upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-25 19:04:57 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add RSA support

Browse source
This commit is contained in:
Brian Wellington 2000-09-16 01:13:59 +00:00
parent e9c0951923
commit 8dc6eb05bd
36 changed files with 11379 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
lib/dns/sec/openssl/Makefile.in
View file

@ -13,7 +13,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.16 2000/08/01 01:28:02 tale Exp $
# $Id: Makefile.in,v 1.17 2000/09/16 01:13:53 bwelling Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@ -27,7 +27,11 @@ CWARNINGS = @IRIX_DNSSEC_WARNINGS_HACK@
LIBS = @LIBS@
# Alphabetically
OBJS = bn_add.@O@ bn_asm.@O@ bn_ctx.@O@ bn_div.@O@ \
OBJS = a_bytes.@O@ a_bitstr.@O@ a_enum.@O@ a_gentm.@O@ \
a_int.@O@ a_object.@O@ a_octet.@O@ a_print.@O@ \
a_set.@O@ a_type.@O@ a_utctm.@O@ a_utf8.@O@ a_vis.@O@ \
asn1_lib.@O@ \
bn_add.@O@ bn_asm.@O@ bn_blind.@O@ bn_ctx.@O@ bn_div.@O@ \
bn_err.@O@ bn_exp.@O@ bn_exp2.@O@ bn_gcd.@O@ \
bn_lib.@O@ bn_mont.@O@ bn_mul.@O@ \
bn_prime.@O@ bn_print.@O@ bn_rand.@O@ bn_recp.@O@ \
@ -36,10 +40,18 @@ OBJS = bn_add.@O@ bn_asm.@O@ bn_ctx.@O@ bn_div.@O@ \
dh_lib.@O@ dsa_asn1.@O@ dsa_err.@O@ dsa_gen.@O@ \
dsa_key.@O@ dsa_lib.@O@ dsa_ossl.@O@ dsa_sign.@O@ \
dsa_vrf.@O@ err.@O@ ex_data.@O@ lhash.@O@ \
mem.@O@ mem_dbg.@O@ rand_lib.@O@ sha1_one.@O@ sha1dgst.@O@ \
stack.@O@ th-lock.@O@
mem.@O@ mem_dbg.@O@ obj_dat.@O@ obj_lib.@O@ rand_lib.@O@ \
rsa_chk.@O@ rsa_eay.@O@ rsa_gen.@O@ \
rsa_lib.@O@ rsa_none.@O@ rsa_oaep.@O@ rsa_pk1.@O@ \
rsa_sign.@O@ rsa_ssl.@O@ \
sha1_one.@O@ sha1dgst.@O@ \
stack.@O@ th-lock.@O@ x_algor.@O@ x_sig.@O@
SRCS = bn_add.c bn_asm.c bn_ctx.c bn_div.c \
SRCS = a_bitstr.c a_bytes.c a_enum.c a_gentm.c \
a_int.c a_object.c a_octet.c a_print.c \
a_set.c a_type.c a_utctm.c a_utf8.c a_vis.c \
asn1_lib.c \
bn_add.c bn_asm.c bn_blind.c bn_ctx.c bn_div.c \
bn_err.c bn_exp.c bn_exp2.c bn_gcd.c \
bn_lib.c bn_mont.c bn_mul.c \
bn_prime.c bn_print.c bn_rand.c bn_recp.c \
@ -48,8 +60,12 @@ SRCS = bn_add.c bn_asm.c bn_ctx.c bn_div.c \
dh_lib.c dsa_asn1.c dsa_err.c dsa_gen.c \
dsa_key.c dsa_lib.c dsa_ossl.c dsa_sign.c \
dsa_vrf.c err.c ex_data.c lhash.c \
mem.c mem_dbg.c rand_lib.c sha1_one.c sha1dgst.c \
stack.c th-lock.c
mem.c mem_dbg.c obj_dat.c obj_lib.c rand_lib.c \
rsa_chk.c rsa_eay.c rsa_gen.c \
rsa_lib.c rsa_none.c rsa_oaep.c rsa_pk1.c \
rsa_sign.c rsa_ssl.c \
sha1_one.c sha1dgst.c \
stack.c th-lock.c x_sig.c x_algor.c
SUBDIRS = include
TARGETS = ${OBJS}

234
lib/dns/sec/openssl/a_bitstr.c Normal file
View file

@ -0,0 +1,234 @@
/* crypto/asn1/a_bitstr.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_BIT_STRING *ASN1_BIT_STRING_new(void)
{ return M_ASN1_BIT_STRING_new(); }
void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x)
{ M_ASN1_BIT_STRING_free(x); }
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{ return M_ASN1_BIT_STRING_set(x, d, len); }
int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
{
int ret,j,r,bits,len;
unsigned char *p,*d;
if (a == NULL) return(0);
len=a->length;
if (len > 0)
{
if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
{
bits=(int)a->flags&0x07;
}
else
{
for ( ; len > 0; len--)
{
if (a->data[len-1]) break;
}
j=a->data[len-1];
if (j & 0x01) bits=0;
else if (j & 0x02) bits=1;
else if (j & 0x04) bits=2;
else if (j & 0x08) bits=3;
else if (j & 0x10) bits=4;
else if (j & 0x20) bits=5;
else if (j & 0x40) bits=6;
else if (j & 0x80) bits=7;
else bits=0; /* should not happen */
}
}
else
bits=0;
ret=1+len;
r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
*(p++)=(unsigned char)bits;
d=a->data;
memcpy(p,d,len);
p+=len;
if (len > 0) p[-1]&=(0xff<<bits);
*pp=p;
return(r);
}
ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
long length)
{
ASN1_BIT_STRING *ret=NULL;
unsigned char *p,*s;
long len;
int inf,tag,xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_BIT_STRING)
{
i=ASN1_R_EXPECTING_A_BIT_STRING;
goto err;
}
if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
i= *(p++);
/* We do this to preserve the settings. If we modify
* the settings, via the _set_bit function, we will recalculate
* on output */
ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
if (len-- > 1) /* using one because of the bits left byte */
{
s=(unsigned char *)Malloc((int)len);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(s,p,(int)len);
s[len-1]&=(0xff<<i);
p+=len;
}
else
s=NULL;
ret->length=(int)len;
if (ret->data != NULL) Free(ret->data);
ret->data=s;
ret->type=V_ASN1_BIT_STRING;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_BIT_STRING_free(ret);
return(NULL);
}
/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
*/
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
{
int w,v,iv;
unsigned char *c;
w=n/8;
v=1<<(7-(n&0x07));
iv= ~v;
a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
if (a == NULL) return(0);
if ((a->length < (w+1)) || (a->data == NULL))
{
if (!value) return(1); /* Don't need to set */
if (a->data == NULL)
c=(unsigned char *)Malloc(w+1);
else
c=(unsigned char *)Realloc(a->data,w+1);
if (c == NULL) return(0);
a->data=c;
a->length=w+1;
c[w]=0;
}
a->data[w]=((a->data[w])&iv)|v;
while ((a->length > 0) && (a->data[a->length-1] == 0))
a->length--;
return(1);
}
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
{
int w,v;
w=n/8;
v=1<<(7-(n&0x07));
if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
return(0);
return((a->data[w]&v) != 0);
}

326
lib/dns/sec/openssl/a_bytes.c Normal file
View file

@ -0,0 +1,326 @@
/* crypto/asn1/a_bytes.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
static unsigned long tag2bit[32]={
0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
};
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
/* type is a 'bitmap' of acceptable string types.
*/
ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
long length, int type)
{
ASN1_STRING *ret=NULL;
unsigned char *p,*s;
long len;
int inf,tag,xclass;
int i=0;
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80) goto err;
if (tag >= 32)
{
i=ASN1_R_TAG_VALUE_TOO_HIGH;;
goto err;
}
if (!(tag2bit[tag] & type))
{
i=ASN1_R_WRONG_TYPE;
goto err;
}
/* If a bit-string, exit early */
if (tag == V_ASN1_BIT_STRING)
return(d2i_ASN1_BIT_STRING(a,pp,length));
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
if (len != 0)
{
s=(unsigned char *)Malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
memcpy(s,p,(int)len);
s[len]='\0';
p+=len;
}
else
s=NULL;
if (ret->data != NULL) Free(ret->data);
ret->length=(int)len;
ret->data=s;
ret->type=tag;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret);
return(NULL);
}
int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
{
int ret,r,constructed;
unsigned char *p;
if (a == NULL) return(0);
if (tag == V_ASN1_BIT_STRING)
return(i2d_ASN1_BIT_STRING(a,pp));
ret=a->length;
r=ASN1_object_size(0,ret,tag);
if (pp == NULL) return(r);
p= *pp;
if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
constructed=1;
else
constructed=0;
ASN1_put_object(&p,constructed,ret,tag,xclass);
memcpy(p,a->data,a->length);
p+=a->length;
*pp= p;
return(r);
}
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
int Ptag, int Pclass)
{
ASN1_STRING *ret=NULL;
unsigned char *p,*s;
long len;
int inf,tag,xclass;
int i=0;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != Ptag)
{
i=ASN1_R_WRONG_TAG;
goto err;
}
if (inf & V_ASN1_CONSTRUCTED)
{
ASN1_CTX c;
c.pp=pp;
c.p=p;
c.inf=inf;
c.slen=len;
c.tag=Ptag;
c.xclass=Pclass;
c.max=(length == 0)?0:(p+length);
if (!asn1_collate_primitive(ret,&c))
goto err;
else
{
p=c.p;
}
}
else
{
if (len != 0)
{
if ((ret->length < len) || (ret->data == NULL))
{
if (ret->data != NULL) Free(ret->data);
s=(unsigned char *)Malloc((int)len + 1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
}
else
s=ret->data;
memcpy(s,p,(int)len);
s[len] = '\0';
p+=len;
}
else
{
s=NULL;
if (ret->data != NULL) Free(ret->data);
}
ret->length=(int)len;
ret->data=s;
ret->type=Ptag;
}
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_STRING_free(ret);
ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
return(NULL);
}
/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
* them into the one structure that is then returned */
/* There have been a few bug fixes for this function from
* Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
{
ASN1_STRING *os=NULL;
BUF_MEM b;
int num;
b.length=0;
b.max=0;
b.data=NULL;
if (a == NULL)
{
c->error=ERR_R_PASSED_NULL_PARAMETER;
goto err;
}
num=0;
for (;;)
{
if (c->inf & 1)
{
c->eos=ASN1_check_infinite_end(&c->p,
(long)(c->max-c->p));
if (c->eos) break;
}
else
{
if (c->slen <= 0) break;
}
c->q=c->p;
if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
== NULL)
{
c->error=ERR_R_ASN1_LIB;
goto err;
}
if (!BUF_MEM_grow(&b,num+os->length))
{
c->error=ERR_R_BUF_LIB;
goto err;
}
memcpy(&(b.data[num]),os->data,os->length);
if (!(c->inf & 1))
c->slen-=(c->p-c->q);
num+=os->length;
}
if (!asn1_Finish(c)) goto err;
a->length=num;
if (a->data != NULL) Free(a->data);
a->data=(unsigned char *)b.data;
if (os != NULL) ASN1_STRING_free(os);
return(1);
err:
ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
if (os != NULL) ASN1_STRING_free(os);
if (b.data != NULL) Free(b.data);
return(0);
}

340
lib/dns/sec/openssl/a_enum.c Normal file
View file

@ -0,0 +1,340 @@
/* crypto/asn1/a_enum.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
/*
* Code for ENUMERATED type: identical to INTEGER apart from a different tag.
* for comments on encoding see a_int.c
*/
ASN1_ENUMERATED *ASN1_ENUMERATED_new(void)
{ return M_ASN1_ENUMERATED_new(); }
void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x)
{ M_ASN1_ENUMERATED_free(x); }
int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
{
int pad=0,ret,r,i,t;
unsigned char *p,*n,pb=0;
if ((a == NULL) || (a->data == NULL)) return(0);
t=a->type;
if (a->length == 0)
ret=1;
else
{
ret=a->length;
i=a->data[0];
if ((t == V_ASN1_ENUMERATED) && (i > 127)) {
pad=1;
pb=0;
} else if(t == V_ASN1_NEG_ENUMERATED) {
if(i>128) {
pad=1;
pb=0xFF;
} else if(i == 128) {
for(i = 1; i < a->length; i++) if(a->data[i]) {
pad=1;
pb=0xFF;
break;
}
}
}
ret+=pad;
}
r=ASN1_object_size(0,ret,V_ASN1_ENUMERATED);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,0,ret,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
if (pad) *(p++)=pb;
if (a->length == 0)
*(p++)=0;
else if (t == V_ASN1_ENUMERATED)
{
memcpy(p,a->data,(unsigned int)a->length);
p+=a->length;
}
else {
/* Begin at the end of the encoding */
n=a->data + a->length - 1;
p += a->length - 1;
i = a->length;
/* Copy zeros to destination as long as source is zero */
while(!*n) {
*(p--) = 0;
n--;
i--;
}
/* Complement and increment next octet */
*(p--) = ((*(n--)) ^ 0xff) + 1;
i--;
/* Complement any octets left */
for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
p += a->length;
}
*pp=p;
return(r);
}
ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
long length)
{
ASN1_ENUMERATED *ret=NULL;
unsigned char *p,*to,*s;
long len;
int inf,tag,xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_ENUMERATED_new()) == NULL) return(NULL);
ret->type=V_ASN1_ENUMERATED;
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_ENUMERATED)
{
i=ASN1_R_EXPECTING_AN_ENUMERATED;
goto err;
}
/* We must Malloc stuff, even for 0 bytes otherwise it
* signifies a missing NULL parameter. */
s=(unsigned char *)Malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
if(!len) {
/* Strictly speaking this is an illegal ENUMERATED but we
* tolerate it.
*/
ret->type=V_ASN1_ENUMERATED;
} else if (*p & 0x80) /* a negative number */
{
ret->type=V_ASN1_NEG_ENUMERATED;
if ((*p == 0xff) && (len != 1)) {
p++;
len--;
}
i = len;
p += i - 1;
to += i - 1;
while((!*p) && i) {
*(to--) = 0;
i--;
p--;
}
if(!i) {
*s = 1;
s[len] = 0;
p += len;
len++;
} else {
*(to--) = (*(p--) ^ 0xff) + 1;
i--;
for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
p += len;
}
} else {
ret->type=V_ASN1_ENUMERATED;
if ((*p == 0) && (len != 1))
{
p++;
len--;
}
memcpy(s,p,(int)len);
p+=len;
}
if (ret->data != NULL) Free(ret->data);
ret->data=s;
ret->length=(int)len;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_ENUMERATED_free(ret);
return(NULL);
}
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
{
int i,j,k;
unsigned char buf[sizeof(long)+1];
long d;
a->type=V_ASN1_ENUMERATED;
if (a->length < (sizeof(long)+1))
{
if (a->data != NULL)
Free(a->data);
if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
memset((char *)a->data,0,sizeof(long)+1);
}
if (a->data == NULL)
{
ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
return(0);
}
d=v;
if (d < 0)
{
d= -d;
a->type=V_ASN1_NEG_ENUMERATED;
}
for (i=0; i<sizeof(long); i++)
{
if (d == 0) break;
buf[i]=(int)d&0xff;
d>>=8;
}
j=0;
for (k=i-1; k >=0; k--)
a->data[j++]=buf[k];
a->length=j;
return(1);
}
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
{
int neg=0,i;
long r=0;
if (a == NULL) return(0L);
i=a->type;
if (i == V_ASN1_NEG_ENUMERATED)
neg=1;
else if (i != V_ASN1_ENUMERATED)
return(0);
if (a->length > sizeof(long))
{
/* hmm... a bit ugly */
return(0xffffffffL);
}
if (a->data == NULL)
return(0);
for (i=0; i<a->length; i++)
{
r<<=8;
r|=(unsigned char)a->data[i];
}
if (neg) r= -r;
return(r);
}
ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
{
ASN1_ENUMERATED *ret;
int len,j;
if (ai == NULL)
ret=M_ASN1_ENUMERATED_new();
else
ret=ai;
if (ret == NULL)
{
ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
goto err;
}
if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED;
else ret->type=V_ASN1_ENUMERATED;
j=BN_num_bits(bn);
len=((j == 0)?0:((j/8)+1));
ret->data=(unsigned char *)Malloc(len+4);
ret->length=BN_bn2bin(bn,ret->data);
return(ret);
err:
if (ret != ai) M_ASN1_ENUMERATED_free(ret);
return(NULL);
}
BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
{
BIGNUM *ret;
if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
if(ai->type == V_ASN1_NEG_ENUMERATED) bn->neg = 1;
return(ret);
}

233
lib/dns/sec/openssl/a_gentm.c Normal file
View file

@ -0,0 +1,233 @@
/* crypto/asn1/a_gentm.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME */
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void)
{ return M_ASN1_GENERALIZEDTIME_new(); }
void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *x)
{ M_ASN1_GENERALIZEDTIME_free(x); }
int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
{
#ifdef CHARSET_EBCDIC
/* KLUDGE! We convert to ascii before writing DER */
int len;
char tmp[24];
ASN1_STRING tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *) &tmpstr;
#endif
return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL));
}
ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
unsigned char **pp, long length)
{
ASN1_GENERALIZEDTIME *ret=NULL;
ret=(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
V_ASN1_GENERALIZEDTIME,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
#ifdef CHARSET_EBCDIC
ascii2ebcdic(ret->data, ret->data, ret->length);
#endif
if (!ASN1_GENERALIZEDTIME_check(ret))
{
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME,ASN1_R_INVALID_TIME_FORMAT);
goto err;
}
return(ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_GENERALIZEDTIME_free(ret);
return(NULL);
}
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
{
static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
static int max[9]={99, 99,12,31,23,59,59,12,59};
char *a;
int n,i,l,o;
if (d->type != V_ASN1_GENERALIZEDTIME) return(0);
l=d->length;
a=(char *)d->data;
o=0;
/* GENERALIZEDTIME is similar to UTCTIME except the year is
* represented as YYYY. This stuff treats everything as a two digit
* field so make first two fields 00 to 99
*/
if (l < 13) goto err;
for (i=0; i<7; i++)
{
if ((i == 6) && ((a[o] == 'Z') ||
(a[o] == '+') || (a[o] == '-')))
{ i++; break; }
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
if (++o > l) goto err;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if (++o > l) goto err;
if ((n < min[i]) || (n > max[i])) goto err;
}
if (a[o] == 'Z')
o++;
else if ((a[o] == '+') || (a[o] == '-'))
{
o++;
if (o+4 > l) goto err;
for (i=7; i<9; i++)
{
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
o++;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if ((n < min[i]) || (n > max[i])) goto err;
o++;
}
}
return(o == l);
err:
return(0);
}
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str)
{
ASN1_GENERALIZEDTIME t;
t.type=V_ASN1_GENERALIZEDTIME;
t.length=strlen(str);
t.data=(unsigned char *)str;
if (ASN1_GENERALIZEDTIME_check(&t))
{
if (s != NULL)
{
ASN1_STRING_set((ASN1_STRING *)s,
(unsigned char *)str,t.length);
}
return(1);
}
else
return(0);
}
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t)
{
char *p;
struct tm *ts;
#if defined(THREADS) && !defined(WIN32)
struct tm data;
#endif
if (s == NULL)
s=M_ASN1_GENERALIZEDTIME_new();
if (s == NULL)
return(NULL);
#if defined(THREADS) && !defined(WIN32)
gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */
ts=&data;
#else
ts=gmtime(&t);
#endif
p=(char *)s->data;
if ((p == NULL) || (s->length < 16))
{
p=Malloc(20);
if (p == NULL) return(NULL);
if (s->data != NULL)
Free(s->data);
s->data=(unsigned char *)p;
}
sprintf(p,"%04d%02d%02d%02d%02d%02dZ",ts->tm_year + 1900,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_GENERALIZEDTIME;
#ifdef CHARSET_EBCDIC_not
ebcdic2ascii(s->data, s->data, s->length);
#endif
return(s);
}

