Rewrite the extension code to use an ASN1_ITEM structure
authorDr. Stephen Henson <steve@openssl.org>
Wed, 13 Dec 2000 13:47:33 +0000 (13:47 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 13 Dec 2000 13:47:33 +0000 (13:47 +0000)
for its ASN1 operations as well as the old style function
pointers (i2d, d2i, new, free). Change standard extensions
to support this.

Fix a warning in BN_mul(), bn_mul.c about uninitialised 'j'.

19 files changed:
CHANGES
crypto/bn/bn_mul.c
crypto/x509v3/v3_akey.c
crypto/x509v3/v3_alt.c
crypto/x509v3/v3_bcons.c
crypto/x509v3/v3_bitst.c
crypto/x509v3/v3_conf.c
crypto/x509v3/v3_cpols.c
crypto/x509v3/v3_crld.c
crypto/x509v3/v3_enum.c
crypto/x509v3/v3_extku.c
crypto/x509v3/v3_info.c
crypto/x509v3/v3_int.c
crypto/x509v3/v3_lib.c
crypto/x509v3/v3_pku.c
crypto/x509v3/v3_prn.c
crypto/x509v3/v3_skey.c
crypto/x509v3/v3_sxnet.c
crypto/x509v3/x509v3.h

diff --git a/CHANGES b/CHANGES
index acc4a85..61293a0 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
+     for its ASN1 operations. The old style function pointers still exist
+     for now but they will eventually go away.
+     [Steve Henson]
+
   *) Merge in replacement ASN1 code from the ASN1 branch. This almost
      completely replaces the old ASN1 functionality.
      [Steve Henson]
index 2810115..b9d2b3c 100644 (file)
@@ -939,7 +939,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 #endif
 #ifdef BN_RECURSION
        BIGNUM *t;
-       int j,k;
+       int j=0,k;
 #endif
 
 #ifdef BN_COUNT
index 9ca3c88..cb1ca21 100644 (file)
@@ -69,15 +69,12 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
                        X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 
 X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
-(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
-(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
-(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
-NULL, NULL,
+NID_authority_key_identifier, X509V3_EXT_MULTILINE, &AUTHORITY_KEYID_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
 (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-NULL,NULL,
+0,0,
 NULL
 };
 
index 52c4f54..c370f8c 100644 (file)
@@ -66,21 +66,16 @@ static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens);
 static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
 X509V3_EXT_METHOD v3_alt[] = {
-{ NID_subject_alt_name, 0,
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
+{ NID_subject_alt_name, 0, &GENERAL_NAMES_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_subject_alt,
 NULL, NULL, NULL},
-{ NID_issuer_alt_name, 0,
-(X509V3_EXT_NEW)GENERAL_NAMES_new,
-(X509V3_EXT_FREE)GENERAL_NAMES_free,
-(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
-NULL, NULL,
+
+{ NID_issuer_alt_name, 0, &GENERAL_NAMES_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_issuer_alt,
 NULL, NULL, NULL},
index 7dc866d..1f2ed4e 100644 (file)
@@ -69,11 +69,9 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V
 
 X509V3_EXT_METHOD v3_bcons = {
 NID_basic_constraints, 0,
-(X509V3_EXT_NEW)BASIC_CONSTRAINTS_new,
-(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free,
-(X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS,
-(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS,
-NULL, NULL,
+&BASIC_CONSTRAINTS_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
 (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
 NULL,NULL,
index 0e1167d..16cf125 100644 (file)
@@ -66,6 +66,7 @@ static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
 static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
                                ASN1_BIT_STRING *bits,
                                STACK_OF(CONF_VALUE) *extlist);
+
 static BIT_STRING_BITNAME ns_cert_type_table[] = {
 {0, "SSL Client", "client"},
 {1, "SSL Server", "server"},
index bdc9c1c..909bc0a 100644 (file)
@@ -153,7 +153,8 @@ static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
        }
 
        ext  = do_ext_i2d(method, ext_nid, crit, ext_struc);
-       method->ext_free(ext_struc);
+       if(method->it) ASN1_item_free(ext_struc, method->it);
+       else method->ext_free(ext_struc);
        return ext;
 
