* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
} ASN1_SEQUENCE_END(X509_ALGOR)
-ASN1_ITEM_TEMPLATE(X509_ALGORS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
+ASN1_ITEM_TEMPLATE(X509_ALGORS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
IMPLEMENT_STACK_OF(X509_ALGOR)
IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
+int
+X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
{
if (!alg)
return 0;
alg->algorithm = aobj;
}
if (ptype == 0)
- return 1;
+ return 1;
if (ptype == V_ASN1_UNDEF) {
if (alg->parameter) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
}
- }
- else
+ } else
ASN1_TYPE_set(alg->parameter, ptype, pval);
return 1;
}
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
- X509_ALGOR *algor)
+void
+X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+ X509_ALGOR *algor)
{
if (paobj)
*paobj = algor->algorithm;
if (algor->parameter == NULL) {
*pptype = V_ASN1_UNDEF;
return;
- }
- else
+ } else
*pptype = algor->parameter->type;
if (ppval)
*ppval = algor->parameter->value.ptr;
/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
+void
+X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
{
int param_type;
param_type = V_ASN1_NULL;
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
+X509_ATTRIBUTE *
+X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
{
- X509_ATTRIBUTE *ret=NULL;
- ASN1_TYPE *val=NULL;
+ X509_ATTRIBUTE *ret = NULL;
+ ASN1_TYPE *val = NULL;
+
+ if ((ret = X509_ATTRIBUTE_new()) == NULL)
+ return (NULL);
+ ret->object = OBJ_nid2obj(nid);
+ ret->single = 0;
+ if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
+ goto err;
+ if ((val = ASN1_TYPE_new()) == NULL)
+ goto err;
+ if (!sk_ASN1_TYPE_push(ret->value.set, val))
+ goto err;
- if ((ret=X509_ATTRIBUTE_new()) == NULL)
- return(NULL);
- ret->object=OBJ_nid2obj(nid);
- ret->single=0;
- if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
- if ((val=ASN1_TYPE_new()) == NULL) goto err;
- if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
+ ASN1_TYPE_set(val, atrtype, value);
+ return (ret);
- ASN1_TYPE_set(val,atrtype,value);
- return(ret);
err:
- if (ret != NULL) X509_ATTRIBUTE_free(ret);
- if (val != NULL) ASN1_TYPE_free(val);
- return(NULL);
+ if (ret != NULL)
+ X509_ATTRIBUTE_free(ret);
+ if (val != NULL)
+ ASN1_TYPE_free(val);
+ return (NULL);
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it);
+static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ int utype, char *free_cont, const ASN1_ITEM *it);
static ASN1_PRIMITIVE_FUNCS bignum_pf = {
- NULL, 0,
+ NULL,
+ 0,
bn_new,
bn_free,
0,
};
ASN1_ITEM_start(BIGNUM)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
ASN1_ITEM_end(BIGNUM)
ASN1_ITEM_start(CBIGNUM)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
ASN1_ITEM_end(CBIGNUM)
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int
+bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*pval = (ASN1_VALUE *)BN_new();
- if(*pval) return 1;
- else return 0;
+ if (*pval)
+ return 1;
+ else
+ return 0;
}
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if(!*pval) return;
- if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
- else BN_free((BIGNUM *)*pval);
+ if (!*pval)
+ return;
+ if (it->size & BN_SENSITIVE)
+ BN_clear_free((BIGNUM *)*pval);
+ else
+ BN_free((BIGNUM *)*pval);
*pval = NULL;
}
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int
+bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
{
BIGNUM *bn;
int pad;
- if(!*pval) return -1;
+
+ if (!*pval)
+ return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */
- if(BN_num_bits(bn) & 0x7) pad = 0;
- else pad = 1;
- if(cont) {
- if(pad) *cont++ = 0;
+ if (BN_num_bits(bn) & 0x7)
+ pad = 0;
+ else
+ pad = 1;
+ if (cont) {
+ if (pad)
+ *cont++ = 0;
BN_bn2bin(bn, cont);
}
return pad + BN_num_bytes(bn);
}
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
- int utype, char *free_cont, const ASN1_ITEM *it)
+static int
+bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
+ char *free_cont, const ASN1_ITEM *it)
{
BIGNUM *bn;
- if(!*pval) bn_new(pval, it);
- bn = (BIGNUM *)*pval;
- if(!BN_bin2bn(cont, len, bn)) {
+
+ if (!*pval)
+ bn_new(pval, it);
+ bn = (BIGNUM *)*pval;
+ if (!BN_bin2bn(cont, len, bn)) {
bn_free(pval, it);
return 0;
}
return 1;
}
-
-
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/x509v3.h>
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b);
+ const X509_REVOKED * const *b);
static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
ASN1_SEQUENCE(X509_REVOKED) = {
- ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
- ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
- ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
+ ASN1_SIMPLE(X509_REVOKED, serialNumber, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_REVOKED, revocationDate, ASN1_TIME),
+ ASN1_SEQUENCE_OF_OPT(X509_REVOKED, extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
-static int def_crl_lookup(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer);
+static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial, X509_NAME *issuer);
-static X509_CRL_METHOD int_crl_meth =
-{
+static X509_CRL_METHOD int_crl_meth = {
+ 0,
+ 0,
0,
- 0,0,
def_crl_lookup,
def_crl_verify
};
* Since we cache the original encoding the signature wont be affected by
* reordering of the revoked field.
*/
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
- if(!a || !a->revoked) return 1;
- switch(operation) {
+ if (!a || !a->revoked)
+ return 1;
+ switch (operation) {
/* Just set cmp function here. We don't sort because that
* would affect the output of X509_CRL_print().
*/
case ASN1_OP_D2I_POST:
- (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
+ (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
break;
}
return 1;
* Check for unhandled critical CRL entry extensions.
*/
-static int crl_set_issuers(X509_CRL *crl)
+static int
+crl_set_issuers(X509_CRL *crl)
{
-
int i, j;
GENERAL_NAMES *gens, *gtmp;
STACK_OF(X509_REVOKED) *revoked;
STACK_OF(X509_EXTENSION) *exts;
ASN1_ENUMERATED *reason;
X509_EXTENSION *ext;
- gtmp = X509_REVOKED_get_ext_d2i(rev,
- NID_certificate_issuer,
- &j, NULL);
+ gtmp = X509_REVOKED_get_ext_d2i(rev, NID_certificate_issuer,
+ &j, NULL);
if (!gtmp && (j != -1)) {
crl->flags |= EXFLAG_INVALID;
return 1;
rev->issuer = gens;
reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
- &j, NULL);
+ &j, NULL);
if (!reason && (j != -1)) {
crl->flags |= EXFLAG_INVALID;
return 1;
rev->reason = ASN1_ENUMERATED_get(reason);
ASN1_ENUMERATED_free(reason);
} else
- rev->reason = CRL_REASON_NONE;
+ rev->reason = CRL_REASON_NONE;
/* Check for critical CRL entry extensions */
ext = sk_X509_EXTENSION_value(exts, j);
if (ext->critical > 0) {
if (OBJ_obj2nid(ext->object) ==
- NID_certificate_issuer)
+ NID_certificate_issuer)
continue;
crl->flags |= EXFLAG_CRITICAL;
break;
}
}
-
-
}
return 1;
-
}
/* The X509_CRL structure needs a bit of customisation. Cache some extensions
* and hash of the whole CRL.
*/
-static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_CRL *crl = (X509_CRL *)*pval;
STACK_OF(X509_EXTENSION) *exts;
X509_EXTENSION *ext;
int idx;
- switch(operation) {
+ switch (operation) {
case ASN1_OP_NEW_POST:
crl->idp = NULL;
crl->akid = NULL;
X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
#endif
crl->idp = X509_CRL_get_ext_d2i(crl,
- NID_issuing_distribution_point, NULL, NULL);
+ NID_issuing_distribution_point, NULL, NULL);
if (crl->idp)
setup_idp(crl, crl->idp);
crl->akid = X509_CRL_get_ext_d2i(crl,
- NID_authority_key_identifier, NULL, NULL);
+ NID_authority_key_identifier, NULL, NULL);
crl->crl_number = X509_CRL_get_ext_d2i(crl,
- NID_crl_number, NULL, NULL);
+ NID_crl_number, NULL, NULL);
crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
- NID_delta_crl, NULL, NULL);
+ NID_delta_crl, NULL, NULL);
/* Delta CRLs must have CRL number */
if (crl->base_crl_number && !crl->crl_number)
crl->flags |= EXFLAG_INVALID;
- /* See if we have any unhandled critical CRL extensions and
+ /* See if we have any unhandled critical CRL extensions and
* indicate this in a flag. We only currently handle IDP so
* anything else critical sets the flag.
*
crl->flags |= EXFLAG_FRESHEST;
if (ext->critical > 0) {
/* We handle IDP and deltas */
- if ((nid == NID_issuing_distribution_point)
- || (nid == NID_delta_crl))
+ if ((nid == NID_issuing_distribution_point) ||
+ (nid == NID_delta_crl))
break;;
crl->flags |= EXFLAG_CRITICAL;
break;
}
}
-
if (!crl_set_issuers(crl))
return 0;
/* Convert IDP into a more convenient form */
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+static void
+setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
{
int idp_only = 0;
+
/* Set various flags according to IDP */
crl->idp_flags |= IDP_PRESENT;
if (idp->onlyuser > 0) {
crl->idp_reasons = idp->onlysomereasons->data[0];
if (idp->onlysomereasons->length > 1)
crl->idp_reasons |=
- (idp->onlysomereasons->data[1] << 8);
+ (idp->onlysomereasons->data[1] << 8);
crl->idp_reasons &= CRLDP_ALL_REASONS;
}
IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b)
+static int
+X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
{
return(ASN1_STRING_cmp(
- (ASN1_STRING *)(*a)->serialNumber,
- (ASN1_STRING *)(*b)->serialNumber));
+ (ASN1_STRING *)(*a)->serialNumber,
+ (ASN1_STRING *)(*b)->serialNumber));
}
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+int
+X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
{
X509_CRL_INFO *inf;
+
inf = crl->crl;
- if(!inf->revoked)
+ if (!inf->revoked)
inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
- if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
+ if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
return 0;
-}
+ }
inf->enc.modified = 1;
return 1;
}
-int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
+int
+X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
{
if (crl->meth->crl_verify)
return crl->meth->crl_verify(crl, r);
return 0;
}
-int X509_CRL_get0_by_serial(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial)
+int
+X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial)
{
if (crl->meth->crl_lookup)
return crl->meth->crl_lookup(crl, ret, serial, NULL);
return 0;
}
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
+int
+X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
{
if (crl->meth->crl_lookup)
return crl->meth->crl_lookup(crl, ret,
- X509_get_serialNumber(x),
- X509_get_issuer_name(x));
+ X509_get_serialNumber(x), X509_get_issuer_name(x));
return 0;
}
-static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
+static int
+def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
{
return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
- crl->sig_alg, crl->signature,crl->crl,r));
+ crl->sig_alg, crl->signature, crl->crl, r));
}
-static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
- X509_REVOKED *rev)
+static int
+crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev)
{
int i;
}
-static int def_crl_lookup(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer)
+static int
+def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
+ X509_NAME *issuer)
{
X509_REVOKED rtmp, *rev;
int idx;
+
rtmp.serialNumber = serial;
/* Sort revoked into serial number order if not already sorted.