438
lib/dns/sec/openssl/a_int.c Normal file
View file

@ -0,0 +1,438 @@
/* crypto/asn1/a_int.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_INTEGER *ASN1_INTEGER_new(void)
{ return M_ASN1_INTEGER_new();}
void ASN1_INTEGER_free(ASN1_INTEGER *x)
{ M_ASN1_INTEGER_free(x);}
ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
{ return M_ASN1_INTEGER_dup(x);}
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
{ return M_ASN1_INTEGER_cmp(x,y);}
/*
* This converts an ASN1 INTEGER into its DER encoding.
* The internal representation is an ASN1_STRING whose data is a big endian
* representation of the value, ignoring the sign. The sign is determined by
* the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
*
* Positive integers are no problem: they are almost the same as the DER
* encoding, except if the first byte is >= 0x80 we need to add a zero pad.
*
* Negative integers are a bit trickier...
* The DER representation of negative integers is in 2s complement form.
* The internal form is converted by complementing each octet and finally
* adding one to the result. This can be done less messily with a little trick.
* If the internal form has trailing zeroes then they will become FF by the
* complement and 0 by the add one (due to carry) so just copy as many trailing
* zeros to the destination as there are in the source. The carry will add one
* to the last none zero octet: so complement this octet and add one and finally
* complement any left over until you get to the start of the string.
*
* Padding is a little trickier too. If the first bytes is > 0x80 then we pad
* with 0xff. However if the first byte is 0x80 and one of the following bytes
* is non-zero we pad with 0xff. The reason for this distinction is that 0x80
* followed by optional zeros isn't padded.
*/
int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
{
int pad=0,ret,r,i,t;
unsigned char *p,*n,pb=0;
if ((a == NULL) || (a->data == NULL)) return(0);
t=a->type;
if (a->length == 0)
ret=1;
else
{
ret=a->length;
i=a->data[0];
if ((t == V_ASN1_INTEGER) && (i > 127)) {
pad=1;
pb=0;
} else if(t == V_ASN1_NEG_INTEGER) {
if(i>128) {
pad=1;
pb=0xFF;
} else if(i == 128) {
/*
* Special case: if any other bytes non zero we pad:
* otherwise we don't.
*/
for(i = 1; i < a->length; i++) if(a->data[i]) {
pad=1;
pb=0xFF;
break;
}
}
}
ret+=pad;
}
r=ASN1_object_size(0,ret,V_ASN1_INTEGER);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
if (pad) *(p++)=pb;
if (a->length == 0) *(p++)=0;
else if (t == V_ASN1_INTEGER) memcpy(p,a->data,(unsigned int)a->length);
else {
/* Begin at the end of the encoding */
n=a->data + a->length - 1;
p += a->length - 1;
i = a->length;
/* Copy zeros to destination as long as source is zero */
while(!*n) {
*(p--) = 0;
n--;
i--;
}
/* Complement and increment next octet */
*(p--) = ((*(n--)) ^ 0xff) + 1;
i--;
/* Complement any octets left */
for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
}
*pp+=r;
return(r);
}
ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
long length)
{
ASN1_INTEGER *ret=NULL;
unsigned char *p,*to,*s, *pend;
long len;
int inf,tag,xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
ret->type=V_ASN1_INTEGER;
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
pend = p + len;
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_INTEGER)
{
i=ASN1_R_EXPECTING_AN_INTEGER;
goto err;
}
/* We must Malloc stuff, even for 0 bytes otherwise it
* signifies a missing NULL parameter. */
s=(unsigned char *)Malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
if(!len) {
/* Strictly speaking this is an illegal INTEGER but we
* tolerate it.
*/
ret->type=V_ASN1_INTEGER;
} else if (*p & 0x80) /* a negative number */
{
ret->type=V_ASN1_NEG_INTEGER;
if ((*p == 0xff) && (len != 1)) {
p++;
len--;
}
i = len;
p += i - 1;
to += i - 1;
while((!*p) && i) {
*(to--) = 0;
i--;
p--;
}
/* Special case: if all zeros then the number will be of
* the form FF followed by n zero bytes: this corresponds to
* 1 followed by n zero bytes. We've already written n zeros
* so we just append an extra one and set the first byte to
* a 1. This is treated separately because it is the only case
* where the number of bytes is larger than len.
*/
if(!i) {
*s = 1;
s[len] = 0;
len++;
} else {
*(to--) = (*(p--) ^ 0xff) + 1;
i--;
for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
}
} else {
ret->type=V_ASN1_INTEGER;
if ((*p == 0) && (len != 1))
{
p++;
len--;
}
memcpy(s,p,(int)len);
}
if (ret->data != NULL) Free(ret->data);
ret->data=s;
ret->length=(int)len;
if (a != NULL) (*a)=ret;
*pp=pend;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_INTEGER_free(ret);
return(NULL);
}
/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
* ASN1 integers: some broken software can encode a positive INTEGER
* with its MSB set as negative (it doesn't add a padding zero).
*/
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
long length)
{
ASN1_INTEGER *ret=NULL;
unsigned char *p,*to,*s;
long len;
int inf,tag,xclass;
int i;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
ret->type=V_ASN1_INTEGER;
}
else
ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_INTEGER)
{
i=ASN1_R_EXPECTING_AN_INTEGER;
goto err;
}
/* We must Malloc stuff, even for 0 bytes otherwise it
* signifies a missing NULL parameter. */
s=(unsigned char *)Malloc((int)len+1);
if (s == NULL)
{
i=ERR_R_MALLOC_FAILURE;
goto err;
}
to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))
{
p++;
len--;
}
memcpy(s,p,(int)len);
p+=len;
}
if (ret->data != NULL) Free(ret->data);
ret->data=s;
ret->length=(int)len;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_INTEGER_free(ret);
return(NULL);
}
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
{
int i,j,k;
unsigned char buf[sizeof(long)+1];
long d;
a->type=V_ASN1_INTEGER;
if (a->length < (sizeof(long)+1))
{
if (a->data != NULL)
Free(a->data);
if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
memset((char *)a->data,0,sizeof(long)+1);
}
if (a->data == NULL)
{
ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
return(0);
}
d=v;
if (d < 0)
{
d= -d;
a->type=V_ASN1_NEG_INTEGER;
}
for (i=0; i<sizeof(long); i++)
{
if (d == 0) break;
buf[i]=(int)d&0xff;
d>>=8;
}
j=0;
for (k=i-1; k >=0; k--)
a->data[j++]=buf[k];
a->length=j;
return(1);
}
long ASN1_INTEGER_get(ASN1_INTEGER *a)
{
int neg=0,i;
long r=0;
if (a == NULL) return(0L);
i=a->type;
if (i == V_ASN1_NEG_INTEGER)
neg=1;
else if (i != V_ASN1_INTEGER)
return(0);
if (a->length > sizeof(long))
{
/* hmm... a bit ugly */
return(0xffffffffL);
}
if (a->data == NULL)
return(0);
for (i=0; i<a->length; i++)
{
r<<=8;
r|=(unsigned char)a->data[i];
}
if (neg) r= -r;
return(r);
}
ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
{
ASN1_INTEGER *ret;
int len,j;
if (ai == NULL)
ret=M_ASN1_INTEGER_new();
else
ret=ai;
if (ret == NULL)
{
ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
goto err;
}
if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
else ret->type=V_ASN1_INTEGER;
j=BN_num_bits(bn);
len=((j == 0)?0:((j/8)+1));
ret->data=(unsigned char *)Malloc(len+4);
ret->length=BN_bn2bin(bn,ret->data);
return(ret);
err:
if (ret != ai) M_ASN1_INTEGER_free(ret);
return(NULL);
}
BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
{
BIGNUM *ret;
if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
if(ai->type == V_ASN1_NEG_INTEGER) bn->neg = 1;
return(ret);
}

309
lib/dns/sec/openssl/a_object.c Normal file
View file

@ -0,0 +1,309 @@
/* crypto/asn1/a_object.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
if ((a == NULL) || (a->data == NULL)) return(0);
if (pp == NULL)
return(ASN1_object_size(0,a->length,V_ASN1_OBJECT));
p= *pp;
ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
memcpy(p,a->data,a->length);
p+=a->length;
*pp=p;
return(a->length);
}
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{
int i,first,len=0,c;
char tmp[24];
const char *p;
unsigned long l;
if (num == 0)
return(0);
else if (num == -1)
num=strlen(buf);
p=buf;
c= *(p++);
num--;
if ((c >= '0') && (c <= '2'))
{
first=(c-'0')*40;
}
else
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
goto err;
}
if (num <= 0)
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
goto err;
}
c= *(p++);
num--;
for (;;)
{
if (num <= 0) break;
if ((c != '.') && (c != ' '))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
goto err;
}
l=0;
for (;;)
{
if (num <= 0) break;
num--;
c= *(p++);
if ((c == ' ') || (c == '.'))
break;
if ((c < '0') || (c > '9'))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
goto err;
}
l=l*10L+(long)(c-'0');
}
if (len == 0)
{
if ((first < 2) && (l >= 40))
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
goto err;
}
l+=(long)first;
}
i=0;
for (;;)
{
tmp[i++]=(unsigned char)l&0x7f;
l>>=7L;
if (l == 0L) break;
}
if (out != NULL)
{
if (len+i > olen)
{
ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
goto err;
}
while (--i > 0)
out[len++]=tmp[i]|0x80;
out[len++]=tmp[0];
}
else
len+=i;
}
return(len);
err:
return(0);
}
int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
{
return OBJ_obj2txt(buf, buf_len, a, 0);
}
#if 0
int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
{
char buf[80];
int i;
if ((a == NULL) || (a->data == NULL))
return(BIO_write(bp,"NULL",4));
i=i2t_ASN1_OBJECT(buf,80,a);
if (i > 80) i=80;
BIO_write(bp,buf,i);
return(i);
}
#endif
ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
long length)
{
ASN1_OBJECT *ret=NULL;
unsigned char *p;
long len;
int tag,xclass;
int inf,i;
/* only the ASN1_OBJECTs from the 'table' will have values
* for ->sn or ->ln */
if ((a == NULL) || ((*a) == NULL) ||
!((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
{
if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
}
else ret=(*a);
p= *pp;
inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
if (inf & 0x80)
{
i=ASN1_R_BAD_OBJECT_HEADER;
goto err;
}
if (tag != V_ASN1_OBJECT)
{
i=ASN1_R_EXPECTING_AN_OBJECT;
goto err;
}
if ((ret->data == NULL) || (ret->length < len))
{
if (ret->data != NULL) Free(ret->data);
ret->data=(unsigned char *)Malloc(len ? (int)len : 1);
ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
if (ret->data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
}
memcpy(ret->data,p,(int)len);
ret->length=(int)len;
ret->sn=NULL;
ret->ln=NULL;
/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
p+=len;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
ASN1_OBJECT_free(ret);
return(NULL);
}
ASN1_OBJECT *ASN1_OBJECT_new(void)
{
ASN1_OBJECT *ret;
ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT));
if (ret == NULL)
{
ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
return(NULL);
}
ret->length=0;
ret->data=NULL;
ret->nid=0;
ret->sn=NULL;
ret->ln=NULL;
ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
return(ret);
}
void ASN1_OBJECT_free(ASN1_OBJECT *a)
{
if (a == NULL) return;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
{
#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
if (a->sn != NULL) Free((void *)a->sn);
if (a->ln != NULL) Free((void *)a->ln);
#endif
a->sn=a->ln=NULL;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
{
if (a->data != NULL) Free(a->data);
a->data=NULL;
a->length=0;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
Free(a);
}
ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
char *sn, char *ln)
{
ASN1_OBJECT o;
o.sn=sn;
o.ln=ln;
o.data=data;
o.nid=nid;
o.length=len;
o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
ASN1_OBJECT_FLAG_DYNAMIC_DATA;
return(OBJ_dup(&o));
}
IMPLEMENT_STACK_OF(ASN1_OBJECT)
IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)

97
lib/dns/sec/openssl/a_octet.c Normal file
View file

@ -0,0 +1,97 @@
/* crypto/asn1/a_octet.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void)
{ return M_ASN1_OCTET_STRING_new(); }
void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x)
{ M_ASN1_OCTET_STRING_free(x); }
ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
{ return M_ASN1_OCTET_STRING_dup(x); }
int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
{ return M_ASN1_OCTET_STRING_cmp(a, b); }
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
{ return M_ASN1_OCTET_STRING_set(x, d, len); }
int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp)
{ return M_i2d_ASN1_OCTET_STRING(a, pp); }
ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
unsigned char **pp, long length)
{
ASN1_OCTET_STRING *ret=NULL;
ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
return(ret);
}

200
lib/dns/sec/openssl/a_print.c Normal file
View file

@ -0,0 +1,200 @@
/* crypto/asn1/a_print.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_IA5STRING *ASN1_IA5STRING_new(void)
{ return M_ASN1_IA5STRING_new();}
void ASN1_IA5STRING_free(ASN1_IA5STRING *x)
{ M_ASN1_IA5STRING_free(x);}
int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp)
{ return(M_i2d_ASN1_IA5STRING(a,pp)); }
ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp,
long l)
{ return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
ASN1_T61STRING *ASN1_T61STRING_new(void)
{ return M_ASN1_T61STRING_new();}
void ASN1_T61STRING_free(ASN1_T61STRING *x)
{ M_ASN1_T61STRING_free(x);}
ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp,
long l)
{ return(M_d2i_ASN1_T61STRING(a,pp,l)); }
ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void)
{ return M_ASN1_PRINTABLESTRING_new();}
void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x)
{ M_ASN1_PRINTABLESTRING_free(x);}
ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
unsigned char **pp, long l)
{ return(M_d2i_ASN1_PRINTABLESTRING(a,pp,
l)); }
int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp)
{ return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); }
int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp)
{ return(M_i2d_ASN1_PRINTABLE(a,pp)); }
ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp,
long l)
{ return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
int ASN1_PRINTABLE_type(unsigned char *s, int len)
{
int c;
int ia5=0;
int t61=0;
if (len <= 0) len= -1;
if (s == NULL) return(V_ASN1_PRINTABLESTRING);
while ((*s) && (len-- != 0))
{
c= *(s++);
#ifndef CHARSET_EBCDIC
if (!( ((c >= 'a') && (c <= 'z')) ||
((c >= 'A') && (c <= 'Z')) ||
(c == ' ') ||
((c >= '0') && (c <= '9')) ||
(c == ' ') || (c == '\'') ||
(c == '(') || (c == ')') ||
(c == '+') || (c == ',') ||
(c == '-') || (c == '.') ||
(c == '/') || (c == ':') ||
(c == '=') || (c == '?')))
ia5=1;
if (c&0x80)
t61=1;
#else
if (!isalnum(c) && (c != ' ') &&
strchr("'()+,-./:=?", c) == NULL)
ia5=1;
if (os_toascii[c] & 0x80)
t61=1;
#endif
}
if (t61) return(V_ASN1_T61STRING);
if (ia5) return(V_ASN1_IA5STRING);
return(V_ASN1_PRINTABLESTRING);
}
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
{
int i;
unsigned char *p;
if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
if ((s->length%4) != 0) return(0);
p=s->data;
for (i=0; i<s->length; i+=4)
{
if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
break;
else
p+=4;
}
if (i < s->length) return(0);
p=s->data;
for (i=3; i<s->length; i+=4)
{
*(p++)=s->data[i];
}
*(p)='\0';
s->length/=4;
s->type=ASN1_PRINTABLE_type(s->data,s->length);
return(1);
}
ASN1_STRING *DIRECTORYSTRING_new(void)
{ return M_DIRECTORYSTRING_new();}
void DIRECTORYSTRING_free(ASN1_STRING *x)
{ M_DIRECTORYSTRING_free(x);}
int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp)
{ return(M_i2d_DIRECTORYSTRING(a,pp)); }
ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
long l)
{ return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
ASN1_STRING *DISPLAYTEXT_new(void)
{ return M_DISPLAYTEXT_new();}
void DISPLAYTEXT_free(ASN1_STRING *x)
{ M_DISPLAYTEXT_free(x);}
int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp)
{ return(M_i2d_DISPLAYTEXT(a,pp)); }
ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp,
long l)
{ return(M_d2i_DISPLAYTEXT(a,pp,l)); }

220
lib/dns/sec/openssl/a_set.c Normal file
View file

@ -0,0 +1,220 @@
/* crypto/asn1/a_set.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
typedef struct
{
unsigned char *pbData;
int cbData;
} MYBLOB;
/* SetBlobCmp
* This function compares two elements of SET_OF block
*/
static int SetBlobCmp(const void *elem1, const void *elem2 )
{
const MYBLOB *b1 = (const MYBLOB *)elem1;
const MYBLOB *b2 = (const MYBLOB *)elem2;
int r;
r = memcmp(b1->pbData, b2->pbData,
b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
if(r != 0)
return r;
return b1->cbData-b2->cbData;
}
/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
int ex_class, int is_set)
{
int ret=0,r;
int i;
unsigned char *p;
unsigned char *pStart, *pTempMem;
MYBLOB *rgSetBlob;
int totSize;
if (a == NULL) return(0);
for (i=sk_num(a)-1; i>=0; i--)
ret+=func(sk_value(a,i),NULL);
r=ASN1_object_size(1,ret,ex_tag);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,1,ret,ex_tag,ex_class);
/* Modified by gp@nsj.co.jp */
/* And then again by Ben */
/* And again by Steve */
if(!is_set || (sk_num(a) < 2))
{
for (i=0; i<sk_num(a); i++)
func(sk_value(a,i),&p);
*pp=p;
return(r);
}
pStart = p; /* Catch the beg of Setblobs*/
rgSetBlob = (MYBLOB *)Malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
we will store the SET blobs */
for (i=0; i<sk_num(a); i++)
{
rgSetBlob[i].pbData = p; /* catch each set encode blob */
func(sk_value(a,i),&p);
rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
SetBlob
*/
}
*pp=p;
totSize = p - pStart; /* This is the total size of all set blobs */
/* Now we have to sort the blobs. I am using a simple algo.
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
pTempMem = Malloc(totSize);
/* Copy to temp mem */
p = pTempMem;
for(i=0; i<sk_num(a); ++i)
{
memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
p += rgSetBlob[i].cbData;
}
/* Copy back to user mem*/
memcpy(pStart, pTempMem, totSize);
Free(pTempMem);
Free(rgSetBlob);
return(r);
}
STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
char *(*func)(), void (*free_func)(), int ex_tag, int ex_class)
{
ASN1_CTX c;
STACK *ret=NULL;
if ((a == NULL) || ((*a) == NULL))
{ if ((ret=sk_new(NULL)) == NULL) goto err; }
else
ret=(*a);
c.p= *pp;
c.max=(length == 0)?0:(c.p+length);
c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
if (c.inf & 0x80) goto err;
if (ex_class != c.xclass)
{
ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
goto err;
}
if (ex_tag != c.tag)
{
ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
goto err;
}
if ((c.slen+c.p) > c.max)
{
ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
goto err;
}
/* check for infinite constructed - it can be as long
* as the amount of data passed to us */
if (c.inf == (V_ASN1_CONSTRUCTED+1))
c.slen=length+ *pp-c.p;
c.max=c.p+c.slen;
while (c.p < c.max)
{
char *s;
if (M_ASN1_D2I_end_sequence()) break;
if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
asn1_add_error(*pp,(int)(c.q- *pp));
goto err;
}
if (!sk_push(ret,s)) goto err;
}
if (a != NULL) (*a)=ret;
*pp=c.p;
return(ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
{
if (free_func != NULL)
sk_pop_free(ret,free_func);
else
sk_free(ret);
}
return(NULL);
}

351
lib/dns/sec/openssl/a_type.c Normal file
View file

@ -0,0 +1,351 @@
/* crypto/asn1/a_type.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
static void ASN1_TYPE_component_free(ASN1_TYPE *a);
int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
{
int r=0;
if (a == NULL) return(0);
switch (a->type)
{
case V_ASN1_NULL:
if (pp != NULL)
ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
r=2;
break;
case V_ASN1_INTEGER:
case V_ASN1_NEG_INTEGER:
r=i2d_ASN1_INTEGER(a->value.integer,pp);
break;
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp);
break;
case V_ASN1_BIT_STRING:
r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
break;
case V_ASN1_OCTET_STRING:
r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
break;
case V_ASN1_OBJECT:
r=i2d_ASN1_OBJECT(a->value.object,pp);
break;
case V_ASN1_PRINTABLESTRING:
r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
break;
case V_ASN1_T61STRING:
r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
break;
case V_ASN1_IA5STRING:
r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
break;
case V_ASN1_GENERALSTRING:
r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
break;
case V_ASN1_UNIVERSALSTRING:
r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
break;
case V_ASN1_UTF8STRING:
r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp);
break;
case V_ASN1_VISIBLESTRING:
r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp);
break;
case V_ASN1_BMPSTRING:
r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
break;
case V_ASN1_UTCTIME:
r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
break;
case V_ASN1_GENERALIZEDTIME:
r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp);
break;
case V_ASN1_SET:
case V_ASN1_SEQUENCE:
if (a->value.set == NULL)
r=0;
else
{
r=a->value.set->length;
if (pp != NULL)
{
memcpy(*pp,a->value.set->data,r);
*pp+=r;
}
}
break;
}
return(r);
}
ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
{
ASN1_TYPE *ret=NULL;
unsigned char *q,*p,*max;
int inf,tag,xclass;
long len;
if ((a == NULL) || ((*a) == NULL))
{
if ((ret=ASN1_TYPE_new()) == NULL) goto err;
}
else
ret=(*a);
p= *pp;
q=p;
max=(p+length);
inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
if (inf & 0x80) goto err;
ASN1_TYPE_component_free(ret);
switch (tag)
{
case V_ASN1_NULL:
p=q;
ret->value.ptr=NULL;
break;
case V_ASN1_INTEGER:
if ((ret->value.integer=
d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_ENUMERATED:
if ((ret->value.enumerated=
d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_BIT_STRING:
if ((ret->value.bit_string=
d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_OCTET_STRING:
if ((ret->value.octet_string=
d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_VISIBLESTRING:
if ((ret->value.visiblestring=
d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_UTF8STRING:
if ((ret->value.utf8string=
d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_OBJECT:
if ((ret->value.object=
d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_PRINTABLESTRING:
if ((ret->value.printablestring=
d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_T61STRING:
if ((ret->value.t61string=
M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_IA5STRING:
if ((ret->value.ia5string=
M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_GENERALSTRING:
if ((ret->value.generalstring=
M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_UNIVERSALSTRING:
if ((ret->value.universalstring=
M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_BMPSTRING:
if ((ret->value.bmpstring=
M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_UTCTIME:
if ((ret->value.utctime=
d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_GENERALIZEDTIME:
if ((ret->value.generalizedtime=
d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL)
goto err;
break;
case V_ASN1_SET:
case V_ASN1_SEQUENCE:
/* Sets and sequences are left complete */
if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
ret->value.set->type=tag;
len+=(q-p);
if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
p+=len;
break;
default:
ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
goto err;
}
ret->type=tag;
if (a != NULL) (*a)=ret;
*pp=p;
return(ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
return(NULL);
}
ASN1_TYPE *ASN1_TYPE_new(void)
{
ASN1_TYPE *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret,ASN1_TYPE);
ret->type= -1;
ret->value.ptr=NULL;
return(ret);
M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
}
void ASN1_TYPE_free(ASN1_TYPE *a)
{
if (a == NULL) return;
ASN1_TYPE_component_free(a);
Free(a);
}
int ASN1_TYPE_get(ASN1_TYPE *a)
{
if (a->value.ptr != NULL)
return(a->type);
else
return(0);
}
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
{
if (a->value.ptr != NULL)
ASN1_TYPE_component_free(a);
a->type=type;
a->value.ptr=value;
}
static void ASN1_TYPE_component_free(ASN1_TYPE *a)
{
if (a == NULL) return;
if (a->value.ptr != NULL)
{
switch (a->type)
{
case V_ASN1_OBJECT:
ASN1_OBJECT_free(a->value.object);
break;
case V_ASN1_INTEGER:
case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
case V_ASN1_BIT_STRING:
case V_ASN1_OCTET_STRING:
case V_ASN1_SEQUENCE:
case V_ASN1_SET:
case V_ASN1_NUMERICSTRING:
case V_ASN1_PRINTABLESTRING:
case V_ASN1_T61STRING:
case V_ASN1_VIDEOTEXSTRING:
case V_ASN1_IA5STRING:
case V_ASN1_UTCTIME:
case V_ASN1_GENERALIZEDTIME:
case V_ASN1_GRAPHICSTRING:
case V_ASN1_VISIBLESTRING:
case V_ASN1_GENERALSTRING:
case V_ASN1_UNIVERSALSTRING:
case V_ASN1_BMPSTRING:
case V_ASN1_UTF8STRING:
ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
break;
default:
/* MEMORY LEAK */
break;
}
a->type=0;
a->value.ptr=NULL;
}
}
IMPLEMENT_STACK_OF(ASN1_TYPE)
IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)

