diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/asn1')
19 files changed, 162 insertions, 386 deletions
diff --git a/deps/openssl/openssl/crypto/asn1/Makefile b/deps/openssl/openssl/crypto/asn1/Makefile index f7787005d4..160544eede 100644 --- a/deps/openssl/openssl/crypto/asn1/Makefile +++ b/deps/openssl/openssl/crypto/asn1/Makefile @@ -639,7 +639,7 @@ t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_x509.o: ../cryptlib.h asn1_locl.h t_x509.c +t_x509.o: ../cryptlib.h t_x509.c t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h diff --git a/deps/openssl/openssl/crypto/asn1/a_digest.c b/deps/openssl/openssl/crypto/asn1/a_digest.c index cbdeea6ac0..d00d9e22b1 100644 --- a/deps/openssl/openssl/crypto/asn1/a_digest.c +++ b/deps/openssl/openssl/crypto/asn1/a_digest.c @@ -87,8 +87,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, p=str; i2d(data,&p); - if (!EVP_Digest(str, i, md, len, type, NULL)) - return 0; + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } @@ -105,8 +104,7 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, i=ASN1_item_i2d(asn,&str, it); if (!str) return(0); - if (!EVP_Digest(str, i, md, len, type, NULL)) - return 0; + EVP_Digest(str, i, md, len, type, NULL); OPENSSL_free(str); return(1); } diff --git a/deps/openssl/openssl/crypto/asn1/a_int.c b/deps/openssl/openssl/crypto/asn1/a_int.c index ad0d2506f6..3348b8762c 100644 --- a/deps/openssl/openssl/crypto/asn1/a_int.c +++ b/deps/openssl/openssl/crypto/asn1/a_int.c @@ -386,8 +386,8 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a) if (a->length > (int)sizeof(long)) { - /* hmm... a bit ugly, return all ones */ - return -1; + /* hmm... a bit ugly */ + return(0xffffffffL); } if (a->data == NULL) return 0; diff --git a/deps/openssl/openssl/crypto/asn1/a_sign.c b/deps/openssl/openssl/crypto/asn1/a_sign.c index 7b4a193d6b..ff63bfc7be 100644 --- a/deps/openssl/openssl/crypto/asn1/a_sign.c +++ b/deps/openssl/openssl/crypto/asn1/a_sign.c @@ -184,9 +184,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, p=buf_in; i2d(data,&p); - if (!EVP_SignInit_ex(&ctx,type, NULL) - || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl) - || !EVP_SignFinal(&ctx,(unsigned char *)buf_out, + EVP_SignInit_ex(&ctx,type, NULL); + EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); + if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, (unsigned int *)&outl,pkey)) { outl=0; @@ -218,100 +218,65 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, const EVP_MD *type) { EVP_MD_CTX ctx; - EVP_MD_CTX_init(&ctx); - if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) - { - EVP_MD_CTX_cleanup(&ctx); - return 0; - } - return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx); - } - - -int ASN1_item_sign_ctx(const ASN1_ITEM *it, - X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx) - { - const EVP_MD *type; - EVP_PKEY *pkey; unsigned char *buf_in=NULL,*buf_out=NULL; - size_t inl=0,outl=0,outll=0; + int inl=0,outl=0,outll=0; int signid, paramtype; - int rv; - - type = EVP_MD_CTX_md(ctx); - pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); - if (!type || !pkey) + if (type == NULL) { - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); - return 0; + int def_nid; + if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) + type = EVP_get_digestbynid(def_nid); } - if (pkey->ameth->item_sign) + if (type == NULL) { - rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, - signature); - if (rv == 1) - outl = signature->length; - /* Return value meanings: - * <=0: error. - * 1: method does everything. - * 2: carry on as normal. - * 3: ASN1 method sets algorithm identifiers: just sign. - */ - if (rv <= 0) - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); - if (rv <= 1) - goto err; + ASN1err(ASN1_F_ASN1_ITEM_SIGN, ASN1_R_NO_DEFAULT_DIGEST); + return 0; } - else - rv = 2; - if (rv == 2) + if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { - if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) + if (!pkey->ameth || + !OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), + pkey->ameth->pkey_id)) { - if (!pkey->ameth || - !OBJ_find_sigid_by_algs(&signid, - EVP_MD_nid(type), - pkey->ameth->pkey_id)) - { - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, - ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - return 0; - } + ASN1err(ASN1_F_ASN1_ITEM_SIGN, + ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + return 0; } - else - signid = type->pkey_type; + } + else + signid = type->pkey_type; - if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) - paramtype = V_ASN1_NULL; - else - paramtype = V_ASN1_UNDEF; + if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) + paramtype = V_ASN1_NULL; + else + paramtype = V_ASN1_UNDEF; - if (algor1) - X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL); - if (algor2) - X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL); - - } + if (algor1) + X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL); + if (algor2) + X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL); + EVP_MD_CTX_init(&ctx); inl=ASN1_item_i2d(asn,&buf_in, it); outll=outl=EVP_PKEY_size(pkey); - buf_out=OPENSSL_malloc((unsigned int)outl); + buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl); if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE); goto err; } - if (!EVP_DigestSignUpdate(ctx, buf_in, inl) - || !EVP_DigestSignFinal(ctx, buf_out, &outl)) + EVP_SignInit_ex(&ctx,type, NULL); + EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); + if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, + (unsigned int *)&outl,pkey)) { outl=0; - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); + ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); goto err; } if (signature->data != NULL) OPENSSL_free(signature->data); @@ -324,7 +289,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; err: - EVP_MD_CTX_cleanup(ctx); + EVP_MD_CTX_cleanup(&ctx); if (buf_in != NULL) { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) diff --git a/deps/openssl/openssl/crypto/asn1/a_strex.c b/deps/openssl/openssl/crypto/asn1/a_strex.c index bf63330f07..8a467abd75 100644 --- a/deps/openssl/openssl/crypto/asn1/a_strex.c +++ b/deps/openssl/openssl/crypto/asn1/a_strex.c @@ -568,7 +568,6 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) mbflag |= MBSTRING_FLAG; memset(&stmp, 0, sizeof(stmp)); stmp.data = NULL; - stmp.length = 0; ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); if(ret < 0) return ret; *out = stmp.data; diff --git a/deps/openssl/openssl/crypto/asn1/a_verify.c b/deps/openssl/openssl/crypto/asn1/a_verify.c index fc84cd3d19..cecdb13c70 100644 --- a/deps/openssl/openssl/crypto/asn1/a_verify.c +++ b/deps/openssl/openssl/crypto/asn1/a_verify.c @@ -101,13 +101,8 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, p=buf_in; i2d(data,&p); - if (!EVP_VerifyInit_ex(&ctx,type, NULL) - || !EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl)) - { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; - } + EVP_VerifyInit_ex(&ctx,type, NULL); + EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); @@ -131,21 +126,16 @@ err: #endif -int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, - ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) +int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature, + void *asn, EVP_PKEY *pkey) { EVP_MD_CTX ctx; + const EVP_MD *type = NULL; unsigned char *buf_in=NULL; int ret= -1,inl; int mdnid, pknid; - if (!pkey) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); - return -1; - } - EVP_MD_CTX_init(&ctx); /* Convert signature OID into digest and public key OIDs */ @@ -154,47 +144,25 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); goto err; } - if (mdnid == NID_undef) + type=EVP_get_digestbynid(mdnid); + if (type == NULL) { - if (!pkey->ameth || !pkey->ameth->item_verify) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); - goto err; - } - ret = pkey->ameth->item_verify(&ctx, it, asn, a, - signature, pkey); - /* Return value of 2 means carry on, anything else means we - * exit straight away: either a fatal error of the underlying - * verification routine handles all verification. - */ - if (ret != 2) - goto err; - ret = -1; + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + goto err; } - else + + /* Check public key OID matches public key type */ + if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { - const EVP_MD *type; - type=EVP_get_digestbynid(mdnid); - if (type == NULL) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); - goto err; - } - - /* Check public key OID matches public key type */ - if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); - goto err; - } - - if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; - } + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); + goto err; + } + if (!EVP_VerifyInit_ex(&ctx,type, NULL)) + { + ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); + ret=0; + goto err; } inl = ASN1_item_i2d(asn, &buf_in, it); @@ -205,18 +173,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, goto err; } - if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) - { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; - } + EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); - if (EVP_DigestVerifyFinal(&ctx,signature->data, - (size_t)signature->length) <= 0) + if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, + (unsigned int)signature->length,pkey) <= 0) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); ret=0; diff --git a/deps/openssl/openssl/crypto/asn1/ameth_lib.c b/deps/openssl/openssl/crypto/asn1/ameth_lib.c index a19e058fca..5a581b90ea 100644 --- a/deps/openssl/openssl/crypto/asn1/ameth_lib.c +++ b/deps/openssl/openssl/crypto/asn1/ameth_lib.c @@ -69,7 +69,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[]; extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; /* Keep this sorted in type order !! */ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = @@ -91,8 +90,7 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = #ifndef OPENSSL_NO_EC &eckey_asn1_meth, #endif - &hmac_asn1_meth, - &cmac_asn1_meth + &hmac_asn1_meth }; typedef int sk_cmp_fn_type(const char * const *a, const char * const *b); @@ -293,8 +291,6 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, if (!ameth) return NULL; - memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD)); - ameth->pkey_id = id; ameth->pkey_base_id = id; ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; @@ -329,9 +325,6 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, ameth->old_priv_encode = 0; ameth->old_priv_decode = 0; - ameth->item_verify = 0; - ameth->item_sign = 0; - ameth->pkey_size = 0; ameth->pkey_bits = 0; @@ -383,9 +376,6 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, dst->pkey_free = src->pkey_free; dst->pkey_ctrl = src->pkey_ctrl; - dst->item_sign = src->item_sign; - dst->item_verify = src->item_verify; - } void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) diff --git a/deps/openssl/openssl/crypto/asn1/asn1.h b/deps/openssl/openssl/crypto/asn1/asn1.h index 220a0c8c63..59540e4e79 100644 --- a/deps/openssl/openssl/crypto/asn1/asn1.h +++ b/deps/openssl/openssl/crypto/asn1/asn1.h @@ -235,7 +235,7 @@ typedef struct asn1_object_st */ #define ASN1_STRING_FLAG_MSTRING 0x040 /* This is the base type that holds just about everything :-) */ -struct asn1_string_st +typedef struct asn1_string_st { int length; int type; @@ -245,7 +245,7 @@ struct asn1_string_st * input data has a non-zero 'unused bits' value, it will be * handled correctly */ long flags; - }; + } ASN1_STRING; /* ASN1_ENCODING structure: this is used to save the received * encoding of an ASN1 type. This is useful to get round @@ -293,6 +293,7 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE) * see asn1t.h */ typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; +typedef struct ASN1_ITEM_st ASN1_ITEM; typedef struct ASN1_TLC_st ASN1_TLC; /* This is just an opaque pointer */ typedef struct ASN1_VALUE_st ASN1_VALUE; @@ -1193,7 +1194,6 