NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) { unsigned char *spki_der; const unsigned char *p; int spki_len; NETSCAPE_SPKI *spki; if (len <= 0) len = strlen(str); if (!(spki_der = malloc(len + 1))) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); return NULL; } spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len); if (spki_len < 0) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR); free(spki_der); return NULL; } p = spki_der; spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); free(spki_der); return spki; }
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT *obj; int ret = 1; if (x == NULL) return 0; obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE); return 0; } obj->type = X509_LU_CRL; obj->data.crl = x; CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); X509_OBJECT_up_ref_count(obj); if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret = 0; } else sk_X509_OBJECT_push(ctx->objs, obj); CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); return ret; }
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) { STACK_OF(X509_INFO) *inf; X509_INFO *itmp; BIO *in; int i, count = 0; if (type != X509_FILETYPE_PEM) return X509_load_cert_file(ctx, file, type); in = BIO_new_file(file, "r"); if (!in) { X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB); return 0; } inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); BIO_free(in); if (!inf) { X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB); return 0; } for (i = 0; i < sk_X509_INFO_num(inf); i++) { itmp = sk_X509_INFO_value(inf, i); if (itmp->x509) { X509_STORE_add_cert(ctx->store_ctx, itmp->x509); count++; } if (itmp->crl) { X509_STORE_add_crl(ctx->store_ctx, itmp->crl); count++; } } sk_X509_INFO_pop_free(inf, X509_INFO_free); return count; }
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) { X509_OBJECT *obj; int ret = 1; if (x == NULL) return 0; obj = OPENSSL_malloc(sizeof(*obj)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE); return 0; } obj->type = X509_LU_X509; obj->data.x509 = x; CRYPTO_THREAD_write_lock(ctx->lock); X509_OBJECT_up_ref_count(obj); if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free_contents(obj); OPENSSL_free(obj); X509err(X509_F_X509_STORE_ADD_CERT, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret = 0; } else sk_X509_OBJECT_push(ctx->objs, obj); CRYPTO_THREAD_unlock(ctx->lock); return ret; }
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { X509_PUBKEY *pk = NULL; if (x == NULL) return (0); if ((pk = X509_PUBKEY_new()) == NULL) goto error; if (pkey->ameth) { if (pkey->ameth->pub_encode) { if (!pkey->ameth->pub_encode(pk, pkey)) { X509err(X509_F_X509_PUBKEY_SET, X509_R_PUBLIC_KEY_ENCODE_ERROR); goto error; } } else { X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); goto error; } } else { X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM); goto error; } X509_PUBKEY_free(*x); *x = pk; return 1; error: X509_PUBKEY_free(pk); return 0; }
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) { int ret = 0; BIO *in = NULL; int i, count = 0; X509_CRL *x = NULL; if (file == NULL) return (1); in = BIO_new(BIO_s_file_internal()); if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_SYS_LIB); goto err; } if (type == X509_FILETYPE_PEM) { for (;;) { x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL); if (x == NULL) { if ((ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) && (count > 0)) { ERR_clear_error(); break; } else { X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_PEM_LIB); goto err; } } i = X509_STORE_add_crl(ctx->store_ctx, x); if (!i) goto err; count++; X509_CRL_free(x); x = NULL; } ret = count; } else if (type == X509_FILETYPE_ASN1) { x = d2i_X509_CRL_bio(in, NULL); if (x == NULL) { X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_ASN1_LIB); goto err; } i = X509_STORE_add_crl(ctx->store_ctx, x); if (!i) goto err; ret = i; } else { X509err(X509_F_X509_LOAD_CRL_FILE, X509_R_BAD_X509_FILETYPE); goto err; } err: if (x != NULL) X509_CRL_free(x); if (in != NULL) BIO_free(in); return (ret); }
EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key) { EVP_PKEY *ret = NULL; if (key == NULL) goto error; if (key->pkey != NULL) { CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); return key->pkey; } if (key->public_key == NULL) goto error; if ((ret = EVP_PKEY_new()) == NULL) { X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); goto error; } if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM); goto error; } if (ret->ameth->pub_decode) { if (!ret->ameth->pub_decode(ret, key)) { X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR); goto error; } } else { X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED); goto error; } /* Check to see if another thread set key->pkey first */ CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); if (key->pkey) { CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); EVP_PKEY_free(ret); ret = key->pkey; } else { key->pkey = ret; CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); } CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); return ret; error: if (ret != NULL) EVP_PKEY_free(ret); return (NULL); }
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) { int ret = 0; BIO *in = NULL; int i, count = 0; X509 *x = NULL; in = BIO_new(BIO_s_file()); if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_SYS_LIB); goto err; } if (type == X509_FILETYPE_PEM) { for (;;) { x = PEM_read_bio_X509_AUX(in, NULL, NULL, ""); if (x == NULL) { if ((ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) && (count > 0)) { ERR_clear_error(); break; } else { X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_PEM_LIB); goto err; } } i = X509_STORE_add_cert(ctx->store_ctx, x); if (!i) goto err; count++; X509_free(x); x = NULL; } ret = count; } else if (type == X509_FILETYPE_ASN1) { x = d2i_X509_bio(in, NULL); if (x == NULL) { X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_ASN1_LIB); goto err; } i = X509_STORE_add_cert(ctx->store_ctx, x); if (!i) goto err; ret = i; } else { X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_BAD_X509_FILETYPE); goto err; } if (ret == 0) X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_NO_CERTIFICATE_FOUND); err: X509_free(x); BIO_free(in); return ret; }
int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), char *name, int arg1, void *arg2) { int idx; X509_TRUST *trtmp; /* * This is set according to what we change: application can't set it */ flags &= ~X509_TRUST_DYNAMIC; /* This will always be set for application modified trust entries */ flags |= X509_TRUST_DYNAMIC_NAME; /* Get existing entry if any */ idx = X509_TRUST_get_by_id(id); /* Need a new entry */ if (idx == -1) { if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) { X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; } else trtmp = X509_TRUST_get0(idx); /* OPENSSL_free existing name if dynamic */ if (trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); /* dup supplied name */ if ((trtmp->name = OPENSSL_strdup(name)) == NULL) { X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); return 0; } /* Keep the dynamic flag of existing entry */ trtmp->flags &= X509_TRUST_DYNAMIC; /* Set all other flags */ trtmp->flags |= flags; trtmp->trust = id; trtmp->check_trust = ck; trtmp->arg1 = arg1; trtmp->arg2 = arg2; /* If its a new entry manage the dynamic table */ if (idx == -1) { if (trtable == NULL && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) { X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); return 0; } if (!sk_X509_TRUST_push(trtable, trtmp)) { X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); return 0; } } return 1; }
/* * Serialize trusted certificate to *pp, or just return the required buffer * length if pp == NULL. * * When pp is not NULL, but *pp == NULL, we allocate the buffer, but since * we're writing two ASN.1 objects back to back, we can't have i2d_X509() do * the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the * allocated buffer. */ int i2d_X509_AUX(X509 *a, unsigned char **pp) { int length; unsigned char *tmp; /* Buffer provided by caller */ if (pp == NULL || *pp != NULL) return i2d_x509_aux_internal(a, pp); /* Obtain the combined length */ if ((length = i2d_x509_aux_internal(a, NULL)) <= 0) return length; /* Allocate requisite combined storage */ *pp = tmp = OPENSSL_malloc(length); if (tmp == NULL) { X509err(X509_F_I2D_X509_AUX, ERR_R_MALLOC_FAILURE); return -1; } /* Encode, but keep *pp at the originally malloced pointer */ length = i2d_x509_aux_internal(a, &tmp); if (length <= 0) { OPENSSL_free(*pp); *pp = NULL; } return length; }