 }
@@ -161,19 +162,25 @@ static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
 static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
                                                 int crit, void *ext_struc)
 {
-       unsigned char *ext_der, *p;
+       unsigned char *ext_der;
        int ext_len;
        ASN1_OCTET_STRING *ext_oct;
        X509_EXTENSION *ext;
        /* Convert internal representation to DER */
-       ext_len = method->i2d(ext_struc, NULL);
-       if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr;
-       p = ext_der;
-       method->i2d(ext_struc, &p);
+       if(method->it) {
+               ext_len = ASN1_item_i2d(ext_struc, &ext_der, method->it);
+               if(ext_len < 0) goto merr;
+       } else {
+               unsigned char *p;
+               ext_len = method->i2d(ext_struc, NULL);
+               if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr;
+               p = ext_der;
+               method->i2d(ext_struc, &p);
+       }
        if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
        ext_oct->data = ext_der;
        ext_oct->length = ext_len;
-       
+
        ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
        if(!ext) goto merr;
        M_ASN1_OCTET_STRING_free(ext_oct);
index 47e08c8..ea84ad4 100644 (file)
@@ -76,13 +76,10 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
 static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos);
 
 X509V3_EXT_METHOD v3_cpols = {
-NID_certificate_policies, 0,
-(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
-(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free,
-(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
-(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES,
-NULL, NULL,
-NULL, NULL,
+NID_certificate_policies, 0,&CERTIFICATEPOLICIES_it,
+0,0,0,0,
+0,0,
+0,0,
 (X509V3_EXT_I2R)i2r_certpol,
 (X509V3_EXT_R2I)r2i_certpol,
 NULL
index b1963a2..4f53dcf 100644 (file)
@@ -69,15 +69,13 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
 X509V3_EXT_METHOD v3_crld = {
-NID_crl_distribution_points, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)CRL_DIST_POINTS_new,
-(X509V3_EXT_FREE)CRL_DIST_POINTS_free,
-(X509V3_EXT_D2I)d2i_CRL_DIST_POINTS,
-(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS,
-NULL, NULL,
+NID_crl_distribution_points, X509V3_EXT_MULTILINE, &CRL_DIST_POINTS_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_crld,
 (X509V3_EXT_V2I)v2i_crld,
-NULL, NULL, NULL
+0,0,
+NULL
 };
 
 static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
index aecfdc8..4bb6eb1 100644 (file)
@@ -73,14 +73,12 @@ static ENUMERATED_NAMES crl_reasons[] = {
 };
 
 X509V3_EXT_METHOD v3_crl_reason = { 
-NID_crl_reason, 0,
-(X509V3_EXT_NEW)ASN1_ENUMERATED_new,
-(X509V3_EXT_FREE)ASN1_ENUMERATED_free,
-(X509V3_EXT_D2I)d2i_ASN1_ENUMERATED,
-(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED,
+NID_crl_reason, 0, &ASN1_ENUMERATED_it,
+0,0,0,0,
 (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
-(X509V3_EXT_S2I)0,
-NULL, NULL, NULL, NULL, crl_reasons};
+0,
+0,0,0,0,
+crl_reasons};
 
 
 char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
index 0b7bb77..a51c738 100644 (file)
@@ -70,14 +70,12 @@ static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
 
