diff options
author | steve <steve> | 2000-12-01 18:46:03 +0000 |
---|---|---|
committer | steve <steve> | 2000-12-01 18:46:03 +0000 |
commit | 25d4e720062478ee3cab2daedc3bfb49029455cc (patch) | |
tree | 10d86f1ffc00d9ce2d47b09f879a9f3abbbb1bc0 | |
parent | 787f53ab89e5c702455a017bf36ddd29c38aa3a3 (diff) | |
download | openssl-25d4e720062478ee3cab2daedc3bfb49029455cc.tar.gz |
Replace DSA public key ASN1 routines. A bit tricky because the
ASN1 code has two forms: just public key and public key with
paramaters. Use a modified CHOICE type to handle this.
Added new/free overrides to CHOICE type (needed for above).
Fix a typo in DSAPrivateKey.
Fix basicConstraints: fields should be OPTIONAL.
Delete some obsolete files.
There's not much of the old ASN1 code left now...
-rw-r--r-- | crypto/asn1/Makefile.ssl | 24 | ||||
-rw-r--r-- | crypto/asn1/d2i_s_pu.c | 121 | ||||
-rw-r--r-- | crypto/asn1/i2d_s_pu.c | 129 | ||||
-rw-r--r-- | crypto/asn1/tasn_dec.c | 1 | ||||
-rw-r--r-- | crypto/asn1/tasn_fre.c | 4 | ||||
-rw-r--r-- | crypto/asn1/tasn_new.c | 5 | ||||
-rw-r--r-- | crypto/dsa/dsa_asn1.c | 20 | ||||
-rw-r--r-- | crypto/x509v3/v3_bcons.c | 4 |
8 files changed, 31 insertions, 277 deletions
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index a391b6288..7affbcdee 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -27,7 +27,6 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \ x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ - d2i_s_pu.c i2d_s_pu.c \ d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ @@ -41,7 +40,6 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \ x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ - d2i_s_pu.o i2d_s_pu.o \ d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ @@ -433,17 +431,6 @@ d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -d2i_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_s_pu.o: ../../include/openssl/opensslconf.h -d2i_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -d2i_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_s_pu.o: ../cryptlib.h evp_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h evp_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -513,17 +500,6 @@ i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -i2d_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -i2d_s_pu.o: ../../include/openssl/opensslconf.h -i2d_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -i2d_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_s_pu.o: ../cryptlib.h n_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h n_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h n_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c deleted file mode 100644 index 0b7d2fafc..000000000 --- a/crypto/asn1/d2i_s_pu.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/asn1/d2i_s_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -#ifndef NO_NEG_PUBKEY_BUG -#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER -#endif - -DSA *d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length) - { - int i=ASN1_R_PARSING; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA *,DSA_new); - - M_ASN1_D2I_Init(); - if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) - == (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER)))) - { - c.slen=length; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key)) - == NULL) - goto err_bn; - ret->write_params=0; - } - else - { - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key)) - == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) - goto err_bn; - - ret->write_params=1; - } - - M_ASN1_INTEGER_free(bs); - bs=NULL; - M_ASN1_D2I_Finish_2(a); -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret); - if (bs != NULL) M_ASN1_INTEGER_free(bs); - return(NULL); - } -#endif diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c deleted file mode 100644 index e6014b82a..000000000 --- a/crypto/asn1/i2d_s_pu.c +++ /dev/null @@ -1,129 +0,0 @@ -/* crypto/asn1/i2d_s_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -int i2d_DSAPublicKey(DSA *a, unsigned char **pp) - { - BIGNUM *num[4]; - ASN1_INTEGER bs; - unsigned int j,i,tot=0,len,max=0,t=0,all,n=1; - unsigned char *p; - - if (a == NULL) return(0); - - all=a->write_params; - - num[0]=a->pub_key; - if (all) - { - num[1]=a->p; - num[2]=a->q; - num[3]=a->g; - n=4; - } - - for (i=0; i<n; i++) - { - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - if (all) - { - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - } - else - { - if (pp == NULL) return(tot); - } - - p= *pp; - if (all) - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE); - return(-1); - } - - for (i=0; i<n; i++) - { - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - *pp=p; - if(all) return(t); - else return(tot); - } -#endif diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index c87cbc93a..c2a40a4cd 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -230,7 +230,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 /* Otherwise must be an ASN1 parsing error */ errtt = tt; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); - /* FIXME: note choice type that did this */ return 0; } /* Did we fall off the end without reading anything? */ diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c index 1047eaceb..62b9dd1df 100644 --- a/crypto/asn1/tasn_fre.c +++ b/crypto/asn1/tasn_fre.c @@ -101,6 +101,10 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c break; case ASN1_ITYPE_CHOICE: + if(asn1_cb) { + i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); + if(i == 2) return; + } i = asn1_get_choice_selector(pval, it); if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it); if((i >= 0) && (i < it->tcount)) { diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c index 0f58fd80c..5011bf2a1 100644 --- a/crypto/asn1/tasn_new.c +++ b/crypto/asn1/tasn_new.c @@ -127,6 +127,11 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int break; case ASN1_ITYPE_CHOICE: + if(asn1_cb) { + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); + if(!i) goto auxerr; + if(i==2) return 1; + } if(!combine) { *pval = OPENSSL_malloc(it->size); if(!*pval) goto memerr; diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 97d288523..186932b00 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -101,6 +101,7 @@ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) } ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { + ASN1_SIMPLE(DSA, version, LONG), ASN1_SIMPLE(DSA, p, BIGNUM), ASN1_SIMPLE(DSA, q, BIGNUM), ASN1_SIMPLE(DSA, g, BIGNUM), @@ -118,3 +119,22 @@ ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams) +/* DSA public key is a bit trickier... its effectively a CHOICE type + * decided by a field called write_params which can either write out + * just the public key as an INTEGER or the parameters and public key + * in a SEQUENCE + */ + +ASN1_SEQUENCE(dsa_pub_internal) = { + ASN1_SIMPLE(DSA, pub_key, BIGNUM), + ASN1_SIMPLE(DSA, p, BIGNUM), + ASN1_SIMPLE(DSA, q, BIGNUM), + ASN1_SIMPLE(DSA, g, BIGNUM) +} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal); + +ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { + ASN1_SIMPLE(DSA, pub_key, BIGNUM), + ASN1_EX_COMBINE(0, 0, dsa_pub_internal) +} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey) diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c index 633b03aee..7dc866db7 100644 --- a/crypto/x509v3/v3_bcons.c +++ b/crypto/x509v3/v3_bcons.c @@ -81,8 +81,8 @@ NULL }; ASN1_SEQUENCE(BASIC_CONSTRAINTS) = { - ASN1_SIMPLE(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN), - ASN1_SIMPLE(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER) + ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN), + ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER) } ASN1_SEQUENCE_END(BASIC_CONSTRAINTS); IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) |