kris
/
boringssl
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
5667 Révisions
12 Branches
38 MiB
Aborescence: 9978f0a865
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '9978f0a865'
${ noResults }
boringssl/crypto/x509v3/v3_skey.c

v3_skey.c 5.0 KiB
Brut Vue normale Historique

Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
Remove string.h from base.h. Including string.h in base.h causes any file that includes a BoringSSL header to include string.h. Generally this wouldn't be a problem, although string.h might slow down the compile if it wasn't otherwise needed. However, it also causes problems for ipsec-tools in Android because OpenSSL didn't have this behaviour. This change removes string.h from base.h and, instead, adds it to each .c file that requires it. Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37 Reviewed-on: https://boringssl-review.googlesource.com/3200 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 9 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
Unexport and rename hex_to_string, string_to_hex, and name_cmp. Squatting these names is rather rude. Also hex_to_string and string_to_hex do the opposite of what one would expect, so rename them to something a bit less confusing. Update-Note: This removes some random utility functions. name_cmp is very specific to OpenSSL's config file format, so it's unlikely anyone is relying on it. I removed the one use of hex_to_string and string_to_hex I could find. Change-Id: I01554885ad306251e6982100d0b15cd89b1cdea7 Reviewed-on: https://boringssl-review.googlesource.com/c/33364 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
il y a 5 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
Unexport and rename hex_to_string, string_to_hex, and name_cmp. Squatting these names is rather rude. Also hex_to_string and string_to_hex do the opposite of what one would expect, so rename them to something a bit less confusing. Update-Note: This removes some random utility functions. name_cmp is very specific to OpenSSL's config file format, so it's unlikely anyone is relying on it. I removed the one use of hex_to_string and string_to_hex I could find. Change-Id: I01554885ad306251e6982100d0b15cd89b1cdea7 Reviewed-on: https://boringssl-review.googlesource.com/c/33364 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
il y a 5 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
Unexport and rename hex_to_string, string_to_hex, and name_cmp. Squatting these names is rather rude. Also hex_to_string and string_to_hex do the opposite of what one would expect, so rename them to something a bit less confusing. Update-Note: This removes some random utility functions. name_cmp is very specific to OpenSSL's config file format, so it's unlikely anyone is relying on it. I removed the one use of hex_to_string and string_to_hex I could find. Change-Id: I01554885ad306251e6982100d0b15cd89b1cdea7 Reviewed-on: https://boringssl-review.googlesource.com/c/33364 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
il y a 5 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
OpenSSL reformat x509/, x509v3/, pem/ and asn1/. OpenSSL upstream did a bulk reformat. We still have some files that have the old OpenSSL style and this makes applying patches to them more manual, and thus more error-prone, than it should be. This change is the result of running util/openssl-format-source -v -c . in the enumerated directories. A few files were in BoringSSL style and have not been touched. This change should be formatting only; no semantic difference. Change-Id: I75ced2970ae22b9facb930a79798350a09c5111e Reviewed-on: https://boringssl-review.googlesource.com/6904 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
il y a 8 ans
Inital import. Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
il y a 10 ans
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 
  1. /* v3_skey.c */

  2. /*

  3.  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project

  4.  * 1999.

  5.  */

  6. /* ====================================================================

  7.  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

  8.  *

  9.  * Redistribution and use in source and binary forms, with or without

  10.  * modification, are permitted provided that the following conditions

  11.  * are met:

  12.  *

  13.  * 1. Redistributions of source code must retain the above copyright

  14.  *    notice, this list of conditions and the following disclaimer.

  15.  *

  16.  * 2. Redistributions in binary form must reproduce the above copyright

  17.  *    notice, this list of conditions and the following disclaimer in

  18.  *    the documentation and/or other materials provided with the

  19.  *    distribution.

