kris
/
boringssl
1
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
5667 Commits
12 Ramas
38 MiB
Árbol: 9978f0a865
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde '9978f0a865'
${ noResults }
boringssl/crypto/x509/asn1_gen.c

asn1_gen.c 25 KiB
Original Vista normal Histórico

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
Remove string.h from base.h. Including string.h in base.h causes any file that includes a BoringSSL header to include string.h. Generally this wouldn't be a problem, although string.h might slow down the compile if it wasn't otherwise needed. However, it also causes problems for ipsec-tools in Android because OpenSSL didn't have this behaviour. This change removes string.h from base.h and, instead, adds it to each .c file that requires it. Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37 Reviewed-on: https://boringssl-review.googlesource.com/3200 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 9 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
Enable MSVC warning C4701, use of potentially uninitialized variable. C4701 is "potentially uninitialized local variable 'buf' used". It sometimes results in false positives, which can now be suppressed using the macro OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS. Change-Id: I15068b5a48e1c704702e7752982b9ead855e7633 Reviewed-on: https://boringssl-review.googlesource.com/3160 Reviewed-by: Adam Langley <agl@google.com>
hace 9 años
Unexport and rename hex_to_string, string_to_hex, and name_cmp. Squatting these names is rather rude. Also hex_to_string and string_to_hex do the opposite of what one would expect, so rename them to something a bit less confusing. Update-Note: This removes some random utility functions. name_cmp is very specific to OpenSSL's config file format, so it's unlikely anyone is relying on it. I removed the one use of hex_to_string and string_to_hex I could find. Change-Id: I01554885ad306251e6982100d0b15cd89b1cdea7 Reviewed-on: https://boringssl-review.googlesource.com/c/33364 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
hace 5 años
Enable MSVC warning C4701, use of potentially uninitialized variable. C4701 is "potentially uninitialized local variable 'buf' used". It sometimes results in false positives, which can now be suppressed using the macro OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS. Change-Id: I15068b5a48e1c704702e7752982b9ead855e7633 Reviewed-on: https://boringssl-review.googlesource.com/3160 Reviewed-by: Adam Langley <agl@google.com>
hace 9 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Fix cross-module errors. Some files in crypto/x509 were moved from crypto/asn1, so they emit errors from another module. Fix make_errors.go to account for this: cross module errors must use the foreign module as the first argument to OPENSSL_PUT_ERROR. Both the function code and the error code should be declared in the foreign module. Update make_errors.go to ignore cross-module error lines when deciding which function tokens to emit. Change-Id: Ic38377ddd56e22d033ef91318c30510762f6445d Reviewed-on: https://boringssl-review.googlesource.com/3383 Reviewed-by: Adam Langley <agl@google.com>
hace 9 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Fix build when using Visual Studio 2015 Update 1. Many of the compatibility issues are described at https://msdn.microsoft.com/en-us/library/mt612856.aspx. The macros that suppressed warnings on a per-function basis no longer work in Update 1, so replace them with #pragmas. Update 1 warns when |size_t| arguments to |printf| are casted, so stop doing that casting. Unfortunately, this requires an ugly hack to continue working in MSVC 2013 as MSVC 2013 doesn't support "%zu". Finally, Update 1 has new warnings, some of which need to be suppressed. --- Updated by davidben to give up on suppressing warnings in crypto/x509 and crypto/x509v3 as those directories aren't changed much from upstream. In each of these cases, upstream opted just blindly initialize the variable, so do the same. Also switch C4265 to level 4, per Microsoft's recommendation and work around a bug in limits.h that happens to get fixed by Google include order style. (limits.h is sensitive to whether corecrt.h, pulled in by stddef.h and some other headers, is included before it. The reason it affected just one file is we often put the file's header first, which means base.h is pulling in stddef.h. Relying on this is ugly, but it's no worse than what everything else is doing and this doesn't seem worth making something as tame as limits.h so messy to use.) Change-Id: I02d1f935356899f424d3525d03eca401bfa3e6cd Reviewed-on: https://boringssl-review.googlesource.com/7480 Reviewed-by: David Benjamin <davidben@google.com>
hace 8 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Work around language and compiler bug in memcpy, etc. Most C standard library functions are undefined if passed NULL, even when the corresponding length is zero. This gives them (and, in turn, all functions which call them) surprising behavior on empty arrays. Some compilers will miscompile code due to this rule. See also https://www.imperialviolet.org/2016/06/26/nonnull.html Add OPENSSL_memcpy, etc., wrappers which avoid this problem. BUG=23 Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e Reviewed-on: https://boringssl-review.googlesource.com/12928 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Sync asn1_gen.c with upstream 1.0.2. This imports bf5b8ff17dd7039b15cbc6468cd865cbc219581d and a696708ae6bbe42f409748b3e31bb2f3034edbf3 from upstream. I missed them at some point. Change-Id: I882d995868e4c0461b7ca51a854691cf4faa7260 Reviewed-on: https://boringssl-review.googlesource.com/17384 Reviewed-by: Adam Langley <agl@google.com>
hace 7 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Unexport and rename hex_to_string, string_to_hex, and name_cmp. Squatting these names is rather rude. Also hex_to_string and string_to_hex do the opposite of what one would expect, so rename them to something a bit less confusing. Update-Note: This removes some random utility functions. name_cmp is very specific to OpenSSL's config file format, so it's unlikely anyone is relying on it. I removed the one use of hex_to_string and string_to_hex I could find. Change-Id: I01554885ad306251e6982100d0b15cd89b1cdea7 Reviewed-on: https://boringssl-review.googlesource.com/c/33364 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
hace 5 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
hace 10 años
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
hace 8 años
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842 
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/x509.h>

