From afe4c9b5f65b612a2bd4b1cb5ac70eb5841f278e Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Mon, 3 Aug 2020 15:57:04 +0100 Subject: [PATCH] Update BoringSSL to 54858b63c1d886f6c8d903d4a4f594f1485de189 (#47) --- Package.swift | 2 +- .../CCryptoBoringSSL/crypto/asn1/a_bitstr.c | 6 +- Sources/CCryptoBoringSSL/crypto/asn1/a_enum.c | 6 +- Sources/CCryptoBoringSSL/crypto/asn1/a_int.c | 2 +- .../CCryptoBoringSSL/crypto/asn1/a_object.c | 6 +- Sources/CCryptoBoringSSL/crypto/asn1/a_time.c | 4 +- Sources/CCryptoBoringSSL/crypto/asn1/a_type.c | 2 +- .../CCryptoBoringSSL/crypto/asn1/asn1_lib.c | 2 +- .../CCryptoBoringSSL/crypto/asn1/asn_pack.c | 2 +- Sources/CCryptoBoringSSL/crypto/asn1/f_enum.c | 2 +- Sources/CCryptoBoringSSL/crypto/asn1/f_int.c | 2 +- .../CCryptoBoringSSL/crypto/asn1/f_string.c | 2 +- .../crypto/cipher_extra/tls_cbc.c | 1 + .../crypto/ec_extra/hash_to_curve.c | 64 +- .../crypto/ec_extra/internal.h | 22 - .../CCryptoBoringSSL/crypto/err/err_data.c | 172 +- .../CCryptoBoringSSL/crypto/evp/evp_asn1.c | 143 ++ .../crypto/fipsmodule/bn/internal.h | 12 +- .../crypto/fipsmodule/ec/internal.h | 3 +- .../crypto/fipsmodule/ec/p224-64.c | 24 +- .../crypto/fipsmodule/ec/p256-x86_64.c | 47 +- .../crypto/fipsmodule/ec/p256.c | 36 +- .../crypto/fipsmodule/ec/simple_mul.c | 4 +- .../crypto/fipsmodule/ec/util.c | 6 +- .../crypto/fipsmodule/self_check/self_check.c | 62 + .../fipsmodule/sha1-x86_64.linux.x86_64.S | 171 ++ .../fipsmodule/sha1-x86_64.mac.x86_64.S | 171 ++ Sources/CCryptoBoringSSL/crypto/mem.c | 44 +- .../CCryptoBoringSSL/crypto/pkcs8/internal.h | 7 + .../crypto/pkcs8/pkcs8_x509.c | 41 +- .../crypto/trust_token/internal.h | 29 - .../crypto/trust_token/pmbtoken.c | 479 ++---- .../crypto/trust_token/trust_token.c | 52 +- .../CCryptoBoringSSL/crypto/x509/a_strex.c | 8 +- .../CCryptoBoringSSL/crypto/x509/algorithm.c | 8 + .../CCryptoBoringSSL/crypto/x509/asn1_gen.c | 8 +- Sources/CCryptoBoringSSL/crypto/x509/x509.c | 67 - .../CCryptoBoringSSL/crypto/x509/x509_cmp.c | 19 +- .../CCryptoBoringSSL/crypto/x509/x509_req.c | 10 + .../CCryptoBoringSSL/crypto/x509/x509_set.c | 41 + .../CCryptoBoringSSL/crypto/x509/x509_trs.c | 5 +- .../CCryptoBoringSSL/crypto/x509/x509_vfy.c | 37 +- .../CCryptoBoringSSL/crypto/x509/x509cset.c | 25 + Sources/CCryptoBoringSSL/crypto/x509/x_crl.c | 48 +- .../CCryptoBoringSSL/crypto/x509/x_pubkey.c | 154 -- Sources/CCryptoBoringSSL/crypto/x509/x_x509.c | 34 +- .../CCryptoBoringSSL/crypto/x509v3/internal.h | 5 + .../CCryptoBoringSSL/crypto/x509v3/v3_purp.c | 109 +- Sources/CCryptoBoringSSL/hash.txt | 2 +- .../include/CCryptoBoringSSL_aes.h | 20 +- .../include/CCryptoBoringSSL_asn1.h | 44 +- .../include/CCryptoBoringSSL_base.h | 2 +- ...CryptoBoringSSL_boringssl_prefix_symbols.h | 25 +- ...toBoringSSL_boringssl_prefix_symbols_asm.h | 25 +- .../include/CCryptoBoringSSL_evp.h | 69 + .../include/CCryptoBoringSSL_trust_token.h | 11 +- .../include/CCryptoBoringSSL_x509.h | 1504 +++++++++-------- .../include/boringssl_prefix_symbols_nasm.inc | 50 +- 58 files changed, 2176 insertions(+), 1782 deletions(-) diff --git a/Package.swift b/Package.swift index 8f16804e..4f56e47b 100644 --- a/Package.swift +++ b/Package.swift @@ -20,7 +20,7 @@ // Sources/CCryptoBoringSSL directory. The source repository is at // https://boringssl.googlesource.com/boringssl. // -// BoringSSL Commit: 53a17f55247101105ae35767d5c5a6c311843a8e +// BoringSSL Commit: 54858b63c1d886f6c8d903d4a4f594f1485de189 import PackageDescription diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_bitstr.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_bitstr.c index abc34d0b..94bbc18c 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_bitstr.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_bitstr.c @@ -70,7 +70,7 @@ int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) return M_ASN1_BIT_STRING_set(x, d, len); } -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) +int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a, unsigned char **pp) { int ret, j, bits, len; unsigned char *p, *d; @@ -233,7 +233,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) return (1); } -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) +int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) { int w, v; @@ -250,7 +250,7 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) * which is not specified in 'flags', 1 otherwise. * 'len' is the length of 'flags'. */ -int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, +int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, unsigned char *flags, int flags_len) { int i, ok; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_enum.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_enum.c index 8301c2c8..b633801f 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_enum.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_enum.c @@ -108,7 +108,7 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) return (1); } -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) +long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a) { int neg = 0, i; @@ -147,7 +147,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) return r; } -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) +ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai) { ASN1_ENUMERATED *ret; int len, j; @@ -183,7 +183,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) return (NULL); } -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) +BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) { BIGNUM *ret; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_int.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_int.c index bfac044c..467a41cd 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_int.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_int.c @@ -115,7 +115,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) * followed by optional zeros isn't padded. */ -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) +int i2c_ASN1_INTEGER(const ASN1_INTEGER *a, unsigned char **pp) { int pad = 0, ret, i, neg; unsigned char *p, *n, pb = 0; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_object.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_object.c index cf22d676..5ccb1dab 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_object.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_object.c @@ -66,7 +66,7 @@ #include "../internal.h" -int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) +int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp) { unsigned char *p, *allocated = NULL; int objsize; @@ -98,12 +98,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) return objsize; } -int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) +int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a) { return OBJ_obj2txt(buf, buf_len, a, 0); } -int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) +int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a) { char buf[80], *p = buf; int i; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_time.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_time.c index f32eeb97..8862db6c 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_time.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_time.c @@ -100,7 +100,7 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); } -int ASN1_TIME_check(ASN1_TIME *t) +int ASN1_TIME_check(const ASN1_TIME *t) { if (t->type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_check(t); @@ -110,7 +110,7 @@ int ASN1_TIME_check(ASN1_TIME *t) } /* Convert an ASN1_TIME structure to GeneralizedTime */ -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, +ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) { ASN1_GENERALIZEDTIME *ret = NULL; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/a_type.c b/Sources/CCryptoBoringSSL/crypto/asn1/a_type.c index 828a646a..5d612406 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/a_type.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/a_type.c @@ -61,7 +61,7 @@ #include #include -int ASN1_TYPE_get(ASN1_TYPE *a) +int ASN1_TYPE_get(const ASN1_TYPE *a) { if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) return (a->type); diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/asn1_lib.c b/Sources/CCryptoBoringSSL/crypto/asn1/asn1_lib.c index 7ddc01a3..4f0c026d 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/asn1_lib.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/asn1_lib.c @@ -430,7 +430,7 @@ void ASN1_STRING_length_set(ASN1_STRING *x, int len) return; } -int ASN1_STRING_type(ASN1_STRING *x) +int ASN1_STRING_type(const ASN1_STRING *x) { return M_ASN1_STRING_type(x); } diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/asn_pack.c b/Sources/CCryptoBoringSSL/crypto/asn1/asn_pack.c index 34f90441..dd394902 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/asn_pack.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/asn_pack.c @@ -93,7 +93,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) /* Extract an ASN1 object from an ASN1_STRING */ -void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) +void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it) { const unsigned char *p; void *ret; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/f_enum.c b/Sources/CCryptoBoringSSL/crypto/asn1/f_enum.c index 38f75ff9..6ecfed6a 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/f_enum.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/f_enum.c @@ -60,7 +60,7 @@ /* Based on a_int.c: equivalent ENUMERATED functions */ -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a) +int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a) { int i, n = 0; static const char *h = "0123456789ABCDEF"; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/f_int.c b/Sources/CCryptoBoringSSL/crypto/asn1/f_int.c index f355cfa9..71ed899d 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/f_int.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/f_int.c @@ -58,7 +58,7 @@ #include -int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a) +int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a) { int i, n = 0; static const char *h = "0123456789ABCDEF"; diff --git a/Sources/CCryptoBoringSSL/crypto/asn1/f_string.c b/Sources/CCryptoBoringSSL/crypto/asn1/f_string.c index 8f6c0766..ea30ec85 100644 --- a/Sources/CCryptoBoringSSL/crypto/asn1/f_string.c +++ b/Sources/CCryptoBoringSSL/crypto/asn1/f_string.c @@ -58,7 +58,7 @@ #include -int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type) +int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type) { int i, n = 0; static const char *h = "0123456789ABCDEF"; diff --git a/Sources/CCryptoBoringSSL/crypto/cipher_extra/tls_cbc.c b/Sources/CCryptoBoringSSL/crypto/cipher_extra/tls_cbc.c index f84a8417..5c0695f5 100644 --- a/Sources/CCryptoBoringSSL/crypto/cipher_extra/tls_cbc.c +++ b/Sources/CCryptoBoringSSL/crypto/cipher_extra/tls_cbc.c @@ -133,6 +133,7 @@ void EVP_tls_cbc_copy_mac(uint8_t *out, size_t md_size, const uint8_t *in, assert(orig_len >= in_len); assert(in_len >= md_size); assert(md_size <= EVP_MAX_MD_SIZE); + assert(md_size > 0); // scan_start contains the number of bytes that we can ignore because // the MAC's position can only vary by 255 bytes. diff --git a/Sources/CCryptoBoringSSL/crypto/ec_extra/hash_to_curve.c b/Sources/CCryptoBoringSSL/crypto/ec_extra/hash_to_curve.c index dd048f93..66c75b7f 100644 --- a/Sources/CCryptoBoringSSL/crypto/ec_extra/hash_to_curve.c +++ b/Sources/CCryptoBoringSSL/crypto/ec_extra/hash_to_curve.c @@ -50,12 +50,10 @@ // expand_message_xmd implements the operation described in section 5.3.1 of // draft-irtf-cfrg-hash-to-curve-07. It returns one on success and zero on -// allocation failure or if |out_len| was too large. If |is_draft06| is one, it -// implements the operation from draft-irtf-cfrg-hash-to-curve-06 instead. +// allocation failure or if |out_len| was too large. static int expand_message_xmd(const EVP_MD *md, uint8_t *out, size_t out_len, const uint8_t *msg, size_t msg_len, - const uint8_t *dst, size_t dst_len, - int is_draft06) { + const uint8_t *dst, size_t dst_len) { int ret = 0; const size_t block_size = EVP_MD_block_size(md); const size_t md_size = EVP_MD_size(md); @@ -88,9 +86,8 @@ static int expand_message_xmd(const EVP_MD *md, uint8_t *out, size_t out_len, !EVP_DigestUpdate(&ctx, kZeros, block_size) || !EVP_DigestUpdate(&ctx, msg, msg_len) || !EVP_DigestUpdate(&ctx, l_i_b_str_zero, sizeof(l_i_b_str_zero)) || - (is_draft06 && !EVP_DigestUpdate(&ctx, &dst_len_u8, 1)) || !EVP_DigestUpdate(&ctx, dst, dst_len) || - (!is_draft06 && !EVP_DigestUpdate(&ctx, &dst_len_u8, 1)) || + !EVP_DigestUpdate(&ctx, &dst_len_u8, 1) || !EVP_DigestFinal_ex(&ctx, b_0, NULL)) { goto err; } @@ -114,9 +111,8 @@ static int expand_message_xmd(const EVP_MD *md, uint8_t *out, size_t out_len, if (!EVP_DigestInit_ex(&ctx, md, NULL) || !EVP_DigestUpdate(&ctx, b_i, md_size) || !EVP_DigestUpdate(&ctx, &i, 1) || - (is_draft06 && !EVP_DigestUpdate(&ctx, &dst_len_u8, 1)) || !EVP_DigestUpdate(&ctx, dst, dst_len) || - (!is_draft06 && !EVP_DigestUpdate(&ctx, &dst_len_u8, 1)) || + !EVP_DigestUpdate(&ctx, &dst_len_u8, 1) || !EVP_DigestFinal_ex(&ctx, b_i, NULL)) { goto err; } @@ -175,12 +171,11 @@ static void big_endian_to_words(BN_ULONG *out, size_t num_words, static int hash_to_field2(const EC_GROUP *group, const EVP_MD *md, EC_FELEM *out1, EC_FELEM *out2, const uint8_t *dst, size_t dst_len, unsigned k, const uint8_t *msg, - size_t msg_len, int is_draft06) { + size_t msg_len) { size_t L; uint8_t buf[4 * EC_MAX_BYTES]; if (!num_bytes_to_derive(&L, &group->field, k) || - !expand_message_xmd(md, buf, 2 * L, msg, msg_len, dst, dst_len, - is_draft06)) { + !expand_message_xmd(md, buf, 2 * L, msg, msg_len, dst, dst_len)) { return 0; } BN_ULONG words[2 * EC_MAX_WORDS]; @@ -196,12 +191,11 @@ static int hash_to_field2(const EC_GROUP *group, const EVP_MD *md, // group order rather than a field element. |k| is the security factor. static int hash_to_scalar(const EC_GROUP *group, const EVP_MD *md, EC_SCALAR *out, const uint8_t *dst, size_t dst_len, - unsigned k, const uint8_t *msg, size_t msg_len, - int is_draft06) { + unsigned k, const uint8_t *msg, size_t msg_len) { size_t L; uint8_t buf[EC_MAX_BYTES * 2]; if (!num_bytes_to_derive(&L, &group->order, k) || - !expand_message_xmd(md, buf, L, msg, msg_len, dst, dst_len, is_draft06)) { + !expand_message_xmd(md, buf, L, msg, msg_len, dst, dst_len)) { return 0; } @@ -310,10 +304,9 @@ static int map_to_curve_simple_swu(const EC_GROUP *group, const EC_FELEM *Z, static int hash_to_curve(const EC_GROUP *group, const EVP_MD *md, const EC_FELEM *Z, const EC_FELEM *c2, unsigned k, EC_RAW_POINT *out, const uint8_t *dst, size_t dst_len, - const uint8_t *msg, size_t msg_len, int is_draft06) { + const uint8_t *msg, size_t msg_len) { EC_FELEM u0, u1; - if (!hash_to_field2(group, md, &u0, &u1, dst, dst_len, k, msg, msg_len, - is_draft06)) { + if (!hash_to_field2(group, md, &u0, &u1, dst, dst_len, k, msg, msg_len)) { return 0; } @@ -376,7 +369,7 @@ int ec_hash_to_curve_p384_xmd_sha512_sswu_draft07( ec_felem_neg(group, &Z, &Z); return hash_to_curve(group, EVP_sha512(), &Z, &c2, /*k=*/192, out, dst, - dst_len, msg, msg_len, /*is_draft06=*/0); + dst_len, msg, msg_len); } int ec_hash_to_scalar_p384_xmd_sha512_draft07( @@ -388,38 +381,5 @@ int ec_hash_to_scalar_p384_xmd_sha512_draft07( } return hash_to_scalar(group, EVP_sha512(), out, dst, dst_len, /*k=*/192, msg, - msg_len, /*is_draft06=*/0); -} - -int ec_hash_to_curve_p521_xmd_sha512_sswu_draft06( - const EC_GROUP *group, EC_RAW_POINT *out, const uint8_t *dst, - size_t dst_len, const uint8_t *msg, size_t msg_len) { - // See section 8.3 of draft-irtf-cfrg-hash-to-curve-06. - if (EC_GROUP_get_curve_name(group) != NID_secp521r1) { - OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH); - return 0; - } - - // Z = -4, c2 = 8. - EC_FELEM Z, c2; - if (!felem_from_u8(group, &Z, 4) || - !felem_from_u8(group, &c2, 8)) { - return 0; - } - ec_felem_neg(group, &Z, &Z); - - return hash_to_curve(group, EVP_sha512(), &Z, &c2, /*k=*/256, out, dst, - dst_len, msg, msg_len, /*is_draft06=*/1); -} - -int ec_hash_to_scalar_p521_xmd_sha512_draft06( - const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len, - const uint8_t *msg, size_t msg_len) { - if (EC_GROUP_get_curve_name(group) != NID_secp521r1) { - OPENSSL_PUT_ERROR(EC, EC_R_GROUP_MISMATCH); - return 0; - } - - return hash_to_scalar(group, EVP_sha512(), out, dst, dst_len, /*k=*/256, msg, - msg_len, /*is_draft06=*/1); + msg_len); } diff --git a/Sources/CCryptoBoringSSL/crypto/ec_extra/internal.h b/Sources/CCryptoBoringSSL/crypto/ec_extra/internal.h index 98ae3ef5..8fe06539 100644 --- a/Sources/CCryptoBoringSSL/crypto/ec_extra/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/ec_extra/internal.h @@ -48,28 +48,6 @@ OPENSSL_EXPORT int ec_hash_to_scalar_p384_xmd_sha512_draft07( const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len, const uint8_t *msg, size_t msg_len); -// ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 hashes |msg| to a point on -// |group| and writes the result to |out|, implementing the -// P521_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-06. It -// returns one on success and zero on error. -// -// This function implements an older version of the draft and should not be used -// in new code. -OPENSSL_EXPORT int ec_hash_to_curve_p521_xmd_sha512_sswu_draft06( - const EC_GROUP *group, EC_RAW_POINT *out, const uint8_t *dst, - size_t dst_len, const uint8_t *msg, size_t msg_len); - -// ec_hash_to_scalar_p521_xmd_sha512_draft06 hashes |msg| to a scalar on |group| -// and writes the result to |out|, using the hash_to_field operation from the -// P521_XMD:SHA-512_SSWU_RO_ suite from draft-irtf-cfrg-hash-to-curve-06, but -// generating a value modulo the group order rather than a field element. -// -// This function implements an older version of the draft and should not be used -// in new code. -OPENSSL_EXPORT int ec_hash_to_scalar_p521_xmd_sha512_draft06( - const EC_GROUP *group, EC_SCALAR *out, const uint8_t *dst, size_t dst_len, - const uint8_t *msg, size_t msg_len); - #if defined(__cplusplus) } // extern C diff --git a/Sources/CCryptoBoringSSL/crypto/err/err_data.c b/Sources/CCryptoBoringSSL/crypto/err/err_data.c index 3da804d9..bad89d3f 100644 --- a/Sources/CCryptoBoringSSL/crypto/err/err_data.c +++ b/Sources/CCryptoBoringSSL/crypto/err/err_data.c @@ -199,36 +199,39 @@ const uint32_t kOpenSSLReasonValues[] = { 0x2c34b058, 0x2c353073, 0x2c35b085, - 0x2c363098, + 0x2c3630b5, 0x2c36832d, - 0x2c3730a5, - 0x2c37b0b7, - 0x2c3830dc, - 0x2c38b0f3, - 0x2c393101, - 0x2c39b111, - 0x2c3a3123, - 0x2c3ab137, - 0x2c3b3148, - 0x2c3bb167, + 0x2c3730c2, + 0x2c37b0ee, + 0x2c383113, + 0x2c38b12a, + 0x2c393148, + 0x2c39b158, + 0x2c3a316a, + 0x2c3ab17e, + 0x2c3b318f, + 0x2c3bb1ae, 0x2c3c12fa, 0x2c3c9310, - 0x2c3d317b, + 0x2c3d31c2, 0x2c3d9329, - 0x2c3e3198, - 0x2c3eb1a6, - 0x2c3f31be, - 0x2c3fb1d6, - 0x2c403200, + 0x2c3e31df, + 0x2c3eb1ed, + 0x2c3f3205, + 0x2c3fb21d, + 0x2c403247, 0x2c4091fb, - 0x2c413211, - 0x2c41b224, + 0x2c413258, + 0x2c41b26b, 0x2c4211c1, - 0x2c42b235, + 0x2c42b27c, 0x2c430722, - 0x2c43b159, - 0x2c4430ca, - 0x2c44b1e3, + 0x2c43b1a0, + 0x2c443101, + 0x2c44b22a, + 0x2c453098, + 0x2c45b0d4, + 0x2c463138, 0x30320000, 0x30328015, 0x3033001f, @@ -654,69 +657,69 @@ const uint32_t kOpenSSLReasonValues[] = { 0x4c411557, 0x4c4193da, 0x4c421543, - 0x50323247, - 0x5032b256, - 0x50333261, - 0x5033b271, - 0x5034328a, - 0x5034b2a4, - 0x503532b2, - 0x5035b2c8, - 0x503632da, - 0x5036b2f0, - 0x50373309, - 0x5037b31c, - 0x50383334, - 0x5038b345, - 0x5039335a, - 0x5039b36e, - 0x503a338e, - 0x503ab3a4, - 0x503b33bc, - 0x503bb3ce, - 0x503c33ea, - 0x503cb401, - 0x503d341a, - 0x503db430, - 0x503e343d, - 0x503eb453, - 0x503f3465, + 0x5032328e, + 0x5032b29d, + 0x503332a8, + 0x5033b2b8, + 0x503432d1, + 0x5034b2eb, + 0x503532f9, + 0x5035b30f, + 0x50363321, + 0x5036b337, + 0x50373350, + 0x5037b363, + 0x5038337b, + 0x5038b38c, + 0x503933a1, + 0x5039b3b5, + 0x503a33d5, + 0x503ab3eb, + 0x503b3403, + 0x503bb415, + 0x503c3431, + 0x503cb448, + 0x503d3461, + 0x503db477, + 0x503e3484, + 0x503eb49a, + 0x503f34ac, 0x503f837b, - 0x50403478, - 0x5040b488, - 0x504134a2, - 0x5041b4b1, - 0x504234cb, - 0x5042b4e8, - 0x504334f8, - 0x5043b508, - 0x50443517, + 0x504034bf, + 0x5040b4cf, + 0x504134e9, + 0x5041b4f8, + 0x50423512, + 0x5042b52f, + 0x5043353f, + 0x5043b54f, + 0x5044355e, 0x50448431, - 0x5045352b, - 0x5045b549, - 0x5046355c, - 0x5046b572, - 0x50473584, - 0x5047b599, - 0x504835bf, - 0x5048b5cd, - 0x504935e0, - 0x5049b5f5, - 0x504a360b, - 0x504ab61b, - 0x504b363b, - 0x504bb64e, - 0x504c3671, - 0x504cb69f, - 0x504d36b1, - 0x504db6ce, - 0x504e36e9, - 0x504eb705, - 0x504f3717, - 0x504fb72e, - 0x5050373d, + 0x50453572, + 0x5045b590, + 0x504635a3, + 0x5046b5b9, + 0x504735cb, + 0x5047b5e0, + 0x50483606, + 0x5048b614, + 0x50493627, + 0x5049b63c, + 0x504a3652, + 0x504ab662, + 0x504b3682, + 0x504bb695, + 0x504c36b8, + 0x504cb6e6, + 0x504d36f8, + 0x504db715, + 0x504e3730, + 0x504eb74c, + 0x504f375e, + 0x504fb775, + 0x50503784, 0x505086f1, - 0x50513750, + 0x50513797, 0x58320f65, 0x68320f27, 0x68328c7f, @@ -1352,12 +1355,15 @@ const char kOpenSSLReasonStringData[] = "CERT_ALREADY_IN_HASH_TABLE\0" "CRL_ALREADY_DELTA\0" "CRL_VERIFY_FAILURE\0" + "DELTA_CRL_WITHOUT_CRL_NUMBER\0" "IDP_MISMATCH\0" "INVALID_DIRECTORY\0" + "INVALID_FIELD_FOR_VERSION\0" "INVALID_FIELD_NAME\0" "INVALID_PARAMETER\0" "INVALID_PSS_PARAMETERS\0" "INVALID_TRUST\0" + "INVALID_VERSION\0" "ISSUER_MISMATCH\0" "KEY_TYPE_MISMATCH\0" "KEY_VALUES_MISMATCH\0" diff --git a/Sources/CCryptoBoringSSL/crypto/evp/evp_asn1.c b/Sources/CCryptoBoringSSL/crypto/evp/evp_asn1.c index 60a2abe7..31c06201 100644 --- a/Sources/CCryptoBoringSSL/crypto/evp/evp_asn1.c +++ b/Sources/CCryptoBoringSSL/crypto/evp/evp_asn1.c @@ -65,6 +65,7 @@ #include #include "internal.h" +#include "../bytestring/internal.h" #include "../internal.h" @@ -386,3 +387,145 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **out, const uint8_t **inp, EVP_PKEY_free(ret); return NULL; } + +EVP_PKEY *d2i_PUBKEY(EVP_PKEY **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EVP_PKEY *ret = EVP_parse_public_key(&cbs); + if (ret == NULL) { + return NULL; + } + if (out != NULL) { + EVP_PKEY_free(*out); + *out = ret; + } + *inp = CBS_data(&cbs); + return ret; +} + +int i2d_PUBKEY(const EVP_PKEY *pkey, uint8_t **outp) { + CBB cbb; + if (!CBB_init(&cbb, 128) || + !EVP_marshal_public_key(&cbb, pkey)) { + CBB_cleanup(&cbb); + return -1; + } + return CBB_finish_i2d(&cbb, outp); +} + +RSA *d2i_RSA_PUBKEY(RSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EVP_PKEY *pkey = EVP_parse_public_key(&cbs); + if (pkey == NULL) { + return NULL; + } + RSA *rsa = EVP_PKEY_get1_RSA(pkey); + EVP_PKEY_free(pkey); + if (rsa == NULL) { + return NULL; + } + if (out != NULL) { + RSA_free(*out); + *out = rsa; + } + *inp = CBS_data(&cbs); + return rsa; +} + +int i2d_RSA_PUBKEY(const RSA *rsa, uint8_t **outp) { + int ret = -1; + EVP_PKEY *pkey = EVP_PKEY_new(); + if (pkey == NULL || + !EVP_PKEY_set1_RSA(pkey, (RSA *)rsa)) { + goto err; + } + + ret = i2d_PUBKEY(pkey, outp); + +err: + EVP_PKEY_free(pkey); + return ret; +} + +DSA *d2i_DSA_PUBKEY(DSA **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EVP_PKEY *pkey = EVP_parse_public_key(&cbs); + if (pkey == NULL) { + return NULL; + } + DSA *dsa = EVP_PKEY_get1_DSA(pkey); + EVP_PKEY_free(pkey); + if (dsa == NULL) { + return NULL; + } + if (out != NULL) { + DSA_free(*out); + *out = dsa; + } + *inp = CBS_data(&cbs); + return dsa; +} + +int i2d_DSA_PUBKEY(const DSA *dsa, uint8_t **outp) { + int ret = -1; + EVP_PKEY *pkey = EVP_PKEY_new(); + if (pkey == NULL || + !EVP_PKEY_set1_DSA(pkey, (DSA *)dsa)) { + goto err; + } + + ret = i2d_PUBKEY(pkey, outp); + +err: + EVP_PKEY_free(pkey); + return ret; +} + +EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp, long len) { + if (len < 0) { + return NULL; + } + CBS cbs; + CBS_init(&cbs, *inp, (size_t)len); + EVP_PKEY *pkey = EVP_parse_public_key(&cbs); + if (pkey == NULL) { + return NULL; + } + EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(pkey); + EVP_PKEY_free(pkey); + if (ec_key == NULL) { + return NULL; + } + if (out != NULL) { + EC_KEY_free(*out); + *out = ec_key; + } + *inp = CBS_data(&cbs); + return ec_key; +} + +int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp) { + int ret = -1; + EVP_PKEY *pkey = EVP_PKEY_new(); + if (pkey == NULL || + !EVP_PKEY_set1_EC_KEY(pkey, (EC_KEY *)ec_key)) { + goto err; + } + + ret = i2d_PUBKEY(pkey, outp); + +err: + EVP_PKEY_free(pkey); + return ret; +} diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/bn/internal.h b/Sources/CCryptoBoringSSL/crypto/fipsmodule/bn/internal.h index 16b1b9e6..1e57733b 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/bn/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/bn/internal.h @@ -404,9 +404,19 @@ uint64_t bn_mont_n0(const BIGNUM *n); int bn_mod_exp_base_2_consttime(BIGNUM *r, unsigned p, const BIGNUM *n, BN_CTX *ctx); -#if defined(OPENSSL_X86_64) && defined(_MSC_VER) +#if defined(_MSC_VER) +#if defined(OPENSSL_X86_64) #define BN_UMULT_LOHI(low, high, a, b) ((low) = _umul128((a), (b), &(high))) +#elif defined(OPENSSL_AARCH64) +#define BN_UMULT_LOHI(low, high, a, b) \ + do { \ + const BN_ULONG _a = (a); \ + const BN_ULONG _b = (b); \ + (low) = _a * _b; \ + (high) = __umulh(_a, _b); \ + } while (0) #endif +#endif // _MSC_VER #if !defined(BN_ULLONG) && !defined(BN_UMULT_LOHI) #error "Either BN_ULLONG or BN_UMULT_LOHI must be defined on every platform." diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/internal.h b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/internal.h index dc419355..1dff020b 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/internal.h @@ -703,7 +703,8 @@ void ec_GFp_mont_felem_to_bytes(const EC_GROUP *group, uint8_t *out, int ec_GFp_mont_felem_from_bytes(const EC_GROUP *group, EC_FELEM *out, const uint8_t *in, size_t len); -void ec_GFp_nistp_recode_scalar_bits(uint8_t *sign, uint8_t *digit, uint8_t in); +void ec_GFp_nistp_recode_scalar_bits(crypto_word_t *sign, crypto_word_t *digit, + crypto_word_t in); const EC_METHOD *EC_GFp_nistp224_method(void); const EC_METHOD *EC_GFp_nistp256_method(void); diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p224-64.