static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **retp) { int ret=0; BY_DIR *ld; char *dir = NULL; ld=(BY_DIR *)ctx->method_data; switch (cmd) { case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) { dir=(char *)Getenv(X509_get_default_cert_dir_env()); if (dir) ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); else ret=add_cert_dir(ld,X509_get_default_cert_dir(), X509_FILETYPE_PEM); if (!ret) { X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); } } else ret=add_cert_dir(ld,argp,(int)argl); break; } return(ret); }
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **ret) { int ok = 0; const char *file; switch (cmd) { case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { file = ossl_safe_getenv(X509_get_default_cert_file_env()); if (file) ok = (X509_load_cert_crl_file(ctx, file, X509_FILETYPE_PEM) != 0); else ok = (X509_load_cert_crl_file (ctx, X509_get_default_cert_file(), X509_FILETYPE_PEM) != 0); if (!ok) { X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS); } } else { if (argl == X509_FILETYPE_PEM) ok = (X509_load_cert_crl_file(ctx, argp, X509_FILETYPE_PEM) != 0); else ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0); } break; } return ok; }
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) { X509_OBJECT *obj; int ret = 1; if (x == NULL) return 0; obj = X509_OBJECT_new(); if (obj == NULL) return 0; obj->type = X509_LU_CRL; obj->data.crl = x; CRYPTO_THREAD_write_lock(ctx->lock); X509_OBJECT_up_ref_count(obj); if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free(obj); X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret = 0; } else sk_X509_OBJECT_push(ctx->objs, obj); CRYPTO_THREAD_unlock(ctx->lock); return ret; }
EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key) { EVP_PKEY *ret = NULL; if (key == NULL || key->public_key == NULL) return NULL; if (key->pkey != NULL) return key->pkey; /* * When the key ASN.1 is initially parsed an attempt is made to * decode the public key and cache the EVP_PKEY structure. If this * operation fails the cached value will be NULL. Parsing continues * to allow parsing of unknown key types or unsupported forms. * We repeat the decode operation so the appropriate errors are left * in the queue. */ x509_pubkey_decode(&ret, key); /* If decode doesn't fail something bad happened */ if (ret != NULL) { X509err(X509_F_X509_PUBKEY_GET0, ERR_R_INTERNAL_ERROR); EVP_PKEY_free(ret); } return NULL; }
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) { char *s,*c,*b; int ret=0,l,i; l=80-2-obase; b=s=X509_NAME_oneline(name,NULL,0); if (!*s) { OPENSSL_free(b); return 1; } s++; /* skip the first slash */ c=s; for (;;) { #ifndef CHARSET_EBCDIC if ( ((*s == '/') && ((s[1] >= 'A') && (s[1] <= 'Z') && ( (s[2] == '=') || ((s[2] >= 'A') && (s[2] <= 'Z') && (s[3] == '=')) ))) || (*s == '\0')) #else if ( ((*s == '/') && (isupper(s[1]) && ( (s[2] == '=') || (isupper(s[2]) && (s[3] == '=')) ))) || (*s == '\0')) #endif { i=(int)(s-c); if (BIO_write(bp,c,i) != i) goto err; c+=i; c++; if (*s != '\0') { if (BIO_write(bp,", ",2) != 2) goto err; } l--; } if (*s == '\0') break; s++; l--; } ret=1; if (0) { err: X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); } OPENSSL_free(b); return(ret); }
int X509_TRUST_set(int *t, int trust) { if(X509_TRUST_get_by_id(trust) == -1) { X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST); return 0; } *t = trust; return 1; }