  58. 

  59. #include <string.h>

  60. 

  61. #include <openssl/asn1.h>

  62. #include <openssl/err.h>

  63. #include <openssl/mem.h>

  64. #include <openssl/obj.h>

  65. #include <openssl/x509v3.h>

  66. 

  67. #include "../internal.h"

  68. #include "../x509v3/internal.h"

  69. 

  70. /*

  71.  * Although this file is in crypto/x509 for layering purposes, it emits

  72.  * errors from the ASN.1 module for OpenSSL compatibility.

  73.  */

  74. 

  75. #define ASN1_GEN_FLAG           0x10000

  76. #define ASN1_GEN_FLAG_IMP       (ASN1_GEN_FLAG|1)

  77. #define ASN1_GEN_FLAG_EXP       (ASN1_GEN_FLAG|2)

  78. #define ASN1_GEN_FLAG_TAG       (ASN1_GEN_FLAG|3)

  79. #define ASN1_GEN_FLAG_BITWRAP   (ASN1_GEN_FLAG|4)

  80. #define ASN1_GEN_FLAG_OCTWRAP   (ASN1_GEN_FLAG|5)

  81. #define ASN1_GEN_FLAG_SEQWRAP   (ASN1_GEN_FLAG|6)

  82. #define ASN1_GEN_FLAG_SETWRAP   (ASN1_GEN_FLAG|7)

  83. #define ASN1_GEN_FLAG_FORMAT    (ASN1_GEN_FLAG|8)

  84. 

  85. #define ASN1_GEN_STR(str,val)   {str, sizeof(str) - 1, val}

  86. 

  87. #define ASN1_FLAG_EXP_MAX       20

  88. /* Maximum number of nested sequences */

  89. #define ASN1_GEN_SEQ_MAX_DEPTH  50

  90. 

  91. /* Input formats */

  92. 

  93. /* ASCII: default */

  94. #define ASN1_GEN_FORMAT_ASCII   1

  95. /* UTF8 */

  96. #define ASN1_GEN_FORMAT_UTF8    2

  97. /* Hex */

  98. #define ASN1_GEN_FORMAT_HEX     3

  99. /* List of bits */

  100. #define ASN1_GEN_FORMAT_BITLIST 4

  101. 

  102. struct tag_name_st {

  103.     const char *strnam;

  104.     int len;

  105.     int tag;

  106. };

  107. 

