X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fx509v3%2Fv3_akey.c;h=c6b68ee221174eb7c4cae2bb506d029452f9e3e9;hb=ad6019d6c0d22f384838b2f9ca339bdabed331a5;hp=de2a577ac10244aa21626b138bf8f48f48cc5e80;hpb=08e9c1af6c26f74ef7f7524be4b89241ff232a8c;p=openssl.git

diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index de2a577ac1..c6b68ee221 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -1,5 +1,5 @@
 /* v3_akey.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
 /* ====================================================================
@@ -60,7 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
 #include <openssl/x509v3.h>
 
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
@@ -68,72 +68,17 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 			X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 
-X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
-(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
-(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
-(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
-NULL, NULL,
-(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
-(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-NULL,NULL,
-NULL
-};
-
-
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp)
-{
-	M_ASN1_I2D_vars(a);
-
-	M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING);
-	M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES);
-	M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER);
-
-	M_ASN1_I2D_seq_total();
-
-	M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0);
-	M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1);
-	M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2);
-
-	M_ASN1_I2D_finish();
-}
-
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void)
-{
-	AUTHORITY_KEYID *ret=NULL;
-	ASN1_CTX c;
-	M_ASN1_New_Malloc(ret, AUTHORITY_KEYID);
-	ret->keyid = NULL;
-	ret->issuer = NULL;
-	ret->serial = NULL;
-	return (ret);
-	M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW);
-}
-
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp,
-	     long length)
-{
-	M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new);
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-	M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0,
-							V_ASN1_OCTET_STRING);
-	M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1,
-							V_ASN1_SEQUENCE);
-	M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2,
-							V_ASN1_INTEGER);
-	M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID);
-}
-
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
-{
-	if (a == NULL) return;
-	M_ASN1_OCTET_STRING_free(a->keyid);
-	sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
-	M_ASN1_INTEGER_free (a->serial);
-	Free ((char *)a);
-}
+const X509V3_EXT_METHOD v3_akey_id =
+	{
+	NID_authority_key_identifier,
+	X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
+	0,0,0,0,
+	0,0,
+	(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
+	(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
+	0,0,
+	NULL
+	};
 
