/* Copyright (C) 1995-1998 Eric Young ([email protected]) * All rights reserved. * * This package is an SSL implementation written * by Eric Young ([email protected]). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson ([email protected]). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young ([email protected])" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson ([email protected])" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ #include <openssl/x509.h> #include <assert.h> #include <ctype.h> #include <limits.h> #include <string.h> #include <openssl/asn1.h> #include <openssl/bytestring.h> #include <openssl/err.h> #include <openssl/obj.h> #include "../conf/internal.h" #include "../internal.h" #include "internal.h" // Although this file is in crypto/x509 for layering purposes, it emits // errors from the ASN.1 module for OpenSSL compatibility. // ASN1_GEN_MAX_DEPTH is the maximum number of nested TLVs allowed. #define ASN1_GEN_MAX_DEPTH … // ASN1_GEN_MAX_OUTPUT is the maximum output, in bytes, allowed. This limit is // necessary because the SEQUENCE and SET section reference mechanism allows the // output length to grow super-linearly with the input length. #define ASN1_GEN_MAX_OUTPUT … // ASN1_GEN_FORMAT_* are the values for the format modifiers. #define ASN1_GEN_FORMAT_ASCII … #define ASN1_GEN_FORMAT_UTF8 … #define ASN1_GEN_FORMAT_HEX … #define ASN1_GEN_FORMAT_BITLIST … // generate_v3 converts |str| into an ASN.1 structure and writes the result to // |cbb|. It returns one on success and zero on error. |depth| bounds recursion, // and |format| specifies the current format modifier. // // If |tag| is non-zero, the structure is implicitly tagged with |tag|. |tag| // must not have the constructed bit set. static int generate_v3(CBB *cbb, const char *str, const X509V3_CTX *cnf, CBS_ASN1_TAG tag, int format, int depth); static int bitstr_cb(const char *elem, size_t len, void *bitstr); ASN1_TYPE *ASN1_generate_v3(const char *str, const X509V3_CTX *cnf) { … } static int cbs_str_equal(const CBS *cbs, const char *str) { … } // parse_tag decodes a tag specifier in |cbs|. It returns the tag on success or // zero on error. static CBS_ASN1_TAG parse_tag(const CBS *cbs) { … } static int generate_wrapped(CBB *cbb, const char *str, const X509V3_CTX *cnf, CBS_ASN1_TAG tag, int padding, int format, int depth) { … } static int generate_v3(CBB *cbb, const char *str, const X509V3_CTX *cnf, CBS_ASN1_TAG tag, int format, int depth) { … } static int bitstr_cb(const char *elem, size_t len, void *bitstr) { … }