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_ASN1_ITEM_I2D_FP 193 #define ASN1_F_ASN1_ITEM_PACK 198 #define ASN1_F_ASN1_ITEM_SIGN 195 -#define ASN1_F_ASN1_ITEM_SIGN_CTX 220 #define ASN1_F_ASN1_ITEM_UNPACK 199 #define ASN1_F_ASN1_ITEM_VERIFY 197 #define ASN1_F_ASN1_MBSTRING_NCOPY 122 @@ -1266,7 +1266,6 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_PKCS5_PBE2_SET_IV 167 #define ASN1_F_PKCS5_PBE_SET 202 #define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 -#define ASN1_F_PKCS5_PBKDF2_SET 219 #define ASN1_F_SMIME_READ_ASN1 212 #define ASN1_F_SMIME_TEXT 213 #define ASN1_F_X509_CINF_NEW 168 @@ -1292,7 +1291,6 @@ void ERR_load_ASN1_strings(void); #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 #define ASN1_R_BUFFER_TOO_SMALL 107 #define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 -#define ASN1_R_CONTEXT_NOT_INITIALISED 217 #define ASN1_R_DATA_IS_WRONG 109 #define ASN1_R_DECODE_ERROR 110 #define ASN1_R_DECODING_ERROR 111 diff --git a/deps/openssl/openssl/crypto/asn1/asn1_err.c b/deps/openssl/openssl/crypto/asn1/asn1_err.c index 1a30bf119b..6e04d08f31 100644 --- a/deps/openssl/openssl/crypto/asn1/asn1_err.c +++ b/deps/openssl/openssl/crypto/asn1/asn1_err.c @@ -1,6 +1,6 @@ /* crypto/asn1/asn1_err.c */ /* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -107,7 +107,6 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"}, -{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"}, {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"}, {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"}, @@ -180,7 +179,6 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"}, {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"}, -{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"}, {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, @@ -209,7 +207,6 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"}, {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"}, {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),"cipher has no object identifier"}, -{ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED),"context not initialised"}, {ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"}, {ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, diff --git a/deps/openssl/openssl/crypto/asn1/asn1_locl.h b/deps/openssl/openssl/crypto/asn1/asn1_locl.h index 9fcf0d9530..5aa65e28f5 100644 --- a/deps/openssl/openssl/crypto/asn1/asn1_locl.h +++ b/deps/openssl/openssl/crypto/asn1/asn1_locl.h @@ -102,10 +102,6 @@ struct evp_pkey_asn1_method_st int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); - int (*sig_print)(BIO *out, - const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx); - void (*pkey_free)(EVP_PKEY *pkey); int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2); @@ -115,13 +111,6 @@ struct evp_pkey_asn1_method_st int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); - /* Custom ASN1 signature verification */ - int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *a, ASN1_BIT_STRING *sig, - EVP_PKEY *pkey); - int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *alg1, X509_ALGOR *alg2, - ASN1_BIT_STRING *sig); } /* EVP_PKEY_ASN1_METHOD */; diff --git a/deps/openssl/openssl/crypto/asn1/asn_mime.c b/deps/openssl/openssl/crypto/asn1/asn_mime.c index 54a704a969..c1d1b12291 100644 --- a/deps/openssl/openssl/crypto/asn1/asn_mime.c +++ b/deps/openssl/openssl/crypto/asn1/asn_mime.c @@ -377,12 +377,8 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, BIO *tmpbio; const ASN1_AUX *aux = it->funcs; ASN1_STREAM_ARG sarg; - int rv = 1; - /* If data is not deteched or resigning then the output BIO is - * already set up to finalise when it is written through. - */ - if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) + if (!