  20.  *

  21.  * 3. All advertising materials mentioning features or use of this

  22.  *    software must display the following acknowledgment:

  23.  *    "This product includes software developed by the OpenSSL Project

  24.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  25.  *

  26.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  27.  *    endorse or promote products derived from this software without

  28.  *    prior written permission. For written permission, please contact

  29.  *    licensing@OpenSSL.org.

  30.  *

  31.  * 5. Products derived from this software may not be called "OpenSSL"

  32.  *    nor may "OpenSSL" appear in their names without prior written

  33.  *    permission of the OpenSSL Project.

  34.  *

  35.  * 6. Redistributions of any form whatsoever must retain the following

  36.  *    acknowledgment:

  37.  *    "This product includes software developed by the OpenSSL Project

  38.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  41.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  43.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  44.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  45.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  46.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  47.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  48.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  49.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  50.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  51.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  52.  * ====================================================================

  53.  *

  54.  * This product includes cryptographic software written by Eric Young

  55.  * (eay@cryptsoft.com).  This product includes software written by Tim

  56.  * Hudson (tjh@cryptsoft.com). */

  57. 

  58. #include <stdio.h>

  59. #include <string.h>

  60. 

  61. #include <openssl/digest.h>

  62. #include <openssl/err.h>

  63. #include <openssl/obj.h>

  64. #include <openssl/x509v3.h>

  65. 

  66. #include "internal.h"

  67. 

  68. 

  69. static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,

  70.                                       X509V3_CTX *ctx, char *str);

  71. const X509V3_EXT_METHOD v3_skey_id = {

  72.     NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),

  73.     0, 0, 0, 0,

  74.     (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,

  75.     (X509V3_EXT_S2I)s2i_skey_id,

  76.     0, 0, 0, 0,

  77.     NULL

  78. };

  79. 

  80. char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)

  81. {

  82.     return x509v3_bytes_to_hex(oct->data, oct->length);

  83. }

  84. 

  85. ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,

  86.                                          X509V3_CTX *ctx, char *str)

  87. {

  88.     ASN1_OCTET_STRING *oct;

  89.     long length;

  90. 

  91.     if (!(oct = M_ASN1_OCTET_STRING_new())) {

  92.         OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  93.         return NULL;

  94.     }

  95. 

  96.     if (!(oct->data = x509v3_hex_to_bytes(str, &length))) {

  97.         M_ASN1_OCTET_STRING_free(oct);

  98.         return NULL;

  99.     }

  100. 

  101.     oct->length = length;

  102. 

  103.     return oct;

  104. 

  105. }

  106. 

  107. static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,

  108.                                       X509V3_CTX *ctx, char *str)

  109. {

  110.     ASN1_OCTET_STRING *oct;

  111.     ASN1_BIT_STRING *pk;

  112.     unsigned char pkey_dig[EVP_MAX_MD_SIZE];

  113.     unsigned int diglen;

  114. 

  115.     if (strcmp(str, "hash"))

  116.         return s2i_ASN1_OCTET_STRING(method, ctx, str);

  117. 

  118.     if (!(oct = M_ASN1_OCTET_STRING_new())) {

  119.         OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  120.         return NULL;

  121.     }

  122. 

  123.     if (ctx && (ctx->flags == CTX_TEST))

  124.         return oct;

  125. 

  126.     if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {

  127.         OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY);

  128.         goto err;

  129.     }

  130. 

  131.     if (ctx->subject_req)

  132.         pk = ctx->subject_req->req_info->pubkey->public_key;

  133.     else

  134.         pk = ctx->subject_cert->cert_info->key->public_key;

  135. 

  136.     if (!pk) {

  137.         OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY);

  138.         goto err;

  139.     }

  140. 

  141.     if (!EVP_Digest

  142.         (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))

  143.         goto err;

  144. 

  145.     if (!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {

  146.         OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  147.         goto err;

  148.     }

  149. 

  150.     return oct;

  151. 

  152.  err:

  153.     M_ASN1_OCTET_STRING_free(oct);

  154.     return NULL;

  155. }