/* if set is -1, append to previous set, 0 'a new one', and 1, * prepend to the guy we are about to stomp on. */ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, int set) { X509_NAME_ENTRY *new_name = NULL; int n, i, inc; STACK_OF(X509_NAME_ENTRY) *sk; if (name == NULL) return (0); sk = name->entries; n = sk_X509_NAME_ENTRY_num(sk); if (loc > n) loc = n; else if (loc < 0) loc = n; name->modified = 1; if (set == -1) { if (loc == 0) { set = 0; inc = 1; } else { set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set; inc = 0; } } else { /* if (set >= 0) */ if (loc >= n) { if (loc != 0) set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1; else set = 0; } else set = sk_X509_NAME_ENTRY_value(sk, loc)->set; inc = (set == 0) ? 1 : 0; } if ((new_name = X509_NAME_ENTRY_dup(ne)) == NULL) goto err; new_name->set = set; if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) { X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE); goto err; } if (inc) { n = sk_X509_NAME_ENTRY_num(sk); for (i = loc + 1; i < n; i++) sk_X509_NAME_ENTRY_value(sk, i - 1)->set += 1; } return (1); err: if (new_name != NULL) X509_NAME_ENTRY_free(new_name); return (0); }
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj) { if ((ne == NULL) || (obj == NULL)) { X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT, ERR_R_PASSED_NULL_PARAMETER); return (0); } ASN1_OBJECT_free(ne->object); ne->object = OBJ_dup(obj); return ((ne->object == NULL) ? 0 : 1); }
static X509 *X509_REQ_to_X509_ex(X509_REQ *r, int days, EVP_PKEY *pkey, const EVP_MD* md) { X509 *ret = NULL; X509_CINF *xi = NULL; X509_NAME *xn; EVP_PKEY *pubkey = NULL; int res; if ((ret = X509_new()) == NULL) { X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE); return NULL; } /* duplicate the request */ xi = ret->cert_info; if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) { if ((xi->version = M_ASN1_INTEGER_new()) == NULL) goto err; if (!ASN1_INTEGER_set(xi->version, 2)) goto err; /*- xi->extensions=ri->attributes; <- bad, should not ever be done ri->attributes=NULL; */ } xn = X509_REQ_get_subject_name(r); if (X509_set_subject_name(ret, xn) == 0) goto err; if (X509_set_issuer_name(ret, xn) == 0) goto err; if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL) goto err; if (X509_gmtime_adj(xi->validity->notAfter, (long)60 * 60 * 24 * days) == NULL) goto err; pubkey = X509_REQ_get_pubkey(r); res = X509_set_pubkey(ret, pubkey); EVP_PKEY_free(pubkey); if (!md) goto err; if (!res || !X509_sign(ret, pkey, md)) goto err; if (0) { err: X509_free(ret); ret = NULL; } return (ret); }
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) { char *s, *c, *b; int l, i; l = 80 - 2 - obase; b = X509_NAME_oneline(name, NULL, 0); if (!b) return 0; if (!*b) { OPENSSL_free(b); return 1; } s = b + 1; /* skip the first slash */ c = s; for (;;) { #ifndef CHARSET_EBCDIC if (((*s == '/') && ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') || ((s[2] >= 'A') && (s[2] <= 'Z') && (s[3] == '=')) ))) || (*s == '\0')) #else if (((*s == '/') && (isupper(s[1]) && ((s[2] == '=') || (isupper(s[2]) && (s[3] == '=')) ))) || (*s == '\0')) #endif { i = s - c; if (BIO_write(bp, c, i) != i) goto err; c = s + 1; /* skip following slash */ if (*s != '\0') { if (BIO_write(bp, ", ", 2) != 2) goto err; } l--; } if (*s == '\0') break; s++; l--; } OPENSSL_free(b); return 1; err: X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB); OPENSSL_free(b); return 0; }
int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k) { EVP_PKEY *xk = NULL; int ok = 0; xk = X509_REQ_get_pubkey(x); switch (EVP_PKEY_cmp(xk, k)) { case 1: ok = 1; break; case 0: X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_KEY_VALUES_MISMATCH); break; case -1: X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH); break; case -2: #ifndef OPENSSL_NO_EC if (k->type == EVP_PKEY_EC) { X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB); break; } #endif #ifndef OPENSSL_NO_DH if (k->type == EVP_PKEY_DH) { /* No idea */ X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_CANT_CHECK_DH_KEY); break; } #endif X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE); } EVP_PKEY_free(xk); return (ok); }
X509_OBJECT *X509_OBJECT_new() { X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { X509err(X509_F_X509_OBJECT_NEW, ERR_R_MALLOC_FAILURE); return NULL; } ret->type = X509_LU_FAIL; return ret; }