269
lib/dns/sec/openssl/a_utctm.c Normal file
View file

@ -0,0 +1,269 @@
/* crypto/asn1/a_utctm.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include <time.h>
#ifdef VMS
#include <descrip.h>
#include <lnmdef.h>
#include <starlet.h>
#endif
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_UTCTIME *ASN1_UTCTIME_new(void)
{ return M_ASN1_UTCTIME_new(); }
void ASN1_UTCTIME_free(ASN1_UTCTIME *x)
{ M_ASN1_UTCTIME_free(x); }
int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
{
#ifndef CHARSET_EBCDIC
return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
#else
/* KLUDGE! We convert to ascii before writing DER */
int len;
char tmp[24];
ASN1_STRING x = *(ASN1_STRING *)a;
len = x.length;
ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
x.data = tmp;
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
#endif
}
ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
long length)
{
ASN1_UTCTIME *ret=NULL;
ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
#ifdef CHARSET_EBCDIC
ascii2ebcdic(ret->data, ret->data, ret->length);
#endif
if (!ASN1_UTCTIME_check(ret))
{
ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
goto err;
}
return(ret);
err:
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
M_ASN1_UTCTIME_free(ret);
return(NULL);
}
int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
{
static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
static int max[8]={99,12,31,23,59,59,12,59};
char *a;
int n,i,l,o;
if (d->type != V_ASN1_UTCTIME) return(0);
l=d->length;
a=(char *)d->data;
o=0;
if (l < 11) goto err;
for (i=0; i<6; i++)
{
if ((i == 5) && ((a[o] == 'Z') ||
(a[o] == '+') || (a[o] == '-')))
{ i++; break; }
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
if (++o > l) goto err;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if (++o > l) goto err;
if ((n < min[i]) || (n > max[i])) goto err;
}
if (a[o] == 'Z')
o++;
else if ((a[o] == '+') || (a[o] == '-'))
{
o++;
if (o+4 > l) goto err;
for (i=6; i<8; i++)
{
if ((a[o] < '0') || (a[o] > '9')) goto err;
n= a[o]-'0';
o++;
if ((a[o] < '0') || (a[o] > '9')) goto err;
n=(n*10)+ a[o]-'0';
if ((n < min[i]) || (n > max[i])) goto err;
o++;
}
}
return(o == l);
err:
return(0);
}
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str)
{
ASN1_UTCTIME t;
t.type=V_ASN1_UTCTIME;
t.length=strlen(str);
t.data=(unsigned char *)str;
if (ASN1_UTCTIME_check(&t))
{
if (s != NULL)
{
ASN1_STRING_set((ASN1_STRING *)s,
(unsigned char *)str,t.length);
}
return(1);
}
else
return(0);
}
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
{
char *p;
struct tm *ts;
#if defined(THREADS) && !defined(WIN32)
struct tm data;
#endif
if (s == NULL)
s=M_ASN1_UTCTIME_new();
if (s == NULL)
return(NULL);
#if defined(THREADS) && !defined(WIN32)
gmtime_r(&t,&data); /* should return &data, but doesn't on some systems, so we don't even look at the return value */
ts=&data;
#else
ts=gmtime(&t);
#endif
#ifdef VMS
if (ts == NULL)
{
static $DESCRIPTOR(tabnam,"LNM$DCL_LOGICAL");
static $DESCRIPTOR(lognam,"SYS$TIMEZONE_DIFFERENTIAL");
char result[256];
unsigned int reslen = 0;
struct {
short buflen;
short code;
void *bufaddr;
unsigned int *reslen;
} itemlist[] = {
{ 0, LNM$_STRING, 0, 0 },
{ 0, 0, 0, 0 },
};
int status;
/* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
itemlist[0].buflen = sizeof(result);
itemlist[0].bufaddr = result;
itemlist[0].reslen = &reslen;
status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
if (!(status & 1))
return NULL;
result[reslen] = '\0';
/* Get the numerical value of the equivalence string */
status = atoi(result);
/* and use it to move time to GMT */
t -= status;
/* then convert the result to the time structure */
ts=(struct tm *)localtime(&t);
}
#endif
p=(char *)s->data;
if ((p == NULL) || (s->length < 14))
{
p=Malloc(20);
if (p == NULL) return(NULL);
if (s->data != NULL)
Free(s->data);
s->data=(unsigned char *)p;
}
sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
s->length=strlen(p);
s->type=V_ASN1_UTCTIME;
#ifdef CHARSET_EBCDIC_not
ebcdic2ascii(s->data, s->data, s->length);
#endif
return(s);
}

241
lib/dns/sec/openssl/a_utf8.c Normal file
View file

@ -0,0 +1,241 @@
/* crypto/asn1/a_utf8.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_UTF8STRING *ASN1_UTF8STRING_new(void)
{ return M_ASN1_UTF8STRING_new();}
void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x)
{ M_ASN1_UTF8STRING_free(x);}
int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
{
return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
}
ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp,
long length)
{
ASN1_UTF8STRING *ret=NULL;
ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
return(ret);
}
/* UTF8 utilities */
/* This parses a UTF8 string one character at a time. It is passed a pointer
* to the string and the length of the string. It sets 'value' to the value of
* the current character. It returns the number of characters read or a
* negative error code:
* -1 = string too short
* -2 = illegal character
* -3 = subsequent characters not of the form 10xxxxxx
* -4 = character encoded incorrectly (not minimal length).
*/
int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
{
const unsigned char *p;
unsigned long value;
int ret;
if(len <= 0) return 0;
p = str;
/* Check syntax and work out the encoded value (if correct) */
if((*p & 0x80) == 0) {
value = *p++ & 0x7f;
ret = 1;
} else if((*p & 0xe0) == 0xc0) {
if(len < 2) return -1;
if((p[1] & 0xc0) != 0x80) return -3;
value = (*p++ & 0x1f) << 6;
value |= *p++ & 0x3f;
if(value < 0x80) return -4;
ret = 2;
} else if((*p & 0xf0) == 0xe0) {
if(len < 3) return -1;
if( ((p[1] & 0xc0) != 0x80)
|| ((p[2] & 0xc0) != 0x80) ) return -3;
value = (*p++ & 0xf) << 12;
value |= (*p++ & 0x3f) << 6;
value |= *p++ & 0x3f;
if(value < 0x800) return -4;
ret = 3;
} else if((*p & 0xf8) == 0xf0) {
if(len < 4) return -1;
if( ((p[1] & 0xc0) != 0x80)
|| ((p[2] & 0xc0) != 0x80)
|| ((p[3] & 0xc0) != 0x80) ) return -3;
value = (*p++ & 0x7) << 18;
value |= (*p++ & 0x3f) << 12;
value |= (*p++ & 0x3f) << 6;
value |= *p++ & 0x3f;
if(value < 0x10000) return -4;
ret = 4;
} else if((*p & 0xfc) == 0xf8) {
if(len < 5) return -1;
if( ((p[1] & 0xc0) != 0x80)
|| ((p[2] & 0xc0) != 0x80)
|| ((p[3] & 0xc0) != 0x80)
|| ((p[4] & 0xc0) != 0x80) ) return -3;
value = (*p++ & 0x3) << 24;
value |= (*p++ & 0x3f) << 18;
value |= (*p++ & 0x3f) << 12;
value |= (*p++ & 0x3f) << 6;
value |= *p++ & 0x3f;
if(value < 0x200000) return -4;
ret = 5;
} else if((*p & 0xfe) == 0xfc) {
if(len < 6) return -1;
if( ((p[1] & 0xc0) != 0x80)
|| ((p[2] & 0xc0) != 0x80)
|| ((p[3] & 0xc0) != 0x80)
|| ((p[4] & 0xc0) != 0x80)
|| ((p[5] & 0xc0) != 0x80) ) return -3;
value = (*p++ & 0x1) << 30;
value |= (*p++ & 0x3f) << 24;
value |= (*p++ & 0x3f) << 18;
value |= (*p++ & 0x3f) << 12;
value |= (*p++ & 0x3f) << 6;
value |= *p++ & 0x3f;
if(value < 0x4000000) return -4;
ret = 6;
} else return -2;
*val = value;
return ret;
}
/* This takes a character 'value' and writes the UTF8 encoded value in
* 'str' where 'str' is a buffer containing 'len' characters. Returns
* the number of characters written or -1 if 'len' is too small. 'str' can
* be set to NULL in which case it just returns the number of characters.
* It will need at most 6 characters.
*/
int UTF8_putc(unsigned char *str, int len, unsigned long value)
{
if(!str) len = 6; /* Maximum we will need */
else if(len <= 0) return -1;
if(value < 0x80) {
if(str) *str = (unsigned char)value;
return 1;
}
if(value < 0x800) {
if(len < 2) return -1;
if(str) {
*str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
*str = (unsigned char)((value & 0x3f) | 0x80);
}
return 2;
}
if(value < 0x10000) {
if(len < 3) return -1;
if(str) {
*str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
*str = (unsigned char)((value & 0x3f) | 0x80);
}
return 3;
}
if(value < 0x200000) {
if(len < 4) return -1;
if(str) {
*str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
*str = (unsigned char)((value & 0x3f) | 0x80);
}
return 4;
}
if(value < 0x4000000) {
if(len < 5) return -1;
if(str) {
*str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
*str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
*str = (unsigned char)((value & 0x3f) | 0x80);
}
return 5;
}
if(len < 6) return -1;
if(str) {
*str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
*str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
*str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
*str = (unsigned char)((value & 0x3f) | 0x80);
}
return 6;
}

92
lib/dns/sec/openssl/a_vis.c Normal file
View file

@ -0,0 +1,92 @@
/* crypto/asn1/a_vis.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void)
{ return M_ASN1_VISIBLESTRING_new(); }
void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *x)
{ M_ASN1_VISIBLESTRING_free(x); }
int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **pp)
{
return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL));
}
ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
unsigned char **pp, long length)
{
ASN1_VISIBLESTRING *ret=NULL;
ret=(ASN1_VISIBLESTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
pp,length,V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL);
if (ret == NULL)
{
ASN1err(ASN1_F_D2I_ASN1_VISIBLESTRING,ERR_R_NESTED_ASN1_ERROR);
return(NULL);
}
return(ret);
}

427
lib/dns/sec/openssl/asn1_lib.c Normal file
View file

@ -0,0 +1,427 @@
/* crypto/asn1/asn1_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/asn1_mac.h>
static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
static void asn1_put_length(unsigned char **pp, int length);
const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
int ASN1_check_infinite_end(unsigned char **p, long len)
{
/* If there is 0 or 1 byte left, the length check should pick
* things up */
if (len <= 0)
return(1);
else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
{
(*p)+=2;
return(1);
}
return(0);
}
int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
long omax)
{
int i,ret;
long l;
unsigned char *p= *pp;
int tag,xclass,inf;
long max=omax;
if (!max) goto err;
ret=(*p&V_ASN1_CONSTRUCTED);
xclass=(*p&V_ASN1_PRIVATE);
i= *p&V_ASN1_PRIMITIVE_TAG;
if (i == V_ASN1_PRIMITIVE_TAG)
{ /* high-tag */
p++;
if (--max == 0) goto err;
l=0;
while (*p&0x80)
{
l<<=7L;
l|= *(p++)&0x7f;
if (--max == 0) goto err;
}
l<<=7L;
l|= *(p++)&0x7f;
tag=(int)l;
}
else
{
tag=i;
p++;
if (--max == 0) goto err;
}
*ptag=tag;
*pclass=xclass;
if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
#if 0
fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
(int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
(int)(omax+ *pp));
#endif
#if 0
if ((p+ *plength) > (omax+ *pp))
{
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
/* Set this so that even if things are not long enough
* the values are set correctly */
ret|=0x80;
}
#endif
*pp=p;
return(ret|inf);
err:
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
return(0x80);
}
static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
{
unsigned char *p= *pp;
long ret=0;
int i;
if (max-- < 1) return(0);
if (*p == 0x80)
{
*inf=1;
ret=0;
p++;
}
else
{
*inf=0;
i= *p&0x7f;
if (*(p++) & 0x80)
{
if (max-- == 0) return(0);
while (i-- > 0)
{
ret<<=8L;
ret|= *(p++);
if (max-- == 0) return(0);
}
}
else
ret=i;
}
*pp=p;
*rl=ret;
return(1);
}
/* class 0 is constructed
* constructed == 2 for indefinite length constructed */
void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
int xclass)
{
unsigned char *p= *pp;
int i;
i=(constructed)?V_ASN1_CONSTRUCTED:0;
i|=(xclass&V_ASN1_PRIVATE);
if (tag < 31)
*(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
else
{
*(p++)=i|V_ASN1_PRIMITIVE_TAG;
while (tag > 0x7f)
{
*(p++)=(tag&0x7f)|0x80;
tag>>=7;
}
*(p++)=(tag&0x7f);
}
if ((constructed == 2) && (length == 0))
*(p++)=0x80; /* der_put_length would output 0 instead */
else
asn1_put_length(&p,length);
*pp=p;
}
static void asn1_put_length(unsigned char **pp, int length)
{
unsigned char *p= *pp;
int i,l;
if (length <= 127)
*(p++)=(unsigned char)length;
else
{
l=length;
for (i=0; l > 0; i++)
l>>=8;
*(p++)=i|0x80;
l=i;
while (i-- > 0)
{
p[i]=length&0xff;
length>>=8;
}
p+=l;
}
*pp=p;
}
int ASN1_object_size(int constructed, int length, int tag)
{
int ret;
ret=length;
ret++;
if (tag >= 31)
{
while (tag > 0)
{
tag>>=7;
ret++;
}
}
if ((length == 0) && (constructed == 2))
ret+=2;
ret++;
if (length > 127)
{
while (length > 0)
{
length>>=8;
ret++;
}
}
return(ret);
}
int asn1_Finish(ASN1_CTX *c)
{
if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
{
if (!ASN1_check_infinite_end(&c->p,c->slen))
{
c->error=ERR_R_MISSING_ASN1_EOS;
return(0);
}
}
if ( ((c->slen != 0) && !(c->inf & 1)) ||
((c->slen < 0) && (c->inf & 1)))
{
c->error=ERR_R_ASN1_LENGTH_MISMATCH;
return(0);
}
return(1);
}
int asn1_GetSequence(ASN1_CTX *c, long *length)
{
unsigned char *q;
q=c->p;
c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
*length);
if (c->inf & 0x80)
{
c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
return(0);
}
if (c->tag != V_ASN1_SEQUENCE)
{
c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
return(0);
}
(*length)-=(c->p-q);
if (c->max && (*length < 0))
{
c->error=ERR_R_ASN1_LENGTH_MISMATCH;
return(0);
}
if (c->inf == (1|V_ASN1_CONSTRUCTED))
c->slen= *length+ *(c->pp)-c->p;
c->eos=0;
return(1);
}
ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
{
ASN1_STRING *ret;
if (str == NULL) return(NULL);
if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
return(NULL);
if (!ASN1_STRING_set(ret,str->data,str->length))
{
ASN1_STRING_free(ret);
return(NULL);
}
ret->flags = str->flags;
return(ret);
}
int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
{
unsigned char *c;
const char *data=_data;
if (len < 0)
{
if (data == NULL)
return(0);
else
len=strlen(data);
}
if ((str->length < len) || (str->data == NULL))
{
c=str->data;
if (c == NULL)
str->data=Malloc(len+1);
else
str->data=Realloc(c,len+1);
if (str->data == NULL)
{
str->data=c;
return(0);
}
}
str->length=len;
if (data != NULL)
{
memcpy(str->data,data,len);
/* an allowance for strings :-) */
str->data[len]='\0';
}
return(1);
}
ASN1_STRING *ASN1_STRING_new(void)
{
return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
}
ASN1_STRING *ASN1_STRING_type_new(int type)
{
ASN1_STRING *ret;
ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING));
if (ret == NULL)
{
ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
return(NULL);
}
ret->length=0;
ret->type=type;
ret->data=NULL;
ret->flags=0;
return(ret);
}
void ASN1_STRING_free(ASN1_STRING *a)
{
if (a == NULL) return;
if (a->data != NULL) Free(a->data);
Free(a);
}
int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
{
int i;
i=(a->length-b->length);
if (i == 0)
{
i=memcmp(a->data,b->data,a->length);
if (i == 0)
return(a->type-b->type);
else
return(i);
}
else
return(i);
}
void asn1_add_error(unsigned char *address, int offset)
{
char buf1[16],buf2[16];
sprintf(buf1,"%lu",(unsigned long)address);
sprintf(buf2,"%d",offset);
ERR_add_error_data(4,"address=",buf1," offset=",buf2);
}
int ASN1_STRING_length(ASN1_STRING *x)
{ return M_ASN1_STRING_length(x); }
void ASN1_STRING_length_set(ASN1_STRING *x, int len)
{ M_ASN1_STRING_length_set(x, len); return; }
int ASN1_STRING_type(ASN1_STRING *x)
{ return M_ASN1_STRING_type(x); }
unsigned char * ASN1_STRING_data(ASN1_STRING *x)
{ return M_ASN1_STRING_data(x); }

147
lib/dns/sec/openssl/bn_blind.c Normal file
View file

@ -0,0 +1,147 @@
/* crypto/bn/bn_blind.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include "bn_lcl.h"
BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod)
{
BN_BLINDING *ret=NULL;
bn_check_top(Ai);
bn_check_top(mod);
if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL)
{
BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
return(NULL);
}
memset(ret,0,sizeof(BN_BLINDING));
if ((ret->A=BN_new()) == NULL) goto err;
if ((ret->Ai=BN_new()) == NULL) goto err;
if (!BN_copy(ret->A,A)) goto err;
if (!BN_copy(ret->Ai,Ai)) goto err;
ret->mod=mod;
return(ret);
err:
if (ret != NULL) BN_BLINDING_free(ret);
return(NULL);
}
void BN_BLINDING_free(BN_BLINDING *r)
{
if(r == NULL)
return;
if (r->A != NULL) BN_free(r->A );
if (r->Ai != NULL) BN_free(r->Ai);
Free(r);
}
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
{
int ret=0;
if ((b->A == NULL) || (b->Ai == NULL))
{
BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
goto err;
}
if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
ret=1;
err:
return(ret);
}
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
{
bn_check_top(n);
if ((b->A == NULL) || (b->Ai == NULL))
{
BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED);
return(0);
}
return(BN_mod_mul(n,n,b->A,b->mod,ctx));
}
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
{
int ret;
bn_check_top(n);
if ((b->A == NULL) || (b->Ai == NULL))
{
BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED);
return(0);
}
if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
{
if (!BN_BLINDING_update(b,ctx))
return(0);
}
return(ret);
}

1067
lib/dns/sec/openssl/include/openssl/asn1.h Normal file
View file

File diff suppressed because it is too large Load diff

13
lib/dns/sec/openssl/include/openssl/e_os.h
View file

@ -80,6 +80,19 @@ extern "C" {
#define DEVRANDOM "/dev/urandom"
#endif
#define NO_BF
#define NO_CAST
#define NO_DES
#define NO_IDEA
#define NO_MD2
#define NO_MDC2
#define NO_RC2
#define NO_RC4
#define NO_RC5
#define NO_RIPEMD
#define NO_OBJECT
#define NO_BIO
/********************************************************************
The Microsoft section
********************************************************************/