  108. typedef struct {

  109.     int exp_tag;

  110.     int exp_class;

  111.     int exp_constructed;

  112.     int exp_pad;

  113.     long exp_len;

  114. } tag_exp_type;

  115. 

  116. typedef struct {

  117.     int imp_tag;

  118.     int imp_class;

  119.     int utype;

  120.     int format;

  121.     const char *str;

  122.     tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];

  123.     int exp_count;

  124. } tag_exp_arg;

  125. 

  126. static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,

  127.                               int *perr);

  128. static int bitstr_cb(const char *elem, int len, void *bitstr);

  129. static int asn1_cb(const char *elem, int len, void *bitstr);

  130. static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,

  131.                       int exp_constructed, int exp_pad, int imp_ok);

  132. static int parse_tagging(const char *vstart, int vlen, int *ptag,

  133.                          int *pclass);

  134. static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,

  135.                              int depth, int *perr);

  136. static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);

  137. static int asn1_str2tag(const char *tagstr, int len);

  138. 

  139. ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)

  140. {

  141.     X509V3_CTX cnf;

  142. 

  143.     if (!nconf)

  144.         return ASN1_generate_v3(str, NULL);

  145. 

  146.     X509V3_set_nconf(&cnf, nconf);

  147.     return ASN1_generate_v3(str, &cnf);

  148. }

  149. 

  150. ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)

  151. {

  152.     int err = 0;

  153.     ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err);

  154.     if (err)

  155.         OPENSSL_PUT_ERROR(ASN1, err);

  156.     return ret;

  157. }

  158. 

  159. static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,

  160.                               int *perr)

  161. {

  162.     ASN1_TYPE *ret;

  163.     tag_exp_arg asn1_tags;

  164.     tag_exp_type *etmp;

  165. 

  166.     int i, len;

  167. 

  168.     unsigned char *orig_der = NULL, *new_der = NULL;

  169.     const unsigned char *cpy_start;

  170.     unsigned char *p;

  171.     const unsigned char *cp;

  172.     int cpy_len;

  173.     long hdr_len = 0;

  174.     int hdr_constructed = 0, hdr_tag, hdr_class;

  175.     int r;

  176. 

  177.     asn1_tags.imp_tag = -1;

  178.     asn1_tags.imp_class = -1;

  179.     asn1_tags.format = ASN1_GEN_FORMAT_ASCII;

  180.     asn1_tags.exp_count = 0;

  181.     if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {

  182.         *perr = ASN1_R_UNKNOWN_TAG;

  183.         return NULL;

  184.     }

  185. 

  186.     if ((asn1_tags.utype == V_ASN1_SEQUENCE)

  187.         || (asn1_tags.utype == V_ASN1_SET)) {

  188.         if (!cnf) {

  189.             *perr = ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG;

  190.             return NULL;

  191.         }

  192.         if (depth >= ASN1_GEN_SEQ_MAX_DEPTH) {

  193.             *perr = ASN1_R_ILLEGAL_NESTED_TAGGING;

  194.             return NULL;

  195.         }

  196.         ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr);

  197.     } else

  198.         ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);

  199. 

  200.     if (!ret)

  201.         return NULL;

  202. 

  203.     /* If no tagging return base type */

  204.     if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))

  205.         return ret;

  206. 

  207.     /* Generate the encoding */

  208.     cpy_len = i2d_ASN1_TYPE(ret, &orig_der);

  209.     ASN1_TYPE_free(ret);

  210.     ret = NULL;

  211.     /* Set point to start copying for modified encoding */

  212.     cpy_start = orig_der;

  213. 

  214.     /* Do we need IMPLICIT tagging? */

  215.     if (asn1_tags.imp_tag != -1) {

  216.         /* If IMPLICIT we will replace the underlying tag */

  217.         /* Skip existing tag+len */

  218.         r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class,

  219.                             cpy_len);

  220.         if (r & 0x80)

  221.             goto err;

  222.         /* Update copy length */

  223.         cpy_len -= cpy_start - orig_der;

  224.         /*

  225.          * For IMPLICIT tagging the length should match the original length

  226.          * and constructed flag should be consistent.

