(ecbe0781) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+8 −0

Original line number	Diff line number	Diff line
		@@ -8,6 +8,14 @@
		files to get correct declarations of the ASN.1 item variables.
		[Richard Levitte]

		*) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
		PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
		asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
		NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
		New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
		ASN1_ITEM and no wrapper functions.
		[Steve Henson]

		*) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
		replace the old function pointer based I/O routines. Change most of
		the _d2i_bio() and _d2i_fp() functions to use these.

apps/pkcs12.c

+10 −10

Original line number	Diff line number	Diff line
		@@ -521,7 +521,7 @@ int MAIN(int argc, char **argv)
		for(i = 0; i < sk_X509_num(certs); i++) {
		X509 *cert = NULL;
		cert = sk_X509_value(certs, i);
		bag = M_PKCS12_x5092certbag(cert);
		bag = PKCS12_x5092certbag(cert);
		/* If it matches private key set id */
		if(cert == ucert) {
		if(name) PKCS12_add_friendlyname(bag, name, -1);
		@@ -594,7 +594,7 @@ int MAIN(int argc, char **argv)

		p12 = PKCS12_init(NID_pkcs7_data);

		M_PKCS12_pack_authsafes (p12, safes);
		PKCS12_pack_authsafes(p12, safes);

		sk_PKCS7_pop_free(safes, PKCS7_free);
		safes = NULL;
		@@ -702,12 +702,12 @@ int dump_certs_keys_p12 (BIO out, PKCS12 p12, char *pass,
		int i, bagnid;
		PKCS7 *p7;

		if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0;
		if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0;
		for (i = 0; i < sk_PKCS7_num (asafes); i++) {
		p7 = sk_PKCS7_value (asafes, i);
		bagnid = OBJ_obj2nid (p7->type);
		if (bagnid == NID_pkcs7_data) {
		bags = M_PKCS12_unpack_p7data (p7);
		bags = PKCS12_unpack_p7data(p7);
		if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n");
		} else if (bagnid == NID_pkcs7_encrypted) {
		if (options & INFO) {
		@@ -715,7 +715,7 @@ int dump_certs_keys_p12 (BIO out, PKCS12 p12, char *pass,
		alg_print(bio_err,
		p7->d.encrypted->enc_data->algorithm);
		}
		bags = M_PKCS12_unpack_p7encdata (p7, pass, passlen);
		bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
		} else continue;
		if (!bags) return 0;
		if (!dump_certs_pkeys_bags (out, bags, pass, passlen,
		@@ -770,7 +770,7 @@ int dump_certs_pkeys_bag (BIO out, PKCS12_SAFEBAG bag, char *pass,
		}
		if (options & NOKEYS) return 1;
		print_attribs (out, bag->attrib, "Bag Attributes");
		if (!(p8 = M_PKCS12_decrypt_skey (bag, pass, passlen)))
		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
		return 0;
		if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
		print_attribs (out, p8->attributes, "Key Attributes");
		@@ -788,7 +788,7 @@ int dump_certs_pkeys_bag (BIO out, PKCS12_SAFEBAG bag, char *pass,
		print_attribs (out, bag->attrib, "Bag Attributes");
		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
		return 1;
		if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0;
		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
		dump_cert_text (out, x509);
		PEM_write_bio_X509 (out, x509);
		X509_free(x509);

apps/pkcs8.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -325,7 +325,7 @@ int MAIN(int argc, char **argv)
		p8pass = pass;
		EVP_read_pw_string(pass, 50, "Enter Password:", 0);
		}
		p8inf = M_PKCS8_decrypt(p8, p8pass, strlen(p8pass));
		p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
		X509_SIG_free(p8);
		}

crypto/asn1/asn1.h

+9 −4

Original line number	Diff line number	Diff line
		@@ -63,6 +63,7 @@
		#ifndef NO_BIO
		#include <openssl/bio.h>
		#endif
		#include <openssl/e_os2.h>
		#include <openssl/bn.h>
		#include <openssl/stack.h>
		#include <openssl/safestack.h>
		@@ -307,17 +308,21 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
		#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
		type d2i_##name(type a, unsigned char *in, long len); \
		int i2d_##name(type a, unsigned char *out); \
		OPENSSL_EXTERN const ASN1_ITEM itname##_it;
		DECLARE_ASN1_ITEM(itname)

		#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
		type d2i_##name(type a, const unsigned char *in, long len); \
		int i2d_##name(const type a, unsigned char *out); \
		OPENSSL_EXTERN const ASN1_ITEM name##_it;
		DECLARE_ASN1_ITEM(name)

		#define DECLARE_ASN1_FUNCTIONS_const(name) \
		name *name##_new(void); \
		void name##_free(name *a);

		#define DECLARE_ASN1_ITEM(name) \
		OPENSSL_EXTERN const ASN1_ITEM name##_it;


		/* Parameters used by ASN1_STRING_print_ex() */

		/* These determine which characters to escape:
		@@ -863,9 +868,9 @@ STACK ASN1_seq_unpack(unsigned char buf, int len, char (d2i)(),
		unsigned char ASN1_seq_pack(STACK safes, int (i2d)(), unsigned char *buf,
		int *len );
		void ASN1_unpack_string(ASN1_STRING oct, char (d2i)());
		void ASN1_unpack_item(ASN1_STRING oct, const ASN1_ITEM *it);
		void ASN1_item_unpack(ASN1_STRING oct, const ASN1_ITEM *it);
		ASN1_STRING ASN1_pack_string(void obj, int (i2d)(), ASN1_OCTET_STRING *oct);
		ASN1_STRING ASN1_pack_item(void obj, const ASN1_ITEM it, ASN1_OCTET_STRING *oct);
		ASN1_STRING ASN1_item_pack(void obj, const ASN1_ITEM it, ASN1_OCTET_STRING *oct);

		void ASN1_STRING_set_default_mask(unsigned long mask);
		int ASN1_STRING_set_default_mask_asc(char *p);

crypto/asn1/asn_pack.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -149,7 +149,7 @@ ASN1_STRING ASN1_pack_string(void obj, int (i2d)(), ASN1_STRING *oct)

		/* ASN1_ITEM versions of the above */

		ASN1_STRING ASN1_pack_item(void obj, const ASN1_ITEM it, ASN1_STRING *oct)
		ASN1_STRING ASN1_item_pack(void obj, const ASN1_ITEM it, ASN1_STRING *oct)
		{
		ASN1_STRING *octmp;

		@@ -179,7 +179,7 @@ ASN1_STRING ASN1_pack_item(void obj, const ASN1_ITEM it, ASN1_STRING *oct)

		/* Extract an ASN1 object from an ASN1_STRING */

		void ASN1_unpack_item(ASN1_STRING oct, const ASN1_ITEM *it)
		void ASN1_item_unpack(ASN1_STRING oct, const ASN1_ITEM *it)
		{
		unsigned char *p;
		void *ret;