3
lib/dns/sec/openssl/include/openssl/err.h
View file

@ -157,10 +157,13 @@ typedef struct err_state_st
#define SYSerr(f,r) do {} while (0)
#define BNerr(f,r) do {} while (0)
#define DHerr(f,r) do {} while (0)
#define RSAerr(f,r) do {} while (0)
#define DSAerr(f,r) do {} while (0)
#define CRYPTOerr(f,r) do {} while (0)
#define BUFerr(f,r) do {} while (0)
#define RANDerr(f,r) do {} while (0)
#define OBJerr(f,r) do {} while (0)
#define ASN1err(f,r) do {} while (0)
#endif
/* Borland C seems too stupid to be able to shift and do longs in

743
lib/dns/sec/openssl/include/openssl/evp.h Normal file
View file

@ -0,0 +1,743 @@
/* crypto/evp/evp.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_ENVELOPE_H
#define HEADER_ENVELOPE_H
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NO_MD2
#include <openssl/md2.h>
#endif
#ifndef NO_MD5
#include <openssl/md5.h>
#endif
#ifndef NO_SHA
#include <openssl/sha.h>
#endif
#ifndef NO_RIPEMD
#include <openssl/ripemd.h>
#endif
#ifndef NO_DES
#include <openssl/des.h>
#endif
#ifndef NO_RC4
#include <openssl/rc4.h>
#endif
#ifndef NO_RC2
#include <openssl/rc2.h>
#endif
#ifndef NO_RC5
#include <openssl/rc5.h>
#endif
#ifndef NO_BF
#include <openssl/blowfish.h>
#endif
#ifndef NO_CAST
#include <openssl/cast.h>
#endif
#ifndef NO_IDEA
#include <openssl/idea.h>
#endif
#ifndef NO_MDC2
#include <openssl/mdc2.h>
#endif
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
#define EVP_BLOWFISH_KEY_SIZE 16
#define EVP_CAST5_KEY_SIZE 16
#define EVP_RC5_32_12_16_KEY_SIZE 16
#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
#define EVP_MAX_KEY_LENGTH 24
#define EVP_MAX_IV_LENGTH 8
#define PKCS5_SALT_LEN 8
/* Default PKCS#5 iteration count */
#define PKCS5_DEFAULT_ITER 2048
#ifndef NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef NO_DSA
#include <openssl/dsa.h>
#endif
#ifndef NO_DH
#include <openssl/dh.h>
#endif
#include <openssl/objects.h>
#define EVP_PK_RSA 0x0001
#define EVP_PK_DSA 0x0002
#define EVP_PK_DH 0x0004
#define EVP_PKT_SIGN 0x0010
#define EVP_PKT_ENC 0x0020
#define EVP_PKT_EXCH 0x0040
#define EVP_PKS_RSA 0x0100
#define EVP_PKS_DSA 0x0200
#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
#define EVP_PKEY_NONE NID_undef
#define EVP_PKEY_RSA NID_rsaEncryption
#define EVP_PKEY_RSA2 NID_rsa
#define EVP_PKEY_DSA NID_dsa
#define EVP_PKEY_DSA1 NID_dsa_2
#define EVP_PKEY_DSA2 NID_dsaWithSHA
#define EVP_PKEY_DSA3 NID_dsaWithSHA1
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
#define EVP_PKEY_DH NID_dhKeyAgreement
/* Type needs to be a bit field
* Sub-type needs to be for variations on the method, as in, can it do
* arbitrary encryption.... */
typedef struct evp_pkey_st
{
int type;
int save_type;
int references;
union {
char *ptr;
#ifndef NO_RSA
struct rsa_st *rsa; /* RSA */
#endif
#ifndef NO_DSA
struct dsa_st *dsa; /* DSA */
#endif
#ifndef NO_DH
struct dh_st *dh; /* DH */
#endif
} pkey;
int save_parameters;
STACK /*X509_ATTRIBUTE*/ *attributes; /* [ 0 ] */
} EVP_PKEY;
#define EVP_PKEY_MO_SIGN 0x0001
#define EVP_PKEY_MO_VERIFY 0x0002
#define EVP_PKEY_MO_ENCRYPT 0x0004
#define EVP_PKEY_MO_DECRYPT 0x0008
#if 0
/* This structure is required to tie the message digest and signing together.
* The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
* oid, md and pkey.
* This is required because for various smart-card perform the digest and
* signing/verification on-board. To handle this case, the specific
* EVP_MD and EVP_PKEY_METHODs need to be closely associated.
* When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
* This can either be software or a token to provide the required low level
* routines.
*/
typedef struct evp_pkey_md_st
{
int oid;
EVP_MD *md;
EVP_PKEY_METHOD *pkey;
} EVP_PKEY_MD;
#define EVP_rsa_md2() \
EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md2())
#define EVP_rsa_md5() \
EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md5())
#define EVP_rsa_sha0() \
EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha())
#define EVP_rsa_sha1() \
EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha1())
#define EVP_rsa_ripemd160() \
EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
EVP_rsa_pkcs1(),EVP_ripemd160())
#define EVP_rsa_mdc2() \
EVP_PKEY_MD_add(NID_mdc2WithRSA,\
EVP_rsa_octet_string(),EVP_mdc2())
#define EVP_dsa_sha() \
EVP_PKEY_MD_add(NID_dsaWithSHA,\
EVP_dsa(),EVP_mdc2())
#define EVP_dsa_sha1() \
EVP_PKEY_MD_add(NID_dsaWithSHA1,\
EVP_dsa(),EVP_sha1())
typedef struct evp_pkey_method_st
{
char *name;
int flags;
int type; /* RSA, DSA, an SSLeay specific constant */
int oid; /* For the pub-key type */
int encrypt_oid; /* pub/priv key encryption */
int (*sign)();
int (*verify)();
struct {
int
int (*set)(); /* get and/or set the underlying type */
int (*get)();
int (*encrypt)();
int (*decrypt)();
int (*i2d)();
int (*d2i)();
int (*dup)();
} pub,priv;
int (*set_asn1_parameters)();
int (*get_asn1_parameters)();
} EVP_PKEY_METHOD;
#endif
#ifndef EVP_MD
typedef struct env_md_st
{
int type;
int pkey_type;
int md_size;
void (*init)();
void (*update)();
void (*final)();
int (*sign)();
int (*verify)();
int required_pkey_type[5]; /*EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx need to be */
} EVP_MD;
#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
#ifndef NO_DSA
#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
EVP_PKEY_DSA4,0}
#else
#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
#endif
#ifndef NO_RSA
#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
RSA_sign_ASN1_OCTET_STRING, \
RSA_verify_ASN1_OCTET_STRING, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
#else
#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
#endif
#endif /* !EVP_MD */
typedef struct env_md_ctx_st
{
const EVP_MD *digest;
union {
unsigned char base[4];
#ifndef NO_MD2
MD2_CTX md2;
#endif
#ifndef NO_MD5
MD5_CTX md5;
#endif
#ifndef NO_RIPEMD
RIPEMD160_CTX ripemd160;
#endif
#ifndef NO_SHA
SHA_CTX sha;
#endif
#ifndef NO_MDC2
MDC2_CTX mdc2;
#endif
} md;
} EVP_MD_CTX;
typedef struct evp_cipher_st
{
int nid;
int block_size;
int key_len;
int iv_len;
void (*init)(); /* init for encryption */
void (*do_cipher)(); /* encrypt data */
void (*cleanup)(); /* used by cipher method */
int ctx_size; /* how big the ctx needs to be */
/* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
/* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
} EVP_CIPHER;
typedef struct evp_cipher_info_st
{
const EVP_CIPHER *cipher;
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
typedef struct evp_cipher_ctx_st
{
const EVP_CIPHER *cipher;
int encrypt; /* encrypt or decrypt */
int buf_len; /* number we have left */
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
int num; /* used by cfb/ofb mode */
char *app_data; /* application stuff */
union {
#ifndef NO_RC4
struct
{
unsigned char key[EVP_RC4_KEY_SIZE];
RC4_KEY ks; /* working key */
} rc4;
#endif
#ifndef NO_DES
des_key_schedule des_ks;/* key schedule */
struct
{
des_key_schedule ks;/* key schedule */
des_cblock inw;
des_cblock outw;
} desx_cbc;
struct
{
des_key_schedule ks1;/* key schedule */
des_key_schedule ks2;/* key schedule (for ede) */
des_key_schedule ks3;/* key schedule (for ede3) */
} des_ede;
#endif
#ifndef NO_IDEA
IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
#endif
#ifndef NO_RC2
RC2_KEY rc2_ks;/* key schedule */
#endif
#ifndef NO_RC5
RC5_32_KEY rc5_ks;/* key schedule */
#endif
#ifndef NO_BF
BF_KEY bf_ks;/* key schedule */
#endif
#ifndef NO_CAST
CAST_KEY cast_ks;/* key schedule */
#endif
} c;
} EVP_CIPHER_CTX;
typedef struct evp_Encode_Ctx_st
{
int num; /* number saved in a partial encode/decode */
int length; /* The length is either the output line length
* (in input bytes) or the shortest input line
* length that is ok. Once decoding begins,
* the length is adjusted up each time a longer
* line is decoded */
unsigned char enc_data[80]; /* data to encode */
int line_num; /* number read on current line */
int expect_nl;
} EVP_ENCODE_CTX;
/* Password based encryption function */
typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER *cipher,
EVP_MD *md, int en_de);
#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
(char *)(dsa))
#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
(char *)(dh))
/* Add some extra combinations */
#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
#define EVP_MD_type(e) ((e)->type)
#define EVP_MD_pkey_type(e) ((e)->pkey_type)
#define EVP_MD_size(e) ((e)->md_size)
#define EVP_MD_block_size(e) ((e)->block_size)
#define EVP_MD_CTX_md(e) ((e)->digest)
#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
#define EVP_CIPHER_nid(e) ((e)->nid)
#define EVP_CIPHER_block_size(e) ((e)->block_size)
#define EVP_CIPHER_key_length(e) ((e)->key_len)
#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
#ifdef CONST_STRICT
void BIO_set_md(BIO *,const EVP_MD *md);
#else
# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
#endif
#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
#define EVP_add_cipher_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
#define EVP_add_digest_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
#define EVP_delete_cipher_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
#define EVP_delete_digest_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
void EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
unsigned int cnt);
void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
void EVP_set_pw_prompt(char *prompt);
char * EVP_get_pw_prompt(void);
int EVP_BytesToKey(const EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
unsigned char *data, int datal, int count,
unsigned char *key,unsigned char *iv);
void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
void EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
unsigned char *key,unsigned char *iv,int enc);
void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl);
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
EVP_PKEY *pkey);
int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
unsigned int siglen,EVP_PKEY *pkey);
int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
int ekl,unsigned char *iv,EVP_PKEY *priv);
int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
int *outl,unsigned char *in,int inl);
void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
unsigned char *in, int inl);
int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
char *out, int *outl);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
void ERR_load_EVP_strings(void );
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
#ifdef HEADER_BIO_H
BIO_METHOD *BIO_f_md(void);
BIO_METHOD *BIO_f_base64(void);
BIO_METHOD *BIO_f_cipher(void);
BIO_METHOD *BIO_f_reliable(void);
void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k,
unsigned char *i, int enc);
#endif
EVP_MD *EVP_md_null(void);
EVP_MD *EVP_md2(void);
EVP_MD *EVP_md5(void);
EVP_MD *EVP_sha(void);
EVP_MD *EVP_sha1(void);
EVP_MD *EVP_dss(void);
EVP_MD *EVP_dss1(void);
EVP_MD *EVP_mdc2(void);
EVP_MD *EVP_ripemd160(void);
EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
EVP_CIPHER *EVP_des_ecb(void);
EVP_CIPHER *EVP_des_ede(void);
EVP_CIPHER *EVP_des_ede3(void);
EVP_CIPHER *EVP_des_cfb(void);
EVP_CIPHER *EVP_des_ede_cfb(void);
EVP_CIPHER *EVP_des_ede3_cfb(void);
EVP_CIPHER *EVP_des_ofb(void);
EVP_CIPHER *EVP_des_ede_ofb(void);
EVP_CIPHER *EVP_des_ede3_ofb(void);
EVP_CIPHER *EVP_des_cbc(void);
EVP_CIPHER *EVP_des_ede_cbc(void);
EVP_CIPHER *EVP_des_ede3_cbc(void);
EVP_CIPHER *EVP_desx_cbc(void);
EVP_CIPHER *EVP_rc4(void);
EVP_CIPHER *EVP_rc4_40(void);
EVP_CIPHER *EVP_idea_ecb(void);
EVP_CIPHER *EVP_idea_cfb(void);
EVP_CIPHER *EVP_idea_ofb(void);
EVP_CIPHER *EVP_idea_cbc(void);
EVP_CIPHER *EVP_rc2_ecb(void);
EVP_CIPHER *EVP_rc2_cbc(void);
EVP_CIPHER *EVP_rc2_40_cbc(void);
EVP_CIPHER *EVP_rc2_64_cbc(void);
EVP_CIPHER *EVP_rc2_cfb(void);
EVP_CIPHER *EVP_rc2_ofb(void);
EVP_CIPHER *EVP_bf_ecb(void);
EVP_CIPHER *EVP_bf_cbc(void);
EVP_CIPHER *EVP_bf_cfb(void);
EVP_CIPHER *EVP_bf_ofb(void);
EVP_CIPHER *EVP_cast5_ecb(void);
EVP_CIPHER *EVP_cast5_cbc(void);
EVP_CIPHER *EVP_cast5_cfb(void);
EVP_CIPHER *EVP_cast5_ofb(void);
EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
void OpenSSL_add_all_algorithms(void);
void OpenSSL_add_all_ciphers(void);
void OpenSSL_add_all_digests(void);
#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
int EVP_add_cipher(EVP_CIPHER *cipher);
int EVP_add_digest(EVP_MD *digest);
const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
int enc_key_len,EVP_PKEY *private_key);
int EVP_PKEY_encrypt(unsigned char *enc_key,
unsigned char *key,int key_len,EVP_PKEY *pub_key);
int EVP_PKEY_type(int type);
int EVP_PKEY_bits(EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
#ifndef NO_RSA
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
RSA * EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
#endif
#ifndef NO_DSA
int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
#endif
#ifndef NO_DH
int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
DH * EVP_PKEY_get1_DH(EVP_PKEY *pkey);
#endif
EVP_PKEY * EVP_PKEY_new(void);
void EVP_PKEY_free(EVP_PKEY *pkey);
EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
long length);
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
long length);
EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
long length);
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
/* calls methods */
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
/* These are used by EVP_CIPHER methods */
int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
/* PKCS5 password based encryption */
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
int en_de);
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
int en_de);
void PKCS5_PBE_add(void);
int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
int EVP_PBE_alg_add(int nid, EVP_CIPHER *cipher, EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
void EVP_PBE_cleanup(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
/* Error codes for the EVP functions. */
/* Function codes. */
#define EVP_F_D2I_PKEY 100
#define EVP_F_EVP_DECRYPTFINAL 101
#define EVP_F_EVP_MD_CTX_COPY 110
#define EVP_F_EVP_OPENINIT 102
#define EVP_F_EVP_PBE_ALG_ADD 115
#define EVP_F_EVP_PBE_CIPHERINIT 116
#define EVP_F_EVP_PKCS82PKEY 111
#define EVP_F_EVP_PKCS8_SET_BROKEN 112
#define EVP_F_EVP_PKEY2PKCS8 113
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
#define EVP_F_EVP_PKEY_DECRYPT 104
#define EVP_F_EVP_PKEY_ENCRYPT 105
#define EVP_F_EVP_PKEY_GET1_DH 119
#define EVP_F_EVP_PKEY_GET1_DSA 120
#define EVP_F_EVP_PKEY_GET1_RSA 121
#define EVP_F_EVP_PKEY_NEW 106
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
#define EVP_F_RC2_MAGIC_TO_METH 109
/* Reason codes. */
#define EVP_R_BAD_DECRYPT 100
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
#define EVP_R_CIPHER_PARAMETER_ERROR 122
#define EVP_R_DECODE_ERROR 114
#define EVP_R_DIFFERENT_KEY_TYPES 101
#define EVP_R_ENCODE_ERROR 115
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
#define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_KEYGEN_FAILURE 120
#define EVP_R_MISSING_PARAMETERS 103
#define EVP_R_NO_DSA_PARAMETERS 116
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPPORTED_CIPHER 107
#define EVP_R_UNSUPPORTED_KEYLENGTH 123
#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
#define EVP_R_UNSUPPORTED_KEY_SIZE 108
#define EVP_R_UNSUPPORTED_PRF 125
#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
#ifdef __cplusplus
}
#endif
#endif

338
lib/dns/sec/openssl/include/openssl/rsa.h Normal file
View file

@ -0,0 +1,338 @@
/* crypto/rsa/rsa.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_RSA_H
#define HEADER_RSA_H
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/bn.h>
#include <openssl/crypto.h>
#ifdef NO_RSA
#error RSA is disabled.
#endif
typedef struct rsa_st RSA;
typedef struct rsa_meth_st
{
const char *name;
int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to,
RSA *rsa,int padding);
int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx); /* Can be null */
int (*init)(RSA *rsa); /* called at new */
int (*finish)(RSA *rsa); /* called at free */
int flags; /* RSA_METHOD_FLAG_* things */
char *app_data; /* may be needed! */
/* New sign and verify functions: some libraries don't allow arbitrary data
* to be signed/verified: this allows them to be used. Note: for this to work
* the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
* RSA_sign(), RSA_verify() should be used instead. Note: for backwards
* compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
* option is set in 'flags'.
*/
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
} RSA_METHOD;
struct rsa_st
{
/* The first parameter is used to pickup errors where
* this is passed instead of aEVP_PKEY, it is set to 0 */
int pad;
int version;
RSA_METHOD *meth;
BIGNUM *n;
BIGNUM *e;
BIGNUM *d;
BIGNUM *p;
BIGNUM *q;
BIGNUM *dmp1;
BIGNUM *dmq1;
BIGNUM *iqmp;
/* be careful using this if the RSA structure is shared */
CRYPTO_EX_DATA ex_data;
int references;
int flags;
/* Used to cache montgomery values */
BN_MONT_CTX *_method_mod_n;
BN_MONT_CTX *_method_mod_p;
BN_MONT_CTX *_method_mod_q;
/* all BIGNUM values are actually in the following data, if it is not
* NULL */
char *bignum_data;
BN_BLINDING *blinding;
};
#define RSA_3 0x3L
#define RSA_F4 0x10001L
#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
#define RSA_FLAG_CACHE_PUBLIC 0x02
#define RSA_FLAG_CACHE_PRIVATE 0x04
#define RSA_FLAG_BLINDING 0x08
#define RSA_FLAG_THREAD_SAFE 0x10
/* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present:
* for example a key stored in external hardware. Without this flag bn_mod_exp
* gets called when private key components are absent.
*/
#define RSA_FLAG_EXT_PKEY 0x20
/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
*/
#define RSA_FLAG_SIGN_VER 0x40
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2
#define RSA_NO_PADDING 3
#define RSA_PKCS1_OAEP_PADDING 4
#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
RSA * RSA_new(void);
RSA * RSA_new_method(RSA_METHOD *method);
int RSA_size(RSA *);
RSA * RSA_generate_key(int bits, unsigned long e,void
(*callback)(int,int,void *),void *cb_arg);
int RSA_check_key(RSA *);
/* next 4 return -1 on error */
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
int RSA_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
int RSA_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
int RSA_private_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
void RSA_free (RSA *r);
int RSA_flags(RSA *r);
void RSA_set_default_method(RSA_METHOD *meth);
RSA_METHOD *RSA_get_default_method(void);
RSA_METHOD *RSA_get_method(RSA *rsa);
RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
/* This function needs the memory locking malloc callbacks to be installed */
int RSA_memory_lock(RSA *r);
/* If you have RSAref compiled in. */
RSA_METHOD *RSA_PKCS1_RSAref(void);
/* these are the actual SSLeay RSA functions */
RSA_METHOD *RSA_PKCS1_SSLeay(void);
RSA_METHOD *RSA_null_method(void);
void ERR_load_RSA_strings(void );
RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
#ifndef NO_FP_API
int RSA_print_fp(FILE *fp, RSA *r,int offset);
#endif
#ifdef HEADER_BIO_H
int RSA_print(BIO *bp, RSA *r,int offset);
#endif
int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
/* Naughty internal function required elsewhere, to handle a MS structure
* that is the same as the netscape one :-) */
RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
/* The following 2 functions sign and verify a X509_SIG ASN1 object
* inside PKCS#1 padded RSA encryption */
int RSA_sign(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
/* The following 2 function sign and verify a ASN1_OCTET_STRING
* object inside PKCS#1 padded RSA encryption */
int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
void RSA_blinding_off(RSA *rsa);
int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
unsigned char *f,int fl);
int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len);
int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
unsigned char *f,int fl);
int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
unsigned char *f,int fl,unsigned char *p,
int pl);
int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len,
unsigned char *p,int pl);
int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
unsigned char *f,int fl);
int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len);
int RSA_padding_add_none(unsigned char *to,int tlen,
unsigned char *f,int fl);
int RSA_padding_check_none(unsigned char *to,int tlen,
unsigned char *f,int fl,int rsa_len);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int RSA_set_ex_data(RSA *r,int idx,void *arg);
void *RSA_get_ex_data(RSA *r, int idx);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
/* Error codes for the RSA functions. */
/* Function codes. */
#define RSA_F_MEMORY_LOCK 100
#define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
#define RSA_F_RSA_GENERATE_KEY 105
#define RSA_F_RSA_NEW_METHOD 106
#define RSA_F_RSA_NULL 124
#define RSA_F_RSA_PADDING_ADD_NONE 107
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
#define RSA_F_RSA_PADDING_CHECK_NONE 111
#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
#define RSA_F_RSA_PRINT 115
#define RSA_F_RSA_PRINT_FP 116
#define RSA_F_RSA_SIGN 117
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
#define RSA_F_RSA_VERIFY 119
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
/* Reason codes. */
#define RSA_R_ALGORITHM_MISMATCH 100
#define RSA_R_BAD_E_VALUE 101
#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
#define RSA_R_BAD_PAD_BYTE_COUNT 103
#define RSA_R_BAD_SIGNATURE 104
#define RSA_R_BLOCK_TYPE_IS_NOT_01 106
#define RSA_R_BLOCK_TYPE_IS_NOT_02 107
#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
#define RSA_R_DATA_TOO_LARGE 109
#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
#define RSA_R_DATA_TOO_SMALL 111
#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
#define RSA_R_INVALID_MESSAGE_LENGTH 131
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
#define RSA_R_OAEP_DECODING_ERROR 121
#define RSA_R_PADDING_CHECK_FAILED 114
#define RSA_R_P_NOT_PRIME 128
#define RSA_R_Q_NOT_PRIME 129
#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
#define RSA_R_UNKNOWN_PADDING_TYPE 118
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
#ifdef __cplusplus
}
#endif
#endif

