* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include "ecs_locl.h" #include <openssl/err.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(ECDSA_SIG) = { ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM) } ASN1_SEQUENCE_END(ECDSA_SIG) DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
sig = OPENSSL_malloc(sizeof(DSA_SIG));
if (!sig)
{
DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
return 0;
}
sig->r = NULL;
sig->s = NULL;
*pval = (ASN1_VALUE *)sig;
return 2;
}
return 1;
}
ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
/* Override the default free and new methods */
static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
if(operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)DSA_new();
if(*pval) return 2;
return 0;
} else if(operation == ASN1_OP_FREE_PRE) {
DSA_free((DSA *)*pval);
/* Minor tweak to operation: zero private key data */
static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
if (operation == ASN1_OP_FREE_PRE) {
PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
if (key->pkey)
OPENSSL_cleanse(key->pkey->data, key->pkey->length);
}
return 1;
}
ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_OCTET_STRING),
ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
int version,
int ptype, void *pval, unsigned char *penc, int penclen)
{
if (version >= 0) {
if (!ASN1_INTEGER_set(priv->version, version))
return 0;
}
/* Override the default free and new methods */
static int
dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)DH_new();
if (*pval)
return 2;
return 0;
} else if (operation == ASN1_OP_FREE_PRE) {
DH_free((DH *)*pval);
*pval = NULL;
return 2;
}
return 1;
}
ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
ASN1_SIMPLE(DH, p, BIGNUM),
ASN1_SIMPLE(DH, g, BIGNUM),
ASN1_OPT(DH, length, ZLONG),
} ASN1_SEQUENCE_END_cb(DH, DHparams)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
DH *
DHparams_dup(DH *dh)
{
return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh);
}
* This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <stdio.h> #include <openssl/local/cryptlib.h> #include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/rand.h> /* PKCS#5 v2.0 password based encryption structures */ ASN1_SEQUENCE(PBE2PARAM) = { ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR), ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR) } ASN1_SEQUENCE_END(PBE2PARAM) IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM) ASN1_SEQUENCE(PBKDF2PARAM) = { ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY), ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER), ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER), ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR) } ASN1_SEQUENCE_END(PBKDF2PARAM) IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.] */
/*
* This module was send to me my Pat Richards <*****@*****.**> who wrote it.
* It is under my Copyright with his permission.
*/
#include <openssl_grpc/x509.h>
#include <openssl_grpc/asn1t.h>
ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
} ASN1_SEQUENCE_END(NETSCAPE_SPKAC)
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
ASN1_SEQUENCE(NETSCAPE_SPKI) = {
ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END(NETSCAPE_SPKI)
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
* Hudson ([email protected]). * */ #include <stdio.h> #include <string.h> #include <openssl/asn1t.h> #include <openssl/err.h> #include <openssl/rand.h> #include <openssl/x509.h> /* PKCS#5 password based encryption structure */ ASN1_SEQUENCE(PBEPARAM) = { ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) } ASN1_SEQUENCE_END(PBEPARAM) IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) /* Set an algorithm identifier for a PKCS#5 PBE algorithm */ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, const unsigned char *salt, int saltlen) { PBEPARAM *pbe = NULL; ASN1_STRING *pbe_str = NULL; unsigned char *sstr;