* Do this under a lock to avoid race condition.
CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
}
idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
- if(idx < 0)
+ if (idx < 0)
return 0;
/* Need to look for matching name */
- for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
+ for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
return 0;
return 0;
}
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
+void
+X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
{
if (meth == NULL)
default_crl_method = &int_crl_meth;
- else
+ else
default_crl_method = meth;
}
-X509_CRL_METHOD *X509_CRL_METHOD_new(
- int (*crl_init)(X509_CRL *crl),
- int (*crl_free)(X509_CRL *crl),
- int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
- ASN1_INTEGER *ser, X509_NAME *issuer),
- int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
+X509_CRL_METHOD *
+X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl),
+ int (*crl_free)(X509_CRL *crl),
+ int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *ser, X509_NAME *issuer),
+ int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
{
X509_CRL_METHOD *m;
+
m = malloc(sizeof(X509_CRL_METHOD));
if (!m)
return NULL;
return m;
}
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
+void
+X509_CRL_METHOD_free(X509_CRL_METHOD *m)
{
if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
return;
free(m);
}
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
+void
+X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
{
crl->meth_data = dat;
}
-void *X509_CRL_get_meth_data(X509_CRL *crl)
+void *
+X509_CRL_get_meth_data(X509_CRL *crl)
{
return crl->meth_data;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(X509_EXTENSION)
-ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
+ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/asn1.h>
#include <openssl/x509.h>
-X509_INFO *X509_INFO_new(void)
+X509_INFO *
+X509_INFO_new(void)
{
- X509_INFO *ret=NULL;
+ X509_INFO *ret = NULL;
- ret=(X509_INFO *)malloc(sizeof(X509_INFO));
+ ret = (X509_INFO *)malloc(sizeof(X509_INFO));
if (ret == NULL) {
- ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
+ ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
}
-
- ret->enc_cipher.cipher=NULL;
- ret->enc_len=0;
- ret->enc_data=NULL;
-
- ret->references=1;
- ret->x509=NULL;
- ret->crl=NULL;
- ret->x_pkey=NULL;
- return(ret);
+
+ ret->enc_cipher.cipher = NULL;
+ ret->enc_len = 0;
+ ret->enc_data = NULL;
+
+ ret->references = 1;
+ ret->x509 = NULL;
+ ret->crl = NULL;
+ ret->x_pkey = NULL;
+ return (ret);
}
-void X509_INFO_free(X509_INFO *x)
+void
+X509_INFO_free(X509_INFO *x)
{
int i;
- if (x == NULL) return;
+ if (x == NULL)
+ return;
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
- if (i > 0) return;
+ i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
+ if (i > 0)
+ return;
- if (x->x509 != NULL) X509_free(x->x509);
- if (x->crl != NULL) X509_CRL_free(x->crl);
- if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
- if (x->enc_data != NULL) free(x->enc_data);
+ if (x->x509 != NULL)
+ X509_free(x->x509);
+ if (x->crl != NULL)
+ X509_CRL_free(x->crl);
+ if (x->x_pkey != NULL)
+ X509_PKEY_free(x->x_pkey);
+ if (x->enc_data != NULL)
+ free(x->enc_data);
free(x);
}
IMPLEMENT_STACK_OF(X509_INFO)
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
};
ASN1_ITEM_start(LONG)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
ASN1_ITEM_end(LONG)
ASN1_ITEM_start(ZLONG)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
ASN1_ITEM_end(ZLONG)
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int
+long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*(long *)pval = it->size;
return 1;
}
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*(long *)pval = it->size;
}
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int
+long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
long ltmp;
unsigned long utmp;
/* use memcpy, because we may not be long aligned */
memcpy(<mp, cp, sizeof(long));
- if(ltmp == it->size) return -1;
+ if (ltmp == it->size)
+ return -1;
/* Convert the long to positive: we subtract one if negative so
* we can cleanly handle the padding if only the MSB of the leading
- * octet is set.
+ * octet is set.
*/
- if(ltmp < 0) utmp = -ltmp - 1;
- else utmp = ltmp;
+ if (ltmp < 0)
+ utmp = -ltmp - 1;
+ else
+ utmp = ltmp;
clen = BN_num_bits_word(utmp);
/* If MSB of leading octet set we need to pad */
- if(!(clen & 0x7)) pad = 1;
- else pad = 0;
+ if (!(clen & 0x7))
+ pad = 1;
+ else
+ pad = 0;
/* Convert number of bits to number of octets */
clen = (clen + 7) >> 3;
- if(cont) {
- if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
- for(i = clen - 1; i >= 0; i--) {
+ if (cont) {
+ if (pad)
+ *cont++ = (ltmp < 0) ? 0xff : 0;
+ for (i = clen - 1; i >= 0; i--) {
cont[i] = (unsigned char)(utmp & 0xff);
- if(ltmp < 0) cont[i] ^= 0xff;
+ if (ltmp < 0)
+ cont[i] ^= 0xff;
utmp >>= 8;
}
}
return clen + pad;
}
-static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
- int utype, char *free_cont, const ASN1_ITEM *it)
+static int
+long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
+ char *free_cont, const ASN1_ITEM *it)
{
int neg, i;
long ltmp;
unsigned long utmp = 0;
char *cp = (char *)pval;
- if(len > (int)sizeof(long)) {
+ if (len > (int)sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
/* Is it negative? */
- if(len && (cont[0] & 0x80)) neg = 1;
- else neg = 0;
+ if (len && (cont[0] & 0x80))
+ neg = 1;
+ else
+ neg = 0;
utmp = 0;
- for(i = 0; i < len; i++) {
+ for (i = 0; i < len; i++) {
utmp <<= 8;
- if(neg) utmp |= cont[i] ^ 0xff;
- else utmp |= cont[i];
+ if (neg)
+ utmp |= cont[i] ^ 0xff;
+ else
+ utmp |= cont[i];
}
ltmp = (long)utmp;
- if(neg) {
+ if (neg) {
ltmp++;
ltmp = -ltmp;
}
- if(ltmp == it->size) {
+ if (ltmp == it->size) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
return 1;
}
-static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
- int indent, const ASN1_PCTX *pctx)
+static int
+long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx)
{
return BIO_printf(out, "%ld\n", *(long *)pval);
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
+static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
+ const ASN1_ITEM *it, int tag, int aclass);
static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
static int x509_name_canon(X509_NAME *a);
static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
- unsigned char **in);
+ unsigned char **in);
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname,
- const ASN1_PCTX *pctx);
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent,
+ const char *fname, const ASN1_PCTX *pctx);
ASN1_SEQUENCE(X509_NAME_ENTRY) = {
ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
*/
ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
/* Normally that's where it would end: we'd have two nested STACK structures
x509_name_ex_print
};
-IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+static int
+x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
{
X509_NAME *ret = NULL;
+
ret = malloc(sizeof(X509_NAME));
- if(!ret) goto memerr;
- if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
+ if (!ret)
+ goto memerr;
+ if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
+ goto memerr;
+ if ((ret->bytes = BUF_MEM_new()) == NULL)
goto memerr;
- if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
ret->canon_enc = NULL;
ret->canon_enclen = 0;
- ret->modified=1;
+ ret->modified = 1;
*val = (ASN1_VALUE *)ret;
return 1;
- memerr:
+memerr:
ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
if (ret) {
if (ret->entries)
return 0;
}
-static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
X509_NAME *a;
- if(!pval || !*pval)
- return;
+
+ if (!pval || !*pval)
+ return;
a = (X509_NAME *)*pval;
BUF_MEM_free(a->bytes);
- sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
+ sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
if (a->canon_enc)
free(a->canon_enc);
free(a);
*pval = NULL;
}
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
+static int
+x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
{
const unsigned char *p = *in, *q;
- union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a; } intname = {NULL};
- union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL};
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {NULL};
+ union {
+ X509_NAME *x;
+ ASN1_VALUE *a;
+ } nm = {NULL};
int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
q = p;
/* Get internal representation of Name */
- ret = ASN1_item_ex_d2i(&intname.a,
- &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
- tag, aclass, opt, ctx);
-
- if(ret <= 0) return ret;
-
- if(*val) x509_name_ex_free(val, NULL);
- if(!x509_name_ex_new(&nm.a, NULL)) goto err;
+ ret = ASN1_item_ex_d2i(&intname.a, &p, len,
+ ASN1_ITEM_rptr(X509_NAME_INTERNAL), tag, aclass, opt, ctx);
+
+ if (ret <= 0)
+ return ret;
+
+ if (*val)
+ x509_name_ex_free(val, NULL);
+ if (!x509_name_ex_new(&nm.a, NULL))
+ goto err;
/* We've decoded it: now cache encoding */
- if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err;
+ if (!BUF_MEM_grow(nm.x->bytes, p - q))
+ goto err;
memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
- for(i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+ for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
- for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+ for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
entry = sk_X509_NAME_ENTRY_value(entries, j);
entry->set = i;
- if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
+ if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
goto err;
}
sk_X509_NAME_ENTRY_free(entries);
*val = nm.a;
*in = p;
return ret;
+
err:
- if (nm.x != NULL)
+ if (nm.x != NULL)
X509_NAME_free(nm.x);
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+static int
+x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it,
+ int tag, int aclass)
{
int ret;
X509_NAME *a = (X509_NAME *)*val;
- if(a->modified) {
+
+ if (a->modified) {
ret = x509_name_encode(a);
- if(ret < 0)
+ if (ret < 0)
return ret;
ret = x509_name_canon(a);
- if(ret < 0)
+ if (ret < 0)
return ret;
}
ret = a->bytes->length;
- if(out != NULL) {
- memcpy(*out,a->bytes->data,ret);
- *out+=ret;
+ if (out != NULL) {
+ memcpy(*out, a->bytes->data, ret);
+ *out += ret;
}
return ret;
}
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+static void
+local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
{
sk_X509_NAME_ENTRY_free(ne);
}
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+static void
+local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
{
sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
}
-static int x509_name_encode(X509_NAME *a)
+static int
+x509_name_encode(X509_NAME *a)
{
- union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a; } intname = {NULL};
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {NULL};
int len;
unsigned char *p;
STACK_OF(X509_NAME_ENTRY) *entries = NULL;
X509_NAME_ENTRY *entry;
int i, set = -1;
+
intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if(!intname.s) goto memerr;
- for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ if (!intname.s)
+ goto memerr;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if(entry->set != set) {
+ if (entry->set != set) {
entries = sk_X509_NAME_ENTRY_new_null();
- if(!entries) goto memerr;
- if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
- entries))
+ if (!entries)
+ goto memerr;
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
+ entries))
goto memerr;
set = entry->set;
}
- if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
+ if (!sk_X509_NAME_ENTRY_push(entries, entry))
+ goto memerr;
}
len = ASN1_item_ex_i2d(&intname.a, NULL,
- ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
- p=(unsigned char *)a->bytes->data;
- ASN1_item_ex_i2d(&intname.a,
- &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ if (!BUF_MEM_grow(a->bytes, len))
+ goto memerr;
+ p = (unsigned char *)a->bytes->data;
+ ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+ -1, -1);
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
+ local_sk_X509_NAME_ENTRY_free);
a->modified = 0;
return len;
+
memerr:
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
+ local_sk_X509_NAME_ENTRY_free);
ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
return -1;
}
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname,
- const ASN1_PCTX *pctx)
+static int
+x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname,
+ const ASN1_PCTX *pctx)
{
- if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
- indent, pctx->nm_flags) <= 0)
+ if (X509_NAME_print_ex(out, (X509_NAME *)*pval, indent,
+ pctx->nm_flags) <= 0)
return 0;
return 2;
}
* dirName can also be checked with a simple memcmp().