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p224-64.c index 3450dc03..042b459f 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p224-64.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p224-64.c @@ -866,7 +866,7 @@ static void p224_select_point(const uint64_t idx, size_t size, } // p224_get_bit returns the |i|th bit in |in| -static char p224_get_bit(const p224_felem_bytearray in, size_t i) { +static crypto_word_t p224_get_bit(const p224_felem_bytearray in, size_t i) { if (i >= 224) { return 0; } @@ -977,13 +977,13 @@ static void ec_GFp_nistp224_point_mul(const EC_GROUP *group, EC_RAW_POINT *r, // Add every 5 doublings. if (i % 5 == 0) { - uint64_t bits = p224_get_bit(scalar->bytes, i + 4) << 5; + crypto_word_t bits = p224_get_bit(scalar->bytes, i + 4) << 5; bits |= p224_get_bit(scalar->bytes, i + 3) << 4; bits |= p224_get_bit(scalar->bytes, i + 2) << 3; bits |= p224_get_bit(scalar->bytes, i + 1) << 2; bits |= p224_get_bit(scalar->bytes, i) << 1; bits |= p224_get_bit(scalar->bytes, i - 1); - uint8_t sign, digit; + crypto_word_t sign, digit; ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits); // Select the point to add or subtract. @@ -1022,7 +1022,7 @@ static void ec_GFp_nistp224_point_mul_base(const EC_GROUP *group, } // First, look 28 bits upwards. - uint64_t bits = p224_get_bit(scalar->bytes, i + 196) << 3; + crypto_word_t bits = p224_get_bit(scalar->bytes, i + 196) << 3; bits |= p224_get_bit(scalar->bytes, i + 140) << 2; bits |= p224_get_bit(scalar->bytes, i + 84) << 1; bits |= p224_get_bit(scalar->bytes, i + 28); @@ -1080,14 +1080,15 @@ static void ec_GFp_nistp224_point_mul_public(const EC_GROUP *group, // Add multiples of the generator. if (i <= 27) { // First, look 28 bits upwards. - uint64_t bits = p224_get_bit(g_scalar->bytes, i + 196) << 3; + crypto_word_t bits = p224_get_bit(g_scalar->bytes, i + 196) << 3; bits |= p224_get_bit(g_scalar->bytes, i + 140) << 2; bits |= p224_get_bit(g_scalar->bytes, i + 84) << 1; bits |= p224_get_bit(g_scalar->bytes, i + 28); + size_t index = (size_t)bits; p224_point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */, - g_p224_pre_comp[1][bits][0], g_p224_pre_comp[1][bits][1], - g_p224_pre_comp[1][bits][2]); + g_p224_pre_comp[1][index][0], g_p224_pre_comp[1][index][1], + g_p224_pre_comp[1][index][2]); assert(!skip); // Second, look at the current position. @@ -1095,20 +1096,21 @@ static void ec_GFp_nistp224_point_mul_public(const EC_GROUP *group, bits |= p224_get_bit(g_scalar->bytes, i + 112) << 2; bits |= p224_get_bit(g_scalar->bytes, i + 56) << 1; bits |= p224_get_bit(g_scalar->bytes, i); + index = (size_t)bits; p224_point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */, - g_p224_pre_comp[0][bits][0], g_p224_pre_comp[0][bits][1], - g_p224_pre_comp[0][bits][2]); + g_p224_pre_comp[0][index][0], g_p224_pre_comp[0][index][1], + g_p224_pre_comp[0][index][2]); } // Incorporate |p_scalar| every 5 doublings. if (i % 5 == 0) { - uint64_t bits = p224_get_bit(p_scalar->bytes, i + 4) << 5; + crypto_word_t bits = p224_get_bit(p_scalar->bytes, i + 4) << 5; bits |= p224_get_bit(p_scalar->bytes, i + 3) << 4; bits |= p224_get_bit(p_scalar->bytes, i + 2) << 3; bits |= p224_get_bit(p_scalar->bytes, i + 1) << 2; bits |= p224_get_bit(p_scalar->bytes, i) << 1; bits |= p224_get_bit(p_scalar->bytes, i - 1); - uint8_t sign, digit; + crypto_word_t sign, digit; ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits); // Select the point to add or subtract. diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256-x86_64.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256-x86_64.c index 434b4e43..b6a17abb 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256-x86_64.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256-x86_64.c @@ -52,8 +52,8 @@ static const BN_ULONG ONE[P256_LIMBS] = { // Recode window to a signed digit, see |ec_GFp_nistp_recode_scalar_bits| in // util.c for details -static unsigned booth_recode_w5(unsigned in) { - unsigned s, d; +static crypto_word_t booth_recode_w5(crypto_word_t in) { + crypto_word_t s, d; s = ~((in >> 5) - 1); d = (1 << 6) - in - 1; @@ -63,8 +63,8 @@ static unsigned booth_recode_w5(unsigned in) { return (d << 1) + (s & 1); } -static unsigned booth_recode_w7(unsigned in) { - unsigned s, d; +static crypto_word_t booth_recode_w7(crypto_word_t in) { + crypto_word_t s, d; s = ~((in >> 7) - 1); d = (1 << 8) - in - 1; @@ -196,8 +196,8 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r, assert(p_scalar != NULL); assert(group->field.width == P256_LIMBS); - static const unsigned kWindowSize = 5; - static const unsigned kMask = (1 << (5 /* kWindowSize */ + 1)) - 1; + static const size_t kWindowSize = 5; + static const crypto_word_t kMask = (1 << (5 /* kWindowSize */ + 1)) - 1; // A |P256_POINT| is (3 * 32) = 96 bytes, and the 64-byte alignment should // add no more than 63 bytes of overhead. Thus, |table| should require @@ -234,17 +234,17 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP *group, P256_POINT *r, BN_ULONG tmp[P256_LIMBS]; alignas(32) P256_POINT h; - unsigned index = 255; - unsigned wvalue = p_str[(index - 1) / 8]; + size_t index = 255; + crypto_word_t wvalue = p_str[(index - 1) / 8]; wvalue = (wvalue >> ((index - 1) % 8)) & kMask; ecp_nistz256_select_w5(r, table, booth_recode_w5(wvalue) >> 1); while (index >= 5) { if (index != 255) { - unsigned off = (index - 1) / 8; + size_t off = (index - 1) / 8; - wvalue = p_str[off] | p_str[off + 1] << 8; + wvalue = (crypto_word_t)p_str[off] | (crypto_word_t)p_str[off + 1] << 8; wvalue = (wvalue >> ((index - 1) % 8)) & kMask; wvalue = booth_recode_w5(wvalue); @@ -285,21 +285,22 @@ typedef union { P256_POINT_AFFINE a; } p256_point_union_t; -static unsigned calc_first_wvalue(unsigned *index, const uint8_t p_str[33]) { - static const unsigned kWindowSize = 7; - static const unsigned kMask = (1 << (7 /* kWindowSize */ + 1)) - 1; +static crypto_word_t calc_first_wvalue(size_t *index, const uint8_t p_str[33]) { + static const size_t kWindowSize = 7; + static const crypto_word_t kMask = (1 << (7 /* kWindowSize */ + 1)) - 1; *index = kWindowSize; - unsigned wvalue = (p_str[0] << 1) & kMask; + crypto_word_t wvalue = (p_str[0] << 1) & kMask; return booth_recode_w7(wvalue); } -static unsigned calc_wvalue(unsigned *index, const uint8_t p_str[33]) { - static const unsigned kWindowSize = 7; - static const unsigned kMask = (1 << (7 /* kWindowSize */ + 1)) - 1; +static crypto_word_t calc_wvalue(size_t *index, const uint8_t p_str[33]) { + static const size_t kWindowSize = 7; + static const crypto_word_t kMask = (1 << (7 /* kWindowSize */ + 1)) - 1; - const unsigned off = (*index - 1) / 8; - unsigned wvalue = p_str[off] | p_str[off + 1] << 8; + const size_t off = (*index - 1) / 8; + crypto_word_t wvalue = + (crypto_word_t)p_str[off] | (crypto_word_t)p_str[off + 1] << 8; wvalue = (wvalue >> ((*index - 1) % 8)) & kMask; *index += kWindowSize; @@ -327,8 +328,8 @@ static void ecp_nistz256_point_mul_base(const EC_GROUP *group, EC_RAW_POINT *r, p_str[32] = 0; // First window - unsigned index = 0; - unsigned wvalue = calc_first_wvalue(&index, p_str); + size_t index = 0; + crypto_word_t wvalue = calc_first_wvalue(&index, p_str); ecp_nistz256_select_w7(&p.a, ecp_nistz256_precomputed[0], wvalue >> 1); ecp_nistz256_neg(p.p.Z, p.p.Y); @@ -372,8 +373,8 @@ static void ecp_nistz256_points_mul_public(const EC_GROUP *group, p_str[32] = 0; // First window - unsigned index = 0; - unsigned wvalue = calc_first_wvalue(&index, p_str); + size_t index = 0; + size_t wvalue = calc_first_wvalue(&index, p_str); // Convert |p| from affine to Jacobian coordinates. We set Z to zero if |p| // is infinity and |ONE| otherwise. |p| was computed from the table, so it diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256.c index 758b9845..8bf5350d 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/p256.c @@ -67,7 +67,7 @@ static fiat_p256_limb_t fiat_p256_nz( static void fiat_p256_copy(fiat_p256_limb_t out[FIAT_P256_NLIMBS], const fiat_p256_limb_t in1[FIAT_P256_NLIMBS]) { - for (int i = 0; i < FIAT_P256_NLIMBS; i++) { + for (size_t i = 0; i < FIAT_P256_NLIMBS; i++) { out[i] = in1[i]; } } @@ -393,7 +393,7 @@ static void fiat_p256_select_point(const fiat_p256_limb_t idx, size_t size, } // fiat_p256_get_bit returns the |i|th bit in |in| -static char fiat_p256_get_bit(const uint8_t *in, int i) { +static crypto_word_t fiat_p256_get_bit(const uint8_t *in, int i) { if (i < 0 || i >= 256) { return 0; } @@ -498,20 +498,20 @@ static void ec_GFp_nistp256_point_mul(const EC_GROUP *group, EC_RAW_POINT *r, // do other additions every 5 doublings if (i % 5 == 0) { - uint64_t bits = fiat_p256_get_bit(scalar->bytes, i + 4) << 5; + crypto_word_t bits = fiat_p256_get_bit(scalar->bytes, i + 4) << 5; bits |= fiat_p256_get_bit(scalar->bytes, i + 3) << 4; bits |= fiat_p256_get_bit(scalar->bytes, i + 2) << 3; bits |= fiat_p256_get_bit(scalar->bytes, i + 1) << 2; bits |= fiat_p256_get_bit(scalar->bytes, i) << 1; bits |= fiat_p256_get_bit(scalar->bytes, i - 1); - uint8_t sign, digit; + crypto_word_t sign, digit; ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits); // select the point to add or subtract, in constant time. - fiat_p256_select_point(digit, 17, (const fiat_p256_felem(*)[3])p_pre_comp, - tmp); + fiat_p256_select_point((fiat_p256_limb_t)digit, 17, + (const fiat_p256_felem(*)[3])p_pre_comp, tmp); fiat_p256_opp(ftmp, tmp[1]); // (X, -Y, Z) is the negative point. - fiat_p256_cmovznz(tmp[1], sign, tmp[1], ftmp); + fiat_p256_cmovznz(tmp[1], (fiat_p256_limb_t)sign, tmp[1], ftmp); if (!skip) { fiat_p256_point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], @@ -543,12 +543,13 @@ static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group, } // First, look 32 bits upwards. - uint64_t bits = fiat_p256_get_bit(scalar->bytes, i + 224) << 3; + crypto_word_t bits = fiat_p256_get_bit(scalar->bytes, i + 224) << 3; bits |= fiat_p256_get_bit(scalar->bytes, i + 160) << 2; bits |= fiat_p256_get_bit(scalar->bytes, i + 96) << 1; bits |= fiat_p256_get_bit(scalar->bytes, i + 32); // Select the point to add, in constant time. - fiat_p256_select_point_affine(bits, 15, fiat_p256_g_pre_comp[1], tmp); + fiat_p256_select_point_affine((fiat_p256_limb_t)bits, 15, + fiat_p256_g_pre_comp[1], tmp); if (!skip) { fiat_p256_point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], @@ -566,7 +567,8 @@ static void ec_GFp_nistp256_point_mul_base(const EC_GROUP *group, bits |= fiat_p256_get_bit(scalar->bytes, i + 64) << 1; bits |= fiat_p256_get_bit(scalar->bytes, i); // Select the point to add, in constant time. - fiat_p256_select_point_affine(bits, 15, fiat_p256_g_pre_comp[0], tmp); + fiat_p256_select_point_affine((fiat_p256_limb_t)bits, 15, + fiat_p256_g_pre_comp[0], tmp); fiat_p256_point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */, tmp[0], tmp[1], tmp[2]); } @@ -613,14 +615,15 @@ static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group, // constant-time lookup. if (i <= 31) { // First, look 32 bits upwards. - uint64_t bits = fiat_p256_get_bit(g_scalar->bytes, i + 224) << 3; + crypto_word_t bits = fiat_p256_get_bit(g_scalar->bytes, i + 224) << 3; bits |= fiat_p256_get_bit(g_scalar->bytes, i + 160) << 2; bits |= fiat_p256_get_bit(g_scalar->bytes, i + 96) << 1; bits |= fiat_p256_get_bit(g_scalar->bytes, i + 32); if (bits != 0) { + size_t index = (size_t)(bits - 1); fiat_p256_point_add(ret[0], ret[1], ret[2], ret[0], ret[1], ret[2], - 1 /* mixed */, fiat_p256_g_pre_comp[1][bits - 1][0], - fiat_p256_g_pre_comp[1][bits - 1][1], + 1 /* mixed */, fiat_p256_g_pre_comp[1][index][0], + fiat_p256_g_pre_comp[1][index][1], fiat_p256_one); skip = 0; } @@ -631,9 +634,10 @@ static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group, bits |= fiat_p256_get_bit(g_scalar->bytes, i + 64) << 1; bits |= fiat_p256_get_bit(g_scalar->bytes, i); if (bits != 0) { + size_t index = (size_t)(bits - 1); fiat_p256_point_add(ret[0], ret[1], ret[2], ret[0], ret[1], ret[2], - 1 /* mixed */, fiat_p256_g_pre_comp[0][bits - 1][0], - fiat_p256_g_pre_comp[0][bits - 1][1], + 1 /* mixed */, fiat_p256_g_pre_comp[0][index][0], + fiat_p256_g_pre_comp[0][index][1], fiat_p256_one); skip = 0; } @@ -642,7 +646,7 @@ static void ec_GFp_nistp256_point_mul_public(const EC_GROUP *group, int digit = p_wNAF[i]; if (digit != 0) { assert(digit & 1); - int idx = digit < 0 ? (-digit) >> 1 : digit >> 1; + size_t idx = (size_t)(digit < 0 ? (-digit) >> 1 : digit >> 1); fiat_p256_felem *y = &p_pre_comp[idx][1], tmp; if (digit < 0) { fiat_p256_opp(tmp, p_pre_comp[idx][1]); diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/simple_mul.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/simple_mul.c index 3bb9a895..b073daf2 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/simple_mul.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/simple_mul.c @@ -108,7 +108,7 @@ static void ec_GFp_mont_batch_get_window(const EC_GROUP *group, if (i > 0) { window |= bn_is_bit_set_words(scalar->words, width, i - 1); } - uint8_t sign, digit; + crypto_word_t sign, digit; ec_GFp_nistp_recode_scalar_bits(&sign, &digit, window); // Select the entry in constant-time. @@ -121,7 +121,7 @@ static void ec_GFp_mont_batch_get_window(const EC_GROUP *group, // Negate if necessary. EC_FELEM neg_Y; ec_felem_neg(group, &neg_Y, &out->Y); - BN_ULONG sign_mask = sign; + crypto_word_t sign_mask = sign; sign_mask = 0u - sign_mask; ec_felem_select(group, &out->Y, sign_mask, &neg_Y, &out->Y); } diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/util.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/util.c index 39b8653b..0b996fe2 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/util.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/ec/util.c @@ -240,9 +240,9 @@ // P-384: ...01110011; w = 2, 5, 6, 7 are okay // P-256: ...01010001; w = 5, 7 are okay // P-224: ...00111101; w = 3, 4, 5, 6 are okay -void ec_GFp_nistp_recode_scalar_bits(uint8_t *sign, uint8_t *digit, - uint8_t in) { - uint8_t s, d; +void ec_GFp_nistp_recode_scalar_bits(crypto_word_t *sign, crypto_word_t *digit, + crypto_word_t in) { + crypto_word_t s, d; s = ~((in >> 5) - 1); /* sets all bits to MSB(in), 'in' seen as * 6-bit value */ diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/self_check/self_check.c b/Sources/CCryptoBoringSSL/crypto/fipsmodule/self_check/self_check.c index 617329c0..971b868b 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/self_check/self_check.c +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/self_check/self_check.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -430,11 +431,44 @@ int boringssl_fips_self_test( 0xba, 0x4d, 0xd9, 0x86, 0x77, 0xda, 0x7d, 0x8f, 0xef, 0xc4, 0x1a, 0xf0, 0xcc, 0x81, 0xe5, 0xea, 0x3f, 0xc2, 0x41, 0x7f, 0xd8, }; + // kP256Point is SHA256("Primitive Z Computation KAT")×G within P-256. + const uint8_t kP256Point[65] = { + 0x04, 0x4e, 0xc1, 0x94, 0x8c, 0x5c, 0xf4, 0x37, 0x35, 0x0d, 0xa3, + 0xf9, 0x55, 0xf9, 0x8b, 0x26, 0x23, 0x5c, 0x43, 0xe0, 0x83, 0x51, + 0x2b, 0x0d, 0x4b, 0x56, 0x24, 0xc3, 0xe4, 0xa5, 0xa8, 0xe2, 0xe9, + 0x95, 0xf2, 0xc4, 0xb9, 0xb7, 0x48, 0x7d, 0x2a, 0xae, 0xc5, 0xc0, + 0x0a, 0xcc, 0x1b, 0xd0, 0xec, 0xb8, 0xdc, 0xbe, 0x0c, 0xbe, 0x52, + 0x79, 0x93, 0x7c, 0x0b, 0x92, 0x2b, 0x7f, 0x17, 0xa5, 0x80, + }; + // kP256Scalar is SHA256("Primitive Z Computation KAT scalar"). + const uint8_t kP256Scalar[32] = { + 0xe7, 0x60, 0x44, 0x91, 0x26, 0x9a, 0xfb, 0x5b, 0x10, 0x2d, 0x6e, + 0xa5, 0x2c, 0xb5, 0x9f, 0xeb, 0x70, 0xae, 0xde, 0x6c, 0xe3, 0xbf, + 0xb3, 0xe0, 0x10, 0x54, 0x85, 0xab, 0xd8, 0x61, 0xd7, 0x7b, + }; + // kP256PointResult is |kP256Scalar|×|kP256Point|. + const uint8_t kP256PointResult[65] = { + 0x04, 0xf1, 0x63, 0x00, 0x88, 0xc5, 0xd5, 0xe9, 0x05, 0x52, 0xac, + 0xb6, 0xec, 0x68, 0x76, 0xb8, 0x73, 0x7f, 0x0f, 0x72, 0x34, 0xe6, + 0xbb, 0x30, 0x32, 0x22, 0x37, 0xb6, 0x2a, 0x80, 0xe8, 0x9e, 0x6e, + 0x6f, 0x36, 0x02, 0xe7, 0x21, 0xd2, 0x31, 0xdb, 0x94, 0x63, 0xb7, + 0xd8, 0x19, 0x0e, 0xc2, 0xc0, 0xa7, 0x2f, 0x15, 0x49, 0x1a, 0xa2, + 0x7c, 0x41, 0x8f, 0xaf, 0x9c, 0x40, 0xaf, 0x2e, 0x4a, +#if !defined(BORINGSSL_FIPS_BREAK_Z_COMPUTATION) + 0x0c, +#else + 0x00, +#endif + }; EVP_AEAD_CTX aead_ctx; EVP_AEAD_CTX_zero(&aead_ctx); RSA *rsa_key = NULL; EC_KEY *ec_key = NULL; + EC_GROUP *ec_group = NULL; + EC_POINT *ec_point_in = NULL; + EC_POINT *ec_point_out = NULL; + BIGNUM *ec_scalar = NULL; ECDSA_SIG *sig = NULL; int ret = 0; @@ -602,6 +636,30 @@ int boringssl_fips_self_test( goto err; } + // Primitive Z Computation KAT (IG 9.6). + ec_group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); + if (ec_group == NULL) { + fprintf(stderr, "Failed to create P-256 group.\n"); + goto err; + } + ec_point_in = EC_POINT_new(ec_group); + ec_point_out = EC_POINT_new(ec_group); + ec_scalar = BN_new(); + uint8_t z_comp_result[65]; + if (ec_point_in == NULL || ec_point_out == NULL || ec_scalar == NULL || + !EC_POINT_oct2point(ec_group, ec_point_in, kP256Point, sizeof(kP256Point), + NULL) || + !BN_bin2bn(kP256Scalar, sizeof(kP256Scalar), ec_scalar) || + !EC_POINT_mul(ec_group, ec_point_out, NULL, ec_point_in, ec_scalar, + NULL) || + !EC_POINT_point2oct(ec_group, ec_point_out, POINT_CONVERSION_UNCOMPRESSED, + z_comp_result, sizeof(z_comp_result), NULL) || + !check_test(kP256PointResult, z_comp_result, sizeof(z_comp_result), + "Z Computation Result")) { + fprintf(stderr, "Z Computation KAT failed.\n"); + goto err; + } + // DBRG KAT CTR_DRBG_STATE drbg; if (!CTR_DRBG_init(&drbg, kDRBGEntropy, kDRBGPersonalization, @@ -642,6 +700,10 @@ int boringssl_fips_self_test( EVP_AEAD_CTX_cleanup(&aead_ctx); RSA_free(rsa_key); EC_KEY_free(ec_key); + EC_POINT_free(ec_point_in); + EC_POINT_free(ec_point_out); + EC_GROUP_free(ec_group); + BN_free(ec_scalar); ECDSA_SIG_free(sig); return ret; diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.linux.x86_64.S b/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.linux.x86_64.S index 6a453ef8..c29b772d 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.linux.x86_64.S +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.linux.x86_64.S @@ -29,6 +29,8 @@ sha1_block_data_order: movl 8(%r10),%r10d testl $512,%r8d jz .Lialu + testl $536870912,%r10d + jnz _shaext_shortcut andl $296,%r10d cmpl $296,%r10d je _avx2_shortcut @@ -1271,6 +1273,175 @@ sha1_block_data_order: .byte 0xf3,0xc3 .cfi_endproc .size sha1_block_data_order,.-sha1_block_data_order +.type sha1_block_data_order_shaext,@function +.align 32 +sha1_block_data_order_shaext: +_shaext_shortcut: +.cfi_startproc + movdqu (%rdi),%xmm0 + movd 16(%rdi),%xmm1 + movdqa K_XX_XX+160(%rip),%xmm3 + + movdqu (%rsi),%xmm4 + pshufd $27,%xmm0,%xmm0 + movdqu 16(%rsi),%xmm5 + pshufd $27,%xmm1,%xmm1 + movdqu 32(%rsi),%xmm6 +.byte 102,15,56,0,227 + movdqu 48(%rsi),%xmm7 +.byte 102,15,56,0,235 +.byte 102,15,56,0,243 + movdqa %xmm1,%xmm9 +.byte 102,15,56,0,251 + jmp .Loop_shaext + +.align 16 +.Loop_shaext: + decq %rdx + leaq 64(%rsi),%r8 + paddd %xmm4,%xmm1 + cmovneq %r8,%rsi + movdqa %xmm0,%xmm8 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,0 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,0 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,1 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,1 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,2 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,2 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 + movdqu (%rsi),%xmm4 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,3 +.byte 15,56,200,213 + movdqu 16(%rsi),%xmm5 +.byte 102,15,56,0,227 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 15,56,200,206 + movdqu 32(%rsi),%xmm6 +.byte 102,15,56,0,235 + + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,3 +.byte 15,56,200,215 + movdqu 48(%rsi),%xmm7 +.byte 102,15,56,0,243 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 65,15,56,200,201 +.byte 102,15,56,0,251 + + paddd %xmm8,%xmm0 + movdqa %xmm1,%xmm9 + + jnz .Loop_shaext + + pshufd $27,%xmm0,%xmm0 + pshufd $27,%xmm1,%xmm1 + movdqu %xmm0,(%rdi) + movd %xmm1,16(%rdi) + .byte 0xf3,0xc3 +.cfi_endproc +.size sha1_block_data_order_shaext,.-sha1_block_data_order_shaext .type sha1_block_data_order_ssse3,@function .align 16 sha1_block_data_order_ssse3: diff --git a/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.mac.x86_64.S b/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.mac.x86_64.S index ec5987ed..f42ce912 100644 --- a/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.mac.x86_64.S +++ b/Sources/CCryptoBoringSSL/crypto/fipsmodule/sha1-x86_64.mac.x86_64.S @@ -28,6 +28,8 @@ _sha1_block_data_order: movl 8(%r10),%r10d testl $512,%r8d jz L$ialu + testl $536870912,%r10d + jnz _shaext_shortcut andl $296,%r10d cmpl $296,%r10d je _avx2_shortcut @@ -1271,6 +1273,175 @@ L$epilogue: +.p2align 5 +sha1_block_data_order_shaext: +_shaext_shortcut: + + movdqu (%rdi),%xmm0 + movd 16(%rdi),%xmm1 + movdqa K_XX_XX+160(%rip),%xmm3 + + movdqu (%rsi),%xmm4 + pshufd $27,%xmm0,%xmm0 + movdqu 16(%rsi),%xmm5 + pshufd $27,%xmm1,%xmm1 + movdqu 32(%rsi),%xmm6 +.byte 102,15,56,0,227 + movdqu 48(%rsi),%xmm7 +.byte 102,15,56,0,235 +.byte 102,15,56,0,243 + movdqa %xmm1,%xmm9 +.byte 102,15,56,0,251 + jmp L$oop_shaext + +.p2align 4 +L$oop_shaext: + decq %rdx + leaq 64(%rsi),%r8 + paddd %xmm4,%xmm1 + cmovneq %r8,%rsi + movdqa %xmm0,%xmm8 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,0 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,0 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,0 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,1 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,1 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,1 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,2 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 +.byte 15,56,201,229 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,213 + pxor %xmm6,%xmm4 +.byte 15,56,201,238 +.byte 15,56,202,231 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,2 +.byte 15,56,200,206 + pxor %xmm7,%xmm5 +.byte 15,56,202,236 +.byte 15,56,201,247 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,2 +.byte 15,56,200,215 + pxor %xmm4,%xmm6 +.byte 15,56,201,252 +.byte 15,56,202,245 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 15,56,200,204 + pxor %xmm5,%xmm7 +.byte 15,56,202,254 + movdqu (%rsi),%xmm4 + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,3 +.byte 15,56,200,213 + movdqu 16(%rsi),%xmm5 +.byte 102,15,56,0,227 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 15,56,200,206 + movdqu 32(%rsi),%xmm6 +.byte 102,15,56,0,235 + + movdqa %xmm0,%xmm2 +.byte 15,58,204,193,3 +.byte 15,56,200,215 + movdqu 48(%rsi),%xmm7 +.byte 102,15,56,0,243 + + movdqa %xmm0,%xmm1 +.byte 15,58,204,194,3 +.byte 65,15,56,200,201 +.byte 102,15,56,0,251 + + paddd %xmm8,%xmm0 + movdqa %xmm1,%xmm9 + + jnz L$oop_shaext + + pshufd $27,%xmm0,%xmm0 + pshufd $27,%xmm1,%xmm1 + movdqu %xmm0,(%rdi) + movd %xmm1,16(%rdi) + .byte 0xf3,0xc3 + + + .p2align 4 sha1_block_data_order_ssse3: _ssse3_shortcut: diff --git a/Sources/CCryptoBoringSSL/crypto/mem.c b/Sources/CCryptoBoringSSL/crypto/mem.c index ee86f87e..5ea35b6c 100644 --- a/Sources/CCryptoBoringSSL/crypto/mem.c +++ b/Sources/CCryptoBoringSSL/crypto/mem.c @@ -72,6 +72,8 @@ OPENSSL_MSVC_PRAGMA(warning(pop)) #define OPENSSL_MALLOC_PREFIX 8 +OPENSSL_STATIC_ASSERT(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), + "size_t too large"); #if defined(OPENSSL_ASAN) void __asan_poison_memory_region(const volatile void *addr, size_t size); @@ -101,13 +103,21 @@ static void __asan_unpoison_memory_region(const void *addr, size_t size) {} // linked. This isn't an ideal result, but its helps in some cases. WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags)); -// The following two functions are for memory tracking. They are no-ops by -// default but can be overridden at link time if the application needs to -// observe heap operations. -WEAK_SYMBOL_FUNC(void, OPENSSL_track_memory_alloc, (void *ptr, size_t size)); -WEAK_SYMBOL_FUNC(void, OPENSSL_track_memory_free, (void *ptr, size_t size)); +// The following three functions can be defined to override default heap +// allocation and freeing. If defined, it is the responsibility of +// |OPENSSL_memory_free| to zero out the memory before returning it to the +// system. |OPENSSL_memory_free| will not be passed NULL pointers. +WEAK_SYMBOL_FUNC(void*, OPENSSL_memory_alloc, (size_t size)); +WEAK_SYMBOL_FUNC(void, OPENSSL_memory_free, (void *ptr)); +WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr)); void *OPENSSL_malloc(size_t size) { + if (OPENSSL_memory_alloc != NULL) { + assert(OPENSSL_memory_free != NULL); + assert(OPENSSL_memory_get_size != NULL); + return OPENSSL_memory_alloc(size); + } + if (size + OPENSSL_MALLOC_PREFIX < size) { return NULL; } @@ -120,9 +130,6 @@ void *OPENSSL_malloc(size_t size) { *(size_t *)ptr = size; __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); - if (OPENSSL_track_memory_alloc) { - OPENSSL_track_memory_alloc(ptr, size + OPENSSL_MALLOC_PREFIX); - } return ((uint8_t *)ptr) + OPENSSL_MALLOC_PREFIX; } @@ -131,13 +138,15 @@ void OPENSSL_free(void *orig_ptr) { return; } + if (OPENSSL_memory_free != NULL) { + OPENSSL_memory_free(orig_ptr); + return; + } + void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); size_t size = *(size_t *)ptr; - if (OPENSSL_track_memory_free) { - OPENSSL_track_memory_free(ptr, size + OPENSSL_MALLOC_PREFIX); - } OPENSSL_cleanse(ptr, size + OPENSSL_MALLOC_PREFIX); if (sdallocx) { sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */); @@ -151,10 +160,15 @@ void *OPENSSL_realloc(void *orig_ptr, size_t