static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
static int nc_ip(ASN1_OCTET_STRING *ip, ASN1_OCTET_STRING *base);
const X509V3_EXT_METHOD v3_name_constraints = {
NID_name_constraints, 0,
ASN1_ITEM_ref(NAME_CONSTRAINTS),
0, 0, 0, 0,
0, 0,
0, v2i_NAME_CONSTRAINTS,
i2r_NAME_CONSTRAINTS, 0,
NULL
};
ASN1_SEQUENCE(GENERAL_SUBTREE) = {
ASN1_SIMPLE(GENERAL_SUBTREE, base, GENERAL_NAME),
ASN1_IMP_OPT(GENERAL_SUBTREE, minimum, ASN1_INTEGER, 0),
ASN1_IMP_OPT(GENERAL_SUBTREE, maximum, ASN1_INTEGER, 1)
} ASN1_SEQUENCE_END(GENERAL_SUBTREE)
ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, permittedSubtrees,
GENERAL_SUBTREE, 0),
ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, excludedSubtrees,
GENERAL_SUBTREE, 1),
} ASN1_SEQUENCE_END(NAME_CONSTRAINTS)
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
ASIdentifiers_free(ret->rfc3779_asid);
#endif
OPENSSL_free(ret->name);
break;
}
return 1;
}
ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
ASN1_EMBED(X509, cert_info, X509_CINF),
ASN1_EMBED(X509, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END_ref(X509, X509)
IMPLEMENT_ASN1_FUNCTIONS(X509)
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
new_func, dup_func, free_func);
}
int X509_set_ex_data(X509 *r, int idx, void *arg)
{
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#ifdef OPENSSL_SYS_WINDOWS
#include <stdio.h>
#endif
ASN1_SEQUENCE(X509_CINF) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
} ASN1_SEQUENCE_END(X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */
extern void policy_cache_free(X509_POLICY_CACHE *cache);
CRL_DIST_POINTS_free(ret->crldp);
policy_cache_free(ret->policy_cache);
GENERAL_NAMES_free(ret->altname);
NAME_CONSTRAINTS_free(ret->nc);
CRYPTO_BUFFER_free(ret->buf);
OPENSSL_free(ret->name);
break;
}
return 1;
}
ASN1_SEQUENCE_ref(X509, x509_cb) = {
ASN1_SIMPLE(X509, cert_info, X509_CINF),
ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END_ref(X509, X509)
IMPLEMENT_ASN1_FUNCTIONS(X509)
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf) {
if (CRYPTO_BUFFER_len(buf) > LONG_MAX) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
return 0;
}
X509 *x509 = X509_new();
* either version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/ocsp.h>
ASN1_SEQUENCE(OCSP_SIGNATURE) = {
ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
ASN1_SEQUENCE(OCSP_CERTID) = {
ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING),
ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
} ASN1_SEQUENCE_END(OCSP_CERTID)
IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)RSA_new();
if (*pval != NULL)
return 2;
return 0;
} else if (operation == ASN1_OP_FREE_PRE) {
RSA_free((RSA *)*pval);
*pval = NULL;
return 2;
}
return 1;
}
ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
ASN1_SIMPLE(RSA, version, LONG),
ASN1_SIMPLE(RSA, n, BIGNUM),
ASN1_SIMPLE(RSA, e, BIGNUM),
ASN1_SIMPLE(RSA, d, CBIGNUM),
ASN1_SIMPLE(RSA, p, CBIGNUM),
ASN1_SIMPLE(RSA, q, CBIGNUM),
ASN1_SIMPLE(RSA, dmp1, CBIGNUM),
ASN1_SIMPLE(RSA, dmq1, CBIGNUM),
ASN1_SIMPLE(RSA, iqmp, CBIGNUM)
} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
ASN1_SIMPLE(RSA, n, BIGNUM),
ASN1_SIMPLE(RSA, e, BIGNUM),
} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
ASN1_SEQUENCE(PROXY_POLICY) =
{
ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(PROXY_POLICY)
IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
{
ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_SCRYPT
/* PKCS#5 scrypt password based encryption structures */
ASN1_SEQUENCE(SCRYPT_PARAMS) = {
ASN1_SIMPLE(SCRYPT_PARAMS, salt, ASN1_OCTET_STRING),