*/
-static int x509_name_canon(X509_NAME *a)
+static int
+x509_name_canon(X509_NAME *a)
{
unsigned char *p;
STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
if (a->canon_enc) {
free(a->canon_enc);
a->canon_enc = NULL;
- }
+ }
/* Special case: empty X509_NAME => null encoding */
if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
a->canon_enclen = 0;
return 1;
}
intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if(!intname)
+ if (!intname)
goto err;
- for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if(entry->set != set) {
+ if (entry->set != set) {
entries = sk_X509_NAME_ENTRY_new_null();
- if(!entries)
+ if (!entries)
goto err;
- if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
goto err;
set = entry->set;
}
tmpentry->object = OBJ_dup(entry->object);
if (!asn1_string_canon(tmpentry->value, entry->value))
goto err;
- if(!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+ if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
goto err;
tmpentry = NULL;
}
/* Finally generate encoding */
-
a->canon_enclen = i2d_name_canon(intname, NULL);
-
p = malloc(a->canon_enclen);
-
if (!p)
goto err;
-
a->canon_enc = p;
-
i2d_name_canon(intname, &p);
-
ret = 1;
- err:
+err:
if (tmpentry)
X509_NAME_ENTRY_free(tmpentry);
if (intname)
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
- local_sk_X509_NAME_ENTRY_pop_free);
+ local_sk_X509_NAME_ENTRY_pop_free);
return ret;
}
(B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
| B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
| B_ASN1_VISIBLESTRING)
-
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+
+static int
+asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
{
unsigned char *to, *from;
int len, i;
*/
/* Ignore leading spaces */
- while((len > 0) && !(*from & 0x80) && isspace(*from)) {
+ while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
from++;
len--;
}
to = out->data;
i = 0;
- while(i < len) {
+ while (i < len) {
/* If MSB set just copy across */
if (*from & 0x80) {
*to++ = *from++;
i++;
- }
+ }
/* Collapse multiple spaces */
else if (isspace(*from)) {
/* Copy one space across */
*to++ = ' ';
/* Ignore subsequent spaces. Note: don't need to
- * check len here because we know the last
+ * check len here because we know the last
* character is a non-space so we can't overflow.
*/
do {
from++;
i++;
- } while(!(*from & 0x80) && isspace(*from));
+ } while (!(*from & 0x80) && isspace(*from));
} else {
*to++ = tolower(*from);
from++;
out->length = to - out->data;
return 1;
-
}
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname,
- unsigned char **in)
+static int
+i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in)
{
int i, len, ltmp;
ASN1_VALUE *v;
for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
v = sk_ASN1_VALUE_value(intname, i);
ltmp = ASN1_item_ex_i2d(&v, in,
- ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+ ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
if (ltmp < 0)
return ltmp;
len += ltmp;
return len;
}
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
+int
+X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
X509_NAME *in;
- if (!xn || !name) return(0);
+ if (!xn || !name)
+ return (0);
if (*xn != name) {
- in=X509_NAME_dup(name);
+ in = X509_NAME_dup(name);
if (in != NULL) {
X509_NAME_free(*xn);
- *xn=in;
+ *xn = in;
}
}
- return(*xn != NULL);
+ return (*xn != NULL);
}
-
+
IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
} ASN1_SEQUENCE_END(NETSCAPE_X509)
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
-
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/x509.h>
/* need to implement */
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
+int
+i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
{
- return(0);
+ return (0);
}
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
+X509_PKEY *
+d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
{
int i;
- M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
+ M_ASN1_D2I_vars(a, X509_PKEY *, X509_PKEY_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_get_x(X509_ALGOR, ret->enc_algor, d2i_X509_ALGOR);
+ M_ASN1_D2I_get_x(ASN1_OCTET_STRING, ret->enc_pkey,
+ d2i_ASN1_OCTET_STRING);
- ret->cipher.cipher=EVP_get_cipherbyname(
- OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
+ ret->cipher.cipher = EVP_get_cipherbyname(
+ OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
if (ret->cipher.cipher == NULL) {
- c.error=ASN1_R_UNSUPPORTED_CIPHER;
- c.line=__LINE__;
+ c.error = ASN1_R_UNSUPPORTED_CIPHER;
+ c.line = __LINE__;
goto err;
}
if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
- i=ret->enc_algor->parameter->value.octet_string->length;
+ i = ret->enc_algor->parameter->value.octet_string->length;
if (i > EVP_MAX_IV_LENGTH) {
- c.error=ASN1_R_IV_TOO_LARGE;
- c.line=__LINE__;
+ c.error = ASN1_R_IV_TOO_LARGE;
+ c.line = __LINE__;
goto err;
}
memcpy(ret->cipher.iv,
- ret->enc_algor->parameter->value.octet_string->data,i);
- }
- else
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
+ ret->enc_algor->parameter->value.octet_string->data, i);
+ } else
+ memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+ M_ASN1_D2I_Finish(a, X509_PKEY_free, ASN1_F_D2I_X509_PKEY);
}
-X509_PKEY *X509_PKEY_new(void)
+X509_PKEY *
+X509_PKEY_new(void)
{
- X509_PKEY *ret=NULL;
+ X509_PKEY *ret = NULL;
ASN1_CTX c;
- M_ASN1_New_Malloc(ret,X509_PKEY);
- ret->version=0;
- M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
- M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
- ret->dec_pkey=NULL;
- ret->key_length=0;
- ret->key_data=NULL;
- ret->key_free=0;
- ret->cipher.cipher=NULL;
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- ret->references=1;
- return(ret);
+ M_ASN1_New_Malloc(ret, X509_PKEY);
+ ret->version = 0;
+ M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
+ M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
+ ret->dec_pkey = NULL;
+ ret->key_length = 0;
+ ret->key_data = NULL;
+ ret->key_free = 0;
+ ret->cipher.cipher = NULL;
+ memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+ ret->references = 1;
+ return (ret);
M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
}
-void X509_PKEY_free(X509_PKEY *x)
+void
+X509_PKEY_free(X509_PKEY *x)
{
int i;
- if (x == NULL) return;
+ if (x == NULL)
+ return;
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
- if (i > 0) return;
+ i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
+ if (i > 0)
+ return;
- if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
- if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
- if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
- if ((x->key_data != NULL) && (x->key_free)) free(x->key_data);
+ if (x->enc_algor != NULL)
+ X509_ALGOR_free(x->enc_algor);
+ if (x->enc_pkey != NULL)
+ M_ASN1_OCTET_STRING_free(x->enc_pkey);
+ if (x->dec_pkey != NULL)
+ EVP_PKEY_free(x->dec_pkey);
+ if ((x->key_data != NULL) && (x->key_free))
+ free(x->key_data);
free(x);
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#endif
/* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
+int
+X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
- X509_PUBKEY *pk=NULL;
+ X509_PUBKEY *pk = NULL;
- if (x == NULL) return(0);
-
- if ((pk=X509_PUBKEY_new()) == NULL) goto error;
+ if (x == NULL)
+ return (0);
+ if ((pk = X509_PUBKEY_new()) == NULL)
+ goto error;
if (pkey->ameth) {
if (pkey->ameth->pub_encode) {
if (!pkey->ameth->pub_encode(pk, pkey)) {
X509err(X509_F_X509_PUBKEY_SET,
- X509_R_PUBLIC_KEY_ENCODE_ERROR);
+ X509_R_PUBLIC_KEY_ENCODE_ERROR);
goto error;
}
} else {
X509err(X509_F_X509_PUBKEY_SET,
- X509_R_METHOD_NOT_SUPPORTED);
+ X509_R_METHOD_NOT_SUPPORTED);
goto error;
}
} else {
- X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
+ X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
goto error;
}
if (*x != NULL)
X509_PUBKEY_free(*x);
- *x=pk;
+ *x = pk;
return 1;
+
error:
- if (pk != NULL) X509_PUBKEY_free(pk);
+ if (pk != NULL)
+ X509_PUBKEY_free(pk);
return 0;
}
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
+EVP_PKEY *
+X509_PUBKEY_get(X509_PUBKEY *key)
{
- EVP_PKEY *ret=NULL;
+ EVP_PKEY *ret = NULL;
- if (key == NULL) goto error;
+ if (key == NULL)
+ goto error;
if (key->pkey != NULL) {
CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
return key->pkey;
}
- if (key->public_key == NULL) goto error;
+ if (key->public_key == NULL)
+ goto error;
if ((ret = EVP_PKEY_new()) == NULL) {
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
}
if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
- X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM);
+ X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
goto error;
}
if (ret->ameth->pub_decode) {
if (!ret->ameth->pub_decode(ret, key)) {
X509err(X509_F_X509_PUBKEY_GET,
- X509_R_PUBLIC_KEY_DECODE_ERROR);
+ X509_R_PUBLIC_KEY_DECODE_ERROR);
goto error;
}
} else {
return ret;
- error:
+error:
if (ret != NULL)
EVP_PKEY_free(ret);
- return(NULL);
+ return (NULL);
}
/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
* and encode or decode as X509_PUBKEY
*/
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
- long length)
+EVP_PKEY *
+d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
{
X509_PUBKEY *xpk;
EVP_PKEY *pktmp;
xpk = d2i_X509_PUBKEY(NULL, pp, length);
- if(!xpk) return NULL;
+ if (!xpk)
+ return NULL;
pktmp = X509_PUBKEY_get(xpk);
X509_PUBKEY_free(xpk);
- if(!pktmp) return NULL;
- if(a) {
+ if (!pktmp)
+ return NULL;
+ if (a) {
EVP_PKEY_free(*a);
*a = pktmp;
}
return pktmp;
}
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
+int
+i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
{
- X509_PUBKEY *xpk=NULL;
+ X509_PUBKEY *xpk = NULL;
int ret;
- if(!a) return 0;
- if(!X509_PUBKEY_set(&xpk, a)) return 0;
+ if (!a)
+ return 0;
+ if (!X509_PUBKEY_set(&xpk, a))
+ return 0;
ret = i2d_X509_PUBKEY(xpk, pp);
X509_PUBKEY_free(xpk);
return ret;
* keys
*/
#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
- long length)
+RSA *
+d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
RSA *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return NULL;
+ if (!pkey)
+ return NULL;
key = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
- if (!key) return NULL;