new_size) { return OPENSSL_malloc(new_size); } - void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; - __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); - size_t old_size = *(size_t *)ptr; - __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); + size_t old_size; + if (OPENSSL_memory_get_size != NULL) { + old_size = OPENSSL_memory_get_size(orig_ptr); + } else { + void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; + __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); + old_size = *(size_t *)ptr; + __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); + } void *ret = OPENSSL_malloc(new_size); if (ret == NULL) { diff --git a/Sources/CCryptoBoringSSL/crypto/pkcs8/internal.h b/Sources/CCryptoBoringSSL/crypto/pkcs8/internal.h index df0812e1..ebd0fb66 100644 --- a/Sources/CCryptoBoringSSL/crypto/pkcs8/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/pkcs8/internal.h @@ -63,6 +63,13 @@ extern "C" { #endif +struct pkcs8_priv_key_info_st { + ASN1_INTEGER *version; + X509_ALGOR *pkeyalg; + ASN1_OCTET_STRING *pkey; + STACK_OF(X509_ATTRIBUTE) *attributes; +}; + // pkcs8_pbe_decrypt decrypts |in| using the PBE scheme described by // |algorithm|, which should be a serialized AlgorithmIdentifier structure. On // success, it sets |*out| to a newly-allocated buffer containing the decrypted diff --git a/Sources/CCryptoBoringSSL/crypto/pkcs8/pkcs8_x509.c b/Sources/CCryptoBoringSSL/crypto/pkcs8/pkcs8_x509.c index 6b4bd257..0958798d 100644 --- a/Sources/CCryptoBoringSSL/crypto/pkcs8/pkcs8_x509.c +++ b/Sources/CCryptoBoringSSL/crypto/pkcs8/pkcs8_x509.c @@ -96,10 +96,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, // Since the structure must still be valid use ASN1_OP_FREE_PRE if (operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; - if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING && - key->pkey->value.octet_string) { - OPENSSL_cleanse(key->pkey->value.octet_string->data, - key->pkey->value.octet_string->length); + if (key->pkey) { + OPENSSL_cleanse(key->pkey->data, key->pkey->length); } } return 1; @@ -108,12 +106,45 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER), ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR), - ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY), + ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_OCTET_STRING), ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0) } ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) +int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, + int ptype, void *pval, uint8_t *penc, int penclen) { + if (version >= 0 && + !ASN1_INTEGER_set(priv->version, version)) { + return 0; + } + + if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) { + return 0; + } + + if (penc != NULL) { + ASN1_STRING_set0(priv->pkey, penc, penclen); + } + + return 1; +} + +int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const uint8_t **pk, int *ppklen, + X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8) { + if (ppkalg) { + *ppkalg = p8->pkeyalg->algorithm; + } + if (pk) { + *pk = ASN1_STRING_data(p8->pkey); + *ppklen = ASN1_STRING_length(p8->pkey); + } + if (pa) { + *pa = p8->pkeyalg; + } + return 1; +} + EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { uint8_t *der = NULL; int der_len = i2d_PKCS8_PRIV_KEY_INFO(p8, &der); diff --git a/Sources/CCryptoBoringSSL/crypto/trust_token/internal.h b/Sources/CCryptoBoringSSL/crypto/trust_token/internal.h index 8b7863ca..a0f363dc 100644 --- a/Sources/CCryptoBoringSSL/crypto/trust_token/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/trust_token/internal.h @@ -77,27 +77,6 @@ OPENSSL_EXPORT void PMBTOKEN_PRETOKEN_free(PMBTOKEN_PRETOKEN *token); DEFINE_STACK_OF(PMBTOKEN_PRETOKEN) -// The following functions implement the corresponding |TRUST_TOKENS_METHOD| -// functions for |TRUST_TOKENS_experiment_v0|'s PMBTokens construction which -// uses P-521. -int pmbtoken_exp0_generate_key(CBB *out_private, CBB *out_public); -int pmbtoken_exp0_client_key_from_bytes(PMBTOKEN_CLIENT_KEY *key, - const uint8_t *in, size_t len); -int pmbtoken_exp0_issuer_key_from_bytes(PMBTOKEN_ISSUER_KEY *key, - const uint8_t *in, size_t len); -STACK_OF(PMBTOKEN_PRETOKEN) * pmbtoken_exp0_blind(CBB *cbb, size_t count); -int pmbtoken_exp0_sign(const PMBTOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs, - size_t num_requested, size_t num_to_issue, - uint8_t private_metadata); -STACK_OF(TRUST_TOKEN) * - pmbtoken_exp0_unblind(const PMBTOKEN_CLIENT_KEY *key, - const STACK_OF(PMBTOKEN_PRETOKEN) * pretokens, - CBS *cbs, size_t count, uint32_t key_id); -int pmbtoken_exp0_read(const PMBTOKEN_ISSUER_KEY *key, - uint8_t out_nonce[PMBTOKEN_NONCE_SIZE], - uint8_t *out_private_metadata, const uint8_t *token, - size_t token_len); - // The following functions implement the corresponding |TRUST_TOKENS_METHOD| // functions for |TRUST_TOKENS_experiment_v1|'s PMBTokens construction which // uses P-384. @@ -193,14 +172,6 @@ struct trust_token_method_st { uint8_t out_nonce[PMBTOKEN_NONCE_SIZE], uint8_t *out_private_metadata, const uint8_t *token, size_t token_len); - - // use_token_hash determines whether to include the token hash in the SRR and - // private metadata encryption. - int use_token_hash : 1; - - // batched_proof determines whether PMBToken uses a batched DLEQOR proof when - // signing tokens. - int batched_proof : 1; }; // Structure representing a single Trust Token public key with the specified ID. diff --git a/Sources/CCryptoBoringSSL/crypto/trust_token/pmbtoken.c b/Sources/CCryptoBoringSSL/crypto/trust_token/pmbtoken.c index 93e7bb69..a3eae851 100644 --- a/Sources/CCryptoBoringSSL/crypto/trust_token/pmbtoken.c +++ b/Sources/CCryptoBoringSSL/crypto/trust_token/pmbtoken.c @@ -52,9 +52,6 @@ typedef struct { // hash_c implements the H_c operation in PMBTokens. It returns one on success // and zero on error. hash_c_func_t hash_c; - // batched_proof determines whether PMBToken uses a batched DLEQOR proof when - // signing tokens. - int batched_proof : 1; } PMBTOKEN_METHOD; static const uint8_t kDefaultAdditionalData[32] = {0}; @@ -62,7 +59,7 @@ static const uint8_t kDefaultAdditionalData[32] = {0}; static int pmbtoken_init_method(PMBTOKEN_METHOD *method, int curve_nid, const uint8_t *h_bytes, size_t h_len, hash_t_func_t hash_t, hash_s_func_t hash_s, - hash_c_func_t hash_c, int batched_proof) { + hash_c_func_t hash_c) { method->group = EC_GROUP_new_by_curve_name(curve_nid); if (method->group == NULL) { return 0; @@ -71,7 +68,6 @@ static int pmbtoken_init_method(PMBTOKEN_METHOD *method, int curve_nid, method->hash_t = hash_t; method->hash_s = hash_s; method->hash_c = hash_c; - method->batched_proof = batched_proof; EC_AFFINE h; if (!ec_point_from_uncompressed(method->group, &h, h_bytes, h_len)) { @@ -724,37 +720,31 @@ static int pmbtoken_sign(const PMBTOKEN_METHOD *method, return 0; } + if (num_to_issue > ((size_t)-1) / sizeof(EC_RAW_POINT) || + num_to_issue > ((size_t)-1) / sizeof(EC_SCALAR)) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); + return 0; + } + int ret = 0; - EC_RAW_POINT *Tps = NULL; - EC_RAW_POINT *Sps = NULL; - EC_RAW_POINT *Wps = NULL; - EC_RAW_POINT *Wsps = NULL; - EC_SCALAR *es = NULL; + EC_RAW_POINT *Tps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Sps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Wps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Wsps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); + EC_SCALAR *es = OPENSSL_malloc(num_to_issue * sizeof(EC_SCALAR)); CBB batch_cbb; CBB_zero(&batch_cbb); - if (method->batched_proof) { - if (num_to_issue > ((size_t)-1) / sizeof(EC_RAW_POINT) || - num_to_issue > ((size_t)-1) / sizeof(EC_SCALAR)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); - goto err; - } - Tps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); - Sps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); - Wps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); - Wsps = OPENSSL_malloc(num_to_issue * sizeof(EC_RAW_POINT)); - es = OPENSSL_malloc(num_to_issue * sizeof(EC_SCALAR)); - if (!Tps || - !Sps || - !Wps || - !Wsps || - !es || - !CBB_init(&batch_cbb, 0) || - !point_to_cbb(&batch_cbb, method->group, &key->pubs) || - !point_to_cbb(&batch_cbb, method->group, &key->pub0) || - !point_to_cbb(&batch_cbb, method->group, &key->pub1)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } + if (!Tps || + !Sps || + !Wps || + !Wsps || + !es || + !CBB_init(&batch_cbb, 0) || + !point_to_cbb(&batch_cbb, method->group, &key->pubs) || + !point_to_cbb(&batch_cbb, method->group, &key->pub0) || + !point_to_cbb(&batch_cbb, method->group, &key->pub1)) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); + goto err; } for (size_t i = 0; i < num_to_issue; i++) { @@ -793,25 +783,17 @@ static int pmbtoken_sign(const PMBTOKEN_METHOD *method, goto err; } - if (!method->batched_proof) { - if (!CBB_add_u16_length_prefixed(cbb, &child) || - !dleq_generate(method, &child, key, &Tp, &jacobians[0], &jacobians[1], - &jacobians[2], private_metadata)) { - goto err; - } - } else { - if (!point_to_cbb(&batch_cbb, group, &Tp_affine) || - !point_to_cbb(&batch_cbb, group, &affines[0]) || - !point_to_cbb(&batch_cbb, group, &affines[1]) || - !point_to_cbb(&batch_cbb, group, &affines[2])) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } - Tps[i] = Tp; - Sps[i] = jacobians[0]; - Wps[i] = jacobians[1]; - Wsps[i] = jacobians[2]; + if (!point_to_cbb(&batch_cbb, group, &Tp_affine) || + !point_to_cbb(&batch_cbb, group, &affines[0]) || + !point_to_cbb(&batch_cbb, group, &affines[1]) || + !point_to_cbb(&batch_cbb, group, &affines[2])) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); + goto err; } + Tps[i] = Tp; + Sps[i] = jacobians[0]; + Wps[i] = jacobians[1]; + Wsps[i] = jacobians[2]; if (!CBB_flush(cbb)) { goto err; @@ -821,36 +803,34 @@ static int pmbtoken_sign(const PMBTOKEN_METHOD *method, // The DLEQ batching construction is described in appendix B of // https://eprint.iacr.org/2020/072/20200324:214215. Note the additional // computations all act on public inputs. - if (method->batched_proof) { - for (size_t i = 0; i < num_to_issue; i++) { - if (!hash_c_batch(method, &es[i], &batch_cbb, i)) { - goto err; - } - } - - EC_RAW_POINT Tp_batch, Sp_batch, Wp_batch, Wsp_batch; - if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, - /*g_scalar=*/NULL, Tps, es, - num_to_issue) || - !ec_point_mul_scalar_public_batch(group, &Sp_batch, - /*g_scalar=*/NULL, Sps, es, - num_to_issue) || - !ec_point_mul_scalar_public_batch(group, &Wp_batch, - /*g_scalar=*/NULL, Wps, es, - num_to_issue) || - !ec_point_mul_scalar_public_batch(group, &Wsp_batch, - /*g_scalar=*/NULL, Wsps, es, - num_to_issue)) { + for (size_t i = 0; i < num_to_issue; i++) { + if (!hash_c_batch(method, &es[i], &batch_cbb, i)) { goto err; } + } - CBB proof; - if (!CBB_add_u16_length_prefixed(cbb, &proof) || - !dleq_generate(method, &proof, key, &Tp_batch, &Sp_batch, &Wp_batch, - &Wsp_batch, private_metadata) || - !CBB_flush(cbb)) { - goto err; - } + EC_RAW_POINT Tp_batch, Sp_batch, Wp_batch, Wsp_batch; + if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, + /*g_scalar=*/NULL, Tps, es, + num_to_issue) || + !ec_point_mul_scalar_public_batch(group, &Sp_batch, + /*g_scalar=*/NULL, Sps, es, + num_to_issue) || + !ec_point_mul_scalar_public_batch(group, &Wp_batch, + /*g_scalar=*/NULL, Wps, es, + num_to_issue) || + !ec_point_mul_scalar_public_batch(group, &Wsp_batch, + /*g_scalar=*/NULL, Wsps, es, + num_to_issue)) { + goto err; + } + + CBB proof; + if (!CBB_add_u16_length_prefixed(cbb, &proof) || + !dleq_generate(method, &proof, key, &Tp_batch, &Sp_batch, &Wp_batch, + &Wsp_batch, private_metadata) || + !CBB_flush(cbb)) { + goto err; } // Skip over any unused requests. @@ -890,36 +870,29 @@ static STACK_OF(TRUST_TOKEN) * return NULL; } - EC_RAW_POINT *Tps = NULL; - EC_RAW_POINT *Sps = NULL; - EC_RAW_POINT *Wps = NULL; - EC_RAW_POINT *Wsps = NULL; - EC_SCALAR *es = NULL; + if (count > ((size_t)-1) / sizeof(EC_RAW_POINT) || + count > ((size_t)-1) / sizeof(EC_SCALAR)) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); + return 0; + } + EC_RAW_POINT *Tps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Sps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Wps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); + EC_RAW_POINT *Wsps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); + EC_SCALAR *es = OPENSSL_malloc(count * sizeof(EC_SCALAR)); CBB batch_cbb; CBB_zero(&batch_cbb); - if (method->batched_proof) { - if (count > ((size_t)-1) / sizeof(EC_RAW_POINT) || - count > ((size_t)-1) / sizeof(EC_SCALAR)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); - goto err; - } - Tps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); - Sps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); - Wps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); - Wsps = OPENSSL_malloc(count * sizeof(EC_RAW_POINT)); - es = OPENSSL_malloc(count * sizeof(EC_SCALAR)); - if (!Tps || - !Sps || - !Wps || - !Wsps || - !es || - !CBB_init(&batch_cbb, 0) || - !point_to_cbb(&batch_cbb, method->group, &key->pubs) || - !point_to_cbb(&batch_cbb, method->group, &key->pub0) || - !point_to_cbb(&batch_cbb, method->group, &key->pub1)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } + if (!Tps || + !Sps || + !Wps || + !Wsps || + !es || + !CBB_init(&batch_cbb, 0) || + !point_to_cbb(&batch_cbb, method->group, &key->pubs) || + !point_to_cbb(&batch_cbb, method->group, &key->pub0) || + !point_to_cbb(&batch_cbb, method->group, &key->pub1)) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); + goto err; } for (size_t i = 0; i < count; i++) { @@ -928,7 +901,6 @@ static STACK_OF(TRUST_TOKEN) * uint8_t s[PMBTOKEN_NONCE_SIZE]; EC_AFFINE Wp_affine, Wsp_affine; - CBS proof; if (!CBS_copy_bytes(cbs, s, PMBTOKEN_NONCE_SIZE) || !cbs_get_prefixed_point(cbs, group, &Wp_affine) || !cbs_get_prefixed_point(cbs, group, &Wsp_affine)) { @@ -936,50 +908,29 @@ static STACK_OF(TRUST_TOKEN) * goto err; } - EC_RAW_POINT Tp, Wp, Wsp, Sp; - ec_affine_to_jacobian(group, &Tp, &pretoken->Tp); - ec_affine_to_jacobian(group, &Wp, &Wp_affine); - ec_affine_to_jacobian(group, &Wsp, &Wsp_affine); - if (!method->hash_s(group, &Sp, &pretoken->Tp, s)) { + ec_affine_to_jacobian(group, &Tps[i], &pretoken->Tp); + ec_affine_to_jacobian(group, &Wps[i], &Wp_affine); + ec_affine_to_jacobian(group, &Wsps[i], &Wsp_affine); + if (!method->hash_s(group, &Sps[i], &pretoken->Tp, s)) { goto err; } - if (!method->batched_proof) { - if(!CBS_get_u16_length_prefixed(cbs, &proof)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - goto err; - } - - if (!dleq_verify(method, &proof, key, &Tp, &Sp, &Wp, &Wsp)) { - goto err; - } - - if (CBS_len(&proof) != 0) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - goto err; - } - } else { - EC_AFFINE Sp_affine; - if (!point_to_cbb(&batch_cbb, group, &pretoken->Tp) || - !ec_jacobian_to_affine(group, &Sp_affine, &Sp) || - !point_to_cbb(&batch_cbb, group, &Sp_affine) || - !point_to_cbb(&batch_cbb, group, &Wp_affine) || - !point_to_cbb(&batch_cbb, group, &Wsp_affine)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } - Tps[i] = Tp; - Sps[i] = Sp; - Wps[i] = Wp; - Wsps[i] = Wsp; + EC_AFFINE Sp_affine; + if (!point_to_cbb(&batch_cbb, group, &pretoken->Tp) || + !ec_jacobian_to_affine(group, &Sp_affine, &Sps[i]) || + !point_to_cbb(&batch_cbb, group, &Sp_affine) || + !point_to_cbb(&batch_cbb, group, &Wp_affine) || + !point_to_cbb(&batch_cbb, group, &Wsp_affine)) { + OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); + goto err; } // Unblind the token. EC_RAW_POINT jacobians[3]; EC_AFFINE affines[3]; - if (!ec_point_mul_scalar(group, &jacobians[0], &Sp, &pretoken->r) || - !ec_point_mul_scalar(group, &jacobians[1], &Wp, &pretoken->r) || - !ec_point_mul_scalar(group, &jacobians[2], &Wsp, &pretoken->r) || + if (!ec_point_mul_scalar(group, &jacobians[0], &Sps[i], &pretoken->r) || + !ec_point_mul_scalar(group, &jacobians[1], &Wps[i], &pretoken->r) || + !ec_point_mul_scalar(group, &jacobians[2], &Wsps[i], &pretoken->r) || !ec_jacobian_to_affine_batch(group, affines, jacobians, 3)) { goto err; } @@ -1018,32 +969,30 @@ static STACK_OF(TRUST_TOKEN) * // The DLEQ batching construction is described in appendix B of // https://eprint.iacr.org/2020/072/20200324:214215. Note the additional // computations all act on public inputs. - if (method->batched_proof) { - for (size_t i = 0; i < count; i++) { - if (!hash_c_batch(method, &es[i], &batch_cbb, i)) { - goto err; - } - } - - EC_RAW_POINT Tp_batch, Sp_batch, Wp_batch, Wsp_batch; - if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, - /*g_scalar=*/NULL, Tps, es, count) || - !ec_point_mul_scalar_public_batch(group, &Sp_batch, - /*g_scalar=*/NULL, Sps, es, count) || - !ec_point_mul_scalar_public_batch(group, &Wp_batch, - /*g_scalar=*/NULL, Wps, es, count) || - !ec_point_mul_scalar_public_batch(group, &Wsp_batch, - /*g_scalar=*/NULL, Wsps, es, count)) { + for (size_t i = 0; i < count; i++) { + if (!hash_c_batch(method, &es[i], &batch_cbb, i)) { goto err; } + } - CBS proof; - if (!CBS_get_u16_length_prefixed(cbs, &proof) || - !dleq_verify(method, &proof, key, &Tp_batch, &Sp_batch, &Wp_batch, - &Wsp_batch) || - CBS_len(&proof) != 0) { - goto err; - } + EC_RAW_POINT Tp_batch, Sp_batch, Wp_batch, Wsp_batch; + if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, + /*g_scalar=*/NULL, Tps, es, count) || + !ec_point_mul_scalar_public_batch(group, &Sp_batch, + /*g_scalar=*/NULL, Sps, es, count) || + !ec_point_mul_scalar_public_batch(group, &Wp_batch, + /*g_scalar=*/NULL, Wps, es, count) || + !ec_point_mul_scalar_public_batch(group, &Wsp_batch, + /*g_scalar=*/NULL, Wsps, es, count)) { + goto err; + } + + CBS proof; + if (!CBS_get_u16_length_prefixed(cbs, &proof) || + !dleq_verify(method, &proof, key, &Tp_batch, &Sp_batch, &Wp_batch, + &Wsp_batch) || + CBS_len(&proof) != 0) { + goto err; } ok = 1; @@ -1127,202 +1076,6 @@ static int pmbtoken_read(const PMBTOKEN_METHOD *method, } -// PMBTokens experiment v0. - -static int pmbtoken_exp0_hash_t(const EC_GROUP *group, EC_RAW_POINT *out, - const uint8_t t[PMBTOKEN_NONCE_SIZE]) { - const uint8_t kHashTLabel[] = "PMBTokensV0 HashT"; - return ec_hash_to_curve_p521_xmd_sha512_sswu_draft06( - group, out, kHashTLabel, sizeof(kHashTLabel), t, PMBTOKEN_NONCE_SIZE); -} - -static int pmbtoken_exp0_hash_s(const EC_GROUP *group, EC_RAW_POINT *out, - const EC_AFFINE *t, - const uint8_t s[PMBTOKEN_NONCE_SIZE]) { - const uint8_t kHashSLabel[] = "PMBTokensV0 HashS"; - int ret = 0; - CBB cbb; - uint8_t *buf = NULL; - size_t len; - if (!CBB_init(&cbb, 0) || - !point_to_cbb(&cbb, group, t) || - !CBB_add_bytes(&cbb, s, PMBTOKEN_NONCE_SIZE) || - !CBB_finish(&cbb, &buf, &len) || - !ec_hash_to_curve_p521_xmd_sha512_sswu_draft06( - group, out, kHashSLabel, sizeof(kHashSLabel), buf, len)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } - - ret = 1; - -err: - OPENSSL_free(buf); - CBB_cleanup(&cbb); - return ret; -} - -static int pmbtoken_exp0_hash_c(const EC_GROUP *group, EC_SCALAR *out, - uint8_t *buf, size_t len) { - const uint8_t kHashCLabel[] = "PMBTokensV0 HashC"; - return ec_hash_to_scalar_p521_xmd_sha512_draft06( - group, out, kHashCLabel, sizeof(kHashCLabel), buf, len); -} - -// H for PMBTokens v0 was generated with the following Python code. -/* -import hashlib - -SEED_H = 'PrivacyPass H' - -A = -3 -B = 0x051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00 -P = 2**521 - 1 - -def get_y(x): - y2 = (x**3 + A*x + B) % P - y = pow(y2, (P+1)/4, P) - if (y*y) % P != y2: - raise ValueError("point not on curve") - return y - -def bit(h,i): - return (ord(h[i/8]) >> (i%8)) & 1 - -b = 521 -def decode_point(so): - s = hashlib.sha256(so + '0').digest() + hashlib.sha256(so + '1').digest() + \ - hashlib.sha256(so + '2').digest() - - x = 0 - for i in range(0,b): - x = x + (long(bit(s,i))<= P: - raise ValueError("x out of range") - y = get_y(x) - if y & 1 != bit(s,b-1): y = P-y - return (x, y) - - -def gen_point(seed): - v = hashlib.sha256(seed).digest() - it = 1 - while True: - try: - x,y = decode_point(v) - except Exception, e: - print e - it += 1 - v = hashlib.sha256(v).digest() - continue - print "Found in %d iterations:" % it - print " x = %d" % x - print " y = %d" % y - print " Encoded (hex): (%x, %x)" % (x, y) - return (x, y) - -if __name__ == "__main__": - gen_point(SEED_H) -*/ -static int pmbtoken_exp0_ok = 0; -static PMBTOKEN_METHOD pmbtoken_exp0_method; -static CRYPTO_once_t pmbtoken_exp0_method_once = CRYPTO_ONCE_INIT; - -static void pmbtoken_exp0_init_method_impl(void) { - static const uint8_t kH[] = { - 0x04, 0x01, 0xf0, 0xa9, 0xf7, 0x9e, 0xbc, 0x12, 0x6c, 0xef, 0xd1, 0xab, - 0x29, 0x10, 0x03, 0x6f, 0x4e, 0xf5, 0xbd, 0xeb, 0x0f, 0x6b, 0xc0, 0x5c, - 0x0e, 0xce, 0xfe, 0x59, 0x45, 0xd1, 0x3e, 0x25, 0x33, 0x7e, 0x4c, 0xda, - 0x64, 0x53, 0x54, 0x4e, 0xf9, 0x76, 0x0d, 0x6d, 0xc5, 0x39, 0x2a, 0xd4, - 0xce, 0x84, 0x6e, 0x31, 0xc2, 0x86, 0x21, 0xf9, 0x5c, 0x98, 0xb9, 0x3d, - 0x01, 0x74, 0x9f, 0xc5, 0x1e, 0x47, 0x24, 0x00, 0x5c, 0x17, 0x62, 0x51, - 0x7d, 0x32, 0x5e, 0x29, 0xac, 0x52, 0x14, 0x75, 0x6f, 0x36, 0xd9, 0xc7, - 0xfa, 0xbb, 0xa9, 0x3b, 0x9d, 0x70, 0x49, 0x1e, 0xb4, 0x53, 0xbc, 0x55, - 0xea, 0xad, 0x8f, 0x26, 0x1d, 0xe0, 0xbc, 0xf3, 0x50, 0x5c, 0x7e, 0x66, - 0x41, 0xb5, 0x61, 0x70, 0x12, 0x72, 0xac, 0x6a, 0xb0, 0x6e, 0x78, 0x3d, - 0x17, 0x08, 0xe3, 0xdf, 0x3c, 0xff, 0xa6, 0xa0, 0xea, 0x96, 0x67, 0x92, - 0xcd, - }; - - pmbtoken_exp0_ok = - pmbtoken_init_method(&pmbtoken_exp0_method, NID_secp521r1, kH, sizeof(kH), - pmbtoken_exp0_hash_t, pmbtoken_exp0_hash_s, - pmbtoken_exp0_hash_c, /*batched_proof=*/0); -} - -static int pmbtoken_exp0_init_method(void) { - CRYPTO_once(&pmbtoken_exp0_method_once, pmbtoken_exp0_init_method_impl); - if (!pmbtoken_exp0_ok) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_INTERNAL_ERROR); - return 0; - } - return 1; -} - -int pmbtoken_exp0_generate_key(CBB *out_private, CBB *out_public) { - if (!pmbtoken_exp0_init_method()) { - return 0; - } - - return pmbtoken_generate_key(&pmbtoken_exp0_method, out_private, out_public); -} - -int pmbtoken_exp0_client_key_from_bytes(PMBTOKEN_CLIENT_KEY *key, - const uint8_t *in, size_t len) { - if (!pmbtoken_exp0_init_method()) { - return 0; - } - return pmbtoken_client_key_from_bytes(&pmbtoken_exp0_method, key, in, len); -} - -int pmbtoken_exp0_issuer_key_from_bytes(PMBTOKEN_ISSUER_KEY *key, - const uint8_t *in, size_t len) { - if (!pmbtoken_exp0_init_method()) { - return 0; - } - return pmbtoken_issuer_key_from_bytes(&pmbtoken_exp0_method, key, in, len); -} - -STACK_OF(PMBTOKEN_PRETOKEN) * pmbtoken_exp0_blind(CBB *cbb, size_t count) { - if (!pmbtoken_exp0_init_method()) { - return NULL; - } - return pmbtoken_blind(&pmbtoken_exp0_method, cbb, count); -} - -int pmbtoken_exp0_sign(const PMBTOKEN_ISSUER_KEY *key, CBB *cbb, CBS *cbs, - size_t num_requested, size_t num_to_issue, - uint8_t private_metadata) { - if (!pmbtoken_exp0_init_method()) { - return 0; - } - return pmbtoken_sign(&pmbtoken_exp0_method, key, cbb, cbs, num_requested, - num_to_issue, private_metadata); -} - -STACK_OF(TRUST_TOKEN) * - pmbtoken_exp0_unblind(const PMBTOKEN_CLIENT_KEY *key, - const STACK_OF(PMBTOKEN_PRETOKEN) * pretokens, - CBS *cbs, size_t count, uint32_t key_id) { - if (!pmbtoken_exp0_init_method()) { - return NULL; - } - return pmbtoken_unblind(&pmbtoken_exp0_method, key, pretokens, cbs, count, - key_id); -} - -int pmbtoken_exp0_read(const PMBTOKEN_ISSUER_KEY *key, - uint8_t out_nonce[PMBTOKEN_NONCE_SIZE], - uint8_t *out_private_metadata, const uint8_t *token, - size_t token_len) { - if (!pmbtoken_exp0_init_method()) { - return 0; - } - return pmbtoken_read(&pmbtoken_exp0_method, key, out_nonce, - out_private_metadata, token, token_len); -} - - // PMBTokens experiment v1. static int pmbtoken_exp1_hash_t(const EC_GROUP *group, EC_RAW_POINT *out, @@ -1387,7 +1140,7 @@ static void pmbtoken_exp1_init_method_impl(void) { pmbtoken_exp1_ok = pmbtoken_init_method(&pmbtoken_exp1_method, NID_secp384r1, kH, sizeof(kH), pmbtoken_exp1_hash_t, pmbtoken_exp1_hash_s, - pmbtoken_exp1_hash_c, /*batched_proof=*/1); + pmbtoken_exp1_hash_c); } static int pmbtoken_exp1_init_method(void) { diff --git a/Sources/CCryptoBoringSSL/crypto/trust_token/trust_token.c b/Sources/CCryptoBoringSSL/crypto/trust_token/trust_token.c index 66a097a5..73866ddf 100644 --- a/Sources/CCryptoBoringSSL/crypto/trust_token/trust_token.c +++ b/Sources/CCryptoBoringSSL/crypto/trust_token/trust_token.c @@ -27,21 +27,6 @@ // protocol for issuing and redeeming tokens built on top of the PMBTokens // construction. -const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v0(void) { - static const TRUST_TOKEN_METHOD kMethod = { - pmbtoken_exp0_generate_key, - pmbtoken_exp0_client_key_from_bytes, - pmbtoken_exp0_issuer_key_from_bytes, - pmbtoken_exp0_blind, - pmbtoken_exp0_sign, - pmbtoken_exp0_unblind, - pmbtoken_exp0_read, - 0 /* don't use token hash */, - 0 /* don't use batched proof */, - }; - return &kMethod; -} - const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void) { static const TRUST_TOKEN_METHOD kMethod = { pmbtoken_exp1_generate_key, @@ -51,8 +36,6 @@ const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void) { pmbtoken_exp1_sign, pmbtoken_exp1_unblind, pmbtoken_exp1_read, - 1 /* use token hash */, - 1 /* use batched proof */, }; return &kMethod; } @@ -597,16 +580,8 @@ int TRUST_TOKEN_ISSUER_redeem(const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, SHA256_Update(&sha_ctx, CBS_data(&token_copy), CBS_len(&token_copy)); SHA256_Final(token_hash, &sha_ctx); - uint8_t metadata_obfuscator; - if (ctx->method->use_token_hash) { - metadata_obfuscator = - get_metadata_obfuscator(ctx->metadata_key, ctx->metadata_key_len, - token_hash, sizeof(token_hash)); - } else { - metadata_obfuscator = - get_metadata_obfuscator(ctx->metadata_key, ctx->metadata_key_len, - CBS_data(&client_data), CBS_len(&client_data)); - } + uint8_t metadata_obfuscator = get_metadata_obfuscator( + ctx->metadata_key, ctx->metadata_key_len, token_hash, sizeof(token_hash)); // The SRR is constructed as per the format described in // https://docs.google.com/document/d/1TNnya6B8pyomDK2F1R9CL3dY10OAmqWlnCxsWyOBDVQ/edit#heading=h.7mkzvhpqb8l5 @@ -625,10 +600,7 @@ int TRUST_TOKEN_ISSUER_redeem(const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, assert(strlen(kClientDataLabel) < strlen(kExpiryTimestampLabel)); assert(strlen(kPublicLabel) < strlen(kPrivateLabel)); - size_t map_entries = 3; - if (ctx->method->use_token_hash) { - map_entries = 4; - } + size_t map_entries = 4; if (!CBB_init(&srr, 0) || !add_cbor_map(&srr, map_entries) || // SRR map @@ -637,20 +609,10 @@ int TRUST_TOKEN_ISSUER_redeem(const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, !add_cbor_text(&srr, kPublicLabel, strlen(kPublicLabel)) || !add_cbor_int(&srr, public_metadata) || !add_cbor_text(&srr, kPrivateLabel, strlen(kPrivateLabel)) || - !add_cbor_int(&srr, private_metadata ^ metadata_obfuscator)) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } - - if (ctx->method->use_token_hash) { - if (!add_cbor_text(&srr, kTokenHashLabel, strlen(kTokenHashLabel)) || - !add_cbor_bytes(&srr, token_hash, sizeof(token_hash))) { - OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_MALLOC_FAILURE); - goto err; - } - } - - if (!add_cbor_text(&srr, kClientDataLabel, strlen(kClientDataLabel)) || + !add_cbor_int(&srr, private_metadata ^ metadata_obfuscator) || + !add_cbor_text(&srr, kTokenHashLabel, strlen(kTokenHashLabel)) || + !add_cbor_bytes(&srr, token_hash, sizeof(token_hash)) || + !add_cbor_text(&srr, kClientDataLabel, strlen(kClientDataLabel)) || !CBB_add_bytes(&srr, CBS_data(&client_data), CBS_len(&client_data)) || !add_cbor_text(&srr, kExpiryTimestampLabel, strlen(kExpiryTimestampLabel)) || diff --git a/Sources/CCryptoBoringSSL/crypto/x509/a_strex.c b/Sources/CCryptoBoringSSL/crypto/x509/a_strex.c index 14431f99..ab71b3cb 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/a_strex.