* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include "ecs_locl.h" #include <openssl/err.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(ECDSA_SIG) = { ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END(ECDSA_SIG) DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
sig = OPENSSL_malloc(sizeof(DSA_SIG)); if (!sig) { DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); return 0; } sig->r = NULL; sig->s = NULL; *pval = (ASN1_VALUE *)sig; return 2; } return 1; } ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) /* Override the default free and new methods */ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if(operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)DSA_new(); if(*pval) return 2; return 0; } else if(operation == ASN1_OP_FREE_PRE) { DSA_free((DSA *)*pval);
/* Minor tweak to operation: zero private key data */ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ if (operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; if (key->pkey) OPENSSL_cleanse(key->pkey->data, key->pkey->length); } return 1; } ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER), ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR), ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_OCTET_STRING), ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0) } ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, int ptype, void *pval, unsigned char *penc, int penclen) { if (version >= 0) { if (!ASN1_INTEGER_set(priv->version, version)) return 0; }
/* Override the default free and new methods */ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if (operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)DH_new(); if (*pval) return 2; return 0; } else if (operation == ASN1_OP_FREE_PRE) { DH_free((DH *)*pval); *pval = NULL; return 2; } return 1; } ASN1_SEQUENCE_cb(DHparams, dh_cb) = { ASN1_SIMPLE(DH, p, BIGNUM), ASN1_SIMPLE(DH, g, BIGNUM), ASN1_OPT(DH, length, ZLONG), } ASN1_SEQUENCE_END_cb(DH, DHparams) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) DH * DHparams_dup(DH *dh) { return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh); }
* This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <stdio.h> #include <openssl/local/cryptlib.h> #include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/rand.h> /* PKCS#5 v2.0 password based encryption structures */ ASN1_SEQUENCE(PBE2PARAM) = { ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR), ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR) } ASN1_SEQUENCE_END(PBE2PARAM) IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM) ASN1_SEQUENCE(PBKDF2PARAM) = { ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY), ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER), ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER), ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR) } ASN1_SEQUENCE_END(PBKDF2PARAM) IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
* SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ /* * This module was send to me my Pat Richards <*****@*****.**> who wrote it. * It is under my Copyright with his permission. */ #include <openssl_grpc/x509.h> #include <openssl_grpc/asn1t.h> ASN1_SEQUENCE(NETSCAPE_SPKAC) = { ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY), ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING) } ASN1_SEQUENCE_END(NETSCAPE_SPKAC) IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC) ASN1_SEQUENCE(NETSCAPE_SPKI) = { ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC), ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR), ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING) } ASN1_SEQUENCE_END(NETSCAPE_SPKI) IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
* Hudson ([email protected]). * */ #include <stdio.h> #include <string.h> #include <openssl/asn1t.h> #include <openssl/err.h> #include <openssl/rand.h> #include <openssl/x509.h> /* PKCS#5 password based encryption structure */ ASN1_SEQUENCE(PBEPARAM) = { ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) } ASN1_SEQUENCE_END(PBEPARAM) IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, const unsigned char *salt, int saltlen) { PBEPARAM *pbe = NULL; ASN1_STRING *pbe_str = NULL; unsigned char *sstr;
static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml); static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base); static int nc_ip(ASN1_OCTET_STRING *ip, ASN1_OCTET_STRING *base); const X509V3_EXT_METHOD v3_name_constraints = { NID_name_constraints, 0, ASN1_ITEM_ref(NAME_CONSTRAINTS), 0, 0, 0, 0, 0, 0, 0, v2i_NAME_CONSTRAINTS, i2r_NAME_CONSTRAINTS, 0, NULL }; ASN1_SEQUENCE(GENERAL_SUBTREE) = { ASN1_SIMPLE(GENERAL_SUBTREE, base, GENERAL_NAME), ASN1_IMP_OPT(GENERAL_SUBTREE, minimum, ASN1_INTEGER, 0), ASN1_IMP_OPT(GENERAL_SUBTREE, maximum, ASN1_INTEGER, 1) } ASN1_SEQUENCE_END(GENERAL_SUBTREE) ASN1_SEQUENCE(NAME_CONSTRAINTS) = { ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, permittedSubtrees, GENERAL_SUBTREE, 0), ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, excludedSubtrees, GENERAL_SUBTREE, 1), } ASN1_SEQUENCE_END(NAME_CONSTRAINTS) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE) IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); ASIdentifiers_free(ret->rfc3779_asid); #endif OPENSSL_free(ret->name); break; } return 1; } ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { ASN1_EMBED(X509, cert_info, X509_CINF), ASN1_EMBED(X509, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING) } ASN1_SEQUENCE_END_ref(X509, X509) IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp, new_func, dup_func, free_func); } int X509_set_ex_data(X509 *r, int idx, void *arg) {