(flags & SMIME_DETACHED)) { SMIME_crlf_copy(data, out, flags); return 1; @@ -409,7 +405,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, /* Finalize structure */ if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0) - rv = 0; + return 0; /* Now remove any digests prepended to the BIO */ @@ -420,7 +416,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, sarg.ndef_bio = tmpbio; } - return rv; + return 1; } @@ -490,9 +486,9 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) if(strcmp(hdr->value, "application/x-pkcs7-signature") && strcmp(hdr->value, "application/pkcs7-signature")) { + sk_MIME_HEADER_pop_free(headers, mime_hdr_free); ASN1err(ASN1_F_SMIME_READ_ASN1,ASN1_R_SIG_INVALID_MIME_TYPE); ERR_add_error_data(2, "type: ", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); sk_BIO_pop_free(parts, BIO_vfree); return NULL; } @@ -805,7 +801,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) if(name) { if(!(tmpname = BUF_strdup(name))) return NULL; for(p = tmpname ; *p; p++) { - c = (unsigned char)*p; + c = *p; if(isupper(c)) { c = tolower(c); *p = c; @@ -815,7 +811,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) if(value) { if(!(tmpval = BUF_strdup(value))) return NULL; for(p = tmpval ; *p; p++) { - c = (unsigned char)*p; + c = *p; if(isupper(c)) { c = tolower(c); *p = c; @@ -839,7 +835,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) tmpname = BUF_strdup(name); if(!tmpname) return 0; for(p = tmpname ; *p; p++) { - c = (unsigned char)*p; + c = *p; if(isupper(c)) { c = tolower(c); *p = c; @@ -862,17 +858,12 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) static int mime_hdr_cmp(const MIME_HEADER * const *a, const MIME_HEADER * const *b) { - if (!(*a)->name || !(*b)->name) - return !!(*a)->name - !!(*b)->name; - return(strcmp((*a)->name, (*b)->name)); } static int mime_param_cmp(const MIME_PARAM * const *a, const MIME_PARAM * const *b) { - if (!(*a)->param_name || !(*b)->param_name) - return !!(*a)->param_name - !!(*b)->param_name; return(strcmp((*a)->param_name, (*b)->param_name)); } diff --git a/deps/openssl/openssl/crypto/asn1/n_pkey.c b/deps/openssl/openssl/crypto/asn1/n_pkey.c index e251739933..e7d0439062 100644 --- a/deps/openssl/openssl/crypto/asn1/n_pkey.c +++ b/deps/openssl/openssl/crypto/asn1/n_pkey.c @@ -129,7 +129,6 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, unsigned char buf[256],*zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); if (a == NULL) return(0); @@ -207,28 +206,24 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ if(sgckey) { - if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) - goto err; + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) - goto err; + EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); OPENSSL_cleanse(buf,256); /* Encrypt private key in place */ zz = enckey->enckey->digest->data; - if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL)) - goto err; - if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen)) - goto err; - if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j)) - goto err; + EVP_CIPHER_CTX_init(&ctx); + EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL); + EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen); + EVP_EncryptFinal_ex(&ctx,zz + i,&j); + EVP_CIPHER_CTX_cleanup(&ctx); ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp); err: - EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_ENCRYPTED_PKEY_free(enckey); NETSCAPE_PKEY_free(pkey); return(ret); @@ -293,7 +288,6 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); i=cb((char *)buf,256,"Enter Private Key password:",0); if (i != 0) @@ -304,22 +298,19 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, i = strlen((char *)buf); if(sgckey){ - if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL)) - goto err; + EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL); memcpy(buf + 16, "SGCKEYSALT", 10); i = 26; } - if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL)) - goto err; + EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); OPENSSL_cleanse(buf,256); - if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL)) - goto err; - if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length)) - goto err; - if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j)) - goto