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/a_strex.c @@ -296,7 +296,7 @@ static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, */ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, - ASN1_STRING *str) + const ASN1_STRING *str) { /* * Placing the ASN1_STRING in a temp ASN1_TYPE allows the DER encoding to @@ -354,7 +354,7 @@ static const signed char tag2nbyte[] = { */ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, - ASN1_STRING *str) + const ASN1_STRING *str) { int outlen, len; int type; @@ -610,13 +610,13 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, } #endif -int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) +int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_bio_chars, out, flags, str); } #ifndef OPENSSL_NO_FP_API -int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) +int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_fp_chars, fp, flags, str); } diff --git a/Sources/CCryptoBoringSSL/crypto/x509/algorithm.c b/Sources/CCryptoBoringSSL/crypto/x509/algorithm.c index 7ec8b3d5..ec2717c1 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/algorithm.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/algorithm.c @@ -142,6 +142,14 @@ int x509_digest_verify_init(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, return 0; } + /* RSA signature algorithms include an explicit NULL parameter but we also + * accept omitted values for compatibility. Other algorithms must omit it. */ + if (sigalg->parameter != NULL && (pkey_nid != EVP_PKEY_RSA || + sigalg->parameter->type != V_ASN1_NULL)) { + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER); + return 0; + } + /* Otherwise, initialize with the digest from the OID. */ const EVP_MD *digest = EVP_get_digestbynid(digest_nid); if (digest == NULL) { diff --git a/Sources/CCryptoBoringSSL/crypto/x509/asn1_gen.c b/Sources/CCryptoBoringSSL/crypto/x509/asn1_gen.c index d70cf632..5477741f 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/asn1_gen.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/asn1_gen.c @@ -123,7 +123,7 @@ typedef struct { int exp_count; } tag_exp_arg; -static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, +static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, int *perr); static int bitstr_cb(const char *elem, int len, void *bitstr); static int asn1_cb(const char *elem, int len, void *bitstr); @@ -136,7 +136,7 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf, static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype); static int asn1_str2tag(const char *tagstr, int len); -ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) +ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf) { X509V3_CTX cnf; @@ -147,7 +147,7 @@ ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) return ASN1_generate_v3(str, &cnf); } -ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) +ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf) { int err = 0; ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err); @@ -156,7 +156,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) return ret; } -static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, +static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, int *perr) { ASN1_TYPE *ret; diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509.c b/Sources/CCryptoBoringSSL/crypto/x509/x509.c index 5dc29053..4f0880e8 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509.c @@ -65,73 +65,6 @@ * it to avoid downstream churn. */ OPENSSL_DECLARE_ERROR_REASON(X509, UNSUPPORTED_ALGORITHM) -int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, - int ptype, void *pval, uint8_t *penc, int penclen) { - uint8_t **ppenc = NULL; - if (version >= 0) { - if (!ASN1_INTEGER_set(priv->version, version)) { - return 0; - } - } - - if (penc) { - int pmtype; - ASN1_OCTET_STRING *oct; - - oct = ASN1_OCTET_STRING_new(); - if (!oct) { - return 0; - } - oct->data = penc; - ppenc = &oct->data; - oct->length = penclen; - if (priv->broken == PKCS8_NO_OCTET) { - pmtype = V_ASN1_SEQUENCE; - } else { - pmtype = V_ASN1_OCTET_STRING; - } - ASN1_TYPE_set(priv->pkey, pmtype, oct); - } - - if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) { - /* If call fails do not swallow 'enc' */ - if (ppenc) { - *ppenc = NULL; - } - return 0; - } - - return 1; -} - -int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const uint8_t **pk, int *ppklen, - X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8) { - if (ppkalg) { - *ppkalg = p8->pkeyalg->algorithm; - } - - if (p8->pkey->type == V_ASN1_OCTET_STRING) { - p8->broken = PKCS8_OK; - if (pk) { - *pk = p8->pkey->value.octet_string->data; - *ppklen = p8->pkey->value.octet_string->length; - } - } else if (p8->pkey->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_NO_OCTET; - if (pk) { - *pk = p8->pkey->value.sequence->data; - *ppklen = p8->pkey->value.sequence->length; - } - } else { - return 0; - } - - if (pa) { - *pa = p8->pkeyalg; - } - return 1; -} - int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) { const uint8_t *s; int i, n; diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509_cmp.c b/Sources/CCryptoBoringSSL/crypto/x509/x509_cmp.c index ef7cf163..d827c043 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509_cmp.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509_cmp.c @@ -67,6 +67,7 @@ #include #include "../internal.h" +#include "../x509v3/internal.h" int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) @@ -175,12 +176,18 @@ unsigned long X509_subject_name_hash_old(X509 *x) */ int X509_cmp(const X509 *a, const X509 *b) { - int rv; - /* ensure hash is valid */ - X509_check_purpose((X509 *)a, -1, 0); - X509_check_purpose((X509 *)b, -1, 0); - - rv = OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); + /* Fill in the |sha1_hash| fields. + * + * TODO(davidben): This may fail, in which case the the hash will be all + * zeros. This produces a consistent comparison (failures are sticky), but + * not a good one. OpenSSL now returns -2, but this is not a consistent + * comparison and may cause misbehaving sorts by transitivity. For now, we + * retain the old OpenSSL behavior, which was to ignore the error. See + * https://crbug.com/boringssl/355. */ + x509v3_cache_extensions((X509 *)a); + x509v3_cache_extensions((X509 *)b); + + int rv = OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); if (rv) return rv; /* Check for match against stored encoding too */ diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509_req.c b/Sources/CCryptoBoringSSL/crypto/x509/x509_req.c index f6b729d8..b78f2096 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509_req.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509_req.c @@ -107,6 +107,16 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) return (NULL); } +long X509_REQ_get_version(const X509_REQ *req) +{ + return ASN1_INTEGER_get(req->req_info->version); +} + +X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req) +{ + return req->req_info->subject; +} + EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) { if ((req == NULL) || (req->req_info == NULL)) diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509_set.c b/Sources/CCryptoBoringSSL/crypto/x509/x509_set.c index 0f9191d8..045e8642 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509_set.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509_set.c @@ -60,6 +60,16 @@ #include #include +long X509_get_version(const X509 *x509) +{ + return ASN1_INTEGER_get(x509->cert_info->version); +} + +X509_CINF *X509_get_cert_info(const X509 *x509) +{ + return x509->cert_info; +} + int X509_set_version(X509 *x, long version) { if (x == NULL) @@ -137,6 +147,14 @@ ASN1_TIME *X509_getm_notBefore(X509 *x) return x->cert_info->validity->notBefore; } +ASN1_TIME *X509_get_notBefore(const X509 *x509) +{ + // In OpenSSL, this function is an alias for |X509_getm_notBefore|, but our + // |X509_getm_notBefore| is const-correct. |X509_get_notBefore| was + // originally a macro, so it needs to capture both get0 and getm use cases. + return x509->cert_info->validity->notBefore; +} + int X509_set_notAfter(X509 *x, const ASN1_TIME *tm) { ASN1_TIME *in; @@ -167,6 +185,14 @@ ASN1_TIME *X509_getm_notAfter(X509 *x) return x->cert_info->validity->notAfter; } +ASN1_TIME *X509_get_notAfter(const X509 *x509) +{ + // In OpenSSL, this function is an alias for |X509_getm_notAfter|, but our + // |X509_getm_notAfter| is const-correct. |X509_get_notAfter| was + // originally a macro, so it needs to capture both get0 and getm use cases. + return x509->cert_info->validity->notAfter; +} + int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) { if ((x == NULL) || (x->cert_info == NULL)) @@ -183,3 +209,18 @@ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x) { return x->cert_info->signature; } + +void X509_CINF_set_modified(X509_CINF *cinf) +{ + cinf->enc.modified = 1; +} + +const X509_ALGOR *X509_CINF_get_signature(const X509_CINF *cinf) +{ + return cinf->signature; +} + +X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509) +{ + return x509->cert_info->key; +} diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509_trs.c b/Sources/CCryptoBoringSSL/crypto/x509/x509_trs.c index 0e658ac8..88c4e174 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509_trs.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509_trs.c @@ -59,6 +59,8 @@ #include #include +#include "../x509v3/internal.h" + static int tr_cmp(const X509_TRUST **a, const X509_TRUST **b); static void trtable_free(X509_TRUST *p); @@ -293,7 +295,8 @@ static int trust_1oid(X509_TRUST *trust, X509 *x, int flags) static int trust_compat(X509_TRUST *trust, X509 *x, int flags) { - X509_check_purpose(x, -1, 0); + if (!x509v3_cache_extensions(x)) + return X509_TRUST_UNTRUSTED; if (x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; else diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509_vfy.c b/Sources/CCryptoBoringSSL/crypto/x509/x509_vfy.c index 74663fa8..400629c4 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509_vfy.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509_vfy.c @@ -146,14 +146,16 @@ static int null_callback(int ok, X509_STORE_CTX *e) return ok; } -/* Return 1 is a certificate is self signed */ -static int cert_self_signed(X509 *x) +/* cert_self_signed checks if |x| is self-signed. If |x| is valid, it returns + * one and sets |*out_is_self_signed| to the result. If |x| is invalid, it + * returns zero. */ +static int cert_self_signed(X509 *x, int *out_is_self_signed) { - X509_check_purpose(x, -1, 0); - if (x->ex_flags & EXFLAG_SS) - return 1; - else + if (!x509v3_cache_extensions(x)) { return 0; + } + *out_is_self_signed = (x->ex_flags & EXFLAG_SS) != 0; + return 1; } /* Given a certificate try and find an exact match in the store */ @@ -263,8 +265,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx) * X509_V_ERR_CERT_CHAIN_TOO_LONG error code * later. */ + int is_self_signed; + if (!cert_self_signed(x, &is_self_signed)) { + ctx->error = X509_V_ERR_INVALID_EXTENSION; + goto end; + } + /* If we are self signed, we break */ - if (cert_self_signed(x)) + if (is_self_signed) break; /* * If asked see if we can find issuer in trusted store first @@ -323,7 +331,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx) */ i = sk_X509_num(ctx->chain); x = sk_X509_value(ctx->chain, i - 1); - if (cert_self_signed(x)) { + + int is_self_signed; + if (!cert_self_signed(x, &is_self_signed)) { + ctx->error = X509_V_ERR_INVALID_EXTENSION; + goto end; + } + + if (is_self_signed) { /* we have a self signed certificate */ if (sk_X509_num(ctx->chain) == 1) { /* @@ -368,8 +383,12 @@ int X509_verify_cert(X509_STORE_CTX *ctx) /* If we have enough, we break */ if (depth < num) break; + if (!cert_self_signed(x, &is_self_signed)) { + ctx->error = X509_V_ERR_INVALID_EXTENSION; + goto end; + } /* If we are self signed, we break */ - if (cert_self_signed(x)) + if (is_self_signed) break; ok = ctx->get_issuer(&xtmp, ctx, x); diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x509cset.c b/Sources/CCryptoBoringSSL/crypto/x509/x509cset.c index 811a2041..3430fe1f 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x509cset.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x509cset.c @@ -135,6 +135,11 @@ int X509_CRL_up_ref(X509_CRL *crl) return 1; } +long X509_CRL_get_version(const X509_CRL *crl) +{ + return ASN1_INTEGER_get(crl->crl->version); +} + const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl) { return crl->crl->lastUpdate; @@ -145,6 +150,26 @@ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl) return crl->crl->nextUpdate; } +ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl) +{ + return crl->crl->lastUpdate; +} + +ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl) +{ + return crl->crl->nextUpdate; +} + +X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl) +{ + return crl->crl->issuer; +} + +STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl) +{ + return crl->crl->revoked; +} + void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg) { diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x_crl.c b/Sources/CCryptoBoringSSL/crypto/x509/x_crl.c index 9b57c5c1..04f58c65 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x_crl.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x_crl.c @@ -86,7 +86,7 @@ struct x509_crl_method_st { }; static int X509_REVOKED_cmp(const X509_REVOKED **a, const X509_REVOKED **b); -static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); +static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); ASN1_SEQUENCE(X509_REVOKED) = { ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER), @@ -126,6 +126,9 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, * affect the output of X509_CRL_print(). */ case ASN1_OP_D2I_POST: + /* TODO(davidben): Check that default |versions| are never encoded and + * that |extensions| is only present in v2. */ + (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp); break; } @@ -226,6 +229,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, STACK_OF(X509_EXTENSION) *exts; X509_EXTENSION *ext; size_t idx; + int i; switch (operation) { case ASN1_OP_NEW_POST: @@ -242,26 +246,44 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, break; case ASN1_OP_D2I_POST: - X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); + if (!X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL)) { + return 0; + } + crl->idp = X509_CRL_get_ext_d2i(crl, - NID_issuing_distribution_point, NULL, + NID_issuing_distribution_point, &i, NULL); - if (crl->idp) - setup_idp(crl, crl->idp); + if (crl->idp != NULL) { + if (!setup_idp(crl, crl->idp)) { + return 0; + } + } else if (i != -1) { + return 0; + } crl->akid = X509_CRL_get_ext_d2i(crl, - NID_authority_key_identifier, NULL, + NID_authority_key_identifier, &i, NULL); + if (crl->akid == NULL && i != -1) { + return 0; + } crl->crl_number = X509_CRL_get_ext_d2i(crl, - NID_crl_number, NULL, NULL); + NID_crl_number, &i, NULL); + if (crl->crl_number == NULL && i != -1) { + return 0; + } - crl->base_crl_number = X509_CRL_get_ext_d2i(crl, - NID_delta_crl, NULL, + crl->base_crl_number = X509_CRL_get_ext_d2i(crl, NID_delta_crl, &i, NULL); + if (crl->base_crl_number == NULL && i != -1) { + return 0; + } /* Delta CRLs must have CRL number */ - if (crl->base_crl_number && !crl->crl_number) - crl->flags |= EXFLAG_INVALID; + if (crl->base_crl_number && !crl->crl_number) { + OPENSSL_PUT_ERROR(X509, X509_R_DELTA_CRL_WITHOUT_CRL_NUMBER); + return 0; + } /* * See if we have any unhandled critical CRL extensions and indicate @@ -319,7 +341,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, /* Convert IDP into a more convenient form */ -static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) +static int setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) { int idp_only = 0; /* Set various flags according to IDP */ @@ -352,7 +374,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) crl->idp_reasons &= CRLDP_ALL_REASONS; } - DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); + return DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); } ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = { diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x_pubkey.c b/Sources/CCryptoBoringSSL/crypto/x509/x_pubkey.c index c482ec37..ead4ffbf 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x_pubkey.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x_pubkey.c @@ -180,160 +180,6 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) return NULL; } -/* - * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or - * decode as X509_PUBKEY - */ - -EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) -{ - X509_PUBKEY *xpk; - EVP_PKEY *pktmp; - xpk = d2i_X509_PUBKEY(NULL, pp, length); - if (!xpk) - return NULL; - pktmp = X509_PUBKEY_get(xpk); - X509_PUBKEY_free(xpk); - if (!pktmp) - return NULL; - if (a) { - EVP_PKEY_free(*a); - *a = pktmp; - } - return pktmp; -} - -int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp) -{ - X509_PUBKEY *xpk = NULL; - int ret; - if (!a) - return 0; - if (!X509_PUBKEY_set(&xpk, (EVP_PKEY *)a)) - return 0; - ret = i2d_X509_PUBKEY(xpk, pp); - X509_PUBKEY_free(xpk); - return ret; -} - -/* - * The following are equivalents but which return RSA and DSA keys - */ -RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) -{ - EVP_PKEY *pkey; - RSA *key; - const unsigned char *q; - q = *pp; - pkey = d2i_PUBKEY(NULL, &q, length); - if (!pkey) - return NULL; - key = EVP_PKEY_get1_RSA(pkey); - EVP_PKEY_free(pkey); - if (!key) - return NULL; - *pp = q; - if (a) { - RSA_free(*a); - *a = key; - } - return key; -} - -int i2d_RSA_PUBKEY(const RSA *a, unsigned char **pp) -{ - EVP_PKEY *pktmp; - int ret; - if (!a) - return 0; - pktmp = EVP_PKEY_new(); - if (!pktmp) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); - return 0; - } - EVP_PKEY_set1_RSA(pktmp, (RSA *)a); - ret = i2d_PUBKEY(pktmp, pp); - EVP_PKEY_free(pktmp); - return ret; -} - -#ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) -{ - EVP_PKEY *pkey; - DSA *key; - const unsigned char *q; - q = *pp; - pkey = d2i_PUBKEY(NULL, &q, length); - if (!pkey) - return NULL; - key = EVP_PKEY_get1_DSA(pkey); - EVP_PKEY_free(pkey); - if (!key) - return NULL; - *pp = q; - if (a) { - DSA_free(*a); - *a = key; - } - return key; -} - -int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp) -{ - EVP_PKEY *pktmp; - int ret; - if (!a) - return 0; - pktmp = EVP_PKEY_new(); - if (!pktmp) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); - return 0; - } - EVP_PKEY_set1_DSA(pktmp, (DSA *)a); - ret = i2d_PUBKEY(pktmp, pp); - EVP_PKEY_free(pktmp); - return ret; -} -#endif - -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) -{ - EVP_PKEY *pkey; - EC_KEY *key; - const unsigned char *q; - q = *pp; - pkey = d2i_PUBKEY(NULL, &q, length); - if (!pkey) - return (NULL); - key = EVP_PKEY_get1_EC_KEY(pkey); - EVP_PKEY_free(pkey); - if (!key) - return (NULL); - *pp = q; - if (a) { - EC_KEY_free(*a); - *a = key; - } - return (key); -} - -int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp) -{ - EVP_PKEY *pktmp; - int ret; - if (!a) - return (0); - if ((pktmp = EVP_PKEY_new()) == NULL) { - OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE); - return (0); - } - EVP_PKEY_set1_EC_KEY(pktmp, (EC_KEY *)a); - ret = i2d_PUBKEY(pktmp, pp); - EVP_PKEY_free(pktmp); - return (ret); -} - int X509_PUBKEY_set0_param(X509_PUBKEY *pub, const ASN1_OBJECT *aobj, int ptype, void *pval, unsigned char *penc, int penclen) diff --git a/Sources/CCryptoBoringSSL/crypto/x509/x_x509.c b/Sources/CCryptoBoringSSL/crypto/x509/x_x509.c index 4d3c461b..088e37bf 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509/x_x509.c +++ b/Sources/CCryptoBoringSSL/crypto/x509/x_x509.c @@ -98,7 +98,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, switch (operation) { case ASN1_OP_NEW_POST: - ret->name = NULL; ret->ex_flags = 0; ret->ex_pathlen = -1; ret->skid = NULL; @@ -115,11 +114,35 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ret->buf = NULL; break; - case ASN1_OP_D2I_POST: - if (ret->name != NULL) - OPENSSL_free(ret->name); - ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0); + case ASN1_OP_D2I_POST: { + /* The version must be one of v1(0), v2(1), or v3(2). */ + long version = 0; + if (ret->cert_info->version != NULL) { + version = ASN1_INTEGER_get(ret->cert_info->version); + /* TODO(https://crbug.com/boringssl/364): |version| = 0 should also + * be rejected. This means an explicitly-encoded X.509v1 version. + * v1 is DEFAULT, so DER requires it be omitted. */ + if (version < 0 || version > 2) { + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION); + return 0; + } + } + + /* Per RFC5280, section 4.1.2.8, these fields require v2 or v3. */ + if (version == 0 && (ret->cert_info->issuerUID != NULL || + ret->cert_info->subjectUID != NULL)) { + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION); + return 0; + } + + /* Per RFC5280, section 4.1.2.9, extensions require v3. */ + if (version != 2 && ret->cert_info->extensions != NULL) { + OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION); + return 0; + } + break; + } case ASN1_OP_FREE_POST: CRYPTO_MUTEX_cleanup(&ret->lock); @@ -132,7 +155,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, GENERAL_NAMES_free(ret->altname); NAME_CONSTRAINTS_free(ret->nc); CRYPTO_BUFFER_free(ret->buf); - OPENSSL_free(ret->name); break; } diff --git a/Sources/CCryptoBoringSSL/crypto/x509v3/internal.h b/Sources/CCryptoBoringSSL/crypto/x509v3/internal.h index aac79e9c..f953a57c 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509v3/internal.h +++ b/Sources/CCryptoBoringSSL/crypto/x509v3/internal.h @@ -48,6 +48,11 @@ int x509v3_name_cmp(const char *name, const char *cmp); OPENSSL_EXPORT int x509v3_looks_like_dns_name(const unsigned char *in, size_t len); +// x509v3_cache_extensions fills in a number of fields relating to X.509 +// extensions in |x|. It returns one on success and zero if some extensions were +// invalid. +int x509v3_cache_extensions(X509 *x); + #if defined(__cplusplus) } /* extern C */ diff --git a/Sources/CCryptoBoringSSL/crypto/x509v3/v3_purp.c b/Sources/CCryptoBoringSSL/crypto/x509v3/v3_purp.c index 7643d44a..f0ea078a 100644 --- a/Sources/CCryptoBoringSSL/crypto/x509v3/v3_purp.c +++ b/Sources/CCryptoBoringSSL/crypto/x509v3/v3_purp.c @@ -68,6 +68,7 @@ #include #include "../internal.h" +#include "internal.h" #define V1_ROOT (EXFLAG_V1|EXFLAG_SS) #define ku_reject(x, usage) \ @@ -77,8 +78,6 @@ #define ns_reject(x, usage) \ (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage))) -static void x509v3_cache_extensions(X509 *x); - static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca); static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, @@ -144,7 +143,10 @@ int X509_check_purpose(X509 *x, int id, int ca) { int idx; const X509_PURPOSE *pt; - x509v3_cache_extensions(x); + if (!x509v3_cache_extensions(x)) { + return -1; + } + if (id == -1) return 1; idx = X509_PURPOSE_get_by_id(id); @@ -368,7 +370,7 @@ int X509_supported_extension(X509_EXTENSION *ex) return 0; } -static void setup_dp(X509 *x, DIST_POINT *dp) +static int setup_dp(X509 *x, DIST_POINT *dp) { X509_NAME *iname = NULL; size_t i; @@ -381,7 +383,7 @@ static void setup_dp(X509 *x, DIST_POINT *dp) } else dp->dp_reasons = CRLDP_ALL_REASONS; if (!dp->distpoint || (dp->distpoint->type != 1)) - return; + return 1; for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); if (gen->type == GEN_DIRNAME) { @@ -392,19 +394,25 @@ static void setup_dp(X509 *x, DIST_POINT *dp) if (!iname) iname = X509_get_issuer_name(x); - DIST_POINT_set_dpname(dp->distpoint, iname); - + return DIST_POINT_set_dpname(dp->distpoint, iname); } -static void setup_crldp(X509 *x) +static int setup_crldp(X509 *x) { - size_t i; - x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL); - for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) - setup_dp(x, sk_DIST_POINT_value(x->crldp, i)); + int j; + x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &j, NULL); + if (x->crldp == NULL && j != -1) { + return 0; + } + for (size_t i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { + if (!setup_dp(x, sk_DIST_POINT_value(x->crldp, i))) { + return 0; + } + } + return 1; } -static void x509v3_cache_extensions(X509 *x) +int x509v3_cache_extensions(X509 *x) { BASIC_CONSTRAINTS *bs; PROXY_CERT_INFO_EXTENSION *pci; @@ -420,21 +428,22 @@ static void x509v3_cache_extensions(X509 *x) CRYPTO_MUTEX_unlock_read(&x->lock); if (is_set) { - return; + return (x->ex_flags & EXFLAG_INVALID) == 0; } CRYPTO_MUTEX_lock_write(&x->lock); if (x->ex_flags & EXFLAG_SET) { CRYPTO_MUTEX_unlock_write(&x->lock); - return; + return (x->ex_flags & EXFLAG_INVALID) == 0; } - X509_digest(x, EVP_sha1(), x->sha1_hash, NULL); + if (!X509_digest(x, EVP_sha1(), x->sha1_hash, NULL)) + x->ex_flags |= EXFLAG_INVALID; /* V1 should mean no extensions ... */ if (!