1204
lib/dns/sec/openssl/include/openssl/x509.h Normal file
View file

File diff suppressed because it is too large Load diff

654
lib/dns/sec/openssl/obj_dat.c Normal file
View file

@ -0,0 +1,654 @@
/* crypto/objects/obj_dat.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include <ctype.h>
#include "cryptlib.h"
#include <openssl/lhash.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
/* obj_dat.h is generated from objects.h by obj_dat.pl */
#ifndef NO_OBJECT
#include "obj_dat.h"
#else
/* You will have to load all the objects needed manually in the application */
#define NUM_NID 0
#define NUM_SN 0
#define NUM_LN 0
#define NUM_OBJ 0
static unsigned char lvalues[1];
static ASN1_OBJECT nid_objs[1];
static ASN1_OBJECT *sn_objs[1];
static ASN1_OBJECT *ln_objs[1];
static ASN1_OBJECT *obj_objs[1];
#endif
static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
#define ADDED_DATA 0
#define ADDED_SNAME 1
#define ADDED_LNAME 2
#define ADDED_NID 3
typedef struct added_obj_st
{
int type;
ASN1_OBJECT *obj;
} ADDED_OBJ;
static int new_nid=NUM_NID;
static LHASH *added=NULL;
static int sn_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
{ return(strcmp((*ap)->sn,(*bp)->sn)); }
static int ln_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
{ return(strcmp((*ap)->ln,(*bp)->ln)); }
static unsigned long add_hash(ADDED_OBJ *ca)
{
ASN1_OBJECT *a;
int i;
unsigned long ret=0;
unsigned char *p;
a=ca->obj;
switch (ca->type)
{
case ADDED_DATA:
ret=a->length<<20L;
p=(unsigned char *)a->data;
for (i=0; i<a->length; i++)
ret^=p[i]<<((i*3)%24);
break;
case ADDED_SNAME:
ret=lh_strhash(a->sn);
break;
case ADDED_LNAME:
ret=lh_strhash(a->ln);
break;
case ADDED_NID:
ret=a->nid;
break;
default:
abort();
}
ret&=0x3fffffffL;
ret|=ca->type<<30L;
return(ret);
}
static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb)
{
ASN1_OBJECT *a,*b;
int i;
i=ca->type-cb->type;
if (i) return(i);
a=ca->obj;
b=cb->obj;
switch (ca->type)
{
case ADDED_DATA:
i=(a->length - b->length);
if (i) return(i);
return(memcmp(a->data,b->data,a->length));
case ADDED_SNAME:
if (a->sn == NULL) return(-1);
else if (b->sn == NULL) return(1);
else return(strcmp(a->sn,b->sn));
case ADDED_LNAME:
if (a->ln == NULL) return(-1);
else if (b->ln == NULL) return(1);
else return(strcmp(a->ln,b->ln));
case ADDED_NID:
return(a->nid-b->nid);
default:
abort();
}
return(1); /* should not get here */
}
static int init_added(void)
{
if (added != NULL) return(1);
added=lh_new(add_hash,add_cmp);
return(added != NULL);
}
static void cleanup1(ADDED_OBJ *a)
{
a->obj->nid=0;
a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
static void cleanup2(ADDED_OBJ *a)
{ a->obj->nid++; }
static void cleanup3(ADDED_OBJ *a)
{
if (--a->obj->nid == 0)
ASN1_OBJECT_free(a->obj);
Free(a);
}
void OBJ_cleanup(void)
{
if (added == NULL) return;
added->down_load=0;
lh_doall(added,cleanup1); /* zero counters */
lh_doall(added,cleanup2); /* set counters */
lh_doall(added,cleanup3); /* free objects */
lh_free(added);
added=NULL;
}
int OBJ_new_nid(int num)
{
int i;
i=new_nid;
new_nid+=num;
return(i);
}
int OBJ_add_object(ASN1_OBJECT *obj)
{
ASN1_OBJECT *o;
ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop;
int i;
if (added == NULL)
if (!init_added()) return(0);
if ((o=OBJ_dup(obj)) == NULL) goto err;
ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
if ((o->length != 0) && (obj->data != NULL))
ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
if (o->sn != NULL)
ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
if (o->ln != NULL)
ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
for (i=ADDED_DATA; i<=ADDED_NID; i++)
{
if (ao[i] != NULL)
{
ao[i]->type=i;
ao[i]->obj=o;
aop=(ADDED_OBJ *)lh_insert(added,ao[i]);
/* memory leak, buit should not normally matter */
if (aop != NULL)
Free(aop);
}
}
o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
return(o->nid);
err:
for (i=ADDED_DATA; i<=ADDED_NID; i++)
if (ao[i] != NULL) Free(ao[i]);
if (o != NULL) Free(o);
return(NID_undef);
}
ASN1_OBJECT *OBJ_nid2obj(int n)
{
ADDED_OBJ ad,*adp;
ASN1_OBJECT ob;
if ((n >= 0) && (n < NUM_NID))
{
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
{
OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
return(NULL);
}
return((ASN1_OBJECT *)&(nid_objs[n]));
}
else if (added == NULL)
return(NULL);
else
{
ad.type=ADDED_NID;
ad.obj= &ob;
ob.nid=n;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL)
return(adp->obj);
else
{
OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
return(NULL);
}
}
}
const char *OBJ_nid2sn(int n)
{
ADDED_OBJ ad,*adp;
ASN1_OBJECT ob;
if ((n >= 0) && (n < NUM_NID))
{
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
{
OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
return(NULL);
}
return(nid_objs[n].sn);
}
else if (added == NULL)
return(NULL);
else
{
ad.type=ADDED_NID;
ad.obj= &ob;
ob.nid=n;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL)
return(adp->obj->sn);
else
{
OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
return(NULL);
}
}
}
const char *OBJ_nid2ln(int n)
{
ADDED_OBJ ad,*adp;
ASN1_OBJECT ob;
if ((n >= 0) && (n < NUM_NID))
{
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
{
OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
return(NULL);
}
return(nid_objs[n].ln);
}
else if (added == NULL)
return(NULL);
else
{
ad.type=ADDED_NID;
ad.obj= &ob;
ob.nid=n;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL)
return(adp->obj->ln);
else
{
OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
return(NULL);
}
}
}
int OBJ_obj2nid(ASN1_OBJECT *a)
{
ASN1_OBJECT **op;
ADDED_OBJ ad,*adp;
if (a == NULL)
return(NID_undef);
if (a->nid != 0)
return(a->nid);
if (added != NULL)
{
ad.type=ADDED_DATA;
ad.obj=a;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL) return (adp->obj->nid);
}
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
sizeof(ASN1_OBJECT *),(int (*)())obj_cmp);
if (op == NULL)
return(NID_undef);
return((*op)->nid);
}
/* Convert an object name into an ASN1_OBJECT
* if "noname" is not set then search for short and long names first.
* This will convert the "dotted" form into an object: unlike OBJ_txt2nid
* it can be used with any objects, not just registered ones.
*/
ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
{
int nid = NID_undef;
ASN1_OBJECT *op=NULL;
unsigned char *buf,*p;
int i, j;
if(!no_name) {
if( ((nid = OBJ_sn2nid(s)) != NID_undef) ||
((nid = OBJ_ln2nid(s)) != NID_undef) )
return OBJ_nid2obj(nid);
}
/* Work out size of content octets */
i=a2d_ASN1_OBJECT(NULL,0,s,-1);
if (i <= 0) {
/* Clear the error */
ERR_get_error();
return NULL;
}
/* Work out total size */
j = ASN1_object_size(0,i,V_ASN1_OBJECT);
if((buf=(unsigned char *)Malloc(j)) == NULL) return NULL;
p = buf;
/* Write out tag+length */
ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
/* Write out contents */
a2d_ASN1_OBJECT(p,i,s,-1);
p=buf;
op=d2i_ASN1_OBJECT(NULL,&p,i);
Free(buf);
return op;
}
int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name)
{
int i,idx=0,n=0,len,nid;
unsigned long l;
unsigned char *p;
const char *s;
char tbuf[32];
if (buf_len <= 0) return(0);
if ((a == NULL) || (a->data == NULL)) {
buf[0]='\0';
return(0);
}
nid=OBJ_obj2nid(a);
if ((nid == NID_undef) || no_name) {
len=a->length;
p=a->data;
idx=0;
l=0;
while (idx < a->length) {
l|=(p[idx]&0x7f);
if (!(p[idx] & 0x80)) break;
l<<=7L;
idx++;
}
idx++;
i=(int)(l/40);
if (i > 2) i=2;
l-=(long)(i*40);
sprintf(tbuf,"%d.%lu",i,l);
i=strlen(tbuf);
strncpy(buf,tbuf,buf_len);
buf_len-=i;
buf+=i;
n+=i;
l=0;
for (; idx<len; idx++) {
l|=p[idx]&0x7f;
if (!(p[idx] & 0x80)) {
sprintf(tbuf,".%lu",l);
i=strlen(tbuf);
if (buf_len > 0)
strncpy(buf,tbuf,buf_len);
buf_len-=i;
buf+=i;
n+=i;
l=0;
}
l<<=7L;
}
} else {
s=OBJ_nid2ln(nid);
if (s == NULL)
s=OBJ_nid2sn(nid);
strncpy(buf,s,buf_len);
n=strlen(s);
}
buf[buf_len-1]='\0';
return(n);
}
int OBJ_txt2nid(char *s)
{
ASN1_OBJECT *obj;
int nid;
obj = OBJ_txt2obj(s, 0);
nid = OBJ_obj2nid(obj);
ASN1_OBJECT_free(obj);
return nid;
}
int OBJ_ln2nid(const char *s)
{
ASN1_OBJECT o,*oo= &o,**op;
ADDED_OBJ ad,*adp;
o.ln=s;
if (added != NULL)
{
ad.type=ADDED_LNAME;
ad.obj= &o;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL) return (adp->obj->nid);
}
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
sizeof(ASN1_OBJECT *),(int (*)())ln_cmp);
if (op == NULL) return(NID_undef);
return((*op)->nid);
}
int OBJ_sn2nid(const char *s)
{
ASN1_OBJECT o,*oo= &o,**op;
ADDED_OBJ ad,*adp;
o.sn=s;
if (added != NULL)
{
ad.type=ADDED_SNAME;
ad.obj= &o;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL) return (adp->obj->nid);
}
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
sizeof(ASN1_OBJECT *),(int (*)())sn_cmp);
if (op == NULL) return(NID_undef);
return((*op)->nid);
}
static int obj_cmp(ASN1_OBJECT **ap, ASN1_OBJECT **bp)
{
int j;
ASN1_OBJECT *a= *ap;
ASN1_OBJECT *b= *bp;
j=(a->length - b->length);
if (j) return(j);
return(memcmp(a->data,b->data,a->length));
}
char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)())
{
int l,h,i,c;
char *p;
if (num == 0) return(NULL);
l=0;
h=num;
while (l < h)
{
i=(l+h)/2;
p= &(base[i*size]);
c=(*cmp)(key,p);
if (c < 0)
h=i;
else if (c > 0)
l=i+1;
else
return(p);
}
#ifdef CHARSET_EBCDIC
/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and
* I don't have perl (yet), we revert to a *LINEAR* search
* when the object wasn't found in the binary search.
*/
for (i=0; i<num; ++i) {
p= &(base[i*size]);
if ((*cmp)(key,p) == 0)
return p;
}
#endif
return(NULL);
}
#if 0
int OBJ_create_objects(BIO *in)
{
MS_STATIC char buf[512];
int i,num=0;
char *o,*s,*l=NULL;
for (;;)
{
s=o=NULL;
i=BIO_gets(in,buf,512);
if (i <= 0) return(num);
buf[i-1]='\0';
if (!isalnum((unsigned char)buf[0])) return(num);
o=s=buf;
while (isdigit((unsigned char)*s) || (*s == '.'))
s++;
if (*s != '\0')
{
*(s++)='\0';
while (isspace((unsigned char)*s))
s++;
if (*s == '\0')
s=NULL;
else
{
l=s;
while ((*l != '\0') && !isspace((unsigned char)*l))
l++;
if (*l != '\0')
{
*(l++)='\0';
while (isspace((unsigned char)*l))
l++;
if (*l == '\0') l=NULL;
}
else
l=NULL;
}
}
else
s=NULL;
if ((o == NULL) || (*o == '\0')) return(num);
if (!OBJ_create(o,s,l)) return(num);
num++;
}
/* return(num); */
}
#endif
int OBJ_create(char *oid, char *sn, char *ln)
{
int ok=0;
ASN1_OBJECT *op=NULL;
unsigned char *buf;
int i;
i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
if (i <= 0) return(0);
if ((buf=(unsigned char *)Malloc(i)) == NULL)
{
OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
return(0);
}
i=a2d_ASN1_OBJECT(buf,i,oid,-1);
op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
if (op == NULL)
goto err;
ok=OBJ_add_object(op);
err:
ASN1_OBJECT_free(op);
Free(buf);
return(ok);
}