  227.          */

  228.         if (r & 0x1) {

  229.             /* Indefinite length constructed */

  230.             hdr_constructed = 2;

  231.             hdr_len = 0;

  232.         } else

  233.             /* Just retain constructed flag */

  234.             hdr_constructed = r & V_ASN1_CONSTRUCTED;

  235.         /*

  236.          * Work out new length with IMPLICIT tag: ignore constructed because

  237.          * it will mess up if indefinite length

  238.          */

  239.         len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);

  240.     } else

  241.         len = cpy_len;

  242. 

  243.     /* Work out length in any EXPLICIT, starting from end */

  244. 

  245.     for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;

  246.          i < asn1_tags.exp_count; i++, etmp--) {

  247.         /* Content length: number of content octets + any padding */

  248.         len += etmp->exp_pad;

  249.         etmp->exp_len = len;

  250.         /* Total object length: length including new header */

  251.         len = ASN1_object_size(0, len, etmp->exp_tag);

  252.     }

  253. 

  254.     /* Allocate buffer for new encoding */

  255. 

  256.     new_der = OPENSSL_malloc(len);

  257.     if (!new_der)

  258.         goto err;

  259. 

  260.     /* Generate tagged encoding */

  261. 

  262.     p = new_der;

  263. 

  264.     /* Output explicit tags first */

  265. 

  266.     for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;

  267.          i++, etmp++) {

  268.         ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,

  269.                         etmp->exp_tag, etmp->exp_class);

  270.         if (etmp->exp_pad)

  271.             *p++ = 0;

  272.     }

  273. 

  274.     /* If IMPLICIT, output tag */

  275. 

  276.     if (asn1_tags.imp_tag != -1) {

  277.         if (asn1_tags.imp_class == V_ASN1_UNIVERSAL

  278.             && (asn1_tags.imp_tag == V_ASN1_SEQUENCE

  279.                 || asn1_tags.imp_tag == V_ASN1_SET))

  280.             hdr_constructed = V_ASN1_CONSTRUCTED;

  281.         ASN1_put_object(&p, hdr_constructed, hdr_len,

  282.                         asn1_tags.imp_tag, asn1_tags.imp_class);

  283.     }

  284. 

  285.     /* Copy across original encoding */

  286.     OPENSSL_memcpy(p, cpy_start, cpy_len);

  287. 

  288.     cp = new_der;

  289. 

  290.     /* Obtain new ASN1_TYPE structure */

  291.     ret = d2i_ASN1_TYPE(NULL, &cp, len);

  292. 

  293.  err:

  294.     if (orig_der)

  295.         OPENSSL_free(orig_der);

  296.     if (new_der)

  297.         OPENSSL_free(new_der);

  298. 

  299.     return ret;

  300. 

  301. }

  302. 

  303. static int asn1_cb(const char *elem, int len, void *bitstr)

  304. {

  305.     tag_exp_arg *arg = bitstr;

  306.     int i;

  307.     int utype;

  308.     int vlen = 0;

  309.     const char *p, *vstart = NULL;

  310. 

  311.     int tmp_tag, tmp_class;

  312. 

  313.     if (elem == NULL)

  314.         return -1;

  315. 

  316.     for (i = 0, p = elem; i < len; p++, i++) {

  317.         /* Look for the ':' in name value pairs */

  318.         if (*p == ':') {

  319.             vstart = p + 1;

  320.             vlen = len - (vstart - elem);

  321.             len = p - elem;

  322.             break;

  323.         }

  324.     }

  325. 

  326.     utype = asn1_str2tag(elem, len);

  327. 

  328.     if (utype == -1) {

  329.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_TAG);

  330.         ERR_add_error_data(2, "tag=", elem);

  331.         return -1;

  332.     }

  333. 