* copied and put under another distribution licence * [including the GNU Public Licence.] */ #include "cryptlib.h" #include <openssl/evp.h> #include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/x509v3.h> #ifdef OPENSSL_SYS_WINDOWS #include <stdio.h> #endif ASN1_SEQUENCE(X509_CINF) = { ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), ASN1_SIMPLE(X509_CINF, issuer, X509_NAME), ASN1_SIMPLE(X509_CINF, validity, X509_VAL), ASN1_SIMPLE(X509_CINF, subject, X509_NAME), ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY), ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) } ASN1_SEQUENCE_END(X509_CINF) IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) /* X509 top level structure needs a bit of customisation */ extern void policy_cache_free(X509_POLICY_CACHE *cache);
CRL_DIST_POINTS_free(ret->crldp); policy_cache_free(ret->policy_cache); GENERAL_NAMES_free(ret->altname); NAME_CONSTRAINTS_free(ret->nc); CRYPTO_BUFFER_free(ret->buf); OPENSSL_free(ret->name); break; } return 1; } ASN1_SEQUENCE_ref(X509, x509_cb) = { ASN1_SIMPLE(X509, cert_info, X509_CINF), ASN1_SIMPLE(X509, sig_alg, X509_ALGOR), ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING) } ASN1_SEQUENCE_END_ref(X509, X509) IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf) { if (CRYPTO_BUFFER_len(buf) > LONG_MAX) { OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW); return 0; } X509 *x509 = X509_new();
* either version 3 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/ocsp.h> ASN1_SEQUENCE(OCSP_SIGNATURE) = { ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR), ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING), ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0) } ASN1_SEQUENCE_END(OCSP_SIGNATURE) IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE) ASN1_SEQUENCE(OCSP_CERTID) = { ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR), ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING), ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING), ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER) } ASN1_SEQUENCE_END(OCSP_CERTID) IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
{ if (operation == ASN1_OP_NEW_PRE) { *pval = (ASN1_VALUE *)RSA_new(); if (*pval != NULL) return 2; return 0; } else if (operation == ASN1_OP_FREE_PRE) { RSA_free((RSA *)*pval); *pval = NULL; return 2; } return 1; } ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { ASN1_SIMPLE(RSA, version, LONG), ASN1_SIMPLE(RSA, n, BIGNUM), ASN1_SIMPLE(RSA, e, BIGNUM), ASN1_SIMPLE(RSA, d, CBIGNUM), ASN1_SIMPLE(RSA, p, CBIGNUM), ASN1_SIMPLE(RSA, q, CBIGNUM), ASN1_SIMPLE(RSA, dmp1, CBIGNUM), ASN1_SIMPLE(RSA, dmq1, CBIGNUM), ASN1_SIMPLE(RSA, iqmp, CBIGNUM) } ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey) ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { ASN1_SIMPLE(RSA, n, BIGNUM), ASN1_SIMPLE(RSA, e, BIGNUM), } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> ASN1_SEQUENCE(PROXY_POLICY) = { ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT), ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(PROXY_POLICY) IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY) ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) = { ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER), ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY) } ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION) IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
* https://www.openssl.org/source/license.html */ #include <stdio.h> #include "internal/cryptlib.h" #include <openssl/asn1t.h> #include <openssl/err.h> #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/rand.h> #ifndef OPENSSL_NO_SCRYPT /* PKCS#5 scrypt password based encryption structures */ ASN1_SEQUENCE(SCRYPT_PARAMS) = { ASN1_SIMPLE(SCRYPT_PARAMS, salt, ASN1_OCTET_STRING), ASN1_SIMPLE(SCRYPT_PARAMS, costParameter, ASN1_INTEGER), ASN1_SIMPLE(SCRYPT_PARAMS, blockSize, ASN1_INTEGER), ASN1_SIMPLE(SCRYPT_PARAMS, parallelizationParameter, ASN1_INTEGER), ASN1_OPT(SCRYPT_PARAMS, keyLength, ASN1_INTEGER), } ASN1_SEQUENCE_END(SCRYPT_PARAMS) IMPLEMENT_ASN1_FUNCTIONS(SCRYPT_PARAMS) static X509_ALGOR *pkcs5_scrypt_set(const unsigned char *salt, size_t saltlen, size_t keylen, uint64_t N, uint64_t r, uint64_t p); /* * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm using scrypt */