err; + EVP_CIPHER_CTX_init(&ctx); + EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); + EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); + EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j); + EVP_CIPHER_CTX_cleanup(&ctx); os->length=i+j; zz=os->data; @@ -337,7 +328,6 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, goto err; } err: - EVP_CIPHER_CTX_cleanup(&ctx); NETSCAPE_PKEY_free(pkey); return(ret); } diff --git a/deps/openssl/openssl/crypto/asn1/p5_pbev2.c b/deps/openssl/openssl/crypto/asn1/p5_pbev2.c index 4ea683036b..cb49b6651d 100644 --- a/deps/openssl/openssl/crypto/asn1/p5_pbev2.c +++ b/deps/openssl/openssl/crypto/asn1/p5_pbev2.c @@ -91,10 +91,12 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *aiv, int prf_nid) { X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; - int alg_nid, keylen; + int alg_nid; EVP_CIPHER_CTX ctx; unsigned char iv[EVP_MAX_IV_LENGTH]; + PBKDF2PARAM *kdf = NULL; PBE2PARAM *pbe2 = NULL; + ASN1_OCTET_STRING *osalt = NULL; ASN1_OBJECT *obj; alg_nid = EVP_CIPHER_type(cipher); @@ -125,8 +127,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, EVP_CIPHER_CTX_init(&ctx); /* Dummy cipherinit to just setup the IV, and PRF */ - if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) - goto err; + EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0); if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS); @@ -144,21 +145,55 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, } EVP_CIPHER_CTX_cleanup(&ctx); + if(!(kdf = PBKDF2PARAM_new())) goto merr; + if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; + + if (!saltlen) saltlen = PKCS5_SALT_LEN; + if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr; + osalt->length = saltlen; + if (salt) memcpy (osalt->data, salt, saltlen); + else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; + + if(iter <= 0) iter = PKCS5_DEFAULT_ITER; + if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; + + /* Now include salt in kdf structure */ + kdf->salt->value.octet_string = osalt; + kdf->salt->type = V_ASN1_OCTET_STRING; + osalt = NULL; + /* If its RC2 then we'd better setup the key length */ - if(alg_nid == NID_rc2_cbc) - keylen = EVP_CIPHER_key_length(cipher); - else - keylen = -1; + if(alg_nid == NID_rc2_cbc) { + if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr; + if(!ASN1_INTEGER_set (kdf->keylength, + EVP_CIPHER_key_length(cipher))) goto merr; + } + + /* prf can stay NULL if we are using hmacWithSHA1 */ + if (prf_nid != NID_hmacWithSHA1) + { + kdf->prf = X509_ALGOR_new(); + if (!kdf->prf) + goto merr; + X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), + V_ASN1_NULL, NULL); + } + + /* Now setup the PBE2PARAM keyfunc structure */ - /* Setup keyfunc */ + pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); - X509_ALGOR_free(pbe2->keyfunc); + /* Encode PBKDF2PARAM into parameter of pbe2 */ - pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen); + if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; - if (!pbe2->keyfunc) - goto merr; + if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), + &pbe2->keyfunc->parameter->value.sequence)) goto merr; + pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; + + PBKDF2PARAM_free(kdf); + kdf = NULL; /* Now set up top level AlgorithmIdentifier */ @@ -184,6 +219,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, err: PBE2PARAM_free(pbe2); /* Note 'scheme' is freed as part of pbe2 */ + M_ASN1_OCTET_STRING_free(osalt); + PBKDF2PARAM_free(kdf); X509_ALGOR_free(kalg); X509_ALGOR_free(ret); @@ -196,85 +233,3 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, { return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); } - -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen) - { - X509_ALGOR *keyfunc = NULL; - PBKDF2PARAM *kdf = NULL; - ASN1_OCTET_STRING *osalt = NULL; - - if(!(kdf = PBKDF2PARAM_new())) - goto merr; - if(!