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 	     AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
@@ -142,7 +87,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 	if(akeyid->keyid) {
 		tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
 		X509V3_add_value("keyid", tmp, &extlist);
-		Free(tmp);
+		OPENSSL_free(tmp);
 	}
 	if(akeyid->issuer) 
 		extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
@@ -150,7 +95,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 		tmp = hex_to_string(akeyid->serial->data,
 						 akeyid->serial->length);
 		X509V3_add_value("serial", tmp, &extlist);
-		Free(tmp);
+		OPENSSL_free(tmp);
 	}
 	return extlist;
 }
@@ -165,85 +110,99 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 
 static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 	     X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
-{
-char keyid=0, issuer=0;
-int i;
-CONF_VALUE *cnf;
-ASN1_OCTET_STRING *ikeyid = NULL;
-X509_NAME *isname = NULL;
-STACK_OF(GENERAL_NAME) * gens = NULL;
-GENERAL_NAME *gen = NULL;
-ASN1_INTEGER *serial = NULL;
-X509_EXTENSION *ext;
-X509 *cert;
-AUTHORITY_KEYID *akeyid;
-for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
-	cnf = sk_CONF_VALUE_value(values, i);
-	if(!strcmp(cnf->name, "keyid")) {
-		keyid = 1;
-		if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
-	} else if(!strcmp(cnf->name, "issuer")) {
-		issuer = 1;
-		if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2;
-	} else {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
-		ERR_add_error_data(2, "name=", cnf->name);
+	{
+	char keyid=0, issuer=0;
+	int i;
+	CONF_VALUE *cnf;
+	ASN1_OCTET_STRING *ikeyid = NULL;
+	X509_NAME *isname = NULL;
+	GENERAL_NAMES * gens = NULL;
+	GENERAL_NAME *gen = NULL;
+	ASN1_INTEGER *serial = NULL;
+	X509_EXTENSION *ext;
+	X509 *cert;
+	AUTHORITY_KEYID *akeyid;
+
+	for(i = 0; i < sk_CONF_VALUE_num(values); i++)
+		{
+		cnf = sk_CONF_VALUE_value(values, i);
+		if(!strcmp(cnf->name, "keyid"))
+			{
+			keyid = 1;
+			if(cnf->value && !strcmp(cnf->value, "always"))
+				keyid = 2;
+			}
+		else if(!strcmp(cnf->name, "issuer"))
+			{
+			issuer = 1;
+			if(cnf->value && !strcmp(cnf->value, "always"))
+				issuer = 2;
+			}
+		else
+			{
+			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION);
+			ERR_add_error_data(2, "name=", cnf->name);
+			return NULL;
+			}
+		}
+
+	if(!ctx || !ctx->issuer_cert)
+		{
+		if(ctx && (ctx->flags==CTX_TEST))
+			return AUTHORITY_KEYID_new();
+		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
 		return NULL;
-	}
-}
-
-
-
-if(!ctx || !ctx->issuer_cert) {
-	if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
-	X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
+		}
+
+	cert = ctx->issuer_cert;
+
+	if(keyid)
+		{
+		i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
+		if((i >= 0)  && (ext = X509_get_ext(cert, i)))
+			ikeyid = X509V3_EXT_d2i(ext);
+		if(keyid==2 && !ikeyid)
+			{
+			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
+			return NULL;
+			}
+		}
+
+	if((issuer && !ikeyid) || (issuer == 2))
+		{
+		isname = X509_NAME_dup(X509_get_issuer_name(cert));
+		serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
+		if(!isname || !serial)
+			{
+			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
+			goto err;
+			}
+		}
+
+	if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
+
+	if(isname)
+		{
+		if(!(gens = sk_GENERAL_NAME_new_null())
+			|| !(gen = GENERAL_NAME_new())
+			|| !sk_GENERAL_NAME_push(gens, gen))
+			{
+			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		gen->type = GEN_DIRNAME;
+		gen->d.dirn = isname;
+		}
+
+	akeyid->issuer = gens;
+	akeyid->serial = serial;
+	akeyid->keyid = ikeyid;
+
+	return akeyid;
+
+ err:
+	X509_NAME_free(isname);
+	M_ASN1_INTEGER_free(serial);
+	M_ASN1_OCTET_STRING_free(ikeyid);
 	return NULL;
-}
-
-cert = ctx->issuer_cert;
-
-if(keyid) {
-	i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
-	if((i >= 0)  && (ext = X509_get_ext(cert, i)))
-						 ikeyid = X509V3_EXT_d2i(ext);
-	if(keyid==2 && !ikeyid) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
-		return NULL;
 	}
-}
-
-if((issuer && !ikeyid) || (issuer == 2)) {
-	isname = X509_NAME_dup(X509_get_issuer_name(cert));
-	serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
-	if(!isname || !serial) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
-		goto err;
-	}
-}
-
-if(!(akeyid = AUTHORITY_KEYID_new())) goto err;
-
-if(isname) {
-	if(!(gens = sk_GENERAL_NAME_new(NULL)) || !(gen = GENERAL_NAME_new())
-		|| !sk_GENERAL_NAME_push(gens, gen)) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	gen->type = GEN_DIRNAME;
-	gen->d.dirn = isname;
-}
-
-akeyid->issuer = gens;
-akeyid->serial = serial;
-akeyid->keyid = ikeyid;
-
-return akeyid;
-
-err:
-X509_NAME_free(isname);
-M_ASN1_INTEGER_free(serial);
-M_ASN1_OCTET_STRING_free(ikeyid);
-return NULL;
-
-}
-