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) { EVP_PKEY *ret=NULL; long j; int type; unsigned char *p; #ifndef OPENSSL_NO_DSA const unsigned char *cp; X509_ALGOR *a; #endif if (key == NULL) goto err; if (key->pkey != NULL) { CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); return(key->pkey); } if (key->public_key == NULL) goto err; type=OBJ_obj2nid(key->algor->algorithm); p=key->public_key->data; j=key->public_key->length; if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) { X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); goto err; } ret->save_parameters=0; #ifndef OPENSSL_NO_DSA a=key->algor; if (ret->type == EVP_PKEY_DSA) { if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { ret->pkey.dsa->write_params=0; cp=p=a->parameter->value.sequence->data; j=a->parameter->value.sequence->length; if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) goto err; } ret->save_parameters=1; } #endif key->pkey=ret; CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); return(ret); err: if (ret != NULL) EVP_PKEY_free(ret); return(NULL); }
int X509_REQ_print_fp(FILE *fp, X509_REQ *x) { BIO *b; int ret; if ((b = BIO_new(BIO_s_file())) == NULL) { X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB); return (0); } BIO_set_fp(b, fp, BIO_NOCLOSE); ret = X509_REQ_print(b, x); BIO_free(b); return (ret); }
int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag) { BIO *b; int ret; if ((b = BIO_new(BIO_s_file())) == NULL) { X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB); return (0); } BIO_set_fp(b, fp, BIO_NOCLOSE); ret = X509_print_ex(b, x, nmflag, cflag); BIO_free(b); return (ret); }
static int x509_pubkey_decode(EVP_PKEY **ppkey, X509_PUBKEY *key) { EVP_PKEY *pkey = EVP_PKEY_new(); if (pkey == NULL) { X509err(X509_F_X509_PUBKEY_DECODE, ERR_R_MALLOC_FAILURE); return -1; } if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(key->algor->algorithm))) { X509err(X509_F_X509_PUBKEY_DECODE, X509_R_UNSUPPORTED_ALGORITHM); goto error; } if (pkey->ameth->pub_decode) { /* * Treat any failure of pub_decode as a decode error. In * future we could have different return codes for decode * errors and fatal errors such as malloc failure. */ if (!pkey->ameth->pub_decode(pkey, key)) { X509err(X509_F_X509_PUBKEY_DECODE, X509_R_PUBLIC_KEY_DECODE_ERROR); goto error; } } else { X509err(X509_F_X509_PUBKEY_DECODE, X509_R_METHOD_NOT_SUPPORTED); goto error; } *ppkey = pkey; return 1; error: EVP_PKEY_free(pkey); return 0; }
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type, uint8_t *bytes, int len) { ASN1_OBJECT *obj; X509_NAME_ENTRY *nentry; obj = OBJ_nid2obj(nid); if (obj == NULL) { X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID, X509_R_UNKNOWN_NID); return (NULL); } nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); ASN1_OBJECT_free(obj); return nentry; }
X509_OBJECT *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name) { X509_OBJECT *ret; ret = OPENSSL_malloc(sizeof (*ret)); if (ret == NULL) { X509err(X509_F_X509_STORE_GET_X509_BY_SUBJECT, ERR_R_MALLOC_FAILURE); return NULL; } if (!X509_STORE_get_by_subject(vs, type, name, ret)) { OPENSSL_free(ret); return NULL; } return ret; }
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) { char *s, *c, *b; int ret = 0, l, i; l = 80 - 2 - obase; b = X509_NAME_oneline(name, NULL, 0); if (b == NULL) return 0; if (*b == '\0') { free(b); return 1; } s = b + 1; /* skip the first slash */ c = s; for (;;) { if (((*s == '/') && ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') || ((s[2] >= 'A') && (s[2] <= 'Z') && (s[3] == '='))))) || (*s == '\0')) { i = s - c; if (BIO_write(bp, c, i) != i) goto err; c = s + 1; /* skip following slash */ if (*s != '\0') { if (BIO_write(bp, ", ", 2) != 2) goto err; } l--; } if (*s == '\0') break; s++; l--; } ret = 1; if (0) { err: X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB); } free(b); return (ret); }
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const uint8_t *bytes, int len) { ASN1_OBJECT *obj; X509_NAME_ENTRY *nentry; obj = OBJ_txt2obj(field, 0); if (obj == NULL) { X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT, X509_R_INVALID_FIELD_NAME); ERR_asprintf_error_data("name=%s", field); return (NULL); } nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); ASN1_OBJECT_free(obj); return nentry; }