(osalt = M_ASN1_OCTET_STRING_new())) - goto merr; - - kdf->salt->value.octet_string = osalt; - kdf->salt->type = V_ASN1_OCTET_STRING; - - if (!saltlen) - saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = OPENSSL_malloc (saltlen))) - goto merr; - - osalt->length = saltlen; - - if (salt) - memcpy (osalt->data, salt, saltlen); - else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) - goto merr; - - if(iter <= 0) - iter = PKCS5_DEFAULT_ITER; - - if(!ASN1_INTEGER_set(kdf->iter, iter)) - goto merr; - - /* If have a key len set it up */ - - if(keylen > 0) - { - if(!(kdf->keylength = M_ASN1_INTEGER_new())) - goto merr; - if(!ASN1_INTEGER_set (kdf->keylength, keylen)) - goto merr; - } - - /* prf can stay NULL if we are using hmacWithSHA1 */ - if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) - { - kdf->prf = X509_ALGOR_new(); - if (!kdf->prf) - goto merr; - X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), - V_ASN1_NULL, NULL); - } - - /* Finally setup the keyfunc structure */ - - keyfunc = X509_ALGOR_new(); - if (!keyfunc) - goto merr; - - keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); - - /* Encode PBKDF2PARAM into parameter of pbe2 */ - - if(!(keyfunc->parameter = ASN1_TYPE_new())) - goto merr; - - if(!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM), - &keyfunc->parameter->value.sequence)) - goto merr; - keyfunc->parameter->type = V_ASN1_SEQUENCE; - - PBKDF2PARAM_free(kdf); - return keyfunc; - - merr: - ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE); - PBKDF2PARAM_free(kdf); - X509_ALGOR_free(keyfunc); - return NULL; - } - diff --git a/deps/openssl/openssl/crypto/asn1/t_crl.c b/deps/openssl/openssl/crypto/asn1/t_crl.c index c61169208a..ee5a687ce8 100644 --- a/deps/openssl/openssl/crypto/asn1/t_crl.c +++ b/deps/openssl/openssl/crypto/asn1/t_crl.c @@ -94,7 +94,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x) l = X509_CRL_get_version(x); BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l); i = OBJ_obj2nid(x->sig_alg->algorithm); - X509_signature_print(out, x->sig_alg, NULL); + BIO_printf(out, "%8sSignature Algorithm: %s\n", "", + (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0); BIO_printf(out,"%8sIssuer: %s\n","",p); OPENSSL_free(p); diff --git a/deps/openssl/openssl/crypto/asn1/t_x509.c b/deps/openssl/openssl/crypto/asn1/t_x509.c index edbb39a02f..e061f2ffad 100644 --- a/deps/openssl/openssl/crypto/asn1/t_x509.c +++ b/deps/openssl/openssl/crypto/asn1/t_x509.c @@ -72,7 +72,6 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "asn1_locl.h" #ifndef OPENSSL_NO_FP_API int X509_print_fp(FILE *fp, X509 *x) @@ -138,10 +137,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) if (BIO_write(bp," Serial Number:",22) <= 0) goto err; bs=X509_get_serialNumber(x); - if (bs->length <= (int)sizeof(long)) + if (bs->length <= 4) { l=ASN1_INTEGER_get(bs); - if (bs->type == V_ASN1_NEG_INTEGER) + if (l < 0) { l= -l; neg="-"; @@ -168,16 +167,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) if(!(cflag & X509_FLAG_NO_SIGNAME)) { - if(X509_signature_print(bp, x->sig_alg, NULL) <= 0) - goto err; -#if 0 if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0) goto err; if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0) goto err; if (BIO_puts(bp, "\n") <= 0) goto err; -#endif } if(!(cflag & X509_FLAG_NO_ISSUER)) @@ -260,8 +255,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); - if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL)) - goto err; + EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; @@ -274,10 +268,8 @@ int X509_ocspid_print (BIO *bp, X509 *x) if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0) goto err; - if (!EVP_Digest(x->cert_info->key->public_key->data, - x->cert_info->key->public_key->length, - SHA1md, NULL, EVP_sha1(), NULL)) - goto err; + EVP_Digest(x->cert_info->key->public_key->data, + x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL); for (i=0; i < SHA_DIGEST_LENGTH; i++) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) @@ -291,50 +283,23 @@ err: return(0); } -int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) +int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig) { - const