 X509V3_EXT_METHOD v3_ext_ku = {
 NID_ext_key_usage, 0,
-(X509V3_EXT_NEW)EXTENDED_KEY_USAGE_new,
-(X509V3_EXT_FREE)EXTENDED_KEY_USAGE_free,
-(X509V3_EXT_D2I)d2i_EXTENDED_KEY_USAGE,
-(X509V3_EXT_I2D)i2d_EXTENDED_KEY_USAGE,
-NULL, NULL,
+&EXTENDED_KEY_USAGE_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_EXTENDED_KEY_USAGE,
 (X509V3_EXT_V2I)v2i_EXTENDED_KEY_USAGE,
-NULL,NULL,
+0,0,
 NULL
 };
 
index 35d95ad..9ec9ab2 100644 (file)
@@ -70,15 +70,13 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 
 X509V3_EXT_METHOD v3_info =
-{ NID_info_access, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)AUTHORITY_INFO_ACCESS_new,
-(X509V3_EXT_FREE)AUTHORITY_INFO_ACCESS_free,
-(X509V3_EXT_D2I)d2i_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_I2D)i2d_AUTHORITY_INFO_ACCESS,
-NULL, NULL,
+{ NID_info_access, X509V3_EXT_MULTILINE, &AUTHORITY_INFO_ACCESS_it,
+0,0,0,0,
+0,0,
 (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
 (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-NULL, NULL, NULL};
+0,0,
+NULL};
 
 ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
        ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
index 63c201e..473a986 100644 (file)
 #include <openssl/x509v3.h>
 
 X509V3_EXT_METHOD v3_crl_num = { 
-NID_crl_number, 0,
-(X509V3_EXT_NEW)ASN1_INTEGER_new,
-(X509V3_EXT_FREE)ASN1_INTEGER_free,
-(X509V3_EXT_D2I)d2i_ASN1_INTEGER,
-(X509V3_EXT_I2D)i2d_ASN1_INTEGER,
+NID_crl_number, 0, &ASN1_INTEGER_it,
+0,0,0,0,
 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-(X509V3_EXT_S2I)0,
-NULL, NULL, NULL, NULL, NULL};
+0,
+0,0,0,0, NULL};
 
index ea86b9e..3376511 100644 (file)
@@ -163,8 +163,9 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
 {
        X509V3_EXT_METHOD *method;
        unsigned char *p;
-       if(!(method = X509V3_EXT_get(ext)) || !method->d2i) return NULL;
+       if(!(method = X509V3_EXT_get(ext))) return NULL;
        p = ext->value->data;
+       if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, method->it);
        return method->d2i(NULL, &p, ext->value->length);
 }
 
index 600db6d..c52c479 100644 (file)
@@ -67,12 +67,9 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *u
 static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 */
 X509V3_EXT_METHOD v3_pkey_usage_period = {
-NID_private_key_usage_period, 0,
-(X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new,
-(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free,
-(X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD,
-(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD,
-NULL, NULL, NULL, NULL,
+NID_private_key_usage_period, 0, &PKEY_USAGE_PERIOD_it,
+0,0,0,0,
+0,0,0,0,
 (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
 NULL
 };
index 5416f66..ae1b7c8 100644 (file)
@@ -100,7 +100,8 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
 
 int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent)
 {
-       char *ext_str = NULL, *value = NULL;
+       void *ext_str = NULL;
+       char *value = NULL;
        unsigned char *p;
        X509V3_EXT_METHOD *method;      
        STACK_OF(CONF_VALUE) *nval = NULL;
@@ -108,8 +109,11 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
        if(!(method = X509V3_EXT_get(ext)))
                return unknown_ext_print(out, ext, flag, indent, 0);
        p = ext->value->data;
-       if(!(ext_str = method->d2i(NULL, &p, ext->value->length)))
-               return unknown_ext_print(out, ext, flag, indent, 1);
+       if(method->it) ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, method->it);
+       else ext_str = method->d2i(NULL, &p, ext->value->length);
+
+       if(!ext_str) unknown_ext_print(out, ext, flag, indent, 1);
+
        if(method->i2s) {
                if(!(value = method->i2s(method, ext_str))) {
                        ok = 0;
@@ -138,7 +142,8 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
        err:
                sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
                if(value) OPENSSL_free(value);
-               method->ext_free(ext_str);
+               if(method->it) ASN1_item_free(ext_str, method->it);
+               else method->ext_free(ext_str);
                return ok;
 }
 