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; /* Handle basic constraints */ - if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) { + if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &j, NULL))) { if (bs->ca) x->ex_flags |= EXFLAG_CA; if (bs->pathlen) { @@ -448,9 +457,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_pathlen = -1; BASIC_CONSTRAINTS_free(bs); x->ex_flags |= EXFLAG_BCONS; + } else if (j != -1) { + x->ex_flags |= EXFLAG_INVALID; } /* Handle proxy certificates */ - if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) { + if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, &j, NULL))) { if (x->ex_flags & EXFLAG_CA || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0 || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) { @@ -462,9 +473,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_pcpathlen = -1; PROXY_CERT_INFO_EXTENSION_free(pci); x->ex_flags |= EXFLAG_PROXY; + } else if (j != -1) { + x->ex_flags |= EXFLAG_INVALID; } /* Handle key usage */ - if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) { + if ((usage = X509_get_ext_d2i(x, NID_key_usage, &j, NULL))) { if (usage->length > 0) { x->ex_kusage = usage->data[0]; if (usage->length > 1) @@ -473,9 +486,11 @@ static void x509v3_cache_extensions(X509 *x) x->ex_kusage = 0; x->ex_flags |= EXFLAG_KUSAGE; ASN1_BIT_STRING_free(usage); + } else if (j != -1) { + x->ex_flags |= EXFLAG_INVALID; } x->ex_xkusage = 0; - if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) { + if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &j, NULL))) { x->ex_flags |= EXFLAG_XKUSAGE; for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) { @@ -518,18 +533,28 @@ static void x509v3_cache_extensions(X509 *x) } } sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); + } else if (j != -1) { + x->ex_flags |= EXFLAG_INVALID; } - if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) { + if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &j, NULL))) { if (ns->length > 0) x->ex_nscert = ns->data[0]; else x->ex_nscert = 0; x->ex_flags |= EXFLAG_NSCERT; ASN1_BIT_STRING_free(ns); + } else if (j != -1) { + x->ex_flags |= EXFLAG_INVALID; + } + x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &j, NULL); + if (x->skid == NULL && j != -1) { + x->ex_flags |= EXFLAG_INVALID; + } + x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &j, NULL); + if (x->akid == NULL && j != -1) { + x->ex_flags |= EXFLAG_INVALID; } - x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); - x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); /* Does subject name match issuer ? */ if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) { x->ex_flags |= EXFLAG_SI; @@ -538,11 +563,17 @@ static void x509v3_cache_extensions(X509 *x) !ku_reject(x, KU_KEY_CERT_SIGN)) x->ex_flags |= EXFLAG_SS; } - x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); + x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &j, NULL); + if (x->altname == NULL && j != -1) { + x->ex_flags |= EXFLAG_INVALID; + } x->nc = X509_get_ext_d2i(x, NID_name_constraints, &j, NULL); - if (!x->nc && (j != -1)) + if (x->nc == NULL && j != -1) { + x->ex_flags |= EXFLAG_INVALID; + } + if (!setup_crldp(x)) { x->ex_flags |= EXFLAG_INVALID; - setup_crldp(x); + } for (j = 0; j < X509_get_ext_count(x); j++) { ex = X509_get_ext(x, j); @@ -559,6 +590,7 @@ static void x509v3_cache_extensions(X509 *x) x->ex_flags |= EXFLAG_SET; CRYPTO_MUTEX_unlock_write(&x->lock); + return (x->ex_flags & EXFLAG_INVALID) == 0; } /* check_ca returns one if |x| should be considered a CA certificate and zero @@ -579,7 +611,9 @@ static int check_ca(const X509 *x) int X509_check_ca(X509 *x) { - x509v3_cache_extensions(x); + if (!x509v3_cache_extensions(x)) { + return 0; + } return check_ca(x); } @@ -761,8 +795,10 @@ int X509_check_issued(X509 *issuer, X509 *subject) if (X509_NAME_cmp(X509_get_subject_name(issuer), X509_get_issuer_name(subject))) return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; - x509v3_cache_extensions(issuer); - x509v3_cache_extensions(subject); + if (!x509v3_cache_extensions(issuer) || + !x509v3_cache_extensions(subject)) { + return X509_V_ERR_UNSPECIFIED; + } if (subject->akid) { int ret = X509_check_akid(issuer, subject->akid); @@ -819,15 +855,17 @@ int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid) uint32_t X509_get_extension_flags(X509 *x) { - /* Call for side-effect of computing hash and caching extensions */ - X509_check_purpose(x, -1, -1); + if (!x509v3_cache_extensions(x)) { + return 0; + } return x->ex_flags; } uint32_t X509_get_key_usage(X509 *x) { - /* Call for side-effect of computing hash and caching extensions */ - X509_check_purpose(x, -1, -1); + if (!x509v3_cache_extensions(x)) { + return 0; + } if (x->ex_flags & EXFLAG_KUSAGE) return x->ex_kusage; return UINT32_MAX; @@ -835,8 +873,9 @@ uint32_t X509_get_key_usage(X509 *x) uint32_t X509_get_extended_key_usage(X509 *x) { - /* Call for side-effect of computing hash and caching extensions */ - X509_check_purpose(x, -1, -1); + if (!x509v3_cache_extensions(x)) { + return 0; + } if (x->ex_flags & EXFLAG_XKUSAGE) return x->ex_xkusage; return UINT32_MAX; diff --git a/Sources/CCryptoBoringSSL/hash.txt b/Sources/CCryptoBoringSSL/hash.txt index 590e0b59..e0fee60f 100644 --- a/Sources/CCryptoBoringSSL/hash.txt +++ b/Sources/CCryptoBoringSSL/hash.txt @@ -1 +1 @@ -This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 53a17f55247101105ae35767d5c5a6c311843a8e +This directory is derived from BoringSSL cloned from https://boringssl.googlesource.com/boringssl at revision 54858b63c1d886f6c8d903d4a4f594f1485de189 diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_aes.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_aes.h index 5c723a03..79b99d9b 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_aes.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_aes.h @@ -106,7 +106,10 @@ OPENSSL_EXPORT void AES_decrypt(const uint8_t *in, uint8_t *out, // AES_ctr128_encrypt encrypts (or decrypts, it's the same in CTR mode) |len| // bytes from |in| to |out|. The |num| parameter must be set to zero on the -// first call and |ivec| will be incremented. +// first call and |ivec| will be incremented. This function may be called +// in-place with |in| equal to |out|, but otherwise the buffers may not +// partially overlap. A partial overlap may overwrite input data before it is +// read. OPENSSL_EXPORT void AES_ctr128_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t ivec[AES_BLOCK_SIZE], @@ -114,26 +117,35 @@ OPENSSL_EXPORT void AES_ctr128_encrypt(const uint8_t *in, uint8_t *out, unsigned int *num); // AES_ecb_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) a single, -// 16 byte block from |in| to |out|. +// 16 byte block from |in| to |out|. This function may be called in-place with +// |in| equal to |out|, but otherwise the buffers may not partially overlap. A +// partial overlap may overwrite input data before it is read. OPENSSL_EXPORT void AES_ecb_encrypt(const uint8_t *in, uint8_t *out, const AES_KEY *key, const int enc); // AES_cbc_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) |len| // bytes from |in| to |out|. The length must be a multiple of the block size. +// This function may be called in-place with |in| equal to |out|, but otherwise +// the buffers may not partially overlap. A partial overlap may overwrite input +// data before it is read. OPENSSL_EXPORT void AES_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t *ivec, const int enc); // AES_ofb128_encrypt encrypts (or decrypts, it's the same in OFB mode) |len| // bytes from |in| to |out|. The |num| parameter must be set to zero on the -// first call. +// first call. This function may be called in-place with |in| equal to |out|, +// but otherwise the buffers may not partially overlap. A partial overlap may +// overwrite input data before it is read. OPENSSL_EXPORT void AES_ofb128_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t *ivec, int *num); // AES_cfb128_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) |len| // bytes from |in| to |out|. The |num| parameter must be set to zero on the -// first call. +// first call. This function may be called in-place with |in| equal to |out|, +// but otherwise the buffers may not partially overlap. A partial overlap may +// overwrite input data before it is read. OPENSSL_EXPORT void AES_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t *ivec, int *num, int enc); diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_asn1.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_asn1.h index 253fc7b7..cc305897 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_asn1.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_asn1.h @@ -619,14 +619,14 @@ typedef struct BIT_STRING_BITNAME_st { DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) -OPENSSL_EXPORT int ASN1_TYPE_get(ASN1_TYPE *a); +OPENSSL_EXPORT int ASN1_TYPE_get(const ASN1_TYPE *a); OPENSSL_EXPORT void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); OPENSSL_EXPORT int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); OPENSSL_EXPORT ASN1_OBJECT * ASN1_OBJECT_new(void ); OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a); -OPENSSL_EXPORT int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); +OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *a,unsigned char **pp); OPENSSL_EXPORT ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, long length); OPENSSL_EXPORT ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, @@ -648,23 +648,23 @@ OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); OPENSSL_EXPORT int ASN1_STRING_length(const ASN1_STRING *x); OPENSSL_EXPORT void ASN1_STRING_length_set(ASN1_STRING *x, int n); -OPENSSL_EXPORT int ASN1_STRING_type(ASN1_STRING *x); +OPENSSL_EXPORT int ASN1_STRING_type(const ASN1_STRING *x); OPENSSL_EXPORT unsigned char * ASN1_STRING_data(ASN1_STRING *x); OPENSSL_EXPORT const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x); DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) -OPENSSL_EXPORT int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); +OPENSSL_EXPORT int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a,unsigned char **pp); OPENSSL_EXPORT ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp, long length); OPENSSL_EXPORT int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length ); OPENSSL_EXPORT int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -OPENSSL_EXPORT int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -OPENSSL_EXPORT int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, unsigned char *flags, int flags_len); +OPENSSL_EXPORT int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n); +OPENSSL_EXPORT int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, unsigned char *flags, int flags_len); OPENSSL_EXPORT int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); OPENSSL_EXPORT int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length); DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) -OPENSSL_EXPORT int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); +OPENSSL_EXPORT int i2c_ASN1_INTEGER(const ASN1_INTEGER *a,unsigned char **pp); OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); OPENSSL_EXPORT ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x); OPENSSL_EXPORT int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); @@ -713,15 +713,15 @@ DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t, int offset_day, long offset_sec); -OPENSSL_EXPORT int ASN1_TIME_check(ASN1_TIME *t); -OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); +OPENSSL_EXPORT int ASN1_TIME_check(const ASN1_TIME *t); +OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); OPENSSL_EXPORT int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); -OPENSSL_EXPORT int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); -OPENSSL_EXPORT int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a); -OPENSSL_EXPORT int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a); -OPENSSL_EXPORT int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); -OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a); +OPENSSL_EXPORT int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a); +OPENSSL_EXPORT int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a); +OPENSSL_EXPORT int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a); +OPENSSL_EXPORT int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type); +OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf,int buf_len, const ASN1_OBJECT *a); OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, const char *sn, const char *ln); @@ -732,9 +732,9 @@ OPENSSL_EXPORT ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER * OPENSSL_EXPORT BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn); OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -OPENSSL_EXPORT long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); -OPENSSL_EXPORT ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); -OPENSSL_EXPORT BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); +OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a); +OPENSSL_EXPORT ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai); +OPENSSL_EXPORT BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai,BIGNUM *bn); /* General */ /* given a string, return the correct type, max is the maximum length */ @@ -753,7 +753,7 @@ OPENSSL_EXPORT void *ASN1_item_dup(const ASN1_ITEM *it, void *x); #ifndef OPENSSL_NO_FP_API OPENSSL_EXPORT void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); OPENSSL_EXPORT int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); -OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); +OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags); #endif OPENSSL_EXPORT int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); @@ -764,12 +764,12 @@ OPENSSL_EXPORT int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); OPENSSL_EXPORT int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); OPENSSL_EXPORT int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); -OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); +OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags); OPENSSL_EXPORT const char *ASN1_tag2str(int tag); /* Used to load and write netscape format cert */ -OPENSSL_EXPORT void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); +OPENSSL_EXPORT void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it); OPENSSL_EXPORT ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); @@ -793,8 +793,8 @@ OPENSSL_EXPORT ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char OPENSSL_EXPORT int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); OPENSSL_EXPORT int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); -OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); +OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf); +OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf); #ifdef __cplusplus diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h index c6ccebdc..ed0fc2cc 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_base.h @@ -95,7 +95,7 @@ extern "C" { #elif defined(__x86) || defined(__i386) || defined(__i386__) || defined(_M_IX86) #define OPENSSL_32_BIT #define OPENSSL_X86 -#elif defined(__aarch64__) +#elif defined(__aarch64__) || defined(_M_ARM64) #define OPENSSL_64_BIT #define OPENSSL_AARCH64 #elif defined(__arm) || defined(__arm__) || defined(_M_ARM) diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols.h index 64036687..53cc3039 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols.h @@ -1573,7 +1573,6 @@ #define TRUST_TOKEN_ISSUER_set_metadata_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_ISSUER_set_metadata_key) #define TRUST_TOKEN_ISSUER_set_srr_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_ISSUER_set_srr_key) #define TRUST_TOKEN_decode_private_metadata BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_decode_private_metadata) -#define TRUST_TOKEN_experiment_v0 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_experiment_v0) #define TRUST_TOKEN_experiment_v1 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_experiment_v1) #define TRUST_TOKEN_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_free) #define TRUST_TOKEN_generate_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, TRUST_TOKEN_generate_key) @@ -1653,8 +1652,10 @@ #define X509_CERT_AUX_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CERT_AUX_new) #define X509_CERT_AUX_print BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CERT_AUX_print) #define X509_CINF_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CINF_free) +#define X509_CINF_get_signature BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CINF_get_signature) #define X509_CINF_it BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CINF_it) #define X509_CINF_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CINF_new) +#define X509_CINF_set_modified BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CINF_set_modified) #define X509_CRL_INFO_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_INFO_free) #define X509_CRL_INFO_it BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_INFO_it) #define X509_CRL_INFO_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_INFO_new) @@ -1675,14 +1676,19 @@ #define X509_CRL_get0_lastUpdate BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get0_lastUpdate) #define X509_CRL_get0_nextUpdate BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get0_nextUpdate) #define X509_CRL_get0_signature BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get0_signature) +#define X509_CRL_get_REVOKED BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_REVOKED) #define X509_CRL_get_ext BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext) #define X509_CRL_get_ext_by_NID BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext_by_NID) #define X509_CRL_get_ext_by_OBJ BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext_by_OBJ) #define X509_CRL_get_ext_by_critical BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext_by_critical) #define X509_CRL_get_ext_count BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext_count) #define X509_CRL_get_ext_d2i BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_ext_d2i) +#define X509_CRL_get_issuer BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_issuer) +#define X509_CRL_get_lastUpdate BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_lastUpdate) #define X509_CRL_get_meth_data BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_meth_data) +#define X509_CRL_get_nextUpdate BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_nextUpdate) #define X509_CRL_get_signature_nid BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_signature_nid) +#define X509_CRL_get_version BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_get_version) #define X509_CRL_it BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_it) #define X509_CRL_match BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_match) #define X509_CRL_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_CRL_new) @@ -1817,6 +1823,8 @@ #define X509_REQ_get_extensions BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_get_extensions) #define X509_REQ_get_pubkey BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_get_pubkey) #define X509_REQ_get_signature_nid BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_get_signature_nid) +#define X509_REQ_get_subject_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_get_subject_name) +#define X509_REQ_get_version BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_get_version) #define X509_REQ_it BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_it) #define X509_REQ_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_new) #define X509_REQ_print BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_REQ_print) @@ -2006,6 +2014,8 @@ #define X509_get0_tbs_sigalg BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get0_tbs_sigalg) #define X509_get1_email BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get1_email) #define X509_get1_ocsp BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get1_ocsp) +#define X509_get_X509_PUBKEY BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_X509_PUBKEY) +#define X509_get_cert_info BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_cert_info) #define X509_get_default_cert_area BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_default_cert_area) #define X509_get_default_cert_dir BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_default_cert_dir) #define X509_get_default_cert_dir_env BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_default_cert_dir_env) @@ -2024,10 +2034,13 @@ #define X509_get_extension_flags BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_extension_flags) #define X509_get_issuer_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_issuer_name) #define X509_get_key_usage BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_key_usage) +#define X509_get_notAfter BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_notAfter) +#define X509_get_notBefore BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_notBefore) #define X509_get_pubkey BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_pubkey) #define X509_get_serialNumber BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_serialNumber) #define X509_get_signature_nid BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_signature_nid) #define X509_get_subject_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_subject_name) +#define X509_get_version BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_get_version) #define X509_getm_notAfter BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_getm_notAfter) #define X509_getm_notBefore BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_getm_notBefore) #define X509_gmtime_adj BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, X509_gmtime_adj) @@ -2422,9 +2435,7 @@ #define ec_get_x_coordinate_as_scalar BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_get_x_coordinate_as_scalar) #define ec_group_new BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_group_new) #define ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_hash_to_curve_p384_xmd_sha512_sswu_draft07) -#define ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_hash_to_curve_p521_xmd_sha512_sswu_draft06) #define ec_hash_to_scalar_p384_xmd_sha512_draft07 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_hash_to_scalar_p384_xmd_sha512_draft07) -#define ec_hash_to_scalar_p521_xmd_sha512_draft06 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_hash_to_scalar_p521_xmd_sha512_draft06) #define ec_init_precomp BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_init_precomp) #define ec_jacobian_to_affine BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_jacobian_to_affine) #define ec_jacobian_to_affine_batch BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ec_jacobian_to_affine_batch) @@ -2659,13 +2670,6 @@ #define pkcs7_bundle BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pkcs7_bundle) #define pkcs7_parse_header BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pkcs7_parse_header) #define pkcs8_pbe_decrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pkcs8_pbe_decrypt) -#define pmbtoken_exp0_blind BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_blind) -#define pmbtoken_exp0_client_key_from_bytes BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_client_key_from_bytes) -#define pmbtoken_exp0_generate_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_generate_key) -#define pmbtoken_exp0_issuer_key_from_bytes BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_issuer_key_from_bytes) -#define pmbtoken_exp0_read BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_read) -#define pmbtoken_exp0_sign BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_sign) -#define pmbtoken_exp0_unblind BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp0_unblind) #define pmbtoken_exp1_blind BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp1_blind) #define pmbtoken_exp1_client_key_from_bytes BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp1_client_key_from_bytes) #define pmbtoken_exp1_generate_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, pmbtoken_exp1_generate_key) @@ -2780,6 +2784,7 @@ #define x509_rsa_ctx_to_pss BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509_rsa_ctx_to_pss) #define x509_rsa_pss_to_ctx BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509_rsa_pss_to_ctx) #define x509v3_bytes_to_hex BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509v3_bytes_to_hex) +#define x509v3_cache_extensions BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509v3_cache_extensions) #define x509v3_hex_to_bytes BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509v3_hex_to_bytes) #define x509v3_looks_like_dns_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509v3_looks_like_dns_name) #define x509v3_name_cmp BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, x509v3_name_cmp) diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols_asm.