+ if (!key)
+ return NULL;
*pp = q;
if (a) {
RSA_free(*a);
return key;
}
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
+int
+i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if (!a) return 0;
+ if (!a)
+ return 0;
pktmp = EVP_PKEY_new();
if (!pktmp) {
ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
#endif
#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
- long length)
+DSA *
+d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
DSA *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return NULL;
+ if (!pkey)
+ return NULL;
key = EVP_PKEY_get1_DSA(pkey);
EVP_PKEY_free(pkey);
- if (!key) return NULL;
+ if (!key)
+ return NULL;
*pp = q;
if (a) {
DSA_free(*a);
return key;
}
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
+int
+i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if(!a) return 0;
+ if (!a)
+ return 0;
pktmp = EVP_PKEY_new();
- if(!pktmp) {
+ if (!pktmp) {
ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
return 0;
}
#endif
#ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
+EC_KEY *
+d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
EC_KEY *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return(NULL);
+ if (!pkey)
+ return (NULL);
key = EVP_PKEY_get1_EC_KEY(pkey);
EVP_PKEY_free(pkey);
- if (!key) return(NULL);
+ if (!key)
+ return (NULL);
*pp = q;
if (a) {
EC_KEY_free(*a);
*a = key;
}
- return(key);
+ return (key);
}
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
+int
+i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if (!a) return(0);
+ if (!a)
+ return (0);
if ((pktmp = EVP_PKEY_new()) == NULL) {
ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
- return(0);
+ return (0);
}
EVP_PKEY_set1_EC_KEY(pktmp, a);
ret = i2d_PUBKEY(pktmp, pp);
EVP_PKEY_free(pktmp);
- return(ret);
+ return (ret);
}
#endif
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
- int ptype, void *pval,
- unsigned char *penc, int penclen)
+int
+X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
+ void *pval, unsigned char *penc, int penclen)
{
if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
return 0;
free(pub->public_key->data);
pub->public_key->data = penc;
pub->public_key->length = penclen;
- /* Set number of unused bits to zero */
+ /* Set number of unused bits to zero */
pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
- pub->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
+ pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
}
return 1;
}
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa,
- X509_PUBKEY *pub)
+int
+X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
+ int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
{
if (ppkalg)
*ppkalg = pub->algor->algorithm;
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* encode the attributes field if it is empty. This is in
* violation of PKCS#10 but we need to tolerate it. We do
* this by making the attributes field OPTIONAL then using
- * the callback to initialise it to an empty STACK.
+ * the callback to initialise it to an empty STACK.
*
* This means that the field will be correctly encoded unless
* we NULL out the field.
*
*/
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
- if(operation == ASN1_OP_NEW_POST) {
+ if (operation == ASN1_OP_NEW_POST) {
rinf->attributes = sk_X509_ATTRIBUTE_new_null();
- if(!rinf->attributes) return 0;
+ if (!rinf->attributes)
+ return 0;
}
return 1;
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
extern void policy_cache_free(X509_POLICY_CACHE *cache);
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509 *ret = (X509 *)*pval;
- switch(operation) {
+ switch (operation) {
case ASN1_OP_NEW_POST:
- ret->valid=0;
+ ret->valid = 0;
ret->name = NULL;
ret->ex_flags = 0;
ret->ex_pathlen = -1;
break;
case ASN1_OP_D2I_POST:
- if (ret->name != NULL) free(ret->name);
- ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+ if (ret->name != NULL)
+ free(ret->name);
+ ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
break;
case ASN1_OP_FREE_POST:
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
ASIdentifiers_free(ret->rfc3779_asid);
#endif
-
- if (ret->name != NULL) free(ret->name);
+ if (ret->name != NULL)
+ free(ret->name);
break;
-
}
return 1;
-
}
ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
IMPLEMENT_ASN1_FUNCTIONS(X509)
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+int
+X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
- new_func, dup_func, free_func);
+ new_func, dup_func, free_func);
}
-int X509_set_ex_data(X509 *r, int idx, void *arg)
+int
+X509_set_ex_data(X509 *r, int idx, void *arg)
{
- return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
}
-void *X509_get_ex_data(X509 *r, int idx)
+void *
+X509_get_ex_data(X509 *r, int idx)
{
- return(CRYPTO_get_ex_data(&r->ex_data,idx));
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
}
/* X509_AUX ASN1 routines. X509_AUX is the name given to
*
*/
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
+X509 *
+d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
{
const unsigned char *q;
X509 *ret;
+
/* Save start position */
q = *pp;
ret = d2i_X509(a, pp, length);
/* If certificate unreadable then forget it */
- if(!ret) return NULL;
+ if (!ret)
+ return NULL;
/* update length */
length -= *pp - q;
- if(!length) return ret;
- if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
+ if (!length)
+ return ret;
+ if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
+ goto err;
return ret;
- err:
+
+err:
X509_free(ret);
return NULL;
}
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
+int
+i2d_X509_AUX(X509 *a, unsigned char **pp)
{
int length;
+
length = i2d_X509(a, pp);
- if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
+ if (a)
+ length += i2d_X509_CERT_AUX(a->aux, pp);
return length;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* user modifiable data about a certificate. This data is
* appended to the X509 encoding when the *_X509_AUX routines
* are used. This means that the "traditional" X509 routines
- * will simply ignore the extra data.
+ * will simply ignore the extra data.
*/
static X509_CERT_AUX *aux_get(X509 *x);
IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
-static X509_CERT_AUX *aux_get(X509 *x)
+static X509_CERT_AUX *
+aux_get(X509 *x)
{
- if(!x) return NULL;
- if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL;
+ if (!x)
+ return NULL;
+ if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
+ return NULL;
return x->aux;
}
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
+int
+X509_alias_set1(X509 *x, unsigned char *name, int len)
{
X509_CERT_AUX *aux;
if (!name) {
x->aux->alias = NULL;
return 1;
}
- if(!(aux = aux_get(x))) return 0;
- if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
+ return 0;
return ASN1_STRING_set(aux->alias, name, len);
}
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
+int
+X509_keyid_set1(X509 *x, unsigned char *id, int len)
{
X509_CERT_AUX *aux;
if (!id) {
x->aux->keyid = NULL;
return 1;
}
- if(!(aux = aux_get(x))) return 0;
- if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
+ return 0;
return ASN1_STRING_set(aux->keyid, id, len);
}
-unsigned char *X509_alias_get0(X509 *x, int *len)
+unsigned char *
+X509_alias_get0(X509 *x, int *len)
{
- if(!x->aux || !x->aux->alias) return NULL;
- if(len) *len = x->aux->alias->length;
+ if (!x->aux || !x->aux->alias)
+ return NULL;
+ if (len)
+ *len = x->aux->alias->length;
return x->aux->alias->data;
}
-unsigned char *X509_keyid_get0(X509 *x, int *len)
+unsigned char *
+X509_keyid_get0(X509 *x, int *len)
{
- if(!x->aux || !x->aux->keyid) return NULL;
- if(len) *len = x->aux->keyid->length;
+ if (!x->aux || !x->aux->keyid)
+ return NULL;
+ if (len)
+ *len = x->aux->keyid->length;
return x->aux->keyid->data;
}
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
+int
+X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
{
X509_CERT_AUX *aux;
ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->trust
- && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
+ if (!(objtmp = OBJ_dup(obj)))
+ return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
+ return 0;
return sk_ASN1_OBJECT_push(aux->trust, objtmp);
}
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
+int
+X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
{
X509_CERT_AUX *aux;
ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->reject
- && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
+ if (!(objtmp = OBJ_dup(obj)))
+ return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
+ return 0;
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
}
-void X509_trust_clear(X509 *x)
+void
+X509_trust_clear(X509 *x)
{
- if(x->aux && x->aux->trust) {
+ if (x->aux && x->aux->trust) {
sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
x->aux->trust = NULL;
}
}
-void X509_reject_clear(X509 *x)
+void
+X509_reject_clear(X509 *x)
{
- if(x->aux && x->aux->reject) {
+ if (x->aux && x->aux->reject) {
sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
x->aux->reject = NULL;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
} ASN1_SEQUENCE_END(X509_ALGOR)
-ASN1_ITEM_TEMPLATE(X509_ALGORS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
+ASN1_ITEM_TEMPLATE(X509_ALGORS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
IMPLEMENT_STACK_OF(X509_ALGOR)
IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
+int
+X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
{
if (!alg)
return 0;
alg->algorithm = aobj;
}
if (ptype == 0)
- return 1;
+ return 1;
if (ptype == V_ASN1_UNDEF) {
if (alg->parameter) {
ASN1_TYPE_free(alg->parameter);
alg->parameter = NULL;
}
- }
- else
+ } else
ASN1_TYPE_set(alg->parameter, ptype, pval);
return 1;
}
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
- X509_ALGOR *algor)
+void
+X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+ X509_ALGOR *algor)
{
if (paobj)
*paobj = algor->algorithm;
if (algor->parameter == NULL) {
*pptype = V_ASN1_UNDEF;
return;
- }
- else
+ } else
*pptype = algor->parameter->type;
if (ppval)
*ppval = algor->parameter->value.ptr;
/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
+void
+X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