956
lib/dns/sec/openssl/obj_dat.h Normal file
View file

@ -0,0 +1,956 @@
/* lib/obj/obj_dat.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
* following command:
* perl obj_dat.pl objects.h obj_dat.h
*/
#define NUM_NID 181
#define NUM_SN 141
#define NUM_LN 175
#define NUM_OBJ 154
static unsigned char lvalues[1085]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 14] OBJ_md2 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 22] OBJ_md5 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 30] OBJ_rc4 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 38] OBJ_rsaEncryption */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 47] OBJ_md2WithRSAEncryption */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 56] OBJ_md5WithRSAEncryption */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 65] OBJ_pbeWithMD2AndDES_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 74] OBJ_pbeWithMD5AndDES_CBC */
0x55, /* [ 83] OBJ_X500 */
0x55,0x04, /* [ 84] OBJ_X509 */
0x55,0x04,0x03, /* [ 86] OBJ_commonName */
0x55,0x04,0x06, /* [ 89] OBJ_countryName */
0x55,0x04,0x07, /* [ 92] OBJ_localityName */
0x55,0x04,0x08, /* [ 95] OBJ_stateOrProvinceName */
0x55,0x04,0x0A, /* [ 98] OBJ_organizationName */
0x55,0x04,0x0B, /* [101] OBJ_organizationalUnitName */
0x55,0x08,0x01,0x01, /* [104] OBJ_rsa */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [108] OBJ_pkcs7 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [116] OBJ_pkcs7_data */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [125] OBJ_pkcs7_signed */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [134] OBJ_pkcs7_enveloped */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [143] OBJ_pkcs7_signedAndEnveloped */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [152] OBJ_pkcs7_digest */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [161] OBJ_pkcs7_encrypted */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [170] OBJ_pkcs3 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [178] OBJ_dhKeyAgreement */
0x2B,0x0E,0x03,0x02,0x06, /* [187] OBJ_des_ecb */
0x2B,0x0E,0x03,0x02,0x09, /* [192] OBJ_des_cfb64 */
0x2B,0x0E,0x03,0x02,0x07, /* [197] OBJ_des_cbc */
0x2B,0x0E,0x03,0x02,0x11, /* [202] OBJ_des_ede */
0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [218] OBJ_rc2_cbc */
0x2B,0x0E,0x03,0x02,0x12, /* [226] OBJ_sha */
0x2B,0x0E,0x03,0x02,0x0F, /* [231] OBJ_shaWithRSAEncryption */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [236] OBJ_des_ede3_cbc */
0x2B,0x0E,0x03,0x02,0x08, /* [244] OBJ_des_ofb64 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [249] OBJ_pkcs9 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [257] OBJ_pkcs9_emailAddress */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [266] OBJ_pkcs9_unstructuredName */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [275] OBJ_pkcs9_contentType */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [284] OBJ_pkcs9_messageDigest */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [293] OBJ_pkcs9_signingTime */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [302] OBJ_pkcs9_countersignature */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [311] OBJ_pkcs9_challengePassword */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [320] OBJ_pkcs9_unstructuredAddress */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [329] OBJ_pkcs9_extCertAttributes */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [338] OBJ_netscape */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [345] OBJ_netscape_cert_extension */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [353] OBJ_netscape_data_type */
0x2B,0x0E,0x03,0x02,0x1A, /* [361] OBJ_sha1 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [366] OBJ_sha1WithRSAEncryption */
0x2B,0x0E,0x03,0x02,0x0D, /* [375] OBJ_dsaWithSHA */
0x2B,0x0E,0x03,0x02,0x0C, /* [380] OBJ_dsa_2 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [385] OBJ_pbeWithSHA1AndRC2_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [394] OBJ_id_pbkdf2 */
0x2B,0x0E,0x03,0x02,0x1B, /* [403] OBJ_dsaWithSHA1_2 */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [408] OBJ_netscape_cert_type */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [417] OBJ_netscape_base_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [426] OBJ_netscape_revocation_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [435] OBJ_netscape_ca_revocation_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [444] OBJ_netscape_renewal_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [453] OBJ_netscape_ca_policy_url */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [462] OBJ_netscape_ssl_server_name */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [471] OBJ_netscape_comment */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [480] OBJ_netscape_cert_sequence */
0x55,0x1D, /* [489] OBJ_ld_ce */
0x55,0x1D,0x0E, /* [491] OBJ_subject_key_identifier */
0x55,0x1D,0x0F, /* [494] OBJ_key_usage */
0x55,0x1D,0x10, /* [497] OBJ_private_key_usage_period */
0x55,0x1D,0x11, /* [500] OBJ_subject_alt_name */
0x55,0x1D,0x12, /* [503] OBJ_issuer_alt_name */
0x55,0x1D,0x13, /* [506] OBJ_basic_constraints */
0x55,0x1D,0x14, /* [509] OBJ_crl_number */
0x55,0x1D,0x20, /* [512] OBJ_certificate_policies */
0x55,0x1D,0x23, /* [515] OBJ_authority_key_identifier */
0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [518] OBJ_bf_cbc */
0x55,0x08,0x03,0x65, /* [527] OBJ_mdc2 */
0x55,0x08,0x03,0x64, /* [531] OBJ_mdc2WithRSA */
0x55,0x04,0x2A, /* [535] OBJ_givenName */
0x55,0x04,0x04, /* [538] OBJ_surname */
0x55,0x04,0x2B, /* [541] OBJ_initials */
0x55,0x04,0x2D, /* [544] OBJ_uniqueIdentifier */
0x55,0x1D,0x1F, /* [547] OBJ_crl_distribution_points */
0x2B,0x0E,0x03,0x02,0x03, /* [550] OBJ_md5WithRSA */
0x55,0x04,0x05, /* [555] OBJ_serialNumber */
0x55,0x04,0x0C, /* [558] OBJ_title */
0x55,0x04,0x0D, /* [561] OBJ_description */
0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [564] OBJ_cast5_cbc */
0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [573] OBJ_pbeWithMD5AndCast5_CBC */
0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [582] OBJ_dsaWithSHA1 */
0x2B,0x0E,0x03,0x02,0x1D, /* [589] OBJ_sha1WithRSA */
0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [594] OBJ_dsa */
0x2B,0x24,0x03,0x02,0x01, /* [601] OBJ_ripemd160 */
0x2B,0x24,0x03,0x03,0x01,0x02, /* [606] OBJ_ripemd160WithRSA */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [612] OBJ_rc5_cbc */
0x29,0x01,0x01,0x85,0x1A,0x01, /* [620] OBJ_rle_compression */
0x29,0x01,0x01,0x85,0x1A,0x02, /* [626] OBJ_zlib_compression */
0x55,0x1D,0x25, /* [632] OBJ_ext_key_usage */
0x2B,0x06,0x01,0x05,0x05,0x07, /* [635] OBJ_id_pkix */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03, /* [641] OBJ_id_kp */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01, /* [648] OBJ_server_auth */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02, /* [656] OBJ_client_auth */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [664] OBJ_code_sign */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [672] OBJ_email_protect */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [680] OBJ_time_stamp */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [688] OBJ_ms_code_ind */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [698] OBJ_ms_code_com */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [708] OBJ_ms_ctl_sign */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [718] OBJ_ms_sgc */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [728] OBJ_ms_efs */
0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [738] OBJ_ns_sgc */
0x55,0x1D,0x1B, /* [747] OBJ_delta_crl */
0x55,0x1D,0x15, /* [750] OBJ_crl_reason */
0x55,0x1D,0x18, /* [753] OBJ_invalidity_date */
0x2B,0x65,0x01,0x04,0x01, /* [756] OBJ_sxnet */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [761] OBJ_pbe_WithSHA1And128BitRC4 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [771] OBJ_pbe_WithSHA1And40BitRC4 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [781] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [791] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [801] OBJ_pbe_WithSHA1And128BitRC2_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [811] OBJ_pbe_WithSHA1And40BitRC2_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [821] OBJ_keyBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [832] OBJ_pkcs8ShroudedKeyBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [843] OBJ_certBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [854] OBJ_crlBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [865] OBJ_secretBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [876] OBJ_safeContentsBag */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [887] OBJ_friendlyName */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [896] OBJ_localKeyID */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [905] OBJ_x509Certificate */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [915] OBJ_sdsiCertificate */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [925] OBJ_x509Crl */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [935] OBJ_pbes2 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [944] OBJ_pbmac1 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [953] OBJ_hmacWithSHA1 */
0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [961] OBJ_id_qt_cps */
0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [969] OBJ_id_qt_unotice */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [977] OBJ_SMIMECapabilities */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [986] OBJ_pbeWithMD2AndRC2_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [995] OBJ_pbeWithMD5AndRC2_CBC */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1004] OBJ_pbeWithSHA1AndDES_CBC */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1013] OBJ_ms_ext_req */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1023] OBJ_ext_req */
0x55,0x04,0x29, /* [1032] OBJ_name */
0x55,0x04,0x2E, /* [1035] OBJ_dnQualifier */
0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1038] OBJ_id_pe */
0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1045] OBJ_id_ad */
0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1052] OBJ_info_access */
0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1060] OBJ_ad_OCSP */
0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1068] OBJ_ad_ca_issuers */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [1076] OBJ_OCSP_sign */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
{"UNDEF","undefined",NID_undef,1,&(lvalues[0]),0},
{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[1]),0},
{"pkcs","pkcs",NID_pkcs,7,&(lvalues[7]),0},
{"MD2","md2",NID_md2,8,&(lvalues[14]),0},
{"MD5","md5",NID_md5,8,&(lvalues[22]),0},
{"RC4","rc4",NID_rc4,8,&(lvalues[30]),0},
{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[38]),0},
{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
&(lvalues[47]),0},
{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
&(lvalues[56]),0},
{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
&(lvalues[65]),0},
{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
&(lvalues[74]),0},
{"X500","X500",NID_X500,1,&(lvalues[83]),0},
{"X509","X509",NID_X509,2,&(lvalues[84]),0},
{"CN","commonName",NID_commonName,3,&(lvalues[86]),0},
{"C","countryName",NID_countryName,3,&(lvalues[89]),0},
{"L","localityName",NID_localityName,3,&(lvalues[92]),0},
{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[95]),0},
{"O","organizationName",NID_organizationName,3,&(lvalues[98]),0},
{"OU","organizationalUnitName",NID_organizationalUnitName,3,
&(lvalues[101]),0},
{"RSA","rsa",NID_rsa,4,&(lvalues[104]),0},
{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[108]),0},
{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[116]),0},
{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
&(lvalues[125]),0},
{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
&(lvalues[134]),0},
{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
NID_pkcs7_signedAndEnveloped,9,&(lvalues[143]),0},
{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
&(lvalues[152]),0},
{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
&(lvalues[161]),0},
{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[170]),0},
{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
&(lvalues[178]),0},
{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[202]),0},
{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[218]),0},
{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
{"SHA","sha",NID_sha,5,&(lvalues[226]),0},
{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
&(lvalues[231]),0},
{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[236]),0},
{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[244]),0},
{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[249]),0},
{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[257]),0},
{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
&(lvalues[266]),0},
{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[275]),0},
{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
&(lvalues[284]),0},
{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[293]),0},
{"countersignature","countersignature",NID_pkcs9_countersignature,9,
&(lvalues[302]),0},
{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
9,&(lvalues[311]),0},
{"unstructuredAddress","unstructuredAddress",
NID_pkcs9_unstructuredAddress,9,&(lvalues[320]),0},
{"extendedCertificateAttributes","extendedCertificateAttributes",
NID_pkcs9_extCertAttributes,9,&(lvalues[329]),0},
{"Netscape","Netscape Communications Corp.",NID_netscape,7,
&(lvalues[338]),0},
{"nsCertExt","Netscape Certificate Extension",
NID_netscape_cert_extension,8,&(lvalues[345]),0},
{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
&(lvalues[353]),0},
{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
{"SHA1","sha1",NID_sha1,5,&(lvalues[361]),0},
{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
&(lvalues[366]),0},
{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[375]),0},
{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[380]),0},
{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
9,&(lvalues[385]),0},
{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[394]),0},
{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[403]),0},
{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
&(lvalues[408]),0},
{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
&(lvalues[417]),0},
{"nsRevocationUrl","Netscape Revocation Url",
NID_netscape_revocation_url,9,&(lvalues[426]),0},
{"nsCaRevocationUrl","Netscape CA Revocation Url",
NID_netscape_ca_revocation_url,9,&(lvalues[435]),0},
{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
&(lvalues[444]),0},
{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
9,&(lvalues[453]),0},
{"nsSslServerName","Netscape SSL Server Name",
NID_netscape_ssl_server_name,9,&(lvalues[462]),0},
{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[471]),0},
{"nsCertSequence","Netscape Certificate Sequence",
NID_netscape_cert_sequence,9,&(lvalues[480]),0},
{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[489]),0},
{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
NID_subject_key_identifier,3,&(lvalues[491]),0},
{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[494]),0},
{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
NID_private_key_usage_period,3,&(lvalues[497]),0},
{"subjectAltName","X509v3 Subject Alternative Name",
NID_subject_alt_name,3,&(lvalues[500]),0},
{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
3,&(lvalues[503]),0},
{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
3,&(lvalues[506]),0},
{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[509]),0},
{"certificatePolicies","X509v3 Certificate Policies",
NID_certificate_policies,3,&(lvalues[512]),0},
{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
NID_authority_key_identifier,3,&(lvalues[515]),0},
{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[518]),0},
{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
{"MDC2","mdc2",NID_mdc2,4,&(lvalues[527]),0},
{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
{"G","givenName",NID_givenName,3,&(lvalues[535]),0},
{"S","surname",NID_surname,3,&(lvalues[538]),0},
{"I","initials",NID_initials,3,&(lvalues[541]),0},
{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[544]),0},
{"crlDistributionPoints","X509v3 CRL Distribution Points",
NID_crl_distribution_points,3,&(lvalues[547]),0},
{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[550]),0},
{"SN","serialNumber",NID_serialNumber,3,&(lvalues[555]),0},
{"T","title",NID_title,3,&(lvalues[558]),0},
{"D","description",NID_description,3,&(lvalues[561]),0},
{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[564]),0},
{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[573]),0},
{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[582]),0},
{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[589]),0},
{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[594]),0},
{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[601]),0},
{NULL,NULL,NID_undef,0,NULL},
{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
&(lvalues[606]),0},
{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[612]),0},
{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
{"RLE","run length compression",NID_rle_compression,6,&(lvalues[620]),0},
{"ZLIB","zlib compression",NID_zlib_compression,6,&(lvalues[626]),0},
{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
&(lvalues[632]),0},
{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[635]),0},
{"id-kp","id-kp",NID_id_kp,7,&(lvalues[641]),0},
{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
&(lvalues[648]),0},
{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
&(lvalues[656]),0},
{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[664]),0},
{"emailProtection","E-mail Protection",NID_email_protect,8,
&(lvalues[672]),0},
{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[680]),0},
{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
&(lvalues[688]),0},
{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
&(lvalues[698]),0},
{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
&(lvalues[708]),0},
{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[718]),0},
{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
&(lvalues[728]),0},
{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[738]),0},
{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
&(lvalues[747]),0},
{"CRLReason","CRL Reason Code",NID_crl_reason,3,&(lvalues[750]),0},
{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
&(lvalues[753]),0},
{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[756]),0},
{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[761]),0},
{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[771]),0},
{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[781]),0},
{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[791]),0},
{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[801]),0},
{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[811]),0},
{"keyBag","keyBag",NID_keyBag,11,&(lvalues[821]),0},
{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
11,&(lvalues[832]),0},
{"certBag","certBag",NID_certBag,11,&(lvalues[843]),0},
{"crlBag","crlBag",NID_crlBag,11,&(lvalues[854]),0},
{"secretBag","secretBag",NID_secretBag,11,&(lvalues[865]),0},
{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
&(lvalues[876]),0},
{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[887]),0},
{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[896]),0},
{"x509Certificate","x509Certificate",NID_x509Certificate,10,
&(lvalues[905]),0},
{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
&(lvalues[915]),0},
{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[925]),0},
{"PBES2","PBES2",NID_pbes2,9,&(lvalues[935]),0},
{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[944]),0},
{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[953]),0},
{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[961]),0},
{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
&(lvalues[969]),0},
{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL},
{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
&(lvalues[977]),0},
{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
&(lvalues[986]),0},
{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
&(lvalues[995]),0},
{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
&(lvalues[1004]),0},
{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
&(lvalues[1013]),0},
{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1023]),0},
{"name","name",NID_name,3,&(lvalues[1032]),0},
{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1035]),0},
{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1038]),0},
{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1045]),0},
{"authorityInfoAccess","Authority Information Access",NID_info_access,
8,&(lvalues[1052]),0},
{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1060]),0},
{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1068]),0},
{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1076]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[91]),/* "BF-CBC" */
&(nid_objs[93]),/* "BF-CFB" */
&(nid_objs[92]),/* "BF-ECB" */
&(nid_objs[94]),/* "BF-OFB" */
&(nid_objs[14]),/* "C" */
&(nid_objs[108]),/* "CAST5-CBC" */
&(nid_objs[110]),/* "CAST5-CFB" */
&(nid_objs[109]),/* "CAST5-ECB" */
&(nid_objs[111]),/* "CAST5-OFB" */
&(nid_objs[13]),/* "CN" */
&(nid_objs[141]),/* "CRLReason" */
&(nid_objs[107]),/* "D" */
&(nid_objs[31]),/* "DES-CBC" */
&(nid_objs[30]),/* "DES-CFB" */
&(nid_objs[29]),/* "DES-ECB" */
&(nid_objs[32]),/* "DES-EDE" */
&(nid_objs[43]),/* "DES-EDE-CBC" */
&(nid_objs[60]),/* "DES-EDE-CFB" */
&(nid_objs[62]),/* "DES-EDE-OFB" */
&(nid_objs[33]),/* "DES-EDE3" */
&(nid_objs[44]),/* "DES-EDE3-CBC" */
&(nid_objs[61]),/* "DES-EDE3-CFB" */
&(nid_objs[63]),/* "DES-EDE3-OFB" */
&(nid_objs[45]),/* "DES-OFB" */
&(nid_objs[80]),/* "DESX-CBC" */
&(nid_objs[116]),/* "DSA" */
&(nid_objs[66]),/* "DSA-SHA" */
&(nid_objs[113]),/* "DSA-SHA1" */
&(nid_objs[70]),/* "DSA-SHA1-old" */
&(nid_objs[67]),/* "DSA-old" */
&(nid_objs[48]),/* "Email" */
&(nid_objs[99]),/* "G" */
&(nid_objs[101]),/* "I" */
&(nid_objs[34]),/* "IDEA-CBC" */
&(nid_objs[35]),/* "IDEA-CFB" */
&(nid_objs[36]),/* "IDEA-ECB" */
&(nid_objs[46]),/* "IDEA-OFB" */
&(nid_objs[15]),/* "L" */
&(nid_objs[ 3]),/* "MD2" */
&(nid_objs[ 4]),/* "MD5" */
&(nid_objs[114]),/* "MD5-SHA1" */
&(nid_objs[95]),/* "MDC2" */
&(nid_objs[57]),/* "Netscape" */
&(nid_objs[17]),/* "O" */
&(nid_objs[178]),/* "OCSP" */
&(nid_objs[180]),/* "OCSPSigning" */
&(nid_objs[18]),/* "OU" */
&(nid_objs[ 9]),/* "PBE-MD2-DES" */
&(nid_objs[168]),/* "PBE-MD2-RC2-64" */
&(nid_objs[10]),/* "PBE-MD5-DES" */
&(nid_objs[169]),/* "PBE-MD5-RC2-64" */
&(nid_objs[147]),/* "PBE-SHA1-2DES" */
&(nid_objs[146]),/* "PBE-SHA1-3DES" */
&(nid_objs[170]),/* "PBE-SHA1-DES" */
&(nid_objs[148]),/* "PBE-SHA1-RC2-128" */
&(nid_objs[149]),/* "PBE-SHA1-RC2-40" */
&(nid_objs[68]),/* "PBE-SHA1-RC2-64" */
&(nid_objs[144]),/* "PBE-SHA1-RC4-128" */
&(nid_objs[145]),/* "PBE-SHA1-RC4-40" */
&(nid_objs[127]),/* "PKIX" */
&(nid_objs[98]),/* "RC2-40-CBC" */
&(nid_objs[166]),/* "RC2-64-CBC" */
&(nid_objs[37]),/* "RC2-CBC" */
&(nid_objs[39]),/* "RC2-CFB" */
&(nid_objs[38]),/* "RC2-ECB" */
&(nid_objs[40]),/* "RC2-OFB" */
&(nid_objs[ 5]),/* "RC4" */
&(nid_objs[97]),/* "RC4-40" */
&(nid_objs[120]),/* "RC5-CBC" */
&(nid_objs[122]),/* "RC5-CFB" */
&(nid_objs[121]),/* "RC5-ECB" */
&(nid_objs[123]),/* "RC5-OFB" */
&(nid_objs[117]),/* "RIPEMD160" */
&(nid_objs[124]),/* "RLE" */
&(nid_objs[19]),/* "RSA" */
&(nid_objs[ 7]),/* "RSA-MD2" */
&(nid_objs[ 8]),/* "RSA-MD5" */
&(nid_objs[96]),/* "RSA-MDC2" */
&(nid_objs[104]),/* "RSA-NP-MD5" */
&(nid_objs[119]),/* "RSA-RIPEMD160" */
&(nid_objs[42]),/* "RSA-SHA" */
&(nid_objs[65]),/* "RSA-SHA1" */
&(nid_objs[115]),/* "RSA-SHA1-2" */
&(nid_objs[100]),/* "S" */
&(nid_objs[41]),/* "SHA" */
&(nid_objs[64]),/* "SHA1" */
&(nid_objs[167]),/* "SMIME-CAPS" */
&(nid_objs[105]),/* "SN" */
&(nid_objs[16]),/* "ST" */
&(nid_objs[143]),/* "SXNetID" */
&(nid_objs[106]),/* "T" */
&(nid_objs[102]),/* "UID" */
&(nid_objs[ 0]),/* "UNDEF" */
&(nid_objs[125]),/* "ZLIB" */
&(nid_objs[177]),/* "authorityInfoAccess" */
&(nid_objs[90]),/* "authorityKeyIdentifier" */
&(nid_objs[87]),/* "basicConstraints" */
&(nid_objs[179]),/* "caIssuers" */
&(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[130]),/* "clientAuth" */
&(nid_objs[131]),/* "codeSigning" */
&(nid_objs[103]),/* "crlDistributionPoints" */
&(nid_objs[88]),/* "crlNumber" */
&(nid_objs[140]),/* "deltaCRL" */
&(nid_objs[174]),/* "dnQualifier" */
&(nid_objs[132]),/* "emailProtection" */
&(nid_objs[172]),/* "extReq" */
&(nid_objs[126]),/* "extendedKeyUsage" */
&(nid_objs[176]),/* "id-ad" */
&(nid_objs[128]),/* "id-kp" */
&(nid_objs[175]),/* "id-pe" */
&(nid_objs[164]),/* "id-qt-cps" */
&(nid_objs[165]),/* "id-qt-unotice" */
&(nid_objs[142]),/* "invalidityDate" */
&(nid_objs[86]),/* "issuerAltName" */
&(nid_objs[83]),/* "keyUsage" */
&(nid_objs[81]),/* "ld-ce" */
&(nid_objs[136]),/* "msCTLSign" */
&(nid_objs[135]),/* "msCodeCom" */
&(nid_objs[134]),/* "msCodeInd" */
&(nid_objs[138]),/* "msEFS" */
&(nid_objs[171]),/* "msExtReq" */
&(nid_objs[137]),/* "msSGC" */
&(nid_objs[173]),/* "name" */
&(nid_objs[72]),/* "nsBaseUrl" */
&(nid_objs[76]),/* "nsCaPolicyUrl" */
&(nid_objs[74]),/* "nsCaRevocationUrl" */
&(nid_objs[58]),/* "nsCertExt" */
&(nid_objs[79]),/* "nsCertSequence" */
&(nid_objs[71]),/* "nsCertType" */
&(nid_objs[78]),/* "nsComment" */
&(nid_objs[59]),/* "nsDataType" */
&(nid_objs[75]),/* "nsRenewalUrl" */
&(nid_objs[73]),/* "nsRevocationUrl" */
&(nid_objs[139]),/* "nsSGC" */
&(nid_objs[77]),/* "nsSslServerName" */
&(nid_objs[84]),/* "privateKeyUsagePeriod" */
&(nid_objs[129]),/* "serverAuth" */
&(nid_objs[85]),/* "subjectAltName" */
&(nid_objs[82]),/* "subjectKeyIdentifier" */
&(nid_objs[133]),/* "timeStamping" */
};
static ASN1_OBJECT *ln_objs[NUM_LN]={
&(nid_objs[177]),/* "Authority Information Access" */
&(nid_objs[179]),/* "CA Issuers" */
&(nid_objs[141]),/* "CRL Reason Code" */
&(nid_objs[131]),/* "Code Signing" */
&(nid_objs[132]),/* "E-mail Protection" */
&(nid_objs[172]),/* "Extension Request" */
&(nid_objs[142]),/* "Invalidity Date" */
&(nid_objs[135]),/* "Microsoft Commercial Code Signing" */
&(nid_objs[138]),/* "Microsoft Encrypted File System" */
&(nid_objs[171]),/* "Microsoft Extension Request" */
&(nid_objs[134]),/* "Microsoft Individual Code Signing" */
&(nid_objs[137]),/* "Microsoft Server Gated Crypto" */
&(nid_objs[136]),/* "Microsoft Trust List Signing" */
&(nid_objs[72]),/* "Netscape Base Url" */
&(nid_objs[76]),/* "Netscape CA Policy Url" */
&(nid_objs[74]),/* "Netscape CA Revocation Url" */
&(nid_objs[71]),/* "Netscape Cert Type" */
&(nid_objs[58]),/* "Netscape Certificate Extension" */
&(nid_objs[79]),/* "Netscape Certificate Sequence" */
&(nid_objs[78]),/* "Netscape Comment" */
&(nid_objs[57]),/* "Netscape Communications Corp." */
&(nid_objs[59]),/* "Netscape Data Type" */
&(nid_objs[75]),/* "Netscape Renewal Url" */
&(nid_objs[73]),/* "Netscape Revocation Url" */
&(nid_objs[77]),/* "Netscape SSL Server Name" */
&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
&(nid_objs[180]),/* "OCSP Signing" */
&(nid_objs[178]),/* "OCSP" */
&(nid_objs[161]),/* "PBES2" */
&(nid_objs[69]),/* "PBKDF2" */
&(nid_objs[162]),/* "PBMAC1" */
&(nid_objs[164]),/* "Policy Qualifier CPS" */
&(nid_objs[165]),/* "Policy Qualifier User Notice" */
&(nid_objs[167]),/* "S/MIME Capabilities" */
&(nid_objs[143]),/* "Strong Extranet ID" */
&(nid_objs[130]),/* "TLS Web Client Authentication" */
&(nid_objs[129]),/* "TLS Web Server Authentication" */
&(nid_objs[133]),/* "Time Stamping" */
&(nid_objs[11]),/* "X500" */
&(nid_objs[12]),/* "X509" */
&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
&(nid_objs[87]),/* "X509v3 Basic Constraints" */
&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
&(nid_objs[88]),/* "X509v3 CRL Number" */
&(nid_objs[89]),/* "X509v3 Certificate Policies" */
&(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
&(nid_objs[83]),/* "X509v3 Key Usage" */
&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
&(nid_objs[91]),/* "bf-cbc" */
&(nid_objs[93]),/* "bf-cfb" */
&(nid_objs[92]),/* "bf-ecb" */
&(nid_objs[94]),/* "bf-ofb" */
&(nid_objs[108]),/* "cast5-cbc" */
&(nid_objs[110]),/* "cast5-cfb" */
&(nid_objs[109]),/* "cast5-ecb" */
&(nid_objs[111]),/* "cast5-ofb" */
&(nid_objs[152]),/* "certBag" */
&(nid_objs[54]),/* "challengePassword" */
&(nid_objs[13]),/* "commonName" */
&(nid_objs[50]),/* "contentType" */
&(nid_objs[53]),/* "countersignature" */
&(nid_objs[14]),/* "countryName" */
&(nid_objs[153]),/* "crlBag" */
&(nid_objs[31]),/* "des-cbc" */
&(nid_objs[30]),/* "des-cfb" */
&(nid_objs[29]),/* "des-ecb" */
&(nid_objs[32]),/* "des-ede" */
&(nid_objs[43]),/* "des-ede-cbc" */
&(nid_objs[60]),/* "des-ede-cfb" */
&(nid_objs[62]),/* "des-ede-ofb" */
&(nid_objs[33]),/* "des-ede3" */
&(nid_objs[44]),/* "des-ede3-cbc" */
&(nid_objs[61]),/* "des-ede3-cfb" */
&(nid_objs[63]),/* "des-ede3-ofb" */
&(nid_objs[45]),/* "des-ofb" */
&(nid_objs[107]),/* "description" */
&(nid_objs[80]),/* "desx-cbc" */
&(nid_objs[28]),/* "dhKeyAgreement" */
&(nid_objs[174]),/* "dnQualifier" */
&(nid_objs[116]),/* "dsaEncryption" */
&(nid_objs[67]),/* "dsaEncryption-old" */
&(nid_objs[66]),/* "dsaWithSHA" */
&(nid_objs[113]),/* "dsaWithSHA1" */
&(nid_objs[70]),/* "dsaWithSHA1-old" */
&(nid_objs[48]),/* "emailAddress" */
&(nid_objs[56]),/* "extendedCertificateAttributes" */
&(nid_objs[156]),/* "friendlyName" */
&(nid_objs[99]),/* "givenName" */
&(nid_objs[163]),/* "hmacWithSHA1" */
&(nid_objs[34]),/* "idea-cbc" */
&(nid_objs[35]),/* "idea-cfb" */
&(nid_objs[36]),/* "idea-ecb" */
&(nid_objs[46]),/* "idea-ofb" */
&(nid_objs[101]),/* "initials" */
&(nid_objs[150]),/* "keyBag" */
&(nid_objs[157]),/* "localKeyID" */
&(nid_objs[15]),/* "localityName" */
&(nid_objs[ 3]),/* "md2" */
&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
&(nid_objs[ 4]),/* "md5" */
&(nid_objs[114]),/* "md5-sha1" */
&(nid_objs[104]),/* "md5WithRSA" */
&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
&(nid_objs[95]),/* "mdc2" */
&(nid_objs[96]),/* "mdc2withRSA" */
&(nid_objs[51]),/* "messageDigest" */
&(nid_objs[173]),/* "name" */
&(nid_objs[17]),/* "organizationName" */
&(nid_objs[18]),/* "organizationalUnitName" */
&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
&(nid_objs[168]),/* "pbeWithMD2AndRC2-CBC" */
&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
&(nid_objs[169]),/* "pbeWithMD5AndRC2-CBC" */
&(nid_objs[148]),/* "pbeWithSHA1And128BitRC2-CBC" */
&(nid_objs[144]),/* "pbeWithSHA1And128BitRC4" */
&(nid_objs[147]),/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
&(nid_objs[146]),/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
&(nid_objs[149]),/* "pbeWithSHA1And40BitRC2-CBC" */
&(nid_objs[145]),/* "pbeWithSHA1And40BitRC4" */
&(nid_objs[170]),/* "pbeWithSHA1AndDES-CBC" */
&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
&(nid_objs[ 2]),/* "pkcs" */
&(nid_objs[27]),/* "pkcs3" */
&(nid_objs[20]),/* "pkcs7" */
&(nid_objs[21]),/* "pkcs7-data" */
&(nid_objs[25]),/* "pkcs7-digestData" */
&(nid_objs[26]),/* "pkcs7-encryptedData" */
&(nid_objs[23]),/* "pkcs7-envelopedData" */
&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
&(nid_objs[22]),/* "pkcs7-signedData" */
&(nid_objs[151]),/* "pkcs8ShroudedKeyBag" */
&(nid_objs[47]),/* "pkcs9" */
&(nid_objs[98]),/* "rc2-40-cbc" */
&(nid_objs[166]),/* "rc2-64-cbc" */
&(nid_objs[37]),/* "rc2-cbc" */
&(nid_objs[39]),/* "rc2-cfb" */
&(nid_objs[38]),/* "rc2-ecb" */
&(nid_objs[40]),/* "rc2-ofb" */
&(nid_objs[ 5]),/* "rc4" */
&(nid_objs[97]),/* "rc4-40" */
&(nid_objs[120]),/* "rc5-cbc" */
&(nid_objs[122]),/* "rc5-cfb" */
&(nid_objs[121]),/* "rc5-ecb" */
&(nid_objs[123]),/* "rc5-ofb" */
&(nid_objs[117]),/* "ripemd160" */
&(nid_objs[119]),/* "ripemd160WithRSA" */
&(nid_objs[19]),/* "rsa" */
&(nid_objs[ 6]),/* "rsaEncryption" */
&(nid_objs[ 1]),/* "rsadsi" */
&(nid_objs[124]),/* "run length compression" */
&(nid_objs[155]),/* "safeContentsBag" */
&(nid_objs[159]),/* "sdsiCertificate" */
&(nid_objs[154]),/* "secretBag" */
&(nid_objs[105]),/* "serialNumber" */
&(nid_objs[41]),/* "sha" */
&(nid_objs[64]),/* "sha1" */
&(nid_objs[115]),/* "sha1WithRSA" */
&(nid_objs[65]),/* "sha1WithRSAEncryption" */
&(nid_objs[42]),/* "shaWithRSAEncryption" */
&(nid_objs[52]),/* "signingTime" */
&(nid_objs[16]),/* "stateOrProvinceName" */
&(nid_objs[100]),/* "surname" */
&(nid_objs[106]),/* "title" */
&(nid_objs[ 0]),/* "undefined" */
&(nid_objs[102]),/* "uniqueIdentifier" */
&(nid_objs[55]),/* "unstructuredAddress" */
&(nid_objs[49]),/* "unstructuredName" */
&(nid_objs[158]),/* "x509Certificate" */
&(nid_objs[160]),/* "x509Crl" */
&(nid_objs[125]),/* "zlib compression" */
};
static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&(nid_objs[ 0]),/* OBJ_undef 0 */
&(nid_objs[11]),/* OBJ_X500 2 5 */
&(nid_objs[12]),/* OBJ_X509 2 5 4 */
&(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */
&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
&(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */
&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
&(nid_objs[173]),/* OBJ_name 2 5 4 41 */
&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
&(nid_objs[102]),/* OBJ_uniqueIdentifier 2 5 4 45 */
&(nid_objs[174]),/* OBJ_dnQualifier 2 5 4 46 */
&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
&(nid_objs[141]),/* OBJ_crl_reason 2 5 29 21 */
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
&(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */
&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
&(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */
&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
&(nid_objs[32]),/* OBJ_des_ede 1 3 14 3 2 17 */
&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */
&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666 2 */
&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */
&(nid_objs[128]),/* OBJ_id_kp 1 3 6 1 5 5 7 3 */
&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
&(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */
&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
&(nid_objs[177]),/* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
&(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
&(nid_objs[132]),/* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
&(nid_objs[133]),/* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
&(nid_objs[180]),/* OBJ_OCSP_sign 1 3 6 1 5 5 7 3 9 */
&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
&(nid_objs[168]),/* OBJ_pbeWithMD2AndRC2_CBC 1 2 840 113549 1 5 4 */
&(nid_objs[169]),/* OBJ_pbeWithMD5AndRC2_CBC 1 2 840 113549 1 5 6 */
&(nid_objs[170]),/* OBJ_pbeWithSHA1AndDES_CBC 1 2 840 113549 1 5 10 */
&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
&(nid_objs[69]),/* OBJ_id_pbkdf2 1 2 840 113549 1 5 12 */
&(nid_objs[161]),/* OBJ_pbes2 1 2 840 113549 1 5 13 */
&(nid_objs[162]),/* OBJ_pbmac1 1 2 840 113549 1 5 14 */
&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
&(nid_objs[172]),/* OBJ_ext_req 1 2 840 113549 1 9 14 */
&(nid_objs[167]),/* OBJ_SMIMECapabilities 1 2 840 113549 1 9 15 */
&(nid_objs[156]),/* OBJ_friendlyName 1 2 840 113549 1 9 20 */
&(nid_objs[157]),/* OBJ_localKeyID 1 2 840 113549 1 9 21 */
&(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */
&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
&(nid_objs[139]),/* OBJ_ns_sgc 2 16 840 1 113730 4 1 */
&(nid_objs[158]),/* OBJ_x509Certificate 1 2 840 113549 1 9 22 1 */
&(nid_objs[159]),/* OBJ_sdsiCertificate 1 2 840 113549 1 9 22 2 */
&(nid_objs[160]),/* OBJ_x509Crl 1 2 840 113549 1 9 23 1 */
&(nid_objs[144]),/* OBJ_pbe_WithSHA1And128BitRC4 1 2 840 113549 1 12 1 1 */
&(nid_objs[145]),/* OBJ_pbe_WithSHA1And40BitRC4 1 2 840 113549 1 12 1 2 */
&(nid_objs[146]),/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
&(nid_objs[147]),/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
&(nid_objs[148]),/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
&(nid_objs[149]),/* OBJ_pbe_WithSHA1And40BitRC2_CBC 1 2 840 113549 1 12 1 6 */
&(nid_objs[171]),/* OBJ_ms_ext_req 1 3 6 1 4 1 311 2 1 14 */
&(nid_objs[134]),/* OBJ_ms_code_ind 1 3 6 1 4 1 311 2 1 21 */
&(nid_objs[135]),/* OBJ_ms_code_com 1 3 6 1 4 1 311 2 1 22 */
&(nid_objs[136]),/* OBJ_ms_ctl_sign 1 3 6 1 4 1 311 10 3 1 */
&(nid_objs[137]),/* OBJ_ms_sgc 1 3 6 1 4 1 311 10 3 3 */
&(nid_objs[138]),/* OBJ_ms_efs 1 3 6 1 4 1 311 10 3 4 */
&(nid_objs[150]),/* OBJ_keyBag 1 2 840 113549 1 12 10 1 1 */
&(nid_objs[151]),/* OBJ_pkcs8ShroudedKeyBag 1 2 840 113549 1 12 10 1 2 */
&(nid_objs[152]),/* OBJ_certBag 1 2 840 113549 1 12 10 1 3 */
&(nid_objs[153]),/* OBJ_crlBag 1 2 840 113549 1 12 10 1 4 */
&(nid_objs[154]),/* OBJ_secretBag 1 2 840 113549 1 12 10 1 5 */
&(nid_objs[155]),/* OBJ_safeContentsBag 1 2 840 113549 1 12 10 1 6 */
&(nid_objs[34]),/* OBJ_idea_cbc 1 3 6 1 4 1 188 7 1 1 2 */
};