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols_asm.h index 79e7e461..bcb5ec80 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols_asm.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_boringssl_prefix_symbols_asm.h @@ -1578,7 +1578,6 @@ #define _TRUST_TOKEN_ISSUER_set_metadata_key BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_ISSUER_set_metadata_key) #define _TRUST_TOKEN_ISSUER_set_srr_key BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_ISSUER_set_srr_key) #define _TRUST_TOKEN_decode_private_metadata BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_decode_private_metadata) -#define _TRUST_TOKEN_experiment_v0 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_experiment_v0) #define _TRUST_TOKEN_experiment_v1 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_experiment_v1) #define _TRUST_TOKEN_free BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_free) #define _TRUST_TOKEN_generate_key BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, TRUST_TOKEN_generate_key) @@ -1658,8 +1657,10 @@ #define _X509_CERT_AUX_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CERT_AUX_new) #define _X509_CERT_AUX_print BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CERT_AUX_print) #define _X509_CINF_free BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CINF_free) +#define _X509_CINF_get_signature BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CINF_get_signature) #define _X509_CINF_it BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CINF_it) #define _X509_CINF_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CINF_new) +#define _X509_CINF_set_modified BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CINF_set_modified) #define _X509_CRL_INFO_free BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_INFO_free) #define _X509_CRL_INFO_it BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_INFO_it) #define _X509_CRL_INFO_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_INFO_new) @@ -1680,14 +1681,19 @@ #define _X509_CRL_get0_lastUpdate BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get0_lastUpdate) #define _X509_CRL_get0_nextUpdate BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get0_nextUpdate) #define _X509_CRL_get0_signature BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get0_signature) +#define _X509_CRL_get_REVOKED BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_REVOKED) #define _X509_CRL_get_ext BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext) #define _X509_CRL_get_ext_by_NID BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext_by_NID) #define _X509_CRL_get_ext_by_OBJ BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext_by_OBJ) #define _X509_CRL_get_ext_by_critical BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext_by_critical) #define _X509_CRL_get_ext_count BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext_count) #define _X509_CRL_get_ext_d2i BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_ext_d2i) +#define _X509_CRL_get_issuer BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_issuer) +#define _X509_CRL_get_lastUpdate BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_lastUpdate) #define _X509_CRL_get_meth_data BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_meth_data) +#define _X509_CRL_get_nextUpdate BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_nextUpdate) #define _X509_CRL_get_signature_nid BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_signature_nid) +#define _X509_CRL_get_version BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_get_version) #define _X509_CRL_it BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_it) #define _X509_CRL_match BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_match) #define _X509_CRL_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_CRL_new) @@ -1822,6 +1828,8 @@ #define _X509_REQ_get_extensions BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_get_extensions) #define _X509_REQ_get_pubkey BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_get_pubkey) #define _X509_REQ_get_signature_nid BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_get_signature_nid) +#define _X509_REQ_get_subject_name BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_get_subject_name) +#define _X509_REQ_get_version BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_get_version) #define _X509_REQ_it BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_it) #define _X509_REQ_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_new) #define _X509_REQ_print BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_REQ_print) @@ -2011,6 +2019,8 @@ #define _X509_get0_tbs_sigalg BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get0_tbs_sigalg) #define _X509_get1_email BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get1_email) #define _X509_get1_ocsp BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get1_ocsp) +#define _X509_get_X509_PUBKEY BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_X509_PUBKEY) +#define _X509_get_cert_info BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_cert_info) #define _X509_get_default_cert_area BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_default_cert_area) #define _X509_get_default_cert_dir BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_default_cert_dir) #define _X509_get_default_cert_dir_env BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_default_cert_dir_env) @@ -2029,10 +2039,13 @@ #define _X509_get_extension_flags BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_extension_flags) #define _X509_get_issuer_name BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_issuer_name) #define _X509_get_key_usage BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_key_usage) +#define _X509_get_notAfter BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_notAfter) +#define _X509_get_notBefore BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_notBefore) #define _X509_get_pubkey BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_pubkey) #define _X509_get_serialNumber BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_serialNumber) #define _X509_get_signature_nid BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_signature_nid) #define _X509_get_subject_name BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_subject_name) +#define _X509_get_version BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_get_version) #define _X509_getm_notAfter BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_getm_notAfter) #define _X509_getm_notBefore BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_getm_notBefore) #define _X509_gmtime_adj BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, X509_gmtime_adj) @@ -2427,9 +2440,7 @@ #define _ec_get_x_coordinate_as_scalar BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_get_x_coordinate_as_scalar) #define _ec_group_new BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_group_new) #define _ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_hash_to_curve_p384_xmd_sha512_sswu_draft07) -#define _ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_hash_to_curve_p521_xmd_sha512_sswu_draft06) #define _ec_hash_to_scalar_p384_xmd_sha512_draft07 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_hash_to_scalar_p384_xmd_sha512_draft07) -#define _ec_hash_to_scalar_p521_xmd_sha512_draft06 BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_hash_to_scalar_p521_xmd_sha512_draft06) #define _ec_init_precomp BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_init_precomp) #define _ec_jacobian_to_affine BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_jacobian_to_affine) #define _ec_jacobian_to_affine_batch BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, ec_jacobian_to_affine_batch) @@ -2664,13 +2675,6 @@ #define _pkcs7_bundle BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pkcs7_bundle) #define _pkcs7_parse_header BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pkcs7_parse_header) #define _pkcs8_pbe_decrypt BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pkcs8_pbe_decrypt) -#define _pmbtoken_exp0_blind BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_blind) -#define _pmbtoken_exp0_client_key_from_bytes BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_client_key_from_bytes) -#define _pmbtoken_exp0_generate_key BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_generate_key) -#define _pmbtoken_exp0_issuer_key_from_bytes BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_issuer_key_from_bytes) -#define _pmbtoken_exp0_read BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_read) -#define _pmbtoken_exp0_sign BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_sign) -#define _pmbtoken_exp0_unblind BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp0_unblind) #define _pmbtoken_exp1_blind BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp1_blind) #define _pmbtoken_exp1_client_key_from_bytes BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp1_client_key_from_bytes) #define _pmbtoken_exp1_generate_key BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, pmbtoken_exp1_generate_key) @@ -2785,6 +2789,7 @@ #define _x509_rsa_ctx_to_pss BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509_rsa_ctx_to_pss) #define _x509_rsa_pss_to_ctx BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509_rsa_pss_to_ctx) #define _x509v3_bytes_to_hex BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509v3_bytes_to_hex) +#define _x509v3_cache_extensions BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509v3_cache_extensions) #define _x509v3_hex_to_bytes BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509v3_hex_to_bytes) #define _x509v3_looks_like_dns_name BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509v3_looks_like_dns_name) #define _x509v3_name_cmp BORINGSSL_ADD_PREFIX_MAC_ASM(BORINGSSL_PREFIX, x509v3_name_cmp) diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h index 1bf7f787..4606dade 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_evp.h @@ -947,6 +947,75 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); +// i2d_PUBKEY marshals a public key from |pkey| as a DER-encoded +// SubjectPublicKeyInfo. If |outp| is not NULL, the result is written to |*outp| +// and |*outp| is advanced just past the output. It returns the number of bytes +// in the result, whether written or not, or a negative value on error. +// +// Use |EVP_marshal_public_key| instead. +OPENSSL_EXPORT int i2d_PUBKEY(const EVP_PKEY *pkey, uint8_t **outp); + +// d2i_PUBKEY parses a DER-encoded SubjectPublicKeyInfo from |len| bytes at +// |*inp|. It returns a newly-allocated result, or NULL on error. On success, +// |*inp| is advanced past the DER structure. If |out| is not NULL, it also +// frees any existing object pointed by |*out| and writes the result. +// +// Use |EVP_parse_public_key| instead. +OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY(EVP_PKEY **out, const uint8_t **inp, + long len); + +// i2d_RSA_PUBKEY marshals |rsa| as a DER-encoded SubjectPublicKeyInfo. If +// |outp| is not NULL, the result is written to |*outp| and +// |*outp| is advanced just past the output. It returns the number of bytes in +// the result, whether written or not, or a negative value on error. +// +// Use |EVP_marshal_public_key| instead. +OPENSSL_EXPORT int i2d_RSA_PUBKEY(const RSA *rsa, uint8_t **outp); + +// d2i_RSA_PUBKEY parses an RSA public key as a DER-encoded SubjectPublicKeyInfo +// from |len| bytes at |*inp|. It returns a newly-allocated result, or NULL on +// error. On success, |*inp| is advanced past the DER structure. If |out| is not +// NULL, it also frees any existing object pointed by |*out| and writes the +// result. +// +// Use |EVP_parse_public_key| instead. +OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY(RSA **out, const uint8_t **inp, long len); + +// i2d_DSA_PUBKEY marshals |dsa| as a DER-encoded SubjectPublicKeyInfo. If +// |outp| is not NULL, the result is written to |*outp| and |*outp| is advanced +// just past the output. It returns the number of bytes in the result, whether +// written or not, or a negative value on error. +// +// Use |EVP_marshal_public_key| instead. +OPENSSL_EXPORT int i2d_DSA_PUBKEY(const DSA *dsa, uint8_t **outp); + +// d2i_DSA_PUBKEY parses a DSA public key as a DER-encoded SubjectPublicKeyInfo +// from |len| bytes at |*inp|. It returns a newly-allocated result, or NULL on +// error. On success, |*inp| is advanced past the DER structure. If |out| is not +// NULL, it also frees any existing object pointed by |*out| and writes the +// result. +// +// Use |EVP_parse_public_key| instead. +OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY(DSA **out, const uint8_t **inp, long len); + +// i2d_EC_PUBKEY marshals |ec_key| as a DER-encoded SubjectPublicKeyInfo. If +// |outp| is not NULL, the result is written to |*outp| and |*outp| is advanced +// just past the output. It returns the number of bytes in the result, whether +// written or not, or a negative value on error. +// +// Use |EVP_marshal_public_key| instead. +OPENSSL_EXPORT int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp); + +// d2i_EC_PUBKEY parses an EC public key as a DER-encoded SubjectPublicKeyInfo +// from |len| bytes at |*inp|. It returns a newly-allocated result, or NULL on +// error. On success, |*inp| is advanced past the DER structure. If |out| is not +// NULL, it also frees any existing object pointed by |*out| and writes the +// result. +// +// Use |EVP_parse_public_key| instead. +OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp, + long len); + // Preprocessor compatibility section (hidden). // diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_trust_token.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_trust_token.h index 8072b73e..0e480175 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_trust_token.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_trust_token.h @@ -36,13 +36,8 @@ extern "C" { // // WARNING: This API is unstable and subject to change. -// TRUST_TOKEN_experiment_v0 is an experimental Trust Tokens protocol using -// PMBTokens and P-521. -OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v0(void); - // TRUST_TOKEN_experiment_v1 is an experimental Trust Tokens protocol using -// PMBTokens and P-384. This version is still under developement and should not -// be used yet. +// PMBTokens and P-384. OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v1(void); // trust_token_st represents a single-use token for the Trust Token protocol. @@ -234,9 +229,6 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_issue( // returning the SRR to the client. If the value has been reused, the caller // must discard the SRR and report an error to the caller. Returning an SRR with // replayed values allows an attacker to double-spend tokens. -// -// The private metadata construction in |TRUST_TOKEN_experiment_v0| does not -// keep the value secret and should not be used when secrecy is required. OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem( const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len, TRUST_TOKEN **out_token, uint8_t **out_client_data, @@ -246,7 +238,6 @@ OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem( // TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the // private metadata key specified by a |key| buffer of length |key_len| and the // nonce by a |nonce| buffer of length |nonce_len|. The nonce in -// |TRUST_TOKEN_experiment_v0| is the client-data field of the SRR. The nonce in // |TRUST_TOKEN_experiment_v1| is the token-hash field of the SRR. |*out_value| // is set to the decrypted value, either zero or one. It returns one on success // and zero on error. diff --git a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_x509.h b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_x509.h index 2f7b4c3a..99b753f6 100644 --- a/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_x509.h +++ b/Sources/CCryptoBoringSSL/include/CCryptoBoringSSL_x509.h @@ -4,21 +4,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -33,10 +33,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -48,7 +48,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -56,25 +56,22 @@ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by + * ECDH support in OpenSSL originally developed by * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ #ifndef HEADER_X509_H #define HEADER_X509_H -#include "CCryptoBoringSSL_base.h" - -#include - #include "CCryptoBoringSSL_asn1.h" +#include "CCryptoBoringSSL_base.h" #include "CCryptoBoringSSL_bio.h" #include "CCryptoBoringSSL_cipher.h" #include "CCryptoBoringSSL_dh.h" #include "CCryptoBoringSSL_dsa.h" +#include "CCryptoBoringSSL_ec.h" #include "CCryptoBoringSSL_ecdh.h" #include "CCryptoBoringSSL_ecdsa.h" -#include "CCryptoBoringSSL_ec.h" #include "CCryptoBoringSSL_evp.h" #include "CCryptoBoringSSL_obj.h" #include "CCryptoBoringSSL_pkcs7.h" @@ -83,482 +80,500 @@ #include "CCryptoBoringSSL_sha.h" #include "CCryptoBoringSSL_stack.h" #include "CCryptoBoringSSL_thread.h" +#include -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif -/* Legacy X.509 library. - * - * This header is part of OpenSSL's X.509 implementation. It is retained for - * compatibility but otherwise underdocumented and not actively maintained. In - * the future, a replacement library will be available. Meanwhile, minimize - * dependencies on this header where possible. */ - - -#define X509_FILETYPE_PEM 1 -#define X509_FILETYPE_ASN1 2 -#define X509_FILETYPE_DEFAULT 3 - -#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 -#define X509v3_KU_NON_REPUDIATION 0x0040 -#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 -#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 -#define X509v3_KU_KEY_AGREEMENT 0x0008 -#define X509v3_KU_KEY_CERT_SIGN 0x0004 -#define X509v3_KU_CRL_SIGN 0x0002 -#define X509v3_KU_ENCIPHER_ONLY 0x0001 -#define X509v3_KU_DECIPHER_ONLY 0x8000 -#define X509v3_KU_UNDEF 0xffff +// Legacy X.509 library. +// +// This header is part of OpenSSL's X.509 implementation. It is retained for +// compatibility but otherwise underdocumented and not actively maintained. In +// the future, a replacement library will be available. Meanwhile, minimize +// dependencies on this header where possible. + + +#define X509_FILETYPE_PEM 1 +#define X509_FILETYPE_ASN1 2 +#define X509_FILETYPE_DEFAULT 3 + +#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 +#define X509v3_KU_NON_REPUDIATION 0x0040 +#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 +#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 +#define X509v3_KU_KEY_AGREEMENT 0x0008 +#define X509v3_KU_KEY_CERT_SIGN 0x0004 +#define X509v3_KU_CRL_SIGN 0x0002 +#define X509v3_KU_ENCIPHER_ONLY 0x0001 +#define X509v3_KU_DECIPHER_ONLY 0x8000 +#define X509v3_KU_UNDEF 0xffff DEFINE_STACK_OF(X509_ALGOR) DECLARE_ASN1_SET_OF(X509_ALGOR) typedef STACK_OF(X509_ALGOR) X509_ALGORS; -struct X509_val_st - { - ASN1_TIME *notBefore; - ASN1_TIME *notAfter; - } /* X509_VAL */; - -struct X509_pubkey_st - { - X509_ALGOR *algor; - ASN1_BIT_STRING *public_key; - EVP_PKEY *pkey; - }; - -struct X509_sig_st - { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; - } /* X509_SIG */; - -struct X509_name_entry_st - { - ASN1_OBJECT *object; - ASN1_STRING *value; - int set; - int size; /* temp variable */ - } /* X509_NAME_ENTRY */; +struct X509_val_st { + ASN1_TIME *notBefore; + ASN1_TIME *notAfter; +} /* X509_VAL */; + +struct X509_pubkey_st { + X509_ALGOR *algor; + ASN1_BIT_STRING *public_key; + EVP_PKEY *pkey; +}; + +struct X509_sig_st { + X509_ALGOR *algor; + ASN1_OCTET_STRING *digest; +} /* X509_SIG */; + +struct X509_name_entry_st { + ASN1_OBJECT *object; + ASN1_STRING *value; + int set; + int size; // temp variable +} /* X509_NAME_ENTRY */; DEFINE_STACK_OF(X509_NAME_ENTRY) DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) -/* we always keep X509_NAMEs in 2 forms. */ -struct X509_name_st - { - STACK_OF(X509_NAME_ENTRY) *entries; - int modified; /* true if 'bytes' needs to be built */ - BUF_MEM *bytes; -/* unsigned long hash; Keep the hash around for lookups */ - unsigned char *canon_enc; - int canon_enclen; - } /* X509_NAME */; +// we always keep X509_NAMEs in 2 forms. +struct X509_name_st { + STACK_OF(X509_NAME_ENTRY) * entries; + int modified; // true if 'bytes' needs to be built + BUF_MEM *bytes; + // unsigned long hash; Keep the hash around for lookups + unsigned char *canon_enc; + int canon_enclen; +} /* X509_NAME */; DEFINE_STACK_OF(X509_NAME) -struct X509_extension_st - { - ASN1_OBJECT *object; - ASN1_BOOLEAN critical; - ASN1_OCTET_STRING *value; - } /* X509_EXTENSION */; +struct X509_extension_st { + ASN1_OBJECT *object; + ASN1_BOOLEAN critical; + ASN1_OCTET_STRING *value; +} /* X509_EXTENSION */; typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; DEFINE_STACK_OF(X509_EXTENSION) DECLARE_ASN1_SET_OF(X509_EXTENSION) -/* a sequence of these are used */ -struct x509_attributes_st - { - ASN1_OBJECT *object; - int single; /* 0 for a set, 1 for a single item (which is wrong) */ - union { - char *ptr; -/* 0 */ STACK_OF(ASN1_TYPE) *set; -/* 1 */ ASN1_TYPE *single; - } value; - } /* X509_ATTRIBUTE */; +// a sequence of these are used +struct x509_attributes_st { + ASN1_OBJECT *object; + int single; // 0 for a set, 1 for a single item (which is wrong) + union { + char *ptr; + /* 0 */ STACK_OF(ASN1_TYPE) * set; + /* 1 */ ASN1_TYPE *single; + } value; +} /* X509_ATTRIBUTE */; DEFINE_STACK_OF(X509_ATTRIBUTE) DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) -struct X509_req_info_st - { - ASN1_ENCODING enc; - ASN1_INTEGER *version; - X509_NAME *subject; - X509_PUBKEY *pubkey; - /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - } /* X509_REQ_INFO */; - -struct X509_req_st - { - X509_REQ_INFO *req_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; - } /* X509_REQ */; - -struct x509_cinf_st - { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER *serialNumber; - X509_ALGOR *signature; - X509_NAME *issuer; - X509_VAL *validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - ASN1_ENCODING enc; - } /* X509_CINF */; - -/* This stuff is certificate "auxiliary info" - * it contains details which are useful in certificate - * stores and databases. When used this is tagged onto - * the end of the certificate itself - */ - -struct x509_cert_aux_st - { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ - } /* X509_CERT_AUX */; +struct X509_req_info_st { + ASN1_ENCODING enc; + ASN1_INTEGER *version; + X509_NAME *subject; + X509_PUBKEY *pubkey; + // d=2 hl=2 l= 0 cons: cont: 00 + STACK_OF(X509_ATTRIBUTE) * attributes; // [ 0 ] +} /* X509_REQ_INFO */; + +struct X509_req_st { + X509_REQ_INFO *req_info; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + CRYPTO_refcount_t references; +} /* X509_REQ */; + +struct x509_cinf_st { + ASN1_INTEGER *version; // [ 0 ] default of v1 + ASN1_INTEGER *serialNumber; + X509_ALGOR *signature; + X509_NAME *issuer; + X509_VAL *validity; + X509_NAME *subject; + X509_PUBKEY *key; + ASN1_BIT_STRING *issuerUID; // [ 1 ] optional in v2 + ASN1_BIT_STRING *subjectUID; // [ 2 ] optional in v2 + STACK_OF(X509_EXTENSION) * extensions; // [ 3 ] optional in v3 + ASN1_ENCODING enc; +} /* X509_CINF */; + +// This stuff is certificate "auxiliary info" +// it contains details which are useful in certificate +// stores and databases. When used this is tagged onto +// the end of the certificate itself + +struct x509_cert_aux_st { + STACK_OF(ASN1_OBJECT) * trust; // trusted uses + STACK_OF(ASN1_OBJECT) * reject; // rejected uses + ASN1_UTF8STRING *alias; // "friendly name" + ASN1_OCTET_STRING *keyid; // key id of private key + STACK_OF(X509_ALGOR) * other; // other unspecified info +} /* X509_CERT_AUX */; DECLARE_STACK_OF(DIST_POINT) DECLARE_STACK_OF(GENERAL_NAME) -struct x509_st - { - X509_CINF *cert_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; - char *name; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - long ex_pcpathlen; - unsigned long ex_flags; - unsigned long ex_kusage; - unsigned long ex_xkusage; - unsigned long ex_nscert; - ASN1_OCTET_STRING *skid; - AUTHORITY_KEYID *akid; - X509_POLICY_CACHE *policy_cache; - STACK_OF(DIST_POINT) *crldp; - STACK_OF(GENERAL_NAME) *altname; - NAME_CONSTRAINTS *nc; - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - X509_CERT_AUX *aux; - CRYPTO_BUFFER *buf; - CRYPTO_MUTEX lock; - } /* X509 */; +struct x509_st { + X509_CINF *cert_info; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + CRYPTO_refcount_t references; + CRYPTO_EX_DATA ex_data; + // These contain copies of various extension values + long ex_pathlen; + long ex_pcpathlen; + unsigned long ex_flags; + unsigned long ex_kusage; + unsigned long ex_xkusage; + unsigned long ex_nscert; + ASN1_OCTET_STRING *skid; + AUTHORITY_KEYID *akid; + X509_POLICY_CACHE *policy_cache; + STACK_OF(DIST_POINT) * crldp; + STACK_OF(GENERAL_NAME) * altname; + NAME_CONSTRAINTS *nc; + unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + X509_CERT_AUX *aux; + CRYPTO_BUFFER *buf; + CRYPTO_MUTEX lock; +} /* X509 */; DEFINE_STACK_OF(X509) DECLARE_ASN1_SET_OF(X509) -/* This is used for a table of trust checking functions */ +// This is used for a table of trust checking functions struct x509_trust_st { - int trust; - int flags; - int (*check_trust)(struct x509_trust_st *, X509 *, int); - char *name; - int arg1; - void *arg2; + int trust; + int flags; + int (*check_trust)(struct x509_trust_st *, X509 *, int); + char *name; + int arg1; + void *arg2; } /* X509_TRUST */; DEFINE_STACK_OF(X509_TRUST) -/* standard trust ids */ +// standard trust ids -#define X509_TRUST_DEFAULT (-1) /* Only valid in purpose settings */ +#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings -#define X509_TRUST_COMPAT 1 -#define X509_TRUST_SSL_CLIENT 2 -#define X509_TRUST_SSL_SERVER 3 -#define X509_TRUST_EMAIL 4 -#define X509_TRUST_OBJECT_SIGN 5 -#define X509_TRUST_OCSP_SIGN 6 -#define X509_TRUST_OCSP_REQUEST 7 -#define X509_TRUST_TSA 8 +#define X509_TRUST_COMPAT 1 +#define X509_TRUST_SSL_CLIENT 2 +#define X509_TRUST_SSL_SERVER 3 +#define X509_TRUST_EMAIL 4 +#define X509_TRUST_OBJECT_SIGN 5 +#define X509_TRUST_OCSP_SIGN 6 +#define X509_TRUST_OCSP_REQUEST 7 +#define X509_TRUST_TSA 8 -/* Keep these up to date! */ -#define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 8 +// Keep these up to date! +#define X509_TRUST_MIN 1 +#define X509_TRUST_MAX 8 -/* trust_flags values */ -#define X509_TRUST_DYNAMIC 1 -#define X509_TRUST_DYNAMIC_NAME 2 +// trust_flags values +#define X509_TRUST_DYNAMIC 1 +#define X509_TRUST_DYNAMIC_NAME 2 -/* check_trust return codes */ +// check_trust return codes -#define X509_TRUST_TRUSTED 1 -#define X509_TRUST_REJECTED 2 -#define X509_TRUST_UNTRUSTED 3 +#define X509_TRUST_TRUSTED 1 +#define X509_TRUST_REJECTED 2 +#define X509_TRUST_UNTRUSTED 3 -/* Flags for X509_print_ex() */ +// Flags for X509_print_ex() -#define X509_FLAG_COMPAT 0 -#define X509_FLAG_NO_HEADER 1L -#define X509_FLAG_NO_VERSION (1L << 1) -#define X509_FLAG_NO_SERIAL (1L << 2) -#define X509_FLAG_NO_SIGNAME (1L << 3) -#define X509_FLAG_NO_ISSUER (1L << 4) -#define X509_FLAG_NO_VALIDITY (1L << 5) -#define X509_FLAG_NO_SUBJECT (1L << 6) -#define X509_FLAG_NO_PUBKEY (1L << 7) -#define X509_FLAG_NO_EXTENSIONS (1L << 8) -#define X509_FLAG_NO_SIGDUMP (1L << 9) -#define X509_FLAG_NO_AUX (1L << 10) -#define X509_FLAG_NO_ATTRIBUTES (1L << 11) -#define X509_FLAG_NO_IDS (1L << 12) +#define X509_FLAG_COMPAT 0 +#define X509_FLAG_NO_HEADER 1L +#define X509_FLAG_NO_VERSION (1L << 1) +#define X509_FLAG_NO_SERIAL (1L << 2) +#define X509_FLAG_NO_SIGNAME (1L << 3) +#define X509_FLAG_NO_ISSUER (1L << 4) +#define X509_FLAG_NO_VALIDITY (1L << 5) +#define X509_FLAG_NO_SUBJECT (1L << 6) +#define X509_FLAG_NO_PUBKEY (1L << 7) +#define X509_FLAG_NO_EXTENSIONS (1L << 8) +#define X509_FLAG_NO_SIGDUMP (1L << 9) +#define X509_FLAG_NO_AUX (1L << 10) +#define X509_FLAG_NO_ATTRIBUTES (1L << 11) +#define X509_FLAG_NO_IDS (1L << 12) -/* Flags specific to X509_NAME_print_ex() */ +// Flags specific to X509_NAME_print_ex() -/* The field separator information */ +// The field separator information -#define XN_FLAG_SEP_MASK (0xf << 16) +#define XN_FLAG_SEP_MASK (0xf << 16) -#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ -#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ +#define XN_FLAG_COMPAT 0 // Traditional SSLeay: use old X509_NAME_print +#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) // RFC2253 ,+ +#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) // ,+ spaced: more readable +#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) // ;+ spaced +#define XN_FLAG_SEP_MULTILINE (4 << 16) // One line per field -#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ +#define XN_FLAG_DN_REV (1 << 20) // Reverse DN order -/* How the field name is shown */ +// How the field name is shown -#define XN_FLAG_FN_MASK (0x3 << 21) +#define XN_FLAG_FN_MASK (0x3 << 21) -#define XN_FLAG_FN_SN 0 /* Object short name */ -#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ -#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ -#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ +#define XN_FLAG_FN_SN 0 // Object short name +#define XN_FLAG_FN_LN (1 << 21) // Object long name +#define XN_FLAG_FN_OID (2 << 21) // Always use OIDs +#define XN_FLAG_FN_NONE (3 << 21) // No field names -#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ +#define XN_FLAG_SPC_EQ (1 << 23) // Put spaces round '=' -/* This determines if we dump fields we don't recognise: - * RFC2253 requires this. - */ +// This determines if we dump fields we don't recognise: +// RFC2253 requires this. #define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) -#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ - -/* Complete set of RFC2253 flags */ - -#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ - XN_FLAG_SEP_COMMA_PLUS | \ - XN_FLAG_DN_REV | \ - XN_FLAG_FN_SN | \ - XN_FLAG_DUMP_UNKNOWN_FIELDS) - -/* readable oneline form */ - -#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - XN_FLAG_SEP_CPLUS_SPC | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_SN) - -/* readable multiline form */ - -#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - XN_FLAG_SEP_MULTILINE | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_LN | \ - XN_FLAG_FN_ALIGN) - -struct x509_revoked_st - { - ASN1_INTEGER *serialNumber; - ASN1_TIME *revocationDate; - STACK_OF(X509_EXTENSION) /* optional */ *extensions; - /* Set up if indirect CRL */ - STACK_OF(GENERAL_NAME) *issuer; - /* Revocation reason */ - int reason; - int sequence; /* load sequence */ - }; +#define XN_FLAG_FN_ALIGN (1 << 25) // Align field names to 20 characters + +// Complete set of RFC2253 flags + +#define XN_FLAG_RFC2253 \ + (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \ + XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS) + +// readable oneline form + +#define XN_FLAG_ONELINE \ + (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \ + XN_FLAG_SPC_EQ | XN_FLAG_FN_SN) + +// readable multiline form + +#define XN_FLAG_MULTILINE \ + (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \ + XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN) + +struct x509_revoked_st { + ASN1_INTEGER *serialNumber; + ASN1_TIME *revocationDate; + STACK_OF(X509_EXTENSION) /* optional */ * extensions; + // Set up if indirect CRL + STACK_OF(GENERAL_NAME) * issuer; + // Revocation reason + int reason; + int sequence; // load sequence +}; DEFINE_STACK_OF(X509_REVOKED) DECLARE_ASN1_SET_OF(X509_REVOKED) -struct X509_crl_info_st - { - ASN1_INTEGER *version; - X509_ALGOR *sig_alg; - X509_NAME *issuer; - ASN1_TIME *lastUpdate; - ASN1_TIME *nextUpdate; - STACK_OF(X509_REVOKED) *revoked; - STACK_OF(X509_EXTENSION) /* [0] */ *extensions; - ASN1_ENCODING enc; - } /* X509_CRL_INFO */; +struct X509_crl_info_st { + ASN1_INTEGER *version; + X509_ALGOR *sig_alg; + X509_NAME *issuer; + ASN1_TIME *lastUpdate; + ASN1_TIME *nextUpdate; + STACK_OF(X509_REVOKED) * revoked; + STACK_OF(X509_EXTENSION) /* [0] */ * extensions; + ASN1_ENCODING enc; +} /* X509_CRL_INFO */; DECLARE_STACK_OF(GENERAL_NAMES) -struct X509_crl_st - { - /* actual signature */ - X509_CRL_INFO *crl; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; - int flags; - /* Copies of various extensions */ - AUTHORITY_KEYID *akid; - ISSUING_DIST_POINT *idp; - /* Convenient breakdown of IDP */ - int idp_flags; - int idp_reasons; - /* CRL and base CRL numbers for delta processing */ - ASN1_INTEGER *crl_number; - ASN1_INTEGER *base_crl_number; - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - STACK_OF(GENERAL_NAMES) *issuers; - const X509_CRL_METHOD *meth; - void *meth_data; - } /* X509_CRL */; +struct X509_crl_st { + // actual signature + X509_CRL_INFO *crl; + X509_ALGOR *sig_alg; + ASN1_BIT_STRING *signature; + CRYPTO_refcount_t references; + int flags; + // Copies of various extensions + AUTHORITY_KEYID *akid; + ISSUING_DIST_POINT *idp; + // Convenient breakdown of IDP + int idp_flags; + int idp_reasons; + // CRL and base CRL numbers for delta processing + ASN1_INTEGER *crl_number; + ASN1_INTEGER *base_crl_number; + unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + STACK_OF(GENERAL_NAMES) * issuers; + const X509_CRL_METHOD *meth; + void *meth_data; +} /* X509_CRL */; DEFINE_STACK_OF(X509_CRL) DECLARE_ASN1_SET_OF(X509_CRL) -struct private_key_st - { - int version; - /* The PKCS#8 data types */ - X509_ALGOR *enc_algor; - ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ +struct private_key_st { + int version; + // The PKCS#8 data types + X509_ALGOR *enc_algor; + ASN1_OCTET_STRING *enc_pkey; // encrypted pub key - /* When decrypted, the following will not be NULL */ - EVP_PKEY *dec_pkey; + // When decrypted, the following will not be NULL + EVP_PKEY *dec_pkey; - /* used to encrypt and decrypt */ - int key_length; - char *key_data; - int key_free; /* true if we should auto free key_data */ + // used to encrypt and decrypt + int key_length; + char *key_data; + int key_free; // true if we should auto free key_data - /* expanded version of 'enc_algor' */ - EVP_CIPHER_INFO cipher; - } /* X509_PKEY */; + // expanded version of 'enc_algor' + EVP_CIPHER_INFO cipher; +} /* X509_PKEY */; #ifndef OPENSSL_NO_EVP -struct X509_info_st - { - X509 *x509; - X509_CRL *crl; - X509_PKEY *x_pkey; +struct X509_info_st { + X509 *x509; + X509_CRL *crl; + X509_PKEY *x_pkey; - EVP_CIPHER_INFO enc_cipher; - int enc_len; - char *enc_data; + EVP_CIPHER_INFO enc_cipher; + int enc_len; + char *enc_data; - } /* X509_INFO */; +} /* X509_INFO */; DEFINE_STACK_OF(X509_INFO) #endif -/* The next 2 structures and their 8 routines were sent to me by - * Pat Richard and are used to manipulate - * Netscapes spki structures - useful if you are writing a CA web page - */ -struct Netscape_spkac_st - { - X509_PUBKEY *pubkey; - ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ - } /* NETSCAPE_SPKAC */; - -struct Netscape_spki_st - { - NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ - X509_ALGOR *sig_algor; - ASN1_BIT_STRING *signature; - } /* NETSCAPE_SPKI */; - -/* PKCS#8 private key info structure */ - -struct pkcs8_priv_key_info_st - { - int broken; /* Flag for various broken formats */ -#define PKCS8_OK 0 -#define PKCS8_NO_OCTET 1 -#define PKCS8_EMBEDDED_PARAM 2 -#define PKCS8_NS_DB 3 -#define PKCS8_NEG_PRIVKEY 4 - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ - STACK_OF(X509_ATTRIBUTE) *attributes; - }; - -#ifdef __cplusplus +// The next 2 structures and their 8 routines were sent to me by +// Pat Richard and are used to manipulate +// Netscapes spki structures - useful if you are writing a CA web page +struct Netscape_spkac_st { + X509_PUBKEY *pubkey; + ASN1_IA5STRING *challenge; // challenge sent in atlas >= PR2 +} /* NETSCAPE_SPKAC */; + +struct Netscape_spki_st { + NETSCAPE_SPKAC *spkac; // signed public key and challenge + X509_ALGOR *sig_algor; + ASN1_BIT_STRING *signature; +} /* NETSCAPE_SPKI */; + +#ifdef __cplusplus } #endif #include "CCryptoBoringSSL_x509_vfy.h" -#ifdef __cplusplus +#ifdef __cplusplus extern "C" { #endif -#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) -/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ -#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) -#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) -#define X509_get_cert_info(x) ((x)->cert_info) -#define X509_extract_key(x) X509_get_pubkey(x) /*****/ -#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) -#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) -#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) -#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) -#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) - -#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) -const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); -const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); -#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) -#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) -#define X509_CRL_get_issuer(x) ((x)->crl->issuer) -#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) - -#define X509_CINF_set_modified(c) ((c)->enc.modified = 1) -#define X509_CINF_get_issuer(c) (&(c)->issuer) -#define X509_CINF_get_extensions(c) ((c)->extensions) -#define X509_CINF_get_signature(c) ((c)->signature) +// X509_get_version returns the numerical value of |x509|'s version. That is, +// it returns zero for X.509v1, one for X.509v2, and two for X.509v3. Unknown +// versions are rejected by the parser, but a manually-created |X509| object may +// encode invalid versions. In that case, the function will return the invalid +// version, or -1 on overflow. +OPENSSL_EXPORT long X509_get_version(const X509 *x509); + +// X509_get_notBefore returns |x509|'s notBefore value. Note this function is +// not const-correct for legacy reasons. Use |X509_get0_notBefore| or +// |X509_getm_notBefore| instead. +OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509); + +// X509_get_notAfter returns |x509|'s notAfter value. Note this function is not +// const-correct for legacy reasons. Use |X509_get0_notAfter| or +// |X509_getm_notAfter| instead. +OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509); + +// X509_get_cert_info returns |x509|'s TBSCertificate structure. Note this +// function is not const-correct for legacy reasons. +// +// This function is deprecated and may be removed in the future. It is not +// present in OpenSSL and constrains some improvements to the library. +OPENSSL_EXPORT X509_CINF *X509_get_cert_info(const X509 *x509); + +// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use +// |X509_get_pubkey| instead. +#define X509_extract_key(x) X509_get_pubkey(x) + +// X509_REQ_get_version returns the numerical value of |req|'s version. That is, +// it returns zero for a v1 request. If |req| is invalid, it may return another +// value, or -1 on overflow. +OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req); + +// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is +// not const-correct for legacy reasons. +OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); + +// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|. +#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) + +// X509_name_cmp is a legacy alias for |X509_NAME_cmp|. +#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b)) + +// X509_REQ_get_version returns the numerical value of |crl|'s version. That is, +// it returns zero for a v1 CRL and one for a v2 CRL. If |crl| is invalid, it +// may return another value, or -1 on overflow. +OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl); + +// X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time. +OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); + +// X509_CRL_get0_lastUpdate returns |crl|'s nextUpdate time. +OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); + +// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s lastUpdate time. +// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set_lastUpdate| instead. +OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); + +// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time. +// Use |X509_CRL_get0_nextUpdate| or |X509_CRL_set_nextUpdate| instead. +OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); + +// X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not +// const-correct for legacy reasons. +OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); + +// X509_CRL_get_REVOKED returns the list of revoked certificates in |crl|. +// +// TOOD(davidben): This function was originally a macro, without clear const +// semantics. It should take a const input and give const output, but the latter +// would break existing callers. For now, we match upstream. +OPENSSL_EXPORT STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); + +// X509_CINF_set_modified marks |cinf| as modified so that changes will be +// reflected in serializing the structure. +// +// This function is deprecated and may be removed in the future. It is not +// present in OpenSSL and constrains some improvements to the library. +OPENSSL_EXPORT void X509_CINF_set_modified(X509_CINF *cinf); + +// X509_CINF_get_signature returns the signature algorithm in |cinf|. Note this +// isn't the signature itself, but the extra copy of the signature algorithm +// in the TBSCertificate. +// +// This function is deprecated and may be removed in the future. It is not +// present in OpenSSL and constrains some improvements to the library. Use +// |X509_get0_tbs_sigalg| instead. +OPENSSL_EXPORT const X509_ALGOR *X509_CINF_get_signature(const X509_CINF *cinf); OPENSSL_EXPORT void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); OPENSSL_EXPORT X509_CRL_METHOD *X509_CRL_METHOD_new( - int (*crl_init)(X509_CRL *crl), - int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); + int (*crl_init)(X509_CRL *crl), int (*crl_free)(X509_CRL *crl), + int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *ser, + X509_NAME *issuer), + int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); OPENSSL_EXPORT void X509_CRL_METHOD_free(X509_CRL_METHOD *m); OPENSSL_EXPORT void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); OPENSSL_EXPORT void *X509_CRL_get_meth_data(X509_CRL *crl); -/* This one is only used so that a binary form can output, as in - * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ -#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) - +// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is +// not const-correct for legacy reasons. Callers should not modify the returned +// object. +OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509); OPENSSL_EXPORT const char *X509_verify_cert_error_string(long n); @@ -569,14 +584,16 @@ OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); -OPENSSL_EXPORT NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); -OPENSSL_EXPORT char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); +OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, + int len); +OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); OPENSSL_EXPORT int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); -OPENSSL_EXPORT int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent); +OPENSSL_EXPORT int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, + int indent); OPENSSL_EXPORT int X509_signature_print(BIO *bp, const X509_ALGOR *alg, const ASN1_STRING *sig); @@ -586,39 +603,40 @@ OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); -OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); - -OPENSSL_EXPORT int X509_pubkey_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); +OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, + const EVP_MD *md); + +OPENSSL_EXPORT int X509_pubkey_digest(const X509 *data, const EVP_MD *type, + unsigned char *md, unsigned int *len); +OPENSSL_EXPORT int X509_digest(const X509 *data, const EVP_MD *type, + unsigned char *md, unsigned int *len); +OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, + unsigned char *md, unsigned int *len); +OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, + unsigned char *md, unsigned int *len); +OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, + unsigned char *md, unsigned int *len); #endif -/* X509_parse_from_buffer parses an X.509 structure from |buf| and returns a - * fresh X509 or NULL on error. There must not be any trailing data in |buf|. - * The returned structure (if any) holds a reference to |buf| rather than - * copying parts of it as a normal |d2i_X509| call would do. */ +// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a +// fresh X509 or NULL on error. There must not be any trailing data in |buf|. +// The returned structure (if any) holds a reference to |buf| rather than +// copying parts of it as a normal |d2i_X509| call would do. OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf); #ifndef OPENSSL_NO_FP_API OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509); -OPENSSL_EXPORT int i2d_X509_fp(FILE *fp,X509 *x509); -OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); -OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); -OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); +OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509); +OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl); +OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl); +OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req); +OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req); +OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa); +OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa); +OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa); #ifndef OPENSSL_NO_DSA OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); @@ -626,14 +644,15 @@ OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); #endif OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); +OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); -OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); -OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); -OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); +OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); +OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8); +OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8); +OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp( + FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf); +OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, + PKCS8_PRIV_KEY_INFO *p8inf); OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); @@ -641,18 +660,18 @@ OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); #endif -OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp,X509 **x509); -OPENSSL_EXPORT int i2d_X509_bio(BIO *bp,X509 *x509); -OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); -OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); -OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); +OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509); +OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509); +OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl); +OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl); +OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req); +OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req); +OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa); +OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa); +OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa); +OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa); #ifndef OPENSSL_NO_DSA OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); @@ -660,14 +679,15 @@ OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); #endif OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); +OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); -OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); -OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); -OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); +OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); +OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8); +OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8); +OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio( + BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf); +OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, + PKCS8_PRIV_KEY_INFO *p8inf); OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); @@ -683,7 +703,8 @@ OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl); OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev); OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req); OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); -OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, const ASN1_OBJECT *aobj, int ptype, void *pval); +OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, const ASN1_OBJECT *aobj, + int ptype, void *pval); OPENSSL_EXPORT void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval, const X509_ALGOR *algor); @@ -697,50 +718,39 @@ OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne); OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, size_t *pderlen); -OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t); -OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s); -OPENSSL_EXPORT ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); -OPENSSL_EXPORT ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *t); -OPENSSL_EXPORT ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); +OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t); +OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s); +OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t); +OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day, + long offset_sec, time_t *t); +OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj); -OPENSSL_EXPORT const char * X509_get_default_cert_area(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_dir(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_file(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_dir_env(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_file_env(void ); -OPENSSL_EXPORT const char * X509_get_default_private_dir(void ); +OPENSSL_EXPORT const char *X509_get_default_cert_area(void); +OPENSSL_EXPORT const char *X509_get_default_cert_dir(void); +OPENSSL_EXPORT const char *X509_get_default_cert_file(void); +OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void); +OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void); +OPENSSL_EXPORT const char *X509_get_default_private_dir(void); -OPENSSL_EXPORT X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -OPENSSL_EXPORT X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); +OPENSSL_EXPORT X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, + const EVP_MD *md); +OPENSSL_EXPORT X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey); DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) DECLARE_ASN1_FUNCTIONS(X509_VAL) DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) -OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -OPENSSL_EXPORT int i2d_PUBKEY(const EVP_PKEY *a,unsigned char **pp); -OPENSSL_EXPORT EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, - long length); -OPENSSL_EXPORT int i2d_RSA_PUBKEY(const RSA *a,unsigned char **pp); -OPENSSL_EXPORT RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, - long length); -#ifndef OPENSSL_NO_DSA -OPENSSL_EXPORT int i2d_DSA_PUBKEY(const DSA *a,unsigned char **pp); -OPENSSL_EXPORT DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, - long length); -#endif -OPENSSL_EXPORT