  334.     /* If this is not a modifier mark end of string and exit */

  335.     if (!(utype & ASN1_GEN_FLAG)) {

  336.         arg->utype = utype;

  337.         arg->str = vstart;

  338.         /* If no value and not end of string, error */

  339.         if (!vstart && elem[len]) {

  340.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE);

  341.             return -1;

  342.         }

  343.         return 0;

  344.     }

  345. 

  346.     switch (utype) {

  347. 

  348.     case ASN1_GEN_FLAG_IMP:

  349.         /* Check for illegal multiple IMPLICIT tagging */

  350.         if (arg->imp_tag != -1) {

  351.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NESTED_TAGGING);

  352.             return -1;

  353.         }

  354.         if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class))

  355.             return -1;

  356.         break;

  357. 

  358.     case ASN1_GEN_FLAG_EXP:

  359. 

  360.         if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))

  361.             return -1;

  362.         if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))

  363.             return -1;

  364.         break;

  365. 

  366.     case ASN1_GEN_FLAG_SEQWRAP:

  367.         if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))

  368.             return -1;

  369.         break;

  370. 

  371.     case ASN1_GEN_FLAG_SETWRAP:

  372.         if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))

  373.             return -1;

  374.         break;

  375. 

  376.     case ASN1_GEN_FLAG_BITWRAP:

  377.         if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))

  378.             return -1;

  379.         break;

  380. 

  381.     case ASN1_GEN_FLAG_OCTWRAP:

  382.         if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))

  383.             return -1;

  384.         break;

  385. 

  386.     case ASN1_GEN_FLAG_FORMAT:

  387.         if (!vstart) {

  388.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT);

  389.             return -1;

  390.         }

  391.         if (!strncmp(vstart, "ASCII", 5))

  392.             arg->format = ASN1_GEN_FORMAT_ASCII;

  393.         else if (!strncmp(vstart, "UTF8", 4))

  394.             arg->format = ASN1_GEN_FORMAT_UTF8;

  395.         else if (!strncmp(vstart, "HEX", 3))

  396.             arg->format = ASN1_GEN_FORMAT_HEX;

  397.         else if (!strncmp(vstart, "BITLIST", 7))

  398.             arg->format = ASN1_GEN_FORMAT_BITLIST;

  399.         else {

  400.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_FORMAT);

  401.             return -1;

  402.         }

  403.         break;

  404. 

  405.     }

  406. 

  407.     return 1;

  408. 

  409. }

  410. 

  411. static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)

  412. {

  413.     char erch[2];

  414.     long tag_num;

  415.     char *eptr;

  416.     if (!vstart)

  417.         return 0;

  418.     tag_num = strtoul(vstart, &eptr, 10);

  419.     /* Check we haven't gone past max length: should be impossible */

  420.     if (eptr && *eptr && (eptr > vstart + vlen))

  421.         return 0;

  422.     if (tag_num < 0) {

  423.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER);

  424.         return 0;

  425.     }

  426.     *ptag = tag_num;

  427.     /* If we have non numeric characters, parse them */

  428.     if (eptr)

  429.         vlen -= eptr - vstart;

  430.     else

  431.         vlen = 0;

  432.     if (vlen) {

  433.         switch (*eptr) {

  434. 

  435.         case 'U':

  436.             *pclass = V_ASN1_UNIVERSAL;

  437.             break;

  438. 

  439.         case 'A':

  440.             *pclass = V_ASN1_APPLICATION;

  441.             break;

  442. 

  443.         case 'P':

  444.             *pclass = V_ASN1_PRIVATE;

  445.             break;

  446. 

  447.         case 'C':

  448.             *pclass = V_ASN1_CONTEXT_SPECIFIC;

  449.             break;

  450. 

  451.         default:

  452.             erch[0] = *eptr;

  453.             erch[1] = 0;

  454.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_MODIFIER);

  455.             ERR_add_error_data(2, "Char=", erch);

  456.             return 0;

  457.             break;

  458. 

  459.         }

  460.     } else

  461.         *pclass = V_ASN1_CONTEXT_SPECIFIC;

  462. 

  463.     return 1;

  464. 

  465. }

  466. 