129
lib/dns/sec/openssl/obj_lib.c Normal file
View file

@ -0,0 +1,129 @@
/* crypto/objects/obj_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/lhash.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o)
{
ASN1_OBJECT *r;
int i;
char *ln=NULL;
if (o == NULL) return(NULL);
if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
return(o);
r=ASN1_OBJECT_new();
if (r == NULL)
{
OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
return(NULL);
}
r->data=Malloc(o->length);
if (r->data == NULL)
goto err;
memcpy(r->data,o->data,o->length);
r->length=o->length;
r->nid=o->nid;
r->ln=r->sn=NULL;
if (o->ln != NULL)
{
i=strlen(o->ln)+1;
r->ln=ln=Malloc(i);
if (r->ln == NULL) goto err;
memcpy(ln,o->ln,i);
}
if (o->sn != NULL)
{
char *s;
i=strlen(o->sn)+1;
r->sn=s=Malloc(i);
if (r->sn == NULL) goto err;
memcpy(s,o->sn,i);
}
r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA);
return(r);
err:
OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
if (r != NULL)
{
if (ln != NULL) Free(ln);
if (r->data != NULL) Free(r->data);
Free(r);
}
return(NULL);
}
int OBJ_cmp(ASN1_OBJECT *a, ASN1_OBJECT *b)
{
int ret;
ret=(a->length-b->length);
if (ret) return(ret);
return(memcmp(a->data,b->data,a->length));
}

187
lib/dns/sec/openssl/rsa_chk.c Normal file
View file

@ -0,0 +1,187 @@
/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#include <config.h>
#include "../rename.h"
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/rsa.h>
int RSA_check_key(RSA *key)
{
BIGNUM *i, *j, *k, *l, *m;
BN_CTX *ctx;
int r;
int ret=1;
i = BN_new();
j = BN_new();
k = BN_new();
l = BN_new();
m = BN_new();
ctx = BN_CTX_new();
if (i == NULL || j == NULL || k == NULL || l == NULL ||
m == NULL || ctx == NULL)
{
ret = -1;
RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
goto err;
}
/* p prime? */
r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL);
if (r != 1)
{
ret = r;
if (r != 0)
goto err;
RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
}
/* q prime? */
r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL);
if (r != 1)
{
ret = r;
if (r != 0)
goto err;
RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
}
/* n = p*q? */
r = BN_mul(i, key->p, key->q, ctx);
if (!r) { ret = -1; goto err; }
if (BN_cmp(i, key->n) != 0)
{
ret = 0;
RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
}
/* d*e = 1 mod lcm(p-1,q-1)? */
r = BN_sub(i, key->p, BN_value_one());
if (!r) { ret = -1; goto err; }
r = BN_sub(j, key->q, BN_value_one());
if (!r) { ret = -1; goto err; }
/* now compute k = lcm(i,j) */
r = BN_mul(l, i, j, ctx);
if (!r) { ret = -1; goto err; }
r = BN_gcd(m, i, j, ctx);
if (!r) { ret = -1; goto err; }
r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
if (!r) { ret = -1; goto err; }
r = BN_mod_mul(i, key->d, key->e, k, ctx);
if (!r) { ret = -1; goto err; }
if (!BN_is_one(i))
{
ret = 0;
RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
}
if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL)
{
/* dmp1 = d mod (p-1)? */
r = BN_sub(i, key->p, BN_value_one());
if (!r) { ret = -1; goto err; }
r = BN_mod(j, key->d, i, ctx);
if (!r) { ret = -1; goto err; }
if (BN_cmp(j, key->dmp1) != 0)
{
ret = 0;
RSAerr(RSA_F_RSA_CHECK_KEY,
RSA_R_DMP1_NOT_CONGRUENT_TO_D);
}
/* dmq1 = d mod (q-1)? */
r = BN_sub(i, key->q, BN_value_one());
if (!r) { ret = -1; goto err; }
r = BN_mod(j, key->d, i, ctx);
if (!r) { ret = -1; goto err; }
if (BN_cmp(j, key->dmq1) != 0)
{
ret = 0;
RSAerr(RSA_F_RSA_CHECK_KEY,
RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
}
/* iqmp = q^-1 mod p? */
if(!BN_mod_inverse(i, key->q, key->p, ctx))
{
ret = -1;
goto err;
}
if (BN_cmp(i, key->iqmp) != 0)
{
ret = 0;
RSAerr(RSA_F_RSA_CHECK_KEY,
RSA_R_IQMP_NOT_INVERSE_OF_Q);
}
}
err:
if (i != NULL) BN_free(i);
if (j != NULL) BN_free(j);
if (k != NULL) BN_free(k);
if (l != NULL) BN_free(l);
if (m != NULL) BN_free(m);
if (ctx != NULL) BN_CTX_free(ctx);
return (ret);
}

494
lib/dns/sec/openssl/rsa_eay.c Normal file
View file

@ -0,0 +1,494 @@
/* crypto/rsa/rsa_eay.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#ifndef RSA_NULL
static int RSA_eay_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
static int RSA_eay_init(RSA *rsa);
static int RSA_eay_finish(RSA *rsa);
static RSA_METHOD rsa_pkcs1_eay_meth={
"Eric Young's PKCS#1 RSA",
RSA_eay_public_encrypt,
RSA_eay_public_decrypt,
RSA_eay_private_encrypt,
RSA_eay_private_decrypt,
RSA_eay_mod_exp,
BN_mod_exp_mont,
RSA_eay_init,
RSA_eay_finish,
0,
NULL,
};
RSA_METHOD *RSA_PKCS1_SSLeay(void)
{
return(&rsa_pkcs1_eay_meth);
}
static int RSA_eay_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM f,ret;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
BN_init(&f);
BN_init(&ret);
if ((ctx=BN_CTX_new()) == NULL) goto err;
num=BN_num_bytes(rsa->n);
if ((buf=(unsigned char *)Malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
switch (padding)
{
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
break;
#ifndef NO_SHA
case RSA_PKCS1_OAEP_PADDING:
i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
i=RSA_padding_add_SSLv23(buf,num,from,flen);
break;
case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen);
break;
default:
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (i <= 0) goto err;
if (BN_bin2bn(buf,num,&f) == NULL) goto err;
if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
goto err;
}
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(&ret);
i=BN_bn2bin(&ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&f);
BN_clear_free(&ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_private_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM f,ret;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
BN_init(&f);
BN_init(&ret);
if ((ctx=BN_CTX_new()) == NULL) goto err;
num=BN_num_bytes(rsa->n);
if ((buf=(unsigned char *)Malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
switch (padding)
{
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
break;
case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen);
break;
case RSA_SSLV23_PADDING:
default:
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (i <= 0) goto err;
if (BN_bin2bn(buf,num,&f) == NULL) goto err;
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
RSA_blinding_on(rsa,ctx);
if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
((rsa->p != NULL) &&
(rsa->q != NULL) &&
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL)) )
{ if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
else
{
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
}
if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(&ret);
i=BN_bn2bin(&ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&ret);
BN_clear_free(&f);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_private_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM f,ret;
int j,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
BN_init(&f);
BN_init(&ret);
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
if ((buf=(unsigned char *)Malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
/* This check was for equality but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
goto err;
}
/* make data into a big number */
if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
RSA_blinding_on(rsa,ctx);
if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
/* do the decrypt */
if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
((rsa->p != NULL) &&
(rsa->q != NULL) &&
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL)) )
{ if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
else
{
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
goto err;
}
if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
p=buf;
j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
switch (padding)
{
case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
break;
#ifndef NO_SHA
case RSA_PKCS1_OAEP_PADDING:
r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
r=RSA_padding_check_SSLv23(to,num,buf,j,num);
break;
case RSA_NO_PADDING:
r=RSA_padding_check_none(to,num,buf,j,num);
break;
default:
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (r < 0)
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
err:
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&f);
BN_clear_free(&ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM f,ret;
int i,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
BN_init(&f);
BN_init(&ret);
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
num=BN_num_bytes(rsa->n);
buf=(unsigned char *)Malloc(num);
if (buf == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
/* This check was for equality but PGP does evil things
* and chops off the top '0' bytes */
if (flen > num)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
goto err;
}
if (BN_bin2bn(from,flen,&f) == NULL) goto err;
/* do the decrypt */
if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
goto err;
}
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
p=buf;
i=BN_bn2bin(&ret,p);
switch (padding)
{
case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
break;
case RSA_NO_PADDING:
r=RSA_padding_check_none(to,num,buf,i,num);
break;
default:
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (r < 0)
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
err:
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&f);
BN_clear_free(&ret);
if (buf != NULL)
{
memset(buf,0,num);
Free(buf);
}
return(r);
}
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
{
BIGNUM r1,m1;
int ret=0;
BN_CTX *ctx;
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{
if (rsa->_method_mod_p == NULL)
{
if ((rsa->_method_mod_p=BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set(rsa->_method_mod_p,rsa->p,
ctx))
goto err;
}
if (rsa->_method_mod_q == NULL)
{
if ((rsa->_method_mod_q=BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set(rsa->_method_mod_q,rsa->q,
ctx))
goto err;
}
}
if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
rsa->_method_mod_q)) goto err;
if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
rsa->_method_mod_p)) goto err;
if (!BN_sub(r0,r0,&m1)) goto err;
/* This will help stop the size of r0 increasing, which does
* affect the multiply if it optimised for a power of 2 size */
if (r0->neg)
if (!BN_add(r0,r0,rsa->p)) goto err;
if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
/* If p < q it is occasionally possible for the correction of
* adding 'p' if r0 is negative above to leave the result still
* negative. This can break the private key operations: the following
* second correction should *always* correct this rare occurrence.
* This will *never* happen with OpenSSL generated keys because
* they ensure p > q [steve]
*/
if (r0->neg)
if (!BN_add(r0,r0,rsa->p)) goto err;
if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
if (!BN_add(r0,&r1,&m1)) goto err;
ret=1;
err:
BN_clear_free(&m1);
BN_clear_free(&r1);
BN_CTX_free(ctx);
return(ret);
}
static int RSA_eay_init(RSA *rsa)
{
rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
return(1);
}
static int RSA_eay_finish(RSA *rsa)
{
if (rsa->_method_mod_n != NULL)
BN_MONT_CTX_free(rsa->_method_mod_n);
if (rsa->_method_mod_p != NULL)
BN_MONT_CTX_free(rsa->_method_mod_p);
if (rsa->_method_mod_q != NULL)
BN_MONT_CTX_free(rsa->_method_mod_q);
return(1);
}
#endif