ASN1_SIMPLE(SCRYPT_PARAMS, costParameter, ASN1_INTEGER),
ASN1_SIMPLE(SCRYPT_PARAMS, blockSize, ASN1_INTEGER),
ASN1_SIMPLE(SCRYPT_PARAMS, parallelizationParameter, ASN1_INTEGER),
ASN1_OPT(SCRYPT_PARAMS, keyLength, ASN1_INTEGER),
} ASN1_SEQUENCE_END(SCRYPT_PARAMS)
IMPLEMENT_ASN1_FUNCTIONS(SCRYPT_PARAMS)
static X509_ALGOR *pkcs5_scrypt_set(const unsigned char *salt, size_t saltlen,
size_t keylen, uint64_t N, uint64_t r,
uint64_t p);
/*
* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm using scrypt
*/
BIGN_ECPARAMS* specified;
ASN1_NULL* implicit;
} value;
} BIGN_DOMAINPARAMS;
typedef struct
{
long version;
ASN1_OCTET_STRING* privateKey;
BIGN_DOMAINPARAMS* parameters;
ASN1_BIT_STRING* publicKey;
} BIGN_PRIVATEKEY;
ASN1_SEQUENCE(BIGN_FIELDID) =
{
ASN1_SIMPLE(BIGN_FIELDID, fieldType, ASN1_OBJECT),
ASN1_SIMPLE(BIGN_FIELDID, prime, ASN1_INTEGER)
}
ASN1_SEQUENCE_END(BIGN_FIELDID)
ASN1_SEQUENCE(BIGN_CURVE) =
{
ASN1_SIMPLE(BIGN_CURVE, a, ASN1_OCTET_STRING),
ASN1_SIMPLE(BIGN_CURVE, b, ASN1_OCTET_STRING),
ASN1_OPT(BIGN_CURVE, seed, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END(BIGN_CURVE)
ASN1_SEQUENCE(BIGN_ECPARAMS) =
{
ASN1_SIMPLE(BIGN_ECPARAMS, version, LONG),
ASN1_SIMPLE(BIGN_ECPARAMS, fieldID, BIGN_FIELDID),
* OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <stddef.h> #include <openssl/x509.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(X509_ALGOR) = { ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT), ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) } ASN1_SEQUENCE_END(X509_ALGOR) ASN1_ITEM_TEMPLATE(X509_ALGORS) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR) ASN1_ITEM_TEMPLATE_END(X509_ALGORS) IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS) IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) IMPLEMENT_STACK_OF(X509_ALGOR) IMPLEMENT_ASN1_SET_OF(X509_ALGOR) int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
if (ret < max_len)
num = ret;
else
num = max_len;
memcpy(data, p, num);
return ret;
}
typedef struct {
int32_t num;
ASN1_OCTET_STRING *oct;
} asn1_int_oct;
ASN1_SEQUENCE(asn1_int_oct) = {
ASN1_EMBED(asn1_int_oct, num, INT32),
ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING)
} static_ASN1_SEQUENCE_END(asn1_int_oct)
DECLARE_ASN1_ITEM(asn1_int_oct)
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
int len)
{
asn1_int_oct atmp;
ASN1_OCTET_STRING oct;
atmp.num = num;
atmp.oct = &oct;
oct.data = data;
oct.type = V_ASN1_OCTET_STRING;
oct.length = len;
0,0,0,0,
0,0,
0,0,
(X509V3_EXT_I2R)i2r_certpol,
(X509V3_EXT_R2I)r2i_certpol,
NULL
};
ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES)
IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
ASN1_SEQUENCE(POLICYINFO) = {
ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
} ASN1_SEQUENCE_END(POLICYINFO)
IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
ASN1_ADB(POLICYQUALINFO) = {
ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
ASN1_SEQUENCE(POLICYQUALINFO) = {
ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
ASN1_ADB_OBJECT(POLICYQUALINFO)
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/x509_int.h"
#include <openssl/x509v3.h>
#include "x509_lcl.h"
static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
const X509_REVOKED *const *b);
static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
ASN1_SEQUENCE(X509_REVOKED) = {
ASN1_EMBED(X509_REVOKED,serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
static int def_crl_lookup(X509_CRL *crl,
X509_REVOKED **ret, ASN1_INTEGER *serial,
X509_NAME *issuer);
static X509_CRL_METHOD int_crl_meth = {
0,
0, 0,
def_crl_lookup,
def_crl_verify
};
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
#include <openssl/x509.h>
#include <openssl/bn.h>
#ifndef OPENSSL_NO_RFC3779
/*
* OpenSSL ASN.1 template translation of RFC 3779 3.2.3.