  467. /* Handle multiple types: SET and SEQUENCE */

  468. 

  469. static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,

  470.                              int depth, int *perr)

  471. {

  472.     ASN1_TYPE *ret = NULL;

  473.     STACK_OF(ASN1_TYPE) *sk = NULL;

  474.     STACK_OF(CONF_VALUE) *sect = NULL;

  475.     unsigned char *der = NULL;

  476.     int derlen;

  477.     size_t i;

  478.     sk = sk_ASN1_TYPE_new_null();

  479.     if (!sk)

  480.         goto bad;

  481.     if (section) {

  482.         if (!cnf)

  483.             goto bad;

  484.         sect = X509V3_get_section(cnf, (char *)section);

  485.         if (!sect)

  486.             goto bad;

  487.         for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {

  488.             ASN1_TYPE *typ =

  489.                 generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf,

  490.                             depth + 1, perr);

  491.             if (!typ)

  492.                 goto bad;

  493.             if (!sk_ASN1_TYPE_push(sk, typ))

  494.                 goto bad;

  495.         }

  496.     }

  497. 

  498.     /*

  499.      * Now we has a STACK of the components, convert to the correct form

  500.      */

  501. 

  502.     if (utype == V_ASN1_SET)

  503.         derlen = i2d_ASN1_SET_ANY(sk, &der);

  504.     else

  505.         derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);

  506. 

  507.     if (derlen < 0)

  508.         goto bad;

  509. 

  510.     if (!(ret = ASN1_TYPE_new()))

  511.         goto bad;

  512. 

  513.     if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))

  514.         goto bad;

  515. 

  516.     ret->type = utype;

  517. 

  518.     ret->value.asn1_string->data = der;

  519.     ret->value.asn1_string->length = derlen;

  520. 

  521.     der = NULL;

  522. 

  523.  bad:

  524. 

  525.     if (der)

  526.         OPENSSL_free(der);

  527. 

  528.     if (sk)

  529.         sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);

  530.     if (sect)

  531.         X509V3_section_free(cnf, sect);

  532. 

  533.     return ret;

  534. }

  535. 

  536. static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,

  537.                       int exp_constructed, int exp_pad, int imp_ok)

  538. {

  539.     tag_exp_type *exp_tmp;

  540.     /* Can only have IMPLICIT if permitted */

  541.     if ((arg->imp_tag != -1) && !imp_ok) {

  542.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_IMPLICIT_TAG);

  543.         return 0;

  544.     }

  545. 

  546.     if (arg->exp_count == ASN1_FLAG_EXP_MAX) {

  547.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_DEPTH_EXCEEDED);

  548.         return 0;

  549.     }

  550. 

  551.     exp_tmp = &arg->exp_list[arg->exp_count++];

  552. 

  553.     /*

  554.      * If IMPLICIT set tag to implicit value then reset implicit tag since it

  555.      * has been used.

  556.      */

  557.     if (arg->imp_tag != -1) {

  558.         exp_tmp->exp_tag = arg->imp_tag;

  559.         exp_tmp->exp_class = arg->imp_class;

  560.         arg->imp_tag = -1;

  561.         arg->imp_class = -1;

  562.     } else {

  563.         exp_tmp->exp_tag = exp_tag;

  564.         exp_tmp->exp_class = exp_class;

  565.     }

  566.     exp_tmp->exp_constructed = exp_constructed;

  567.     exp_tmp->exp_pad = exp_pad;

  568. 

  569.     return 1;

  570. }

  571. 

  572. static int asn1_str2tag(const char *tagstr, int len)

  573. {

  574.     unsigned int i;

  575.     static const struct tag_name_st *tntmp, tnst[] = {

  576.         ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),

  577.         ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),

  578.         ASN1_GEN_STR("NULL", V_ASN1_NULL),

  579.         ASN1_GEN_STR("INT", V_ASN1_INTEGER),

  580.         ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),

  581.         ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),

  582.         ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),

  583.         ASN1_GEN_STR("OID", V_ASN1_OBJECT),

  584.         ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),

  585.         ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),

  586.         ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),

  587.         ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),

  588.         ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),

  589.         ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),

  590.         ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),

  591.         ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),

  592.         ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),

  593.         ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),

  594.         ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),

  595.         ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),

  596.         ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),

  597.         ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),

  598.         ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),

  599.         ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),

  600.         ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),

  601.         ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),

  602.         ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),

  603.         ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),

  604.         ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),

  605.         ASN1_GEN_STR("T61", V_ASN1_T61STRING),

  606.         ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),

  607.         ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),

  608.         ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),

  609.         ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),

  610.         ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),

  611.         ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),

  612. 

