASN1_OCTET_STRING(os1, &p); i2d_ASN1_OCTET_STRING(os2, &p); seq = ASN1_STRING_new(); ASN1_STRING_set(seq, data, total); free(data); ASN1_OCTET_STRING_free(os1); ASN1_OCTET_STRING_free(os2); PKCS7_add_signed_attribute(si, signed_seq2string_nid, V_ASN1_SEQUENCE, (char *)seq); return (1); }
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) { ASN1_STRING *os; if ((os = ASN1_OCTET_STRING_new()) == NULL) return (0); if (!ASN1_OCTET_STRING_set(os, data, len)) { ASN1_OCTET_STRING_free(os); return 0; } ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os); return (1); }
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) { int nid; long ret; nid=OBJ_obj2nid(p7->type); switch (cmd) { /* NOTE(emilia): does not support detached digested data. */ case PKCS7_OP_SET_DETACHED_SIGNATURE: if (nid == NID_pkcs7_signed) { ret=p7->detached=(int)larg; if (ret && PKCS7_type_is_data(p7->d.sign->contents)) { ASN1_OCTET_STRING *os; os=p7->d.sign->contents->d.data; ASN1_OCTET_STRING_free(os); p7->d.sign->contents->d.data = NULL; } } else { PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); ret=0; } break; case PKCS7_OP_GET_DETACHED_SIGNATURE: if (nid == NID_pkcs7_signed) { if(!p7->d.sign || !p7->d.sign->contents->d.ptr) ret = 1; else ret = 0; p7->detached = ret; } else { PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); ret=0; } break; default: PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); ret=0; } return(ret); }
static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub) { X509_ALGOR *palg = NULL; const unsigned char *pubkey_buf = NULL; const unsigned char *p; ASN1_OBJECT *palgobj = NULL; int pub_len; BIGNUM *X, *Y; ASN1_OCTET_STRING *octet = NULL; int len; int ret; int ptype = V_ASN1_UNDEF; ASN1_STRING *pval = NULL; if (X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub) == 0) return 0; (void)EVP_PKEY_assign_GOST(pk, NULL); X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg); if (ptype != V_ASN1_SEQUENCE) { GOSTerr(GOST_F_PUB_DECODE_GOST01, GOST_R_BAD_KEY_PARAMETERS_FORMAT); return 0; } p = pval->data; if (decode_gost01_algor_params(pk, &p, pval->length) == 0) return 0; octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len); if (octet == NULL) { GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE); return 0; } len = octet->length / 2; X = GOST_le2bn(octet->data, len, NULL); Y = GOST_le2bn(octet->data + len, len, NULL); ASN1_OCTET_STRING_free(octet); ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y); if (ret == 0) GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB); BN_free(X); BN_free(Y); return ret; }
static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { X509 *ret = (X509 *)*pval; switch (operation) { case ASN1_OP_NEW_POST: ret->name = NULL; ret->ex_flags = 0; ret->ex_pathlen = -1; ret->skid = NULL; ret->akid = NULL; ret->aux = NULL; ret->crldp = NULL; ret->buf = NULL; CRYPTO_new_ex_data(&ret->ex_data); CRYPTO_MUTEX_init(&ret->lock); break; case ASN1_OP_D2I_PRE: CRYPTO_BUFFER_free(ret->buf); ret->buf = NULL; break; case ASN1_OP_D2I_POST: if (ret->name != NULL) OPENSSL_free(ret->name); ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0); break; case ASN1_OP_FREE_POST: CRYPTO_MUTEX_cleanup(&ret->lock); CRYPTO_free_ex_data(&g_ex_data_class, ret, &ret->ex_data); X509_CERT_AUX_free(ret->aux); ASN1_OCTET_STRING_free(ret->skid); AUTHORITY_KEYID_free(ret->akid); CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); GENERAL_NAMES_free(ret->altname); NAME_CONSTRAINTS_free(ret->nc); CRYPTO_BUFFER_free(ret->buf); OPENSSL_free(ret->name); break; } return 1; }
static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) { ASN1_OCTET_STRING *oct; ASN1_BIT_STRING *pk; unsigned char pkey_dig[EVP_MAX_MD_SIZE]; unsigned int diglen; if (strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); if ((oct = ASN1_OCTET_STRING_new()) == NULL) { X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); return NULL; } if (ctx && (ctx->flags == CTX_TEST)) return oct; if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) { X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); goto err; } if (ctx->subject_req) pk = ctx->subject_req->req_info->pubkey->public_key; else pk = ctx->subject_cert->cert_info->key->public_key; if (!pk) { X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); goto err; } if (!EVP_Digest (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL)) goto err; if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); goto err; } return oct; err: ASN1_OCTET_STRING_free(oct); return NULL; }
static int old_hmac_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) { ASN1_OCTET_STRING *os; os = ASN1_OCTET_STRING_new(); if (os == NULL || !ASN1_OCTET_STRING_set(os, *pder, derlen)) goto err; if (!EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os)) goto err; return 1; err: ASN1_OCTET_STRING_free(os); return 0; }
int X509_keyid_set1(X509 *x, unsigned char *id, int len) { X509_CERT_AUX *aux; if (!id) { if (!x || !x->aux || !x->aux->keyid) return 1; ASN1_OCTET_STRING_free(x->aux->keyid); x->aux->keyid = NULL; return 1; } if(!(aux = aux_get(x))) return 0; if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; return ASN1_STRING_set(aux->keyid, id, len); }