BIGN_ECPARAMS* specified; ASN1_NULL* implicit; } value; } BIGN_DOMAINPARAMS; typedef struct { long version; ASN1_OCTET_STRING* privateKey; BIGN_DOMAINPARAMS* parameters; ASN1_BIT_STRING* publicKey; } BIGN_PRIVATEKEY; ASN1_SEQUENCE(BIGN_FIELDID) = { ASN1_SIMPLE(BIGN_FIELDID, fieldType, ASN1_OBJECT), ASN1_SIMPLE(BIGN_FIELDID, prime, ASN1_INTEGER) } ASN1_SEQUENCE_END(BIGN_FIELDID) ASN1_SEQUENCE(BIGN_CURVE) = { ASN1_SIMPLE(BIGN_CURVE, a, ASN1_OCTET_STRING), ASN1_SIMPLE(BIGN_CURVE, b, ASN1_OCTET_STRING), ASN1_OPT(BIGN_CURVE, seed, ASN1_BIT_STRING) } ASN1_SEQUENCE_END(BIGN_CURVE) ASN1_SEQUENCE(BIGN_ECPARAMS) = { ASN1_SIMPLE(BIGN_ECPARAMS, version, LONG), ASN1_SIMPLE(BIGN_ECPARAMS, fieldID, BIGN_FIELDID),
* OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <stddef.h> #include <openssl/x509.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(X509_ALGOR) = { ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT), ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) } ASN1_SEQUENCE_END(X509_ALGOR) ASN1_ITEM_TEMPLATE(X509_ALGORS) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR) ASN1_ITEM_TEMPLATE_END(X509_ALGORS) IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS) IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) IMPLEMENT_STACK_OF(X509_ALGOR) IMPLEMENT_ASN1_SET_OF(X509_ALGOR) int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
if (ret < max_len) num = ret; else num = max_len; memcpy(data, p, num); return ret; } typedef struct { int32_t num; ASN1_OCTET_STRING *oct; } asn1_int_oct; ASN1_SEQUENCE(asn1_int_oct) = { ASN1_EMBED(asn1_int_oct, num, INT32), ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING) } static_ASN1_SEQUENCE_END(asn1_int_oct) DECLARE_ASN1_ITEM(asn1_int_oct) int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, int len) { asn1_int_oct atmp; ASN1_OCTET_STRING oct; atmp.num = num; atmp.oct = &oct; oct.data = data; oct.type = V_ASN1_OCTET_STRING; oct.length = len;
0,0,0,0, 0,0, 0,0, (X509V3_EXT_I2R)i2r_certpol, (X509V3_EXT_R2I)r2i_certpol, NULL }; ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO) ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES) IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) ASN1_SEQUENCE(POLICYINFO) = { ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT), ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO) } ASN1_SEQUENCE_END(POLICYINFO) IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO) ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY); ASN1_ADB(POLICYQUALINFO) = { ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)), ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE)) } ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL); ASN1_SEQUENCE(POLICYQUALINFO) = { ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT), ASN1_ADB_OBJECT(POLICYQUALINFO)
#include <stdio.h> #include "internal/cryptlib.h" #include <openssl/asn1t.h> #include <openssl/x509.h> #include "internal/x509_int.h" #include <openssl/x509v3.h> #include "x509_lcl.h" static int X509_REVOKED_cmp(const X509_REVOKED *const *a, const X509_REVOKED *const *b); static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); ASN1_SEQUENCE(X509_REVOKED) = { ASN1_EMBED(X509_REVOKED,serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME), ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) } ASN1_SEQUENCE_END(X509_REVOKED) static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r); static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer); static X509_CRL_METHOD int_crl_meth = { 0, 0, 0, def_crl_lookup, def_crl_verify };
#include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> #include <openssl/x509.h> #include <openssl/bn.h> #ifndef OPENSSL_NO_RFC3779 /* * OpenSSL ASN.1 template translation of RFC 3779 3.2.3. */ ASN1_SEQUENCE(ASRange) = { ASN1_SIMPLE(ASRange, min, ASN1_INTEGER), ASN1_SIMPLE(ASRange, max, ASN1_INTEGER) } ASN1_SEQUENCE_END(ASRange) ASN1_CHOICE(ASIdOrRange) = { ASN1_SIMPLE(ASIdOrRange, u.id, ASN1_INTEGER), ASN1_SIMPLE(ASIdOrRange, u.range, ASRange) } ASN1_CHOICE_END(ASIdOrRange) ASN1_CHOICE(ASIdentifierChoice) = { ASN1_SIMPLE(ASIdentifierChoice, u.inherit, ASN1_NULL), ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange) } ASN1_CHOICE_END(ASIdentifierChoice) ASN1_SEQUENCE(ASIdentifiers) = { ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET), 0,0,0,0, 0,0, 0, #ifdef SXNET_TEST (X509V3_EXT_V2I)sxnet_v2i, #else 0, #endif (X509V3_EXT_I2R)sxnet_i2r, 0, NULL }; ASN1_SEQUENCE(SXNETID) = { ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER), ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(SXNETID) IMPLEMENT_ASN1_FUNCTIONS(SXNETID) ASN1_SEQUENCE(SXNET) = { ASN1_SIMPLE(SXNET, version, ASN1_INTEGER), ASN1_SEQUENCE_OF(SXNET, ids, SXNETID) } ASN1_SEQUENCE_END(SXNET) IMPLEMENT_ASN1_FUNCTIONS(SXNET) static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent) {