{
int param_type;
param_type = V_ASN1_NULL;
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
+X509_ATTRIBUTE *
+X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
{
- X509_ATTRIBUTE *ret=NULL;
- ASN1_TYPE *val=NULL;
+ X509_ATTRIBUTE *ret = NULL;
+ ASN1_TYPE *val = NULL;
+
+ if ((ret = X509_ATTRIBUTE_new()) == NULL)
+ return (NULL);
+ ret->object = OBJ_nid2obj(nid);
+ ret->single = 0;
+ if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
+ goto err;
+ if ((val = ASN1_TYPE_new()) == NULL)
+ goto err;
+ if (!sk_ASN1_TYPE_push(ret->value.set, val))
+ goto err;
- if ((ret=X509_ATTRIBUTE_new()) == NULL)
- return(NULL);
- ret->object=OBJ_nid2obj(nid);
- ret->single=0;
- if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
- if ((val=ASN1_TYPE_new()) == NULL) goto err;
- if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
+ ASN1_TYPE_set(val, atrtype, value);
+ return (ret);
- ASN1_TYPE_set(val,atrtype,value);
- return(ret);
err:
- if (ret != NULL) X509_ATTRIBUTE_free(ret);
- if (val != NULL) ASN1_TYPE_free(val);
- return(NULL);
+ if (ret != NULL)
+ X509_ATTRIBUTE_free(ret);
+ if (val != NULL)
+ ASN1_TYPE_free(val);
+ return (NULL);
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it);
+static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ int utype, char *free_cont, const ASN1_ITEM *it);
static ASN1_PRIMITIVE_FUNCS bignum_pf = {
- NULL, 0,
+ NULL,
+ 0,
bn_new,
bn_free,
0,
};
ASN1_ITEM_start(BIGNUM)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
ASN1_ITEM_end(BIGNUM)
ASN1_ITEM_start(CBIGNUM)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
ASN1_ITEM_end(CBIGNUM)
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int
+bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*pval = (ASN1_VALUE *)BN_new();
- if(*pval) return 1;
- else return 0;
+ if (*pval)
+ return 1;
+ else
+ return 0;
}
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if(!*pval) return;
- if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
- else BN_free((BIGNUM *)*pval);
+ if (!*pval)
+ return;
+ if (it->size & BN_SENSITIVE)
+ BN_clear_free((BIGNUM *)*pval);
+ else
+ BN_free((BIGNUM *)*pval);
*pval = NULL;
}
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int
+bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
{
BIGNUM *bn;
int pad;
- if(!*pval) return -1;
+
+ if (!*pval)
+ return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */
- if(BN_num_bits(bn) & 0x7) pad = 0;
- else pad = 1;
- if(cont) {
- if(pad) *cont++ = 0;
+ if (BN_num_bits(bn) & 0x7)
+ pad = 0;
+ else
+ pad = 1;
+ if (cont) {
+ if (pad)
+ *cont++ = 0;
BN_bn2bin(bn, cont);
}
return pad + BN_num_bytes(bn);
}
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
- int utype, char *free_cont, const ASN1_ITEM *it)
+static int
+bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
+ char *free_cont, const ASN1_ITEM *it)
{
BIGNUM *bn;
- if(!*pval) bn_new(pval, it);
- bn = (BIGNUM *)*pval;
- if(!BN_bin2bn(cont, len, bn)) {
+
+ if (!*pval)
+ bn_new(pval, it);
+ bn = (BIGNUM *)*pval;
+ if (!BN_bin2bn(cont, len, bn)) {
bn_free(pval, it);
return 0;
}
return 1;
}
-
-
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/x509v3.h>
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b);
+ const X509_REVOKED * const *b);
static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
ASN1_SEQUENCE(X509_REVOKED) = {
- ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
- ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
- ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
+ ASN1_SIMPLE(X509_REVOKED, serialNumber, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_REVOKED, revocationDate, ASN1_TIME),
+ ASN1_SEQUENCE_OF_OPT(X509_REVOKED, extensions, X509_EXTENSION)
} ASN1_SEQUENCE_END(X509_REVOKED)
static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
-static int def_crl_lookup(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer);
+static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial, X509_NAME *issuer);
-static X509_CRL_METHOD int_crl_meth =
-{
+static X509_CRL_METHOD int_crl_meth = {
+ 0,
+ 0,
0,
- 0,0,
def_crl_lookup,
def_crl_verify
};
* Since we cache the original encoding the signature wont be affected by
* reordering of the revoked field.
*/
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
- if(!a || !a->revoked) return 1;
- switch(operation) {
+ if (!a || !a->revoked)
+ return 1;
+ switch (operation) {
/* Just set cmp function here. We don't sort because that
* would affect the output of X509_CRL_print().
*/
case ASN1_OP_D2I_POST:
- (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
+ (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
break;
}
return 1;
* Check for unhandled critical CRL entry extensions.
*/
-static int crl_set_issuers(X509_CRL *crl)
+static int
+crl_set_issuers(X509_CRL *crl)
{
-
int i, j;
GENERAL_NAMES *gens, *gtmp;
STACK_OF(X509_REVOKED) *revoked;
STACK_OF(X509_EXTENSION) *exts;
ASN1_ENUMERATED *reason;
X509_EXTENSION *ext;
- gtmp = X509_REVOKED_get_ext_d2i(rev,
- NID_certificate_issuer,
- &j, NULL);
+ gtmp = X509_REVOKED_get_ext_d2i(rev, NID_certificate_issuer,
+ &j, NULL);
if (!gtmp && (j != -1)) {
crl->flags |= EXFLAG_INVALID;
return 1;
rev->issuer = gens;
reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
- &j, NULL);
+ &j, NULL);
if (!reason && (j != -1)) {
crl->flags |= EXFLAG_INVALID;
return 1;
rev->reason = ASN1_ENUMERATED_get(reason);
ASN1_ENUMERATED_free(reason);
} else
- rev->reason = CRL_REASON_NONE;
+ rev->reason = CRL_REASON_NONE;
/* Check for critical CRL entry extensions */
ext = sk_X509_EXTENSION_value(exts, j);
if (ext->critical > 0) {
if (OBJ_obj2nid(ext->object) ==
- NID_certificate_issuer)
+ NID_certificate_issuer)
continue;
crl->flags |= EXFLAG_CRITICAL;
break;
}
}
-
-
}
return 1;
-
}
/* The X509_CRL structure needs a bit of customisation. Cache some extensions
* and hash of the whole CRL.
*/
-static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_CRL *crl = (X509_CRL *)*pval;
STACK_OF(X509_EXTENSION) *exts;
X509_EXTENSION *ext;
int idx;
- switch(operation) {
+ switch (operation) {
case ASN1_OP_NEW_POST:
crl->idp = NULL;
crl->akid = NULL;
X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
#endif
crl->idp = X509_CRL_get_ext_d2i(crl,
- NID_issuing_distribution_point, NULL, NULL);
+ NID_issuing_distribution_point, NULL, NULL);
if (crl->idp)
setup_idp(crl, crl->idp);
crl->akid = X509_CRL_get_ext_d2i(crl,
- NID_authority_key_identifier, NULL, NULL);
+ NID_authority_key_identifier, NULL, NULL);
crl->crl_number = X509_CRL_get_ext_d2i(crl,
- NID_crl_number, NULL, NULL);
+ NID_crl_number, NULL, NULL);
crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
- NID_delta_crl, NULL, NULL);
+ NID_delta_crl, NULL, NULL);
/* Delta CRLs must have CRL number */
if (crl->base_crl_number && !crl->crl_number)
crl->flags |= EXFLAG_INVALID;
- /* See if we have any unhandled critical CRL extensions and
+ /* See if we have any unhandled critical CRL extensions and
* indicate this in a flag. We only currently handle IDP so
* anything else critical sets the flag.
*
crl->flags |= EXFLAG_FRESHEST;
if (ext->critical > 0) {
/* We handle IDP and deltas */
- if ((nid == NID_issuing_distribution_point)
- || (nid == NID_delta_crl))
+ if ((nid == NID_issuing_distribution_point) ||
+ (nid == NID_delta_crl))
break;;
crl->flags |= EXFLAG_CRITICAL;
break;
}
}
-
if (!crl_set_issuers(crl))
return 0;
/* Convert IDP into a more convenient form */
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+static void
+setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
{
int idp_only = 0;
+
/* Set various flags according to IDP */
crl->idp_flags |= IDP_PRESENT;
if (idp->onlyuser > 0) {
crl->idp_reasons = idp->onlysomereasons->data[0];
if (idp->onlysomereasons->length > 1)
crl->idp_reasons |=
- (idp->onlysomereasons->data[1] << 8);
+ (idp->onlysomereasons->data[1] << 8);
crl->idp_reasons &= CRLDP_ALL_REASONS;
}
IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
- const X509_REVOKED * const *b)
+static int
+X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
{
return(ASN1_STRING_cmp(
- (ASN1_STRING *)(*a)->serialNumber,
- (ASN1_STRING *)(*b)->serialNumber));
+ (ASN1_STRING *)(*a)->serialNumber,
+ (ASN1_STRING *)(*b)->serialNumber));
}
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+int
+X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
{
X509_CRL_INFO *inf;
+
inf = crl->crl;
- if(!inf->revoked)
+ if (!inf->revoked)
inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
- if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
+ if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
return 0;
-}
+ }
inf->enc.modified = 1;
return 1;
}
-int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
+int
+X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
{
if (crl->meth->crl_verify)
return crl->meth->crl_verify(crl, r);
return 0;
}
-int X509_CRL_get0_by_serial(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial)
+int
+X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial)
{
if (crl->meth->crl_lookup)
return crl->meth->crl_lookup(crl, ret, serial, NULL);
return 0;
}
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
+int
+X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
{
if (crl->meth->crl_lookup)
return crl->meth->crl_lookup(crl, ret,
- X509_get_serialNumber(x),
- X509_get_issuer_name(x));
+ X509_get_serialNumber(x), X509_get_issuer_name(x));
return 0;
}
-static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
+static int
+def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
{
return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
- crl->sig_alg, crl->signature,crl->crl,r));
+ crl->sig_alg, crl->signature, crl->crl, r));
}
-static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
- X509_REVOKED *rev)
+static int
+crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev)
{
int i;
}
-static int def_crl_lookup(X509_CRL *crl,
- X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer)
+static int
+def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
+ X509_NAME *issuer)
{
X509_REVOKED rtmp, *rev;
int idx;
+
rtmp.serialNumber = serial;
/* Sort revoked into serial number order if not already sorted.