int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp); -OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, - long length); +OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); +OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key); DECLARE_ASN1_FUNCTIONS(X509_SIG) DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) DECLARE_ASN1_FUNCTIONS(X509_REQ) DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); +OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, + void *value); DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) @@ -749,22 +759,25 @@ DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) DECLARE_ASN1_FUNCTIONS(X509_NAME) -OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name); +OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name); DECLARE_ASN1_FUNCTIONS(X509_CINF) DECLARE_ASN1_FUNCTIONS(X509) DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) -/* X509_up_ref adds one to the reference count of |x| and returns one. */ +// X509_up_ref adds one to the reference count of |x| and returns one. OPENSSL_EXPORT int X509_up_ref(X509 *x); -OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused, - CRYPTO_EX_dup *dup_unused, CRYPTO_EX_free *free_func); +OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp, + CRYPTO_EX_unused *unused, + CRYPTO_EX_dup *dup_unused, + CRYPTO_EX_free *free_func); OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg); OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx); -OPENSSL_EXPORT int i2d_X509_AUX(X509 *a,unsigned char **pp); -OPENSSL_EXPORT X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); +OPENSSL_EXPORT int i2d_X509_AUX(X509 *a, unsigned char **pp); +OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, + long length); OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x, unsigned char **pp); @@ -774,9 +787,11 @@ OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x); OPENSSL_EXPORT int X509_alias_set1(X509 *x, unsigned char *name, int len); OPENSSL_EXPORT int X509_keyid_set1(X509 *x, unsigned char *id, int len); -OPENSSL_EXPORT unsigned char * X509_alias_get0(X509 *x, int *len); -OPENSSL_EXPORT unsigned char * X509_keyid_get0(X509 *x, int *len); -OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); +OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x, int *len); +OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x, int *len); +OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int, X509 *, + int)))(int, X509 *, + int); OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust); OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); @@ -788,90 +803,100 @@ DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) DECLARE_ASN1_FUNCTIONS(X509_CRL) OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); -OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, - X509_REVOKED **ret, ASN1_INTEGER *serial); -OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); +OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret, + ASN1_INTEGER *serial); +OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, + X509 *x); -OPENSSL_EXPORT X509_PKEY * X509_PKEY_new(void ); -OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a); +OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void); +OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a); DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) #ifndef OPENSSL_NO_EVP -OPENSSL_EXPORT X509_INFO * X509_INFO_new(void); -OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a); -OPENSSL_EXPORT char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); +OPENSSL_EXPORT X509_INFO *X509_INFO_new(void); +OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a); +OPENSSL_EXPORT char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); -OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, - unsigned char *md,unsigned int *len); +OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, + unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, - unsigned char *md,unsigned int *len); +OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, + void *data, unsigned char *md, + unsigned int *len); OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); - -OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - void *data, EVP_PKEY *pkey, const EVP_MD *type); -OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, - X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); + ASN1_BIT_STRING *signature, void *data, + EVP_PKEY *pkey); + +OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, + X509_ALGOR *algor2, + ASN1_BIT_STRING *signature, void *data, + EVP_PKEY *pkey, const EVP_MD *type); +OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, + X509_ALGOR *algor2, + ASN1_BIT_STRING *signature, void *asn, + EVP_MD_CTX *ctx); #endif -OPENSSL_EXPORT int X509_set_version(X509 *x,long version); -OPENSSL_EXPORT int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -OPENSSL_EXPORT ASN1_INTEGER * X509_get_serialNumber(X509 *x); -OPENSSL_EXPORT int X509_set_issuer_name(X509 *x, X509_NAME *name); -OPENSSL_EXPORT X509_NAME * X509_get_issuer_name(X509 *a); -OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name); -OPENSSL_EXPORT X509_NAME * X509_get_subject_name(X509 *a); -OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); +OPENSSL_EXPORT int X509_set_version(X509 *x, long version); +OPENSSL_EXPORT int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); +OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x); +OPENSSL_EXPORT int X509_set_issuer_name(X509 *x, X509_NAME *name); +OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(X509 *a); +OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name); +OPENSSL_EXPORT X509_NAME *X509_get_subject_name(X509 *a); +OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x); OPENSSL_EXPORT ASN1_TIME *X509_getm_notBefore(X509 *x); -OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); +OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x); OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x); -OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x); -OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x); -OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); +OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); +OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x); +OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); +OPENSSL_EXPORT STACK_OF(X509_EXTENSION) * X509_get0_extensions(const X509 *x); OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x); -OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x,long version); -OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); +OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x, long version); +OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name); OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg); OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req); OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp); -OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); -OPENSSL_EXPORT int X509_REQ_extension_nid(int nid); -OPENSSL_EXPORT const int * X509_REQ_get_extension_nids(void); -OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids); -OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); -OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid); -OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); +OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); +OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req); +OPENSSL_EXPORT int X509_REQ_extension_nid(int nid); +OPENSSL_EXPORT const int *X509_REQ_get_extension_nids(void); +OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids); +OPENSSL_EXPORT STACK_OF(X509_EXTENSION) * + X509_REQ_get_extensions(X509_REQ *req); +OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req, + STACK_OF(X509_EXTENSION) * exts, + int nid); +OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req, + STACK_OF(X509_EXTENSION) * exts); OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req); OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos); -OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, - int lastpos); + int lastpos); +OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, + ASN1_OBJECT *obj, int lastpos); OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - const unsigned char *bytes, int len); + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, + int len); +OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, + const unsigned char *bytes, + int len); OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req, - const char *attrname, int type, - const unsigned char *bytes, int len); + const char *attrname, int type, + const unsigned char *bytes, + int len); OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *x, long version); OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); @@ -888,225 +913,271 @@ OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp); OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber( const X509_REVOKED *x); -OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); +OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, + ASN1_INTEGER *serial); OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate( const X509_REVOKED *x); -OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); +OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, + ASN1_TIME *tm); OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, - EVP_PKEY *skey, const EVP_MD *md, unsigned int flags); + EVP_PKEY *skey, const EVP_MD *md, + unsigned int flags); -OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); +OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey); -OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey); -OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, - X509 *x, STACK_OF(X509) *chain, - unsigned long flags); -OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, - unsigned long flags); -OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); +OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey); +OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x, + STACK_OF(X509) * chain, + unsigned long flags); +OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, + unsigned long flags); +OPENSSL_EXPORT STACK_OF(X509) * X509_chain_up_ref(STACK_OF(X509) * chain); -OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a); +OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); +OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a); -OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a); +OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b); +OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a); -OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x); +OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b); +OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x); -OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a); -OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x); +OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a); +OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x); -OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); -OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x); -OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x); +OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b); +OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); +OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x); +OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x); -OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); -OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); +OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); +OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); #ifndef OPENSSL_NO_FP_API -OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_print_fp(FILE *bp,X509 *x); -OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp,X509_CRL *x); -OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp,X509_REQ *req); -OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); +OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag, + unsigned long cflag); +OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x); +OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x); +OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req); +OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, + unsigned long flags); #endif -OPENSSL_EXPORT int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); -OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); -OPENSSL_EXPORT int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_print(BIO *bp,X509 *x); -OPENSSL_EXPORT int X509_ocspid_print(BIO *bp,X509 *x); -OPENSSL_EXPORT int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); -OPENSSL_EXPORT int X509_CRL_print(BIO *bp,X509_CRL *x); -OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_REQ_print(BIO *bp,X509_REQ *req); - -OPENSSL_EXPORT int X509_NAME_entry_count(X509_NAME *name); -OPENSSL_EXPORT int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, - char *buf,int len); -OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - char *buf,int len); - -/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use - * lastpos, search after that position on. */ -OPENSSL_EXPORT int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); -OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - int lastpos); +OPENSSL_EXPORT int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); +OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, + unsigned long flags); +OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag, + unsigned long cflag); +OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x); +OPENSSL_EXPORT int X509_ocspid_print(BIO *bp, X509 *x); +OPENSSL_EXPORT int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent); +OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x); +OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, + unsigned long cflag); +OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req); + +OPENSSL_EXPORT int X509_NAME_entry_count(X509_NAME *name); +OPENSSL_EXPORT int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, + char *buf, int len); +OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(X509_NAME *name, + const ASN1_OBJECT *obj, char *buf, + int len); + +// NOTE: you should be passsing -1, not 0 as lastpos. The functions that use +// lastpos, search after that position on. +OPENSSL_EXPORT int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, + int lastpos); +OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(X509_NAME *name, + const ASN1_OBJECT *obj, + int lastpos); OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, - int loc, int set); -OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - const unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, const unsigned char *bytes, int len); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type, const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, - const unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - const ASN1_OBJECT *obj, int type,const unsigned char *bytes, - int len); -OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, - const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); -OPENSSL_EXPORT ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); - -OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); -OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, - int nid, int lastpos); -OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, - const ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, - int crit, int lastpos); -OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); -OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); - -OPENSSL_EXPORT int X509_get_ext_count(X509 *x); -OPENSSL_EXPORT int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); +OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, + int loc); +OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, + int loc, int set); +OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, + int type, + const unsigned char *bytes, + int len, int loc, int set); +OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, + int type, + const unsigned char *bytes, + int len, int loc, int set); +OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt( + X509_NAME_ENTRY **ne, const char *field, int type, + const unsigned char *bytes, int len); +OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID( + X509_NAME_ENTRY **ne, int nid, int type, const unsigned char *bytes, + int len); +OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, + const char *field, int type, + const unsigned char *bytes, + int len, int loc, int set); +OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ( + X509_NAME_ENTRY **ne, const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len); +OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, + const ASN1_OBJECT *obj); +OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, + const unsigned char *bytes, + int len); +OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); +OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); + +OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) * x); +OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) * x, + int nid, int lastpos); +OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) * x, + const ASN1_OBJECT *obj, int lastpos); +OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) * + x, + int crit, int lastpos); +OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) * + x, + int loc); +OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) * x, + int loc); +OPENSSL_EXPORT STACK_OF(X509_EXTENSION) * + X509v3_add_ext(STACK_OF(X509_EXTENSION) * *x, X509_EXTENSION *ex, int loc); + +OPENSSL_EXPORT int X509_get_ext_count(X509 *x); +OPENSSL_EXPORT int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); +OPENSSL_EXPORT int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos); +OPENSSL_EXPORT int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(X509 *x, int loc); OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT int X509_CRL_get_ext_count(X509_CRL *x); -OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); +OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); +OPENSSL_EXPORT void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); +OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, + unsigned long flags); + +OPENSSL_EXPORT int X509_CRL_get_ext_count(X509_CRL *x); +OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); +OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, + int lastpos); +OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, + int lastpos); OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); -OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT int X509_REVOKED_get_ext_count(X509_REVOKED *x); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); +OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); +OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, + int *idx); +OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, + int crit, unsigned long flags); + +OPENSSL_EXPORT int X509_REVOKED_get_ext_count(X509_REVOKED *x); +OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, + int lastpos); +OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, + ASN1_OBJECT *obj, int lastpos); +OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, + int lastpos); OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); -OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - const ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); -OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); -OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex, - ASN1_OCTET_STRING *data); -OPENSSL_EXPORT ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); +OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, + int loc); +OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, + int loc); +OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, + int *crit, int *idx); +OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, + void *value, int crit, + unsigned long flags); + +OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID( + X509_EXTENSION **ex, int nid, int crit, ASN1_OCTET_STRING *data); +OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ( + X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit, + ASN1_OCTET_STRING *data); +OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex, + const ASN1_OBJECT *obj); +OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); +OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex, + ASN1_OCTET_STRING *data); +OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex); OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); -OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex); - -OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); -OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos); -OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, const ASN1_OBJECT *obj, - int lastpos); -OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); -OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - const char *attrname, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, - ASN1_OBJECT *obj, int lastpos, int type); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, const void *data, int len); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - const ASN1_OBJECT *obj, int atrtype, const void *data, int len); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - const char *atrname, int type, const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); +OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex); + +OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) * x); +OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) * x, + int nid, int lastpos); +OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) * sk, + const ASN1_OBJECT *obj, int lastpos); +OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) * + x, + int loc); +OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) * x, + int loc); +OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) * + X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) * *x, X509_ATTRIBUTE *attr); +OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) * + X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) * *x, + const ASN1_OBJECT *obj, int type, + const unsigned char *bytes, int len); +OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) * + X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) * *x, int nid, int type, + const unsigned char *bytes, int len); +OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) * + X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) * *x, const char *attrname, + int type, const unsigned char *bytes, int len); +OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) * x, + ASN1_OBJECT *obj, int lastpos, + int type); +OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID( + X509_ATTRIBUTE **attr, int nid, int atrtype, const void *data, int len); +OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ( + X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, int atrtype, + const void *data, int len); +OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt( + X509_ATTRIBUTE **attr, const char *atrname, int type, + const unsigned char *bytes, int len); +OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, + const ASN1_OBJECT *obj); +OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, + const void *data, int len); OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data); + int atrtype, void *data); OPENSSL_EXPORT int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); OPENSSL_EXPORT ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); -OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); +OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, + int idx); -OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx); +OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx); -/* lookup a cert from a X509 STACK */ -OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, - ASN1_INTEGER *serial); -OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); +// lookup a cert from a X509 STACK +OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) * sk, + X509_NAME *name, + ASN1_INTEGER *serial); +OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) * sk, X509_NAME *name); -/* PKCS#8 utilities */ +// PKCS#8 utilities DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); OPENSSL_EXPORT int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, - int version, int ptype, void *pval, - unsigned char *penc, int penclen); + int version, int ptype, void *pval, + unsigned char *penc, int penclen); OPENSSL_EXPORT int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - PKCS8_PRIV_KEY_INFO *p8); + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8); -OPENSSL_EXPORT int X509_PUBKEY_set0_param(X509_PUBKEY *pub, const ASN1_OBJECT *aobj, - int ptype, void *pval, - unsigned char *penc, int penclen); +OPENSSL_EXPORT int X509_PUBKEY_set0_param(X509_PUBKEY *pub, + const ASN1_OBJECT *aobj, int ptype, + void *pval, unsigned char *penc, + int penclen); OPENSSL_EXPORT int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - X509_PUBKEY *pub); + const unsigned char **pk, int *ppklen, + X509_ALGOR **pa, X509_PUBKEY *pub); OPENSSL_EXPORT int X509_check_trust(X509 *x, int id, int flags); OPENSSL_EXPORT int X509_TRUST_get_count(void); -OPENSSL_EXPORT X509_TRUST * X509_TRUST_get0(int idx); +OPENSSL_EXPORT X509_TRUST *X509_TRUST_get0(int idx); OPENSSL_EXPORT int X509_TRUST_get_by_id(int id); -OPENSSL_EXPORT int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2); +OPENSSL_EXPORT int X509_TRUST_add(int id, int flags, + int (*ck)(X509_TRUST *, X509 *, int), + char *name, int arg1, void *arg2); OPENSSL_EXPORT void X509_TRUST_cleanup(void); OPENSSL_EXPORT int X509_TRUST_get_flags(X509_TRUST *xp); OPENSSL_EXPORT char *X509_TRUST_get0_name(X509_TRUST *xp); @@ -1124,7 +1195,7 @