  613.         /* Special cases */

  614.         ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),

  615.         ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),

  616.         ASN1_GEN_STR("SET", V_ASN1_SET),

  617.         /* type modifiers */

  618.         /* Explicit tag */

  619.         ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),

  620.         ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),

  621.         /* Implicit tag */

  622.         ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),

  623.         ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),

  624.         /* OCTET STRING wrapper */

  625.         ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),

  626.         /* SEQUENCE wrapper */

  627.         ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),

  628.         /* SET wrapper */

  629.         ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),

  630.         /* BIT STRING wrapper */

  631.         ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),

  632.         ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),

  633.         ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),

  634.     };

  635. 

  636.     if (len == -1)

  637.         len = strlen(tagstr);

  638. 

  639.     tntmp = tnst;

  640.     for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {

  641.         if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))

  642.             return tntmp->tag;

  643.     }

  644. 

  645.     return -1;

  646. }

  647. 

  648. static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)

  649. {

  650.     ASN1_TYPE *atmp = NULL;

  651. 

  652.     CONF_VALUE vtmp;

  653. 

  654.     unsigned char *rdata;

  655.     long rdlen;

  656. 

  657.     int no_unused = 1;

  658. 

  659.     if (!(atmp = ASN1_TYPE_new())) {

  660.         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  661.         return NULL;

  662.     }

  663. 

  664.     if (!str)

  665.         str = "";

  666. 

  667.     switch (utype) {

  668. 

  669.     case V_ASN1_NULL:

  670.         if (str && *str) {

  671.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_NULL_VALUE);

  672.             goto bad_form;

  673.         }

  674.         break;

  675. 

  676.     case V_ASN1_BOOLEAN:

  677.         if (format != ASN1_GEN_FORMAT_ASCII) {

  678.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ASCII_FORMAT);

  679.             goto bad_form;

  680.         }

  681.         vtmp.name = NULL;

  682.         vtmp.section = NULL;

  683.         vtmp.value = (char *)str;

  684.         if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {

  685.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BOOLEAN);

  686.             goto bad_str;

  687.         }

  688.         break;

  689. 

  690.     case V_ASN1_INTEGER:

  691.     case V_ASN1_ENUMERATED:

  692.         if (format != ASN1_GEN_FORMAT_ASCII) {

  693.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT);

  694.             goto bad_form;

  695.         }

  696.         if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {

  697.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_INTEGER);

  698.             goto bad_str;

  699.         }

  700.         break;

  701. 

  702.     case V_ASN1_OBJECT:

  703.         if (format != ASN1_GEN_FORMAT_ASCII) {

  704.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_OBJECT_NOT_ASCII_FORMAT);

  705.             goto bad_form;

  706.         }

  707.         if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {

  708.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT);

  709.             goto bad_str;

  710.         }

  711.         break;

  712. 

  713.     case V_ASN1_UTCTIME:

  714.     case V_ASN1_GENERALIZEDTIME:

  715.         if (format != ASN1_GEN_FORMAT_ASCII) {

  716.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_TIME_NOT_ASCII_FORMAT);

  717.             goto bad_form;

  718.         }

  719.         if (!(atmp->value.asn1_string = ASN1_STRING_new())) {

  720.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  721.             goto bad_str;

  722.         }

  723.         if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {

  724.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  725.             goto bad_str;

  726.         }

  727.         atmp->value.asn1_string->type = utype;

  728.         if (!ASN1_TIME_check(atmp->value.asn1_string)) {

  729.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE);

  730.             goto bad_str;

  731.         }

  732. 