* Do this under a lock to avoid race condition.
CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
}
idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
- if(idx < 0)
+ if (idx < 0)
return 0;
/* Need to look for matching name */
- for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
+ for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
return 0;
return 0;
}
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
+void
+X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
{
if (meth == NULL)
default_crl_method = &int_crl_meth;
- else
+ else
default_crl_method = meth;
}
-X509_CRL_METHOD *X509_CRL_METHOD_new(
- int (*crl_init)(X509_CRL *crl),
- int (*crl_free)(X509_CRL *crl),
- int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
- ASN1_INTEGER *ser, X509_NAME *issuer),
- int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
+X509_CRL_METHOD *
+X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl),
+ int (*crl_free)(X509_CRL *crl),
+ int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *ser, X509_NAME *issuer),
+ int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
{
X509_CRL_METHOD *m;
+
m = malloc(sizeof(X509_CRL_METHOD));
if (!m)
return NULL;
return m;
}
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
+void
+X509_CRL_METHOD_free(X509_CRL_METHOD *m)
{
if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
return;
free(m);
}
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
+void
+X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
{
crl->meth_data = dat;
}
-void *X509_CRL_get_meth_data(X509_CRL *crl)
+void *
+X509_CRL_get_meth_data(X509_CRL *crl)
{
return crl->meth_data;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(X509_EXTENSION)
-ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
+ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/asn1.h>
#include <openssl/x509.h>
-X509_INFO *X509_INFO_new(void)
+X509_INFO *
+X509_INFO_new(void)
{
- X509_INFO *ret=NULL;
+ X509_INFO *ret = NULL;
- ret=(X509_INFO *)malloc(sizeof(X509_INFO));
+ ret = (X509_INFO *)malloc(sizeof(X509_INFO));
if (ret == NULL) {
- ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
+ ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
+ return (NULL);
}
-
- ret->enc_cipher.cipher=NULL;
- ret->enc_len=0;
- ret->enc_data=NULL;
-
- ret->references=1;
- ret->x509=NULL;
- ret->crl=NULL;
- ret->x_pkey=NULL;
- return(ret);
+
+ ret->enc_cipher.cipher = NULL;
+ ret->enc_len = 0;
+ ret->enc_data = NULL;
+
+ ret->references = 1;
+ ret->x509 = NULL;
+ ret->crl = NULL;
+ ret->x_pkey = NULL;
+ return (ret);
}
-void X509_INFO_free(X509_INFO *x)
+void
+X509_INFO_free(X509_INFO *x)
{
int i;
- if (x == NULL) return;
+ if (x == NULL)
+ return;
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
- if (i > 0) return;
+ i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
+ if (i > 0)
+ return;
- if (x->x509 != NULL) X509_free(x->x509);
- if (x->crl != NULL) X509_CRL_free(x->crl);
- if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
- if (x->enc_data != NULL) free(x->enc_data);
+ if (x->x509 != NULL)
+ X509_free(x->x509);
+ if (x->crl != NULL)
+ X509_CRL_free(x->crl);
+ if (x->x_pkey != NULL)
+ X509_PKEY_free(x->x_pkey);
+ if (x->enc_data != NULL)
+ free(x->enc_data);
free(x);
}
IMPLEMENT_STACK_OF(X509_INFO)
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
};
ASN1_ITEM_start(LONG)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
ASN1_ITEM_end(LONG)
ASN1_ITEM_start(ZLONG)
- ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
+ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
ASN1_ITEM_end(ZLONG)
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static int
+long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*(long *)pval = it->size;
return 1;
}
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*(long *)pval = it->size;
}
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+static int
+long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it)
{
long ltmp;
unsigned long utmp;
/* use memcpy, because we may not be long aligned */
memcpy(<mp, cp, sizeof(long));
- if(ltmp == it->size) return -1;
+ if (ltmp == it->size)
+ return -1;
/* Convert the long to positive: we subtract one if negative so
* we can cleanly handle the padding if only the MSB of the leading
- * octet is set.
+ * octet is set.
*/
- if(ltmp < 0) utmp = -ltmp - 1;
- else utmp = ltmp;
+ if (ltmp < 0)
+ utmp = -ltmp - 1;
+ else
+ utmp = ltmp;
clen = BN_num_bits_word(utmp);
/* If MSB of leading octet set we need to pad */
- if(!(clen & 0x7)) pad = 1;
- else pad = 0;
+ if (!(clen & 0x7))
+ pad = 1;
+ else
+ pad = 0;
/* Convert number of bits to number of octets */
clen = (clen + 7) >> 3;
- if(cont) {
- if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
- for(i = clen - 1; i >= 0; i--) {
+ if (cont) {
+ if (pad)
+ *cont++ = (ltmp < 0) ? 0xff : 0;
+ for (i = clen - 1; i >= 0; i--) {
cont[i] = (unsigned char)(utmp & 0xff);
- if(ltmp < 0) cont[i] ^= 0xff;
+ if (ltmp < 0)
+ cont[i] ^= 0xff;
utmp >>= 8;
}
}
return clen + pad;
}
-static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
- int utype, char *free_cont, const ASN1_ITEM *it)
+static int
+long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
+ char *free_cont, const ASN1_ITEM *it)
{
int neg, i;
long ltmp;
unsigned long utmp = 0;
char *cp = (char *)pval;
- if(len > (int)sizeof(long)) {
+ if (len > (int)sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
/* Is it negative? */
- if(len && (cont[0] & 0x80)) neg = 1;
- else neg = 0;
+ if (len && (cont[0] & 0x80))
+ neg = 1;
+ else
+ neg = 0;
utmp = 0;
- for(i = 0; i < len; i++) {
+ for (i = 0; i < len; i++) {
utmp <<= 8;
- if(neg) utmp |= cont[i] ^ 0xff;
- else utmp |= cont[i];
+ if (neg)
+ utmp |= cont[i] ^ 0xff;
+ else
+ utmp |= cont[i];
}
ltmp = (long)utmp;
- if(neg) {
+ if (neg) {
ltmp++;
ltmp = -ltmp;
}
- if(ltmp == it->size) {
+ if (ltmp == it->size) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
return 1;
}
-static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
- int indent, const ASN1_PCTX *pctx)
+static int
+long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx)
{
return BIO_printf(out, "%ld\n", *(long *)pval);
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
+static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
- const ASN1_ITEM *it, int tag, int aclass);
+ const ASN1_ITEM *it, int tag, int aclass);
static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
static int x509_name_canon(X509_NAME *a);
static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
- unsigned char **in);
+ unsigned char **in);
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname,
- const ASN1_PCTX *pctx);
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent,
+ const char *fname, const ASN1_PCTX *pctx);
ASN1_SEQUENCE(X509_NAME_ENTRY) = {
ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
*/
ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
/* Normally that's where it would end: we'd have two nested STACK structures
x509_name_ex_print
};
-IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+static int
+x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
{
X509_NAME *ret = NULL;
+
ret = malloc(sizeof(X509_NAME));
- if(!ret) goto memerr;
- if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
+ if (!ret)
+ goto memerr;
+ if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
+ goto memerr;
+ if ((ret->bytes = BUF_MEM_new()) == NULL)
goto memerr;
- if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
ret->canon_enc = NULL;
ret->canon_enclen = 0;
- ret->modified=1;
+ ret->modified = 1;
*val = (ASN1_VALUE *)ret;
return 1;
- memerr:
+memerr:
ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
if (ret) {
if (ret->entries)
return 0;
}
-static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+static void
+x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
X509_NAME *a;
- if(!pval || !*pval)
- return;
+
+ if (!pval || !*pval)
+ return;
a = (X509_NAME *)*pval;
BUF_MEM_free(a->bytes);
- sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
+ sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
if (a->canon_enc)
free(a->canon_enc);
free(a);
*pval = NULL;
}
-static int x509_name_ex_d2i(ASN1_VALUE **val,
- const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
+static int
+x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
{
const unsigned char *p = *in, *q;
- union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a; } intname = {NULL};
- union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL};
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {NULL};
+ union {
+ X509_NAME *x;
+ ASN1_VALUE *a;
+ } nm = {NULL};
int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
q = p;
/* Get internal representation of Name */
- ret = ASN1_item_ex_d2i(&intname.a,
- &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
- tag, aclass, opt, ctx);
-
- if(ret <= 0) return ret;
-
- if(*val) x509_name_ex_free(val, NULL);
- if(!x509_name_ex_new(&nm.a, NULL)) goto err;
+ ret = ASN1_item_ex_d2i(&intname.a, &p, len,
+ ASN1_ITEM_rptr(X509_NAME_INTERNAL), tag, aclass, opt, ctx);
+
+ if (ret <= 0)
+ return ret;
+
+ if (*val)
+ x509_name_ex_free(val, NULL);
+ if (!x509_name_ex_new(&nm.a, NULL))
+ goto err;
/* We've decoded it: now cache encoding */
- if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err;
+ if (!BUF_MEM_grow(nm.x->bytes, p - q))
+ goto err;
memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
- for(i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+ for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
- for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+ for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
entry = sk_X509_NAME_ENTRY_value(entries, j);
entry->set = i;
- if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
+ if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
goto err;
}
sk_X509_NAME_ENTRY_free(entries);
*val = nm.a;
*in = p;
return ret;
+
err:
- if (nm.x != NULL)
+ if (nm.x != NULL)
X509_NAME_free(nm.x);
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+static int
+x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it,
+ int tag, int aclass)
{
int ret;
X509_NAME *a = (X509_NAME *)*val;
- if(a->modified) {
+
+ if (a->modified) {
ret = x509_name_encode(a);
- if(ret < 0)
+ if (ret < 0)
return ret;
ret = x509_name_canon(a);
- if(ret < 0)
+ if (ret < 0)
return ret;
}
ret = a->bytes->length;
- if(out != NULL) {
- memcpy(*out,a->bytes->data,ret);
- *out+=ret;
+ if (out != NULL) {
+ memcpy(*out, a->bytes->data, ret);
+ *out += ret;
}
return ret;
}
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+static void
+local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
{
sk_X509_NAME_ENTRY_free(ne);
}
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+static void
+local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
{
sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
}
-static int x509_name_encode(X509_NAME *a)
+static int
+x509_name_encode(X509_NAME *a)
{
- union { STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
- ASN1_VALUE *a; } intname = {NULL};
+ union {
+ STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+ ASN1_VALUE *a;
+ } intname = {NULL};
int len;
unsigned char *p;
STACK_OF(X509_NAME_ENTRY) *entries = NULL;
X509_NAME_ENTRY *entry;
int i, set = -1;
+
intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if(!intname.s) goto memerr;
- for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ if (!intname.s)
+ goto memerr;
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if(entry->set != set) {
+ if (entry->set != set) {
entries = sk_X509_NAME_ENTRY_new_null();
- if(!entries) goto memerr;
- if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
- entries))
+ if (!entries)
+ goto memerr;
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
+ entries))
goto memerr;
set = entry->set;
}
- if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
+ if (!sk_X509_NAME_ENTRY_push(entries, entry))
+ goto memerr;
}
len = ASN1_item_ex_i2d(&intname.a, NULL,
- ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
- if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
- p=(unsigned char *)a->bytes->data;
- ASN1_item_ex_i2d(&intname.a,
- &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+ if (!BUF_MEM_grow(a->bytes, len))
+ goto memerr;
+ p = (unsigned char *)a->bytes->data;
+ ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+ -1, -1);
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
+ local_sk_X509_NAME_ENTRY_free);
a->modified = 0;
return len;
+
memerr:
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
- local_sk_X509_NAME_ENTRY_free);
+ local_sk_X509_NAME_ENTRY_free);
ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
return -1;
}
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
- int indent,
- const char *fname,
- const ASN1_PCTX *pctx)
+static int
+x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname,
+ const ASN1_PCTX *pctx)
{
- if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
- indent, pctx->nm_flags) <= 0)
+ if (X509_NAME_print_ex(out, (X509_NAME *)*pval, indent,
+ pctx->nm_flags) <= 0)
return 0;
return 2;
}
* dirName can also be checked with a simple memcmp().