index 939845f..58da456 100644 (file)
 
 static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 X509V3_EXT_METHOD v3_skey_id = { 
-NID_subject_key_identifier, 0,
-(X509V3_EXT_NEW)ASN1_OCTET_STRING_new,
-(X509V3_EXT_FREE)ASN1_OCTET_STRING_free,
-(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING,
-(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING,
+NID_subject_key_identifier, 0, &ASN1_OCTET_STRING_it,
+0,0,0,0,
 (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
 (X509V3_EXT_S2I)s2i_skey_id,
-NULL, NULL, NULL, NULL, NULL};
+0,0,0,0,
+NULL};
 
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
             ASN1_OCTET_STRING *oct)
index bd38ad5..751315e 100644 (file)
@@ -73,20 +73,17 @@ static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
                                                STACK_OF(CONF_VALUE) *nval);
 #endif
 X509V3_EXT_METHOD v3_sxnet = {
-NID_sxnet, X509V3_EXT_MULTILINE,
-(X509V3_EXT_NEW)SXNET_new,
-(X509V3_EXT_FREE)SXNET_free,
-(X509V3_EXT_D2I)d2i_SXNET,
-(X509V3_EXT_I2D)i2d_SXNET,
-NULL, NULL,
-NULL, 
+NID_sxnet, X509V3_EXT_MULTILINE, &SXNET_it,
+0,0,0,0,
+0,0,
+0, 
 #ifdef SXNET_TEST
 (X509V3_EXT_V2I)sxnet_v2i,
 #else
-NULL,
+0,
 #endif
 (X509V3_EXT_I2R)sxnet_i2r,
-NULL,
+0,
 NULL
 };
 
index fb70fde..8243e38 100644 (file)
@@ -88,6 +88,9 @@ typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx
 struct v3_ext_method {
 int ext_nid;
 int ext_flags;
+/* If this is set the following four fields are ignored */
+const ASN1_ITEM *it;
+/* Old style ASN1 calls */
 X509V3_EXT_NEW ext_new;
 X509V3_EXT_FREE ext_free;
 X509V3_EXT_D2I d2i;
@@ -291,30 +294,22 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
                        X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
 #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
 
-#define EXT_BITSTRING(nid, table) { nid, 0, \
-                       (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \
-                       (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \
-                       (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
-                       (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
-                       NULL, NULL, \
+#define EXT_BITSTRING(nid, table) { nid, 0, &ASN1_BIT_STRING_it, \
+                       0,0,0,0, \
+                       0,0, \
                        (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
                        (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
                        NULL, NULL, \
-                       (char *)table}
+                       table}
 
-#define EXT_IA5STRING(nid) { nid, 0, \
-                       (X509V3_EXT_NEW)ASN1_IA5STRING_new, \
-                       (X509V3_EXT_FREE)ASN1_IA5STRING_free, \
-                       (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
-                       (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
+#define EXT_IA5STRING(nid) { nid, 0, &ASN1_IA5STRING_it, \
+                       0,0,0,0, \
                        (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
                        (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
-                       NULL, NULL, NULL, NULL, \
+                       0,0,0,0, \
                        NULL}
 
-#define EXT_END { -1, 0, NULL, NULL, NULL, NULL, NULL, NULL, \
-                        NULL, NULL, NULL, NULL, \
-                        NULL}
+#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
 
 
 /* X509_PURPOSE stuff */
@@ -394,10 +389,8 @@ typedef struct x509_purpose_st {
 DECLARE_STACK_OF(X509_PURPOSE)
 
 void ERR_load_X509V3_strings(void);
-int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp);
-BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length);
-BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
-void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
+
+DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
 
 DECLARE_ASN1_FUNCTIONS(SXNET)
 DECLARE_ASN1_FUNCTIONS(SXNETID)