  733.         break;

  734. 

  735.     case V_ASN1_BMPSTRING:

  736.     case V_ASN1_PRINTABLESTRING:

  737.     case V_ASN1_IA5STRING:

  738.     case V_ASN1_T61STRING:

  739.     case V_ASN1_UTF8STRING:

  740.     case V_ASN1_VISIBLESTRING:

  741.     case V_ASN1_UNIVERSALSTRING:

  742.     case V_ASN1_GENERALSTRING:

  743.     case V_ASN1_NUMERICSTRING:

  744. 

  745.         if (format == ASN1_GEN_FORMAT_ASCII)

  746.             format = MBSTRING_ASC;

  747.         else if (format == ASN1_GEN_FORMAT_UTF8)

  748.             format = MBSTRING_UTF8;

  749.         else {

  750.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_FORMAT);

  751.             goto bad_form;

  752.         }

  753. 

  754.         if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,

  755.                                -1, format, ASN1_tag2bit(utype)) <= 0) {

  756.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  757.             goto bad_str;

  758.         }

  759. 

  760.         break;

  761. 

  762.     case V_ASN1_BIT_STRING:

  763. 

  764.     case V_ASN1_OCTET_STRING:

  765. 

  766.         if (!(atmp->value.asn1_string = ASN1_STRING_new())) {

  767.             OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  768.             goto bad_form;

  769.         }

  770. 

  771.         if (format == ASN1_GEN_FORMAT_HEX) {

  772. 

  773.             if (!(rdata = x509v3_hex_to_bytes((char *)str, &rdlen))) {

  774.                 OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_HEX);

  775.                 goto bad_str;

  776.             }

  777. 

  778.             atmp->value.asn1_string->data = rdata;

  779.             atmp->value.asn1_string->length = rdlen;

  780.             atmp->value.asn1_string->type = utype;

  781. 

  782.         } else if (format == ASN1_GEN_FORMAT_ASCII)

  783.             ASN1_STRING_set(atmp->value.asn1_string, str, -1);

  784.         else if ((format == ASN1_GEN_FORMAT_BITLIST)

  785.                  && (utype == V_ASN1_BIT_STRING)) {

  786.             if (!CONF_parse_list

  787.                 (str, ',', 1, bitstr_cb, atmp->value.bit_string)) {

  788.                 OPENSSL_PUT_ERROR(ASN1, ASN1_R_LIST_ERROR);

  789.                 goto bad_str;

  790.             }

  791.             no_unused = 0;

  792. 

  793.         } else {

  794.             OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_BITSTRING_FORMAT);

  795.             goto bad_form;

  796.         }

  797. 

  798.         if ((utype == V_ASN1_BIT_STRING) && no_unused) {

  799.             atmp->value.asn1_string->flags

  800.                 &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);

  801.             atmp->value.asn1_string->flags |= ASN1_STRING_FLAG_BITS_LEFT;

  802.         }

  803. 

  804.         break;

  805. 

  806.     default:

  807.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_TYPE);

  808.         goto bad_str;

  809.         break;

  810.     }

  811. 

  812.     atmp->type = utype;

  813.     return atmp;

  814. 

  815.  bad_str:

  816.     ERR_add_error_data(2, "string=", str);

  817.  bad_form:

  818. 

  819.     ASN1_TYPE_free(atmp);

  820.     return NULL;

  821. 

  822. }

  823. 

  824. static int bitstr_cb(const char *elem, int len, void *bitstr)

  825. {

  826.     long bitnum;

  827.     char *eptr;

  828.     if (!elem)

  829.         return 0;

  830.     bitnum = strtoul(elem, &eptr, 10);

  831.     if (eptr && *eptr && (eptr != elem + len))

  832.         return 0;

  833.     if (bitnum < 0) {

  834.         OPENSSL_PUT_ERROR(ASN1, ASN1_R_INVALID_NUMBER);

  835.         return 0;

  836.     }

  837.     if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {

  838.         OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);

  839.         return 0;

  840.     }

  841.     return 1;

  842. }