*/
-static int x509_name_canon(X509_NAME *a)
+static int
+x509_name_canon(X509_NAME *a)
{
unsigned char *p;
STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
if (a->canon_enc) {
free(a->canon_enc);
a->canon_enc = NULL;
- }
+ }
/* Special case: empty X509_NAME => null encoding */
if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
a->canon_enclen = 0;
return 1;
}
intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
- if(!intname)
+ if (!intname)
goto err;
- for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
entry = sk_X509_NAME_ENTRY_value(a->entries, i);
- if(entry->set != set) {
+ if (entry->set != set) {
entries = sk_X509_NAME_ENTRY_new_null();
- if(!entries)
+ if (!entries)
goto err;
- if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
goto err;
set = entry->set;
}
tmpentry->object = OBJ_dup(entry->object);
if (!asn1_string_canon(tmpentry->value, entry->value))
goto err;
- if(!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+ if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
goto err;
tmpentry = NULL;
}
/* Finally generate encoding */
-
a->canon_enclen = i2d_name_canon(intname, NULL);
-
p = malloc(a->canon_enclen);
-
if (!p)
goto err;
-
a->canon_enc = p;
-
i2d_name_canon(intname, &p);
-
ret = 1;
- err:
+err:
if (tmpentry)
X509_NAME_ENTRY_free(tmpentry);
if (intname)
sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
- local_sk_X509_NAME_ENTRY_pop_free);
+ local_sk_X509_NAME_ENTRY_pop_free);
return ret;
}
(B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
| B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
| B_ASN1_VISIBLESTRING)
-
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+
+static int
+asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
{
unsigned char *to, *from;
int len, i;
*/
/* Ignore leading spaces */
- while((len > 0) && !(*from & 0x80) && isspace(*from)) {
+ while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
from++;
len--;
}
to = out->data;
i = 0;
- while(i < len) {
+ while (i < len) {
/* If MSB set just copy across */
if (*from & 0x80) {
*to++ = *from++;
i++;
- }
+ }
/* Collapse multiple spaces */
else if (isspace(*from)) {
/* Copy one space across */
*to++ = ' ';
/* Ignore subsequent spaces. Note: don't need to
- * check len here because we know the last
+ * check len here because we know the last
* character is a non-space so we can't overflow.
*/
do {
from++;
i++;
- } while(!(*from & 0x80) && isspace(*from));
+ } while (!(*from & 0x80) && isspace(*from));
} else {
*to++ = tolower(*from);
from++;
out->length = to - out->data;
return 1;
-
}
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname,
- unsigned char **in)
+static int
+i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in)
{
int i, len, ltmp;
ASN1_VALUE *v;
for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
v = sk_ASN1_VALUE_value(intname, i);
ltmp = ASN1_item_ex_i2d(&v, in,
- ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+ ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
if (ltmp < 0)
return ltmp;
len += ltmp;
return len;
}
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
+int
+X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
X509_NAME *in;
- if (!xn || !name) return(0);
+ if (!xn || !name)
+ return (0);
if (*xn != name) {
- in=X509_NAME_dup(name);
+ in = X509_NAME_dup(name);
if (in != NULL) {
X509_NAME_free(*xn);
- *xn=in;
+ *xn = in;
}
}
- return(*xn != NULL);
+ return (*xn != NULL);
}
-
+
IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
} ASN1_SEQUENCE_END(NETSCAPE_X509)
IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
-
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#include <openssl/x509.h>
/* need to implement */
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
+int
+i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
{
- return(0);
+ return (0);
}
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
+X509_PKEY *
+d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
{
int i;
- M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
+ M_ASN1_D2I_vars(a, X509_PKEY *, X509_PKEY_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_get_x(X509_ALGOR, ret->enc_algor, d2i_X509_ALGOR);
+ M_ASN1_D2I_get_x(ASN1_OCTET_STRING, ret->enc_pkey,
+ d2i_ASN1_OCTET_STRING);
- ret->cipher.cipher=EVP_get_cipherbyname(
- OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
+ ret->cipher.cipher = EVP_get_cipherbyname(
+ OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
if (ret->cipher.cipher == NULL) {
- c.error=ASN1_R_UNSUPPORTED_CIPHER;
- c.line=__LINE__;
+ c.error = ASN1_R_UNSUPPORTED_CIPHER;
+ c.line = __LINE__;
goto err;
}
if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
- i=ret->enc_algor->parameter->value.octet_string->length;
+ i = ret->enc_algor->parameter->value.octet_string->length;
if (i > EVP_MAX_IV_LENGTH) {
- c.error=ASN1_R_IV_TOO_LARGE;
- c.line=__LINE__;
+ c.error = ASN1_R_IV_TOO_LARGE;
+ c.line = __LINE__;
goto err;
}
memcpy(ret->cipher.iv,
- ret->enc_algor->parameter->value.octet_string->data,i);
- }
- else
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
+ ret->enc_algor->parameter->value.octet_string->data, i);
+ } else
+ memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+ M_ASN1_D2I_Finish(a, X509_PKEY_free, ASN1_F_D2I_X509_PKEY);
}
-X509_PKEY *X509_PKEY_new(void)
+X509_PKEY *
+X509_PKEY_new(void)
{
- X509_PKEY *ret=NULL;
+ X509_PKEY *ret = NULL;
ASN1_CTX c;
- M_ASN1_New_Malloc(ret,X509_PKEY);
- ret->version=0;
- M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
- M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
- ret->dec_pkey=NULL;
- ret->key_length=0;
- ret->key_data=NULL;
- ret->key_free=0;
- ret->cipher.cipher=NULL;
- memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
- ret->references=1;
- return(ret);
+ M_ASN1_New_Malloc(ret, X509_PKEY);
+ ret->version = 0;
+ M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
+ M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
+ ret->dec_pkey = NULL;
+ ret->key_length = 0;
+ ret->key_data = NULL;
+ ret->key_free = 0;
+ ret->cipher.cipher = NULL;
+ memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+ ret->references = 1;
+ return (ret);
M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
}
-void X509_PKEY_free(X509_PKEY *x)
+void
+X509_PKEY_free(X509_PKEY *x)
{
int i;
- if (x == NULL) return;
+ if (x == NULL)
+ return;
- i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
- if (i > 0) return;
+ i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
+ if (i > 0)
+ return;
- if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
- if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
- if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
- if ((x->key_data != NULL) && (x->key_free)) free(x->key_data);
+ if (x->enc_algor != NULL)
+ X509_ALGOR_free(x->enc_algor);
+ if (x->enc_pkey != NULL)
+ M_ASN1_OCTET_STRING_free(x->enc_pkey);
+ if (x->dec_pkey != NULL)
+ EVP_PKEY_free(x->dec_pkey);
+ if ((x->key_data != NULL) && (x->key_free))
+ free(x->key_data);
free(x);
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
#endif
/* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
if (operation == ASN1_OP_FREE_POST) {
X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
+int
+X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
- X509_PUBKEY *pk=NULL;
+ X509_PUBKEY *pk = NULL;
- if (x == NULL) return(0);
-
- if ((pk=X509_PUBKEY_new()) == NULL) goto error;
+ if (x == NULL)
+ return (0);
+ if ((pk = X509_PUBKEY_new()) == NULL)
+ goto error;
if (pkey->ameth) {
if (pkey->ameth->pub_encode) {
if (!pkey->ameth->pub_encode(pk, pkey)) {
X509err(X509_F_X509_PUBKEY_SET,
- X509_R_PUBLIC_KEY_ENCODE_ERROR);
+ X509_R_PUBLIC_KEY_ENCODE_ERROR);
goto error;
}
} else {
X509err(X509_F_X509_PUBKEY_SET,
- X509_R_METHOD_NOT_SUPPORTED);
+ X509_R_METHOD_NOT_SUPPORTED);
goto error;
}
} else {
- X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
+ X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
goto error;
}
if (*x != NULL)
X509_PUBKEY_free(*x);
- *x=pk;
+ *x = pk;
return 1;
+
error:
- if (pk != NULL) X509_PUBKEY_free(pk);
+ if (pk != NULL)
+ X509_PUBKEY_free(pk);
return 0;
}
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
+EVP_PKEY *
+X509_PUBKEY_get(X509_PUBKEY *key)
{
- EVP_PKEY *ret=NULL;
+ EVP_PKEY *ret = NULL;
- if (key == NULL) goto error;
+ if (key == NULL)
+ goto error;
if (key->pkey != NULL) {
CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
return key->pkey;
}
- if (key->public_key == NULL) goto error;
+ if (key->public_key == NULL)
+ goto error;
if ((ret = EVP_PKEY_new()) == NULL) {
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
}
if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
- X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM);
+ X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
goto error;
}
if (ret->ameth->pub_decode) {
if (!ret->ameth->pub_decode(ret, key)) {
X509err(X509_F_X509_PUBKEY_GET,
- X509_R_PUBLIC_KEY_DECODE_ERROR);
+ X509_R_PUBLIC_KEY_DECODE_ERROR);
goto error;
}
} else {
return ret;
- error:
+error:
if (ret != NULL)
EVP_PKEY_free(ret);
- return(NULL);
+ return (NULL);
}
/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
* and encode or decode as X509_PUBKEY
*/
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
- long length)
+EVP_PKEY *
+d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
{
X509_PUBKEY *xpk;
EVP_PKEY *pktmp;
xpk = d2i_X509_PUBKEY(NULL, pp, length);
- if(!xpk) return NULL;
+ if (!xpk)
+ return NULL;
pktmp = X509_PUBKEY_get(xpk);
X509_PUBKEY_free(xpk);
- if(!pktmp) return NULL;
- if(a) {
+ if (!pktmp)
+ return NULL;
+ if (a) {
EVP_PKEY_free(*a);
*a = pktmp;
}
return pktmp;
}
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
+int
+i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
{
- X509_PUBKEY *xpk=NULL;
+ X509_PUBKEY *xpk = NULL;
int ret;
- if(!a) return 0;
- if(!X509_PUBKEY_set(&xpk, a)) return 0;
+ if (!a)
+ return 0;
+ if (!X509_PUBKEY_set(&xpk, a))
+ return 0;
ret = i2d_X509_PUBKEY(xpk, pp);
X509_PUBKEY_free(xpk);
return ret;
* keys
*/
#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
- long length)
+RSA *
+d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
RSA *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return NULL;
+ if (!pkey)
+ return NULL;
key = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
- if (!key) return NULL;
+ if (!key)
+ return NULL;
*pp = q;
if (a) {
RSA_free(*a);
return key;
}
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
+int
+i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if (!a) return 0;
+ if (!a)
+ return 0;
pktmp = EVP_PKEY_new();
if (!pktmp) {
ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
#endif
#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
- long length)
+DSA *
+d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
DSA *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return NULL;
+ if (!pkey)
+ return NULL;
key = EVP_PKEY_get1_DSA(pkey);
EVP_PKEY_free(pkey);
- if (!key) return NULL;
+ if (!key)
+ return NULL;
*pp = q;
if (a) {
DSA_free(*a);
return key;
}
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
+int
+i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if(!a) return 0;
+ if (!a)
+ return 0;
pktmp = EVP_PKEY_new();
- if(!pktmp) {
+ if (!pktmp) {
ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
return 0;
}
#endif
#ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
+EC_KEY *
+d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
{
EVP_PKEY *pkey;
EC_KEY *key;
const unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
- if (!pkey) return(NULL);
+ if (!pkey)
+ return (NULL);
key = EVP_PKEY_get1_EC_KEY(pkey);
EVP_PKEY_free(pkey);
- if (!key) return(NULL);
+ if (!key)
+ return (NULL);
*pp = q;
if (a) {
EC_KEY_free(*a);
*a = key;
}
- return(key);
+ return (key);
}
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
+int
+i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
- if (!a) return(0);
+ if (!a)
+ return (0);
if ((pktmp = EVP_PKEY_new()) == NULL) {
ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
- return(0);
+ return (0);
}
EVP_PKEY_set1_EC_KEY(pktmp, a);
ret = i2d_PUBKEY(pktmp, pp);
EVP_PKEY_free(pktmp);
- return(ret);
+ return (ret);
}
#endif
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
- int ptype, void *pval,
- unsigned char *penc, int penclen)
+int
+X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
+ void *pval, unsigned char *penc, int penclen)
{
if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
return 0;
free(pub->public_key->data);
pub->public_key->data = penc;
pub->public_key->length = penclen;
- /* Set number of unused bits to zero */
+ /* Set number of unused bits to zero */
pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
- pub->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
+ pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
}
return 1;
}
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa,
- X509_PUBKEY *pub)
+int
+X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
+ int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
{
if (ppkalg)
*ppkalg = pub->algor->algorithm;
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* encode the attributes field if it is empty. This is in
* violation of PKCS#10 but we need to tolerate it. We do
* this by making the attributes field OPTIONAL then using
- * the callback to initialise it to an empty STACK.
+ * the callback to initialise it to an empty STACK.
*
* This means that the field will be correctly encoded unless
* we NULL out the field.
*
*/
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
- if(operation == ASN1_OP_NEW_POST) {
+ if (operation == ASN1_OP_NEW_POST) {
rinf->attributes = sk_X509_ATTRIBUTE_new_null();
- if(!rinf->attributes) return 0;
+ if (!rinf->attributes)
+ return 0;
}
return 1;
}
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
extern void policy_cache_free(X509_POLICY_CACHE *cache);
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
- void *exarg)
+static int
+x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
{
X509 *ret = (X509 *)*pval;
- switch(operation) {
+ switch (operation) {
case ASN1_OP_NEW_POST:
- ret->valid=0;
+ ret->valid = 0;
ret->name = NULL;
ret->ex_flags = 0;
ret->ex_pathlen = -1;
break;
case ASN1_OP_D2I_POST:
- if (ret->name != NULL) free(ret->name);
- ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+ if (ret->name != NULL)
+ free(ret->name);
+ ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
break;
case ASN1_OP_FREE_POST:
sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
ASIdentifiers_free(ret->rfc3779_asid);
#endif
-
- if (ret->name != NULL) free(ret->name);
+ if (ret->name != NULL)
+ free(ret->name);
break;
-
}
return 1;
-
}
ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
IMPLEMENT_ASN1_FUNCTIONS(X509)
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+int
+X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
- new_func, dup_func, free_func);
+ new_func, dup_func, free_func);
}
-int X509_set_ex_data(X509 *r, int idx, void *arg)
+int
+X509_set_ex_data(X509 *r, int idx, void *arg)
{
- return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+ return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
}
-void *X509_get_ex_data(X509 *r, int idx)
+void *
+X509_get_ex_data(X509 *r, int idx)
{
- return(CRYPTO_get_ex_data(&r->ex_data,idx));
+ return (CRYPTO_get_ex_data(&r->ex_data, idx));
}
/* X509_AUX ASN1 routines. X509_AUX is the name given to
*
*/
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
+X509 *
+d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
{
const unsigned char *q;
X509 *ret;
+
/* Save start position */
q = *pp;
ret = d2i_X509(a, pp, length);
/* If certificate unreadable then forget it */
- if(!ret) return NULL;
+ if (!ret)
+ return NULL;
/* update length */
length -= *pp - q;
- if(!length) return ret;
- if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
+ if (!length)
+ return ret;
+ if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
+ goto err;
return ret;
- err:
+
+err:
X509_free(ret);
return NULL;
}
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
+int
+i2d_X509_AUX(X509 *a, unsigned char **pp)
{
int length;
+
length = i2d_X509(a, pp);
- if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
+ if (a)
+ length += i2d_X509_CERT_AUX(a->aux, pp);
return length;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* user modifiable data about a certificate. This data is
* appended to the X509 encoding when the *_X509_AUX routines
* are used. This means that the "traditional" X509 routines
- * will simply ignore the extra data.
+ * will simply ignore the extra data.
*/
static X509_CERT_AUX *aux_get(X509 *x);
IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
-static X509_CERT_AUX *aux_get(X509 *x)
+static X509_CERT_AUX *
+aux_get(X509 *x)
{
- if(!x) return NULL;
- if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL;
+ if (!x)
+ return NULL;
+ if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
+ return NULL;
return x->aux;
}
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
+int
+X509_alias_set1(X509 *x, unsigned char *name, int len)
{
X509_CERT_AUX *aux;
if (!name) {
x->aux->alias = NULL;
return 1;
}
- if(!(aux = aux_get(x))) return 0;
- if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
+ return 0;
return ASN1_STRING_set(aux->alias, name, len);
}
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
+int
+X509_keyid_set1(X509 *x, unsigned char *id, int len)
{
X509_CERT_AUX *aux;
if (!id) {
x->aux->keyid = NULL;
return 1;
}
- if(!(aux = aux_get(x))) return 0;
- if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
+ return 0;
return ASN1_STRING_set(aux->keyid, id, len);
}
-unsigned char *X509_alias_get0(X509 *x, int *len)
+unsigned char *
+X509_alias_get0(X509 *x, int *len)
{
- if(!x->aux || !x->aux->alias) return NULL;
- if(len) *len = x->aux->alias->length;
+ if (!x->aux || !x->aux->alias)
+ return NULL;
+ if (len)
+ *len = x->aux->alias->length;
return x->aux->alias->data;
}
-unsigned char *X509_keyid_get0(X509 *x, int *len)
+unsigned char *
+X509_keyid_get0(X509 *x, int *len)
{
- if(!x->aux || !x->aux->keyid) return NULL;
- if(len) *len = x->aux->keyid->length;
+ if (!x->aux || !x->aux->keyid)
+ return NULL;
+ if (len)
+ *len = x->aux->keyid->length;
return x->aux->keyid->data;
}
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
+int
+X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
{
X509_CERT_AUX *aux;
ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->trust
- && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0;
+ if (!(objtmp = OBJ_dup(obj)))
+ return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
+ return 0;
return sk_ASN1_OBJECT_push(aux->trust, objtmp);
}
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
+int
+X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
{
X509_CERT_AUX *aux;
ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->reject
- && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
+ if (!(objtmp = OBJ_dup(obj)))
+ return 0;
+ if (!(aux = aux_get(x)))
+ return 0;
+ if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
+ return 0;
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
}
-void X509_trust_clear(X509 *x)
+void
+X509_trust_clear(X509 *x)
{
- if(x->aux && x->aux->trust) {
+ if (x->aux && x->aux->trust) {
sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
x->aux->trust = NULL;
}
}
-void X509_reject_clear(X509 *x)
+void
+X509_reject_clear(X509 *x)
{
- if(x->aux && x->aux->reject) {
+ if (x->aux && x->aux->reject) {
sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
x->aux->reject = NULL;
}
projects / openbsd / commitdiff