200
lib/dns/sec/openssl/rsa_gen.c Normal file
View file

@ -0,0 +1,200 @@
/* crypto/rsa/rsa_gen.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
RSA *RSA_generate_key(int bits, unsigned long e_value,
void (*callback)(int,int,void *), void *cb_arg)
{
RSA *rsa=NULL;
BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
int bitsp,bitsq,ok= -1,n=0,i;
BN_CTX *ctx=NULL,*ctx2=NULL;
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
ctx2=BN_CTX_new();
if (ctx2 == NULL) goto err;
BN_CTX_start(ctx);
r0 = BN_CTX_get(ctx);
r1 = BN_CTX_get(ctx);
r2 = BN_CTX_get(ctx);
r3 = BN_CTX_get(ctx);
if (r3 == NULL) goto err;
bitsp=(bits+1)/2;
bitsq=bits-bitsp;
rsa=RSA_new();
if (rsa == NULL) goto err;
/* set e */
rsa->e=BN_new();
if (rsa->e == NULL) goto err;
#if 1
/* The problem is when building with 8, 16, or 32 BN_ULONG,
* unsigned long can be larger */
for (i=0; i<sizeof(unsigned long)*8; i++)
{
if (e_value & (1<<i))
BN_set_bit(rsa->e,i);
}
#else
if (!BN_set_word(rsa->e,e_value)) goto err;
#endif
/* generate p and q */
for (;;)
{
rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg);
if (rsa->p == NULL) goto err;
if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
if (BN_is_one(r1)) break;
if (callback != NULL) callback(2,n++,cb_arg);
BN_free(rsa->p);
}
if (callback != NULL) callback(3,0,cb_arg);
for (;;)
{
rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg);
if (rsa->q == NULL) goto err;
if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
break;
if (callback != NULL) callback(2,n++,cb_arg);
BN_free(rsa->q);
}
if (callback != NULL) callback(3,1,cb_arg);
if (BN_cmp(rsa->p,rsa->q) < 0)
{
tmp=rsa->p;
rsa->p=rsa->q;
rsa->q=tmp;
}
/* calculate n */
rsa->n=BN_new();
if (rsa->n == NULL) goto err;
if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err;
/* calculate d */
if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
/* for (;;)
{
if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
if (BN_is_one(r3)) break;
if (1)
{
if (!BN_add_word(rsa->e,2L)) goto err;
continue;
}
RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
goto err;
}
*/
rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */
if (rsa->d == NULL) goto err;
/* calculate d mod (p-1) */
rsa->dmp1=BN_new();
if (rsa->dmp1 == NULL) goto err;
if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
/* calculate d mod (q-1) */
rsa->dmq1=BN_new();
if (rsa->dmq1 == NULL) goto err;
if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
/* calculate inverse of q mod p */
rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2);
if (rsa->iqmp == NULL) goto err;
ok=1;
err:
if (ok == -1)
{
RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
ok=0;
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_CTX_free(ctx2);
if (!ok)
{
if (rsa != NULL) RSA_free(rsa);
return(NULL);
}
else
return(rsa);
}

336
lib/dns/sec/openssl/rsa_lib.c Normal file
View file

@ -0,0 +1,336 @@
/* crypto/rsa/rsa_lib.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/lhash.h>
#include <openssl/bn.h>
#include <openssl/rsa.h>
const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
static RSA_METHOD *default_RSA_meth=NULL;
static int rsa_meth_num=0;
static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
RSA *RSA_new(void)
{
return(RSA_new_method(NULL));
}
void RSA_set_default_method(RSA_METHOD *meth)
{
default_RSA_meth=meth;
}
RSA_METHOD *RSA_get_default_method(void)
{
return default_RSA_meth;
}
RSA_METHOD *RSA_get_method(RSA *rsa)
{
return rsa->meth;
}
RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth)
{
RSA_METHOD *mtmp;
mtmp = rsa->meth;
if (mtmp->finish) mtmp->finish(rsa);
rsa->meth = meth;
if (meth->init) meth->init(rsa);
return mtmp;
}
RSA *RSA_new_method(RSA_METHOD *meth)
{
RSA *ret;
if (default_RSA_meth == NULL)
{
#ifdef RSA_NULL
default_RSA_meth=RSA_null_method();
#else
#ifdef RSAref
default_RSA_meth=RSA_PKCS1_RSAref();
#else
default_RSA_meth=RSA_PKCS1_SSLeay();
#endif
#endif
}
ret=(RSA *)Malloc(sizeof(RSA));
if (ret == NULL)
{
RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
return(NULL);
}
if (meth == NULL)
ret->meth=default_RSA_meth;
else
ret->meth=meth;
ret->pad=0;
ret->version=0;
ret->n=NULL;
ret->e=NULL;
ret->d=NULL;
ret->p=NULL;
ret->q=NULL;
ret->dmp1=NULL;
ret->dmq1=NULL;
ret->iqmp=NULL;
ret->references=1;
ret->_method_mod_n=NULL;
ret->_method_mod_p=NULL;
ret->_method_mod_q=NULL;
ret->blinding=NULL;
ret->bignum_data=NULL;
ret->flags=ret->meth->flags;
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
Free(ret);
ret=NULL;
}
else
CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
return(ret);
}
void RSA_free(RSA *r)
{
int i;
if (r == NULL) return;
i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
#ifdef REF_PRINT
REF_PRINT("RSA",r);
#endif
if (i > 0) return;
#ifdef REF_CHECK
if (i < 0)
{
fprintf(stderr,"RSA_free, bad reference count\n");
abort();
}
#endif
CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
if (r->meth->finish != NULL)
r->meth->finish(r);
if (r->n != NULL) BN_clear_free(r->n);
if (r->e != NULL) BN_clear_free(r->e);
if (r->d != NULL) BN_clear_free(r->d);
if (r->p != NULL) BN_clear_free(r->p);
if (r->q != NULL) BN_clear_free(r->q);
if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
if (r->iqmp != NULL) BN_clear_free(r->iqmp);
if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
if (r->bignum_data != NULL) Free_locked(r->bignum_data);
Free(r);
}
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
rsa_meth_num++;
return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
&rsa_meth,argl,argp,new_func,dup_func,free_func));
}
int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
}
void *RSA_get_ex_data(RSA *r, int idx)
{
return(CRYPTO_get_ex_data(&r->ex_data,idx));
}
int RSA_size(RSA *r)
{
return(BN_num_bytes(r->n));
}
int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to,
RSA *rsa, int padding)
{
return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
}
int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to,
RSA *rsa, int padding)
{
return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
}
int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to,
RSA *rsa, int padding)
{
return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
}
int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to,
RSA *rsa, int padding)
{
return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
}
int RSA_flags(RSA *r)
{
return((r == NULL)?0:r->meth->flags);
}
void RSA_blinding_off(RSA *rsa)
{
if (rsa->blinding != NULL)
{
BN_BLINDING_free(rsa->blinding);
rsa->blinding=NULL;
}
rsa->flags&= ~RSA_FLAG_BLINDING;
}
int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
{
BIGNUM *A,*Ai;
BN_CTX *ctx;
int ret=0;
if (p_ctx == NULL)
{
if ((ctx=BN_CTX_new()) == NULL) goto err;
}
else
ctx=p_ctx;
if (rsa->blinding != NULL)
BN_BLINDING_free(rsa->blinding);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
goto err;
rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
rsa->flags|=RSA_FLAG_BLINDING;
BN_free(Ai);
ret=1;
err:
BN_CTX_end(ctx);
if (ctx != p_ctx) BN_CTX_free(ctx);
return(ret);
}
int RSA_memory_lock(RSA *r)
{
int i,j,k,off;
char *p;
BIGNUM *bn,**t[6],*b;
BN_ULONG *ul;
if (r->d == NULL) return(1);
t[0]= &r->d;
t[1]= &r->p;
t[2]= &r->q;
t[3]= &r->dmp1;
t[4]= &r->dmq1;
t[5]= &r->iqmp;
k=sizeof(BIGNUM)*6;
off=k/sizeof(BN_ULONG)+1;
j=1;
for (i=0; i<6; i++)
j+= (*t[i])->top;
if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
{
RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
return(0);
}
bn=(BIGNUM *)p;
ul=(BN_ULONG *)&(p[off]);
for (i=0; i<6; i++)
{
b= *(t[i]);
*(t[i])= &(bn[i]);
memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
bn[i].flags=BN_FLG_STATIC_DATA;
bn[i].d=ul;
memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
ul+=b->top;
BN_clear_free(b);
}
/* I should fix this so it can still be done */
r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
r->bignum_data=p;
return(1);
}

101
lib/dns/sec/openssl/rsa_none.c Normal file
View file

@ -0,0 +1,101 @@
/* crypto/rsa/rsa_none.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from,
int flen)
{
if (flen > tlen)
{
RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return(0);
}
if (flen < tlen)
{
RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
return(0);
}
memcpy(to,from,(unsigned int)flen);
return(1);
}
int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from,
int flen, int num)
{
if (flen > tlen)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
return(-1);
}
memset(to,0,tlen-flen);
memcpy(to+tlen-flen,from,flen);
return(tlen);
}

166
lib/dns/sec/openssl/rsa_oaep.c Normal file
View file

@ -0,0 +1,166 @@
/* crypto/rsa/rsa_oaep.c */
/* Written by Ulf Moeller. This software is distributed on an "AS IS"
basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
#include <config.h>
#include "../rename.h"
#if !defined(NO_SHA) && !defined(NO_SHA1)
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
unsigned char *from, int flen, unsigned char *param, int plen)
{
int i, emlen = tlen - 1;
unsigned char *db, *seed;
unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return (0);
}
if (emlen < 2 * SHA_DIGEST_LENGTH + 1)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL);
return (0);
}
dbmask = Malloc(emlen - SHA_DIGEST_LENGTH);
if (dbmask == NULL)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
return (0);
}
to[0] = 0;
seed = to + 1;
db = to + SHA_DIGEST_LENGTH + 1;
SHA1(param, plen, db);
memset(db + SHA_DIGEST_LENGTH, 0,
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
return (0);
#ifdef PKCS_TESTVECT
memcpy(seed,
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
20);
#endif
MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
db[i] ^= dbmask[i];
MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
for (i = 0; i < SHA_DIGEST_LENGTH; i++)
seed[i] ^= seedmask[i];
Free(dbmask);
return (1);
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
unsigned char *from, int flen, int num, unsigned char *param,
int plen)
{
int i, dblen, mlen = -1;
unsigned char *maskeddb;
int lzero;
unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
if (--num < 2 * SHA_DIGEST_LENGTH + 1)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
return (-1);
}
dblen = num - SHA_DIGEST_LENGTH;
db = Malloc(dblen);
if (db == NULL)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
return (-1);
}
lzero = num - flen;
maskeddb = from - lzero + SHA_DIGEST_LENGTH;
MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
seed[i] ^= from[i - lzero];
MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
for (i = 0; i < dblen; i++)
db[i] ^= maskeddb[i];
SHA1(param, plen, phash);
if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0)
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
else
{
for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
if (db[i] != 0x00)
break;
if (db[i] != 0x01 || i++ >= dblen)
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,
RSA_R_OAEP_DECODING_ERROR);
else
{
mlen = dblen - i;
if (tlen < mlen)
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE);
mlen = -1;
}
else
memcpy(to, db + i, mlen);
}
}
Free(db);
return (mlen);
}
int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen)
{
long i, outlen = 0;
unsigned char cnt[4];
SHA_CTX c;
unsigned char md[SHA_DIGEST_LENGTH];
for (i = 0; outlen < len; i++)
{
cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255,
cnt[2] = (i >> 8) & 255, cnt[3] = i & 255;
SHA1_Init(&c);
SHA1_Update(&c, seed, seedlen);
SHA1_Update(&c, cnt, 4);
if (outlen + SHA_DIGEST_LENGTH <= len)
{
SHA1_Final(mask + outlen, &c);
outlen += SHA_DIGEST_LENGTH;
}
else
{
SHA1_Final(md, &c);
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
}
return (0);
}
#endif

227
lib/dns/sec/openssl/rsa_pk1.c Normal file
View file

@ -0,0 +1,227 @@
/* crypto/rsa/rsa_pk1.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
unsigned char *from, int flen)
{
int j;
unsigned char *p;
if (flen > (tlen-11))
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return(0);
}
p=(unsigned char *)to;
*(p++)=0;
*(p++)=1; /* Private Key BT (Block Type) */
/* pad out with 0xff data */
j=tlen-3-flen;
memset(p,0xff,j);
p+=j;
*(p++)='\0';
memcpy(p,from,(unsigned int)flen);
return(1);
}
int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
unsigned char *from, int flen, int num)
{
int i,j;
unsigned char *p;
p=from;
if ((num != (flen+1)) || (*(p++) != 01))
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
return(-1);
}
/* scan over padding data */
j=flen-1; /* one for type. */
for (i=0; i<j; i++)
{
if (*p != 0xff) /* should decrypt to 0xff */
{
if (*p == 0)
{ p++; break; }
else {
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
return(-1);
}
}
p++;
}
if (i == j)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
return(-1);
}
if (i < 8)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
return(-1);
}
i++; /* Skip over the '\0' */
j-=i;
if (j > tlen)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
return(-1);
}
memcpy(to,p,(unsigned int)j);
return(j);
}
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
unsigned char *from, int flen)
{
int i,j;
unsigned char *p;
if (flen > (tlen-11))
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return(0);
}
p=(unsigned char *)to;
*(p++)=0;
*(p++)=2; /* Public Key BT (Block Type) */
/* pad out with non-zero random data */
j=tlen-3-flen;
if (RAND_bytes(p,j) <= 0)
return(0);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
if (RAND_bytes(p,1) <= 0)
return(0);
} while (*p == '\0');
p++;
}
*(p++)='\0';
memcpy(p,from,(unsigned int)flen);
return(1);
}
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
unsigned char *from, int flen, int num)
{
int i,j;
unsigned char *p;
p=from;
if ((num != (flen+1)) || (*(p++) != 02))
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
return(-1);
}
#ifdef PKCS1_CHECK
return(num-11);
#endif
/* scan over padding data */
j=flen-1; /* one for type. */
for (i=0; i<j; i++)
if (*(p++) == 0) break;
if (i == j)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
return(-1);
}
if (i < 8)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
return(-1);
}
i++; /* Skip over the '\0' */
j-=i;
if (j > tlen)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
return(-1);
}
memcpy(to,p,(unsigned int)j);
return(j);
}

224
lib/dns/sec/openssl/rsa_sign.c Normal file
View file

@ -0,0 +1,224 @@
/* crypto/rsa/rsa_sign.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
/* Size of an SSL signature: MD5+SHA1 */
#define SSL_SIG_LENGTH 36
int RSA_sign(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa)
{
X509_SIG sig;
ASN1_TYPE parameter;
int i,j,ret=1;
unsigned char *p,*s = NULL;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
if(rsa->flags & RSA_FLAG_SIGN_VER)
return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
/* Special case: SSL signature, just check the length */
if(type == NID_md5_sha1) {
if(m_len != SSL_SIG_LENGTH) {
RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
return(0);
}
i = SSL_SIG_LENGTH;
s = m;
} else {
sig.algor= &algor;
sig.algor->algorithm=OBJ_nid2obj(type);
if (sig.algor->algorithm == NULL)
{
RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
return(0);
}
if (sig.algor->algorithm->length == 0)
{
RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
return(0);
}
parameter.type=V_ASN1_NULL;
parameter.value.ptr=NULL;
sig.algor->parameter= &parameter;
sig.digest= &digest;
sig.digest->data=m;
sig.digest->length=m_len;
i=i2d_X509_SIG(&sig,NULL);
}
j=RSA_size(rsa);
if ((i-RSA_PKCS1_PADDING) > j)
{
RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
}
if(type != NID_md5_sha1) {
s=(unsigned char *)Malloc((unsigned int)j+1);
if (s == NULL)
{
RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
return(0);
}
p=s;
i2d_X509_SIG(&sig,&p);
}
i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
if (i <= 0)
ret=0;
else
*siglen=i;
if(type != NID_md5_sha1) {
memset(s,0,(unsigned int)j+1);
Free(s);
}
return(ret);
}
int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
{
int i,ret=0,sigtype;
unsigned char *p,*s;
X509_SIG *sig=NULL;
if (siglen != (unsigned int)RSA_size(rsa))
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
return(0);
}
if(rsa->flags & RSA_FLAG_SIGN_VER)
return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
s=(unsigned char *)Malloc((unsigned int)siglen);
if (s == NULL)
{
RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
goto err;
}
if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
return(0);
}
i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
if (i <= 0) goto err;
/* Special case: SSL signature */
if(dtype == NID_md5_sha1) {
if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
else ret = 1;
} else {
p=s;
sig=d2i_X509_SIG(NULL,&p,(long)i);
if (sig == NULL) goto err;
sigtype=OBJ_obj2nid(sig->algor->algorithm);
#ifdef RSA_DEBUG
/* put a backward compatibility flag in EAY */
fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
OBJ_nid2ln(dtype));
#endif
if (sigtype != dtype)
{
if (((dtype == NID_md5) &&
(sigtype == NID_md5WithRSAEncryption)) ||
((dtype == NID_md2) &&
(sigtype == NID_md2WithRSAEncryption)))
{
/* ok, we will let it through */
#if !defined(NO_STDIO) && !defined(WIN16)
fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
#endif
}
else
{
RSAerr(RSA_F_RSA_VERIFY,
RSA_R_ALGORITHM_MISMATCH);
goto err;
}
}
if ( ((unsigned int)sig->digest->length != m_len) ||
(memcmp(m,sig->digest->data,m_len) != 0))
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
}
else
ret=1;
}
err:
if (sig != NULL) X509_SIG_free(sig);
memset(s,0,(unsigned int)siglen);
Free(s);
return(ret);
}

157
lib/dns/sec/openssl/rsa_ssl.c Normal file
View file

@ -0,0 +1,157 @@
/* crypto/rsa/rsa_ssl.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
int flen)
{
int i,j;
unsigned char *p;
if (flen > (tlen-11))
{
RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return(0);
}
p=(unsigned char *)to;
*(p++)=0;
*(p++)=2; /* Public Key BT (Block Type) */
/* pad out with non-zero random data */
j=tlen-3-8-flen;
if (RAND_bytes(p,j) <= 0)
return(0);
for (i=0; i<j; i++)
{
if (*p == '\0')
do {
if (RAND_bytes(p,1) <= 0)
return(0);
} while (*p == '\0');
p++;
}
memset(p,3,8);
p+=8;
*(p++)='\0';
memcpy(p,from,(unsigned int)flen);
return(1);
}
int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
int flen, int num)
{
int i,j,k;
unsigned char *p;
p=from;
if (flen < 10)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
return(-1);
}
if ((num != (flen+1)) || (*(p++) != 02))
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
return(-1);
}
/* scan over padding data */
j=flen-1; /* one for type */
for (i=0; i<j; i++)
if (*(p++) == 0) break;
if ((i == j) || (i < 8))
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
return(-1);
}
for (k= -8; k<0; k++)
{
if (p[k] != 0x03) break;
}
if (k == 0)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
return(-1);
}
i++; /* Skip over the '\0' */
j-=i;
if (j > tlen)
{
RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
return(-1);
}
memcpy(to,p,(unsigned int)j);
return(j);
}

120
lib/dns/sec/openssl/x_algor.c Normal file
View file

@ -0,0 +1,120 @@
/* crypto/asn1/x_algor.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
#include <openssl/x509.h>
int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp)
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
if (a->parameter != NULL)
{ M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
if (a->parameter != NULL)
{ M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
M_ASN1_I2D_finish();
}
X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length)
{
M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
if (!M_ASN1_D2I_end_sequence())
{ M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
else
{
ASN1_TYPE_free(ret->parameter);
ret->parameter=NULL;
}
M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
}
X509_ALGOR *X509_ALGOR_new(void)
{
X509_ALGOR *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret,X509_ALGOR);
ret->algorithm=OBJ_nid2obj(NID_undef);
ret->parameter=NULL;
return(ret);
M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
}
void X509_ALGOR_free(X509_ALGOR *a)
{
if (a == NULL) return;
ASN1_OBJECT_free(a->algorithm);
ASN1_TYPE_free(a->parameter);
Free(a);
}
IMPLEMENT_STACK_OF(X509_ALGOR)
IMPLEMENT_ASN1_SET_OF(X509_ALGOR)

113
lib/dns/sec/openssl/x_sig.c Normal file
View file

@ -0,0 +1,113 @@
/* crypto/asn1/x_sig.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <config.h>
#include "../rename.h"
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1_mac.h>
#include <openssl/x509.h>
int i2d_X509_SIG(X509_SIG *a, unsigned char **pp)
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
M_ASN1_I2D_finish();
}
X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length)
{
M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
}
X509_SIG *X509_SIG_new(void)
{
X509_SIG *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret,X509_SIG);
M_ASN1_New(ret->algor,X509_ALGOR_new);
M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
return(ret);
M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
}
void X509_SIG_free(X509_SIG *a)
{
if (a == NULL) return;
X509_ALGOR_free(a->algor);
M_ASN1_OCTET_STRING_free(a->digest);
Free(a);
}