#include <openssl/asn1.h>
#include "asn1_locl.h"
-#if 0
-
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
- /* KLUDGE! We convert to ascii before writing DER */
- int len;
- char tmp[24];
- ASN1_STRING tmpstr = *(ASN1_STRING *)a;
-
- len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
- tmpstr.data = tmp;
-
- a = (ASN1_GENERALIZEDTIME *)&tmpstr;
-# endif
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
-}
-
-ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
- unsigned char **pp,
- long length)
-{
- ASN1_GENERALIZEDTIME *ret = NULL;
-
- ret =
- (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
- V_ASN1_GENERALIZEDTIME,
- V_ASN1_UNIVERSAL);
- if (ret == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
- return (NULL);
- }
-# ifdef CHARSET_EBCDIC
- ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
- if (!ASN1_GENERALIZEDTIME_check(ret)) {
- ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
- goto err;
- }
-
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_GENERALIZEDTIME_free(ret);
- return (NULL);
-}
-
-#endif
-
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
{
static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
* Three IO functions for sending data to memory, a BIO and and a FILE
* pointer.
*/
-#if 0 /* never used */
-static int send_mem_chars(void *arg, const void *buf, int len)
-{
- unsigned char **out = arg;
- if (!out)
- return 1;
- memcpy(*out, buf, len);
- *out += len;
- return 1;
-}
-#endif
-
static int send_bio_chars(void *arg, const void *buf, int len)
{
if (!arg)
IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
-#if 0
-int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
- /* KLUDGE! We convert to ascii before writing DER */
- char tmp[24];
- ASN1_STRING tmpstr;
-
- if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
- int len;
-
- tmpstr = *(ASN1_STRING *)a;
- len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data,
- (len >= sizeof tmp) ? sizeof tmp : len);
- tmpstr.data = tmp;
- a = (ASN1_GENERALIZEDTIME *)&tmpstr;
- }
-# endif
- if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- a->type, V_ASN1_UNIVERSAL));
- ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
- return -1;
-}
-#endif
-
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
{
return ASN1_TIME_adj(s, t, 0, 0);
#include <openssl/asn1.h>
#include "asn1_locl.h"
-#if 0
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
-{
-# ifndef CHARSET_EBCDIC
- return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
- V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
-# else
- /* KLUDGE! We convert to ascii before writing DER */
- int len;
- char tmp[24];
- ASN1_STRING x = *(ASN1_STRING *)a;
-
- len = x.length;
- ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
- x.data = tmp;
- return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
-# endif
-}
-
-ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
- long length)
-{
- ASN1_UTCTIME *ret = NULL;
-
- ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
- V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
- if (ret == NULL) {
- ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
- return (NULL);
- }
-# ifdef CHARSET_EBCDIC
- ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
- if (!ASN1_UTCTIME_check(ret)) {
- ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
- goto err;
- }
-
- return (ret);
- err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
- M_ASN1_UTCTIME_free(ret);
- return (NULL);
-}
-
-#endif
-
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
{
static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
return -1;
return 0;
}
-
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
-{
- struct tm tm;
- int offset;
-
- memset(&tm, '\0', sizeof tm);
-
-# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
- tm.tm_year = g2(s->data);
- if (tm.tm_year < 50)
- tm.tm_year += 100;
- tm.tm_mon = g2(s->data + 2) - 1;
- tm.tm_mday = g2(s->data + 4);
- tm.tm_hour = g2(s->data + 6);
- tm.tm_min = g2(s->data + 8);
- tm.tm_sec = g2(s->data + 10);
- if (s->data[12] == 'Z')
- offset = 0;
- else {
- offset = g2(s->data + 13) * 60 + g2(s->data + 15);
- if (s->data[12] == '-')
- offset = -offset;
- }
-# undef g2
-
- /*
- * FIXME: mktime assumes the current timezone
- * instead of UTC, and unless we rewrite OpenSSL
- * in Lisp we cannot locally change the timezone
- * without possibly interfering with other parts
- * of the program. timegm, which uses UTC, is
- * non-standard.
- * Also time_t is inappropriate for general
- * UTC times because it may a 32 bit type.
- */
- return mktime(&tm) - offset * 60;
-}
-#endif
if (inf && !(ret & V_ASN1_CONSTRUCTED))
goto err;
-#if 0
- fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
- (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
- (int)(omax + *pp));
-
-#endif
if (*plength > (omax - (p - *pp))) {
ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
/*
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent;
-#if 0
- dump_indent = indent;
-#else
dump_indent = 6; /* Because we know BIO_dump_indent() */
-#endif
p = *pp;
tot = p + length;
op = p - 1;
if (!(cflag & X509_FLAG_NO_SIGNAME)) {
if (X509_signature_print(bp, ci->signature, NULL) <= 0)
goto err;
-#if 0
- if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
- goto err;
- if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
- goto err;
- if (BIO_puts(bp, "\n") <= 0)
- goto err;
-#endif
}
if (!(cflag & X509_FLAG_NO_ISSUER)) {
break;
case ASN1_ITYPE_CHOICE:
-#if 0
- if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
- return 0;
-#endif
/* CHOICE type, get selector */
i = asn1_get_choice_selector(fld, it);
/* This should never happen... */
static const char spaces[] = " ";
static const int nspaces = sizeof(spaces) - 1;
-#if 0
- if (!sname && !fname)
- return 1;
-#endif
-
while (indent > nspaces) {
if (BIO_write(out, spaces, nspaces) != nspaces)
return 0;
}
if (evp_cipher != NULL) {
-#if 0
- unsigned char key[EVP_MAX_KEY_LENGTH];
- unsigned char iv[EVP_MAX_IV_LENGTH];
- unsigned char *p;
- int keylen, ivlen;
- int max;
- X509_OBJECT ret;
-#endif
-
if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
goto err;
BIO_push(out, etmp);
etmp = NULL;
}
-#if 1
if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
bio = in_bio;
} else {
-# if 0
- bio = BIO_new(BIO_s_mem());
- /*
- * We need to set this so that when we have read all the data, the
- * encrypt BIO, if present, will read EOF and encode the last few
- * bytes
- */
- BIO_set_mem_eof_return(bio, 0);
-
- if (data_body->length > 0)
- BIO_write(bio, (char *)data_body->data, data_body->length);
-# else
if (data_body->length > 0)
bio = BIO_new_mem_buf(data_body->data, data_body->length);
else {
}
if (bio == NULL)
goto err;
-# endif
}
BIO_push(out, bio);
bio = NULL;
-#endif
if (0) {
err:
if (ek) {
}
if ((message_digest->length != (int)md_len) ||
(memcmp(message_digest->data, md_dat, md_len))) {
-#if 0
- {
- int ii;
- for (ii = 0; ii < message_digest->length; ii++)
- printf("%02X", message_digest->data[ii]);
- printf(" sent\n");
- for (ii = 0; ii < md_len; ii++)
- printf("%02X", md_dat[ii]);
- printf(" calc\n");
- }
-#endif
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
ret = -1;
goto err;
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
return 0;
}
-#if 0
+
/*
- * NB: this test commented out because some versions of Netscape
- * illegally include zero length content when signing data.
+ * Very old Netscape illegally included empty content with
+ * a detached signature. To not support that, enable the
+ * following flag.
*/
-
+#ifdef OPENSSL_DONT_SUPPORT_OLD_NETSCAPE
/* Check for data and content: two sets of data */
if (!PKCS7_get_detached(p7) && indata) {
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
projects / openssl.git / commitdiff