unsigned char *s; + unsigned char *s; int i, n; + if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0; + if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0; n=sig->length; s=sig->data; for (i=0; i<n; i++) { if ((i%18) == 0) - { - if (BIO_write(bp,"\n",1) <= 0) return 0; - if (BIO_indent(bp, indent, indent) <= 0) return 0; - } + if (BIO_write(bp,"\n ",9) <= 0) return 0; if (BIO_printf(bp,"%02x%s",s[i], ((i+1) == n)?"":":") <= 0) return 0; } if (BIO_write(bp,"\n",1) != 1) return 0; - - return 1; -} - -int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig) -{ - int sig_nid; - if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0; - if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0; - - sig_nid = OBJ_obj2nid(sigalg->algorithm); - if (sig_nid != NID_undef) - { - int pkey_nid, dig_nid; - const EVP_PKEY_ASN1_METHOD *ameth; - if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) - { - ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); - if (ameth && ameth->sig_print) - return ameth->sig_print(bp, sigalg, sig, 9, 0); - } - } - if (sig) - return X509_signature_dump(bp, sig, 9); - else if (BIO_puts(bp, "\n") <= 0) - return 0; return 1; } diff --git a/deps/openssl/openssl/crypto/asn1/tasn_prn.c b/deps/openssl/openssl/crypto/asn1/tasn_prn.c index 542a091a66..453698012d 100644 --- a/deps/openssl/openssl/crypto/asn1/tasn_prn.c +++ b/deps/openssl/openssl/crypto/asn1/tasn_prn.c @@ -446,11 +446,11 @@ static int asn1_print_fsname(BIO *out, int indent, return 1; } -static int asn1_print_boolean_ctx(BIO *out, int boolval, +static int asn1_print_boolean_ctx(BIO *out, const int bool, const ASN1_PCTX *pctx) { const char *str; - switch (boolval) + switch (bool) { case -1: str = "BOOL ABSENT"; @@ -574,10 +574,10 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, { case V_ASN1_BOOLEAN: { - int boolval = *(int *)fld; - if (boolval == -1) - boolval = it->size; - ret = asn1_print_boolean_ctx(out, boolval, pctx); + int bool = *(int *)fld; + if (bool == -1) + bool = it->size; + ret = asn1_print_boolean_ctx(out, bool, pctx); } break; diff --git a/deps/openssl/openssl/crypto/asn1/x_algor.c b/deps/openssl/openssl/crypto/asn1/x_algor.c index 274e456c73..99e53429b7 100644 --- a/deps/openssl/openssl/crypto/asn1/x_algor.c +++ b/deps/openssl/openssl/crypto/asn1/x_algor.c @@ -128,17 +128,3 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, } } -/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */ - -void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md) - { - int param_type; - - if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT) - param_type = V_ASN1_UNDEF; - else - param_type = V_ASN1_NULL; - - X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL); - - } diff --git a/deps/openssl/openssl/crypto/asn1/x_name.c b/deps/openssl/openssl/crypto/asn1/x_name.c index d7c2318693..49be08b4da 100644 --- a/deps/openssl/openssl/crypto/asn1/x_name.c +++ b/deps/openssl/openssl/crypto/asn1/x_name.c @@ -399,7 +399,8 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) /* If type not in bitmask just copy string across */ if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) { - if (!ASN1_STRING_copy(out, in)) + out->type = in->type; + if (!ASN1_STRING_set(out, in->data, in->length)) return 0; return 1; } diff --git a/deps/openssl/openssl/crypto/asn1/x_pubkey.c b/deps/openssl/openssl/crypto/asn1/x_pubkey.c index b649e1fcf9..d42b6a2c54 100644 --- a/deps/openssl/openssl/crypto/asn1/x_pubkey.c +++ b/deps/openssl/openssl/crypto/asn1/x_pubkey.c @@ -171,19 +171,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) goto error; } - /* Check to see if another thread set key->pkey first */ - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); - if (key->pkey) - { - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - EVP_PKEY_free(ret); - ret = key->pkey; - } - else - { - key->pkey = ret; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - } + key->pkey = ret; CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); return ret; |