*/
ASN1_SEQUENCE(ASRange) = {
ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
} ASN1_SEQUENCE_END(ASRange)
ASN1_CHOICE(ASIdOrRange) = {
ASN1_SIMPLE(ASIdOrRange, u.id, ASN1_INTEGER),
ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
} ASN1_CHOICE_END(ASIdOrRange)
ASN1_CHOICE(ASIdentifierChoice) = {
ASN1_SIMPLE(ASIdentifierChoice, u.inherit, ASN1_NULL),
ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
} ASN1_CHOICE_END(ASIdentifierChoice)
ASN1_SEQUENCE(ASIdentifiers) = {
ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
0,0,0,0,
0,0,
0,
#ifdef SXNET_TEST
(X509V3_EXT_V2I)sxnet_v2i,
#else
0,
#endif
(X509V3_EXT_I2R)sxnet_i2r,
0,
NULL
};
ASN1_SEQUENCE(SXNETID) = {
ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(SXNETID)
IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
ASN1_SEQUENCE(SXNET) = {
ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
} ASN1_SEQUENCE_END(SXNET)
IMPLEMENT_ASN1_FUNCTIONS(SXNET)
static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
int indent)
{
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/objects.h>
static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
if (operation == ASN1_OP_NEW_POST) {
NETSCAPE_CERT_SEQUENCE *nsseq;
nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
}
return 1;
}
/* Netscape certificate sequence structure */
ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
* ==================================================================== * * This product includes cryptographic software written by Eric Young * ([email protected]). This product includes software written by Tim * Hudson ([email protected]). * */ #include <openssl/opensslconf.h> #include <openssl/ts.h> #include <openssl/err.h> #include <openssl/asn1t.h> ASN1_SEQUENCE(TS_MSG_IMPRINT) = { ASN1_SIMPLE(TS_MSG_IMPRINT, hash_algo, X509_ALGOR), ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING) } ASN1_SEQUENCE_END(TS_MSG_IMPRINT) TS_MSG_IMPRINT * d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len) { return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &TS_MSG_IMPRINT_it); } int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out) { return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it);
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
ASN1_SEQUENCE(X509_VAL) = {
ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
} ASN1_SEQUENCE_END(X509_VAL)
IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
#endif
/* Minor tweak to operation: free up EVP_PKEY */
static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
{
if (operation == ASN1_OP_FREE_POST)
{
X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
EVP_PKEY_free(pubkey->pkey);
}
return 1;
}
ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
X509_PUBKEY *pk=NULL;
if (x == NULL) return(0);
if ((pk=X509_PUBKEY_new()) == NULL) goto error;
if (pkey->ameth)
{
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <openssl/local/cryptlib.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
ASN1_SEQUENCE(X509_SIG) = {
ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(X509_SIG)
IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
* char *ptr;
* STACK_OF(ASN1_TYPE) *set;
* ASN1_TYPE *single;
* } value;
* } X509_ATTRIBUTE;
*
* this needs some extra thought because the CHOICE type is
* merged with the main structure and because the value can
* be anything at all we *must* try the SET OF first because
* the ASN1_ANY type will swallow anything including the whole
* SET OF structure.
*/
ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single)
ASN1_SEQUENCE(X509_ATTRIBUTE) = {
ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
/* CHOICE type merged with parent */
ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
} ASN1_SEQUENCE_END(X509_ATTRIBUTE)
IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
{
X509_ATTRIBUTE *ret = NULL;
ASN1_TYPE *val = NULL;
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b);
ASN1_SEQUENCE(X509_REVOKED) = {
ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
/* The X509_CRL_INFO structure needs a bit of customisation.
* Since we cache the original encoding the signature wont be affected by
* reordering of the revoked field.
*/
static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
if(!a || !a->revoked) return 1;
switch(operation) {
/* Just set cmp function here. We don't sort because that
ENCDEC_DATA(1, 1), \
ENCDEC_DATA(-1, -1), \
ENCDEC_DATA(0, ASN1_LONG_UNDEF)
#if !OPENSSL_API_3
/***** LONG ******************************************************************/
typedef struct {
/* If decoding is expected to succeed, set this to 1, otherwise 0 */
ASN1_BOOLEAN success;
long test_long;
long test_zlong;
} ASN1_LONG_DATA;
ASN1_SEQUENCE(ASN1_LONG_DATA) = {
ASN1_SIMPLE(ASN1_LONG_DATA, success, ASN1_FBOOLEAN),
ASN1_SIMPLE(ASN1_LONG_DATA, test_long, LONG),
ASN1_EXP_OPT(ASN1_LONG_DATA, test_zlong, ZLONG, 0)
} static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
static ASN1_LONG_DATA long_expected_32bit[] = {
/* The following should fail on the second because it's the default */
{ 0xff, 0, 1 }, { 0, 0, 0 }, /* t_zero */
{ 0, 0, 0 }, { 0xff, 1, 0x7fffffff }, /* t_longundef */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_SUCCESS(-1, -1), /* t_one_neg */
CUSTOM_EXPECTED_SUCCESS(-256, -256), /* t_minus_256 */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