* this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <stdlib.h> #include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/objects.h> static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if (operation == ASN1_OP_NEW_POST) { NETSCAPE_CERT_SEQUENCE *nsseq; nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval; nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence); } return 1; } /* Netscape certificate sequence structure */ ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = { ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT), ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0) } ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
* ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <openssl/opensslconf.h> #include <openssl/ts.h> #include <openssl/err.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(TS_MSG_IMPRINT) = { ASN1_SIMPLE(TS_MSG_IMPRINT, hash_algo, X509_ALGOR), ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(TS_MSG_IMPRINT) TS_MSG_IMPRINT * d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len) { return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &TS_MSG_IMPRINT_it); } int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out) { return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it);
* * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include <stdio.h> #include <openssl/asn1t.h> #include <openssl/x509.h> ASN1_SEQUENCE(X509_VAL) = { ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME), ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME) } ASN1_SEQUENCE_END(X509_VAL) IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
#endif /* Minor tweak to operation: free up EVP_PKEY */ static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { if (operation == ASN1_OP_FREE_POST) { X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; EVP_PKEY_free(pubkey->pkey); } return 1; } ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) } ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { X509_PUBKEY *pk=NULL; if (x == NULL) return(0); if ((pk=X509_PUBKEY_new()) == NULL) goto error; if (pkey->ameth) {
* * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include <stdio.h> #include <openssl/local/cryptlib.h> #include <openssl/asn1t.h> #include <openssl/x509.h> ASN1_SEQUENCE(X509_SIG) = { ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR), ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(X509_SIG) IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
* char *ptr; * STACK_OF(ASN1_TYPE) *set; * ASN1_TYPE *single; * } value; * } X509_ATTRIBUTE; * * this needs some extra thought because the CHOICE type is * merged with the main structure and because the value can * be anything at all we *must* try the SET OF first because * the ASN1_ANY type will swallow anything including the whole * SET OF structure. */ ASN1_CHOICE(X509_ATTRIBUTE_SET) = { ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY), ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY) } ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single) ASN1_SEQUENCE(X509_ATTRIBUTE) = { ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT), /* CHOICE type merged with parent */ ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET) } ASN1_SEQUENCE_END(X509_ATTRIBUTE) IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE) IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE) X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value) { X509_ATTRIBUTE *ret = NULL; ASN1_TYPE *val = NULL;
* * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include "cryptlib.h" #include <openssl/asn1t.h> #include <openssl/x509.h> static int X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b); ASN1_SEQUENCE(X509_REVOKED) = { ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME), ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) } ASN1_SEQUENCE_END(X509_REVOKED) /* The X509_CRL_INFO structure needs a bit of customisation. * Since we cache the original encoding the signature wont be affected by * reordering of the revoked field. */ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; if(!a || !a->revoked) return 1; switch(operation) { /* Just set cmp function here. We don't sort because that
ENCDEC_DATA(1, 1), \ ENCDEC_DATA(-1, -1), \ ENCDEC_DATA(0, ASN1_LONG_UNDEF) #if !OPENSSL_API_3 /***** LONG ******************************************************************/ typedef struct { /* If decoding is expected to succeed, set this to 1, otherwise 0 */ ASN1_BOOLEAN success; long test_long; long test_zlong; } ASN1_LONG_DATA; ASN1_SEQUENCE(ASN1_LONG_DATA) = { ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_FBOOLEAN), ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG), ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0) } static_ASN1_SEQUENCE_END(ASN1_LONG_DATA) IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA) IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA) static ASN1_LONG_DATA long_expected_32bit[] = { /* The following should fail on the second because it's the default */ { 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */ { 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */ CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */ CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */ CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */ CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */