From 45e2738585bd735e5b50d53e67bc6596eb7d5143 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 20 Aug 2005 18:12:45 +0000 Subject: [PATCH] Remove ASN1_METHOD code replace with new ASN1 alternative. --- CHANGES | 4 ++++ apps/apps.c | 47 +++++++++---------------------------------- apps/x509.c | 15 +++++++------- crypto/asn1/Makefile | 12 +++++------ crypto/asn1/asn1.h | 30 ++++++--------------------- crypto/asn1/x_x509.c | 13 ------------ crypto/rsa/rsa_asn1.c | 11 ---------- util/libeay.num | 28 ++++++++++++++++++-------- 8 files changed, 52 insertions(+), 108 deletions(-) diff --git a/CHANGES b/CHANGES index 1bc6180b3e..c9058ff939 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.8 and 0.9.9 [xx XXX xxxx] + *) Remove the ancient ASN1_METHOD code. This was only ever used in one + place for the (very old) "NETSCAPE" format certificates which are now + handled using new ASN1 code equivalents. + *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD pointer and make the SSL_METHOD parameter in SSL_CTX_new, SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'. diff --git a/apps/apps.c b/apps/apps.c index 613c3ba495..20d3488a16 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -745,8 +745,6 @@ static int load_pkcs12(BIO *err, BIO *in, const char *desc, X509 *load_cert(BIO *err, const char *file, int format, const char *pass, ENGINE *e, const char *cert_descrip) { - ASN1_HEADER *ah=NULL; - BUF_MEM *buf=NULL; X509 *x=NULL; BIO *cert; @@ -776,46 +774,21 @@ X509 *load_cert(BIO *err, const char *file, int format, x=d2i_X509_bio(cert,NULL); else if (format == FORMAT_NETSCAPE) { - const unsigned char *p,*op; - int size=0,i; - - /* We sort of have to do it this way because it is sort of nice - * to read the header first and check it, then - * try to read the certificate */ - buf=BUF_MEM_new(); - for (;;) - { - if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) - goto end; - i=BIO_read(cert,&(buf->data[size]),1024*10); - size+=i; - if (i == 0) break; - if (i < 0) - { - perror("reading certificate"); + NETSCAPE_X509 *nx; + nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL); + if (nx == NULL) goto end; - } - } - p=(unsigned char *)buf->data; - op=p; - /* First load the header */ - if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL) - goto end; - if ((ah->header == NULL) || (ah->header->data == NULL) || - (strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data, - ah->header->length) != 0)) + if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data, + nx->header->length) != 0)) { + NETSCAPE_X509_free(nx); BIO_printf(err,"Error reading header on certificate\n"); goto end; } - /* header is ok, so now read the object */ - p=op; - ah->meth=X509_asn1_meth(); - if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL) - goto end; - x=(X509 *)ah->data; - ah->data=NULL; + x=nx->cert; + nx->cert = NULL; + NETSCAPE_X509_free(nx); } else if (format == FORMAT_PEM) x=PEM_read_bio_X509_AUX(cert,NULL, @@ -837,9 +810,7 @@ end: BIO_printf(err,"unable to load certificate\n"); ERR_print_errors(err); } - if (ah != NULL) ASN1_HEADER_free(ah); if (cert != NULL) BIO_free(cert); - if (buf != NULL) BUF_MEM_free(buf); return(x); } diff --git a/apps/x509.c b/apps/x509.c index 5f61eb5c46..8d20681ec3 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1033,16 +1033,15 @@ bad: } else if (outformat == FORMAT_NETSCAPE) { - ASN1_HEADER ah; - ASN1_OCTET_STRING os; + NETSCAPE_X509 nx; + ASN1_OCTET_STRING hdr; - os.data=(unsigned char *)NETSCAPE_CERT_HDR; - os.length=strlen(NETSCAPE_CERT_HDR); - ah.header= &os; - ah.data=(char *)x; - ah.meth=X509_asn1_meth(); + hdr.data=(unsigned char *)NETSCAPE_CERT_HDR; + hdr.length=strlen(NETSCAPE_CERT_HDR); + nx.header= &hdr; + nx.cert=x; - i=ASN1_i2d_bio_of(ASN1_HEADER,i2d_ASN1_HEADER,out,&ah); + i=ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509),out,&nx); } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile index ef571b1964..578f108b6d 100644 --- a/crypto/asn1/Makefile +++ b/crypto/asn1/Makefile @@ -22,24 +22,24 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \ x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ - d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ + x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ f_int.c f_string.c n_pkey.c \ - f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ - asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ + f_enum.c x_pkey.c a_bool.c x_exten.c \ + asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \ evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \ x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ - d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ + x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ f_int.o f_string.o n_pkey.o \ - f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \ - asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ + f_enum.o x_pkey.o a_bool.o x_exten.o \ + asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \ evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o SRC= $(LIBSRC) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index dadcae8bd7..e0e474f2c8 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -516,21 +516,11 @@ typedef struct asn1_type_st DECLARE_STACK_OF(ASN1_TYPE) DECLARE_ASN1_SET_OF(ASN1_TYPE) -typedef struct asn1_method_st - { - i2d_of_void *i2d; - d2i_of_void *d2i; - void *(*create)(void); - void (*destroy)(void *); - } ASN1_METHOD; - -/* This is used when parsing some Netscape objects */ -typedef struct asn1_header_st +typedef struct NETSCAPE_X509_st { ASN1_OCTET_STRING *header; - void *data; - ASN1_METHOD *meth; - } ASN1_HEADER; + X509 *cert; + } NETSCAPE_X509; /* This is used to contain a list of bit names */ typedef struct BIT_STRING_BITNAME_st { @@ -944,19 +934,11 @@ int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump #endif const char *ASN1_tag2str(int tag); -/* Used to load and write netscape format cert/key */ -int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length); -ASN1_HEADER *ASN1_HEADER_new(void ); -void ASN1_HEADER_free(ASN1_HEADER *a); +/* Used to load and write netscape format cert */ -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); +DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509) -/* Not used that much at this point, except for the first two */ -ASN1_METHOD *X509_asn1_meth(void); -ASN1_METHOD *RSAPrivateKey_asn1_meth(void); -ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void); -ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void); +int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len); diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 12d1a25659..95774673c4 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -128,19 +128,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { IMPLEMENT_ASN1_FUNCTIONS(X509) IMPLEMENT_ASN1_DUP_FUNCTION(X509) -static ASN1_METHOD meth= - { - (I2D_OF(void)) i2d_X509, - (D2I_OF(void)) d2i_X509, - (void *(*)(void))X509_new, - (void (*)(void *)) X509_free - }; - -ASN1_METHOD *X509_asn1_meth(void) - { - return(&meth); - } - int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index bbbf26d50e..807f3dd440 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -62,17 +62,6 @@ #include #include -static ASN1_METHOD method={ - (I2D_OF(void)) i2d_RSAPrivateKey, - (D2I_OF(void)) d2i_RSAPrivateKey, - (void *(*)(void)) RSA_new, - (void (*)(void *)) RSA_free}; - -ASN1_METHOD *RSAPrivateKey_asn1_meth(void) - { - return(&method); - } - /* Override the default free and new methods */ static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { diff --git a/util/libeay.num b/util/libeay.num index 347ffeb581..4499eb2692 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -1,9 +1,9 @@ SSLeay 1 EXIST::FUNCTION: SSLeay_version 2 EXIST::FUNCTION: -ASN1_BIT_STRING_asn1_meth 3 EXIST::FUNCTION: -ASN1_HEADER_free 4 EXIST::FUNCTION: -ASN1_HEADER_new 5 EXIST::FUNCTION: -ASN1_IA5STRING_asn1_meth 6 EXIST::FUNCTION: +ASN1_BIT_STRING_asn1_meth 3 NOEXIST::FUNCTION: +ASN1_HEADER_free 4 NOEXIST::FUNCTION: +ASN1_HEADER_new 5 NOEXIST::FUNCTION: +ASN1_IA5STRING_asn1_meth 6 NOEXIST::FUNCTION: ASN1_INTEGER_get 7 EXIST::FUNCTION: ASN1_INTEGER_set 8 EXIST::FUNCTION: ASN1_INTEGER_to_BN 9 EXIST::FUNCTION: @@ -469,7 +469,7 @@ RC2_set_key 476 EXIST::FUNCTION:RC2 RC4 477 EXIST::FUNCTION:RC4 RC4_options 478 EXIST::FUNCTION:RC4 RC4_set_key 479 EXIST::FUNCTION:RC4 -RSAPrivateKey_asn1_meth 480 EXIST::FUNCTION:RSA +RSAPrivateKey_asn1_meth 480 NOEXIST::FUNCTION: RSAPrivateKey_dup 481 EXIST::FUNCTION:RSA RSAPublicKey_dup 482 EXIST::FUNCTION:RSA RSA_PKCS1_SSLeay 483 EXIST::FUNCTION:RSA @@ -624,7 +624,7 @@ X509_STORE_set_default_paths 630 EXIST::FUNCTION:STDIO X509_VAL_free 631 EXIST::FUNCTION: X509_VAL_new 632 EXIST::FUNCTION: X509_add_ext 633 EXIST::FUNCTION: -X509_asn1_meth 634 EXIST::FUNCTION: +X509_asn1_meth 634 NOEXIST::FUNCTION: X509_certificate_type 635 EXIST::FUNCTION: X509_check_private_key 636 EXIST::FUNCTION: X509_cmp_current_time 637 EXIST::FUNCTION: @@ -704,7 +704,7 @@ bn_sqr_words 710 EXIST::FUNCTION: _ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION: d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION: -d2i_ASN1_HEADER 714 EXIST::FUNCTION: +d2i_ASN1_HEADER 714 NOEXIST::FUNCTION: d2i_ASN1_IA5STRING 715 EXIST::FUNCTION: d2i_ASN1_INTEGER 716 EXIST::FUNCTION: d2i_ASN1_OBJECT 717 EXIST::FUNCTION: @@ -809,7 +809,7 @@ i2a_ASN1_OBJECT 816 EXIST::FUNCTION:BIO i2a_ASN1_STRING 817 EXIST::FUNCTION:BIO i2d_ASN1_BIT_STRING 818 EXIST::FUNCTION: i2d_ASN1_BOOLEAN 819 EXIST::FUNCTION: -i2d_ASN1_HEADER 820 EXIST::FUNCTION: +i2d_ASN1_HEADER 820 NOEXIST::FUNCTION: i2d_ASN1_IA5STRING 821 EXIST::FUNCTION: i2d_ASN1_INTEGER 822 EXIST::FUNCTION: i2d_ASN1_OBJECT 823 EXIST::FUNCTION: @@ -3368,3 +3368,15 @@ BN_GF2m_mod_inv_arr 3768 EXIST::FUNCTION: ENGINE_unregister_ECDSA 3769 EXIST::FUNCTION:ENGINE BN_BLINDING_set_thread_id 3770 EXIST::FUNCTION: DSO_pathbyaddr 3771 EXIST::FUNCTION: +d2i_NETSCAPE_X509 3772 EXIST::FUNCTION: +i2d_ISSUING_DIST_POINT 3773 EXIST::FUNCTION: +NETSCAPE_X509_free 3774 EXIST::FUNCTION: +ISSUING_DIST_POINT_new 3775 EXIST::FUNCTION: +d2i_ISSUING_DIST_POINT 3776 EXIST::FUNCTION: +NETSCAPE_X509_it 3777 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NETSCAPE_X509_it 3777 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ISSUING_DIST_POINT_free 3778 EXIST::FUNCTION: +i2d_NETSCAPE_X509 3779 EXIST::FUNCTION: +ISSUING_DIST_POINT_it 3780 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ISSUING_DIST_POINT_it 3780 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +NETSCAPE_X509_new 3781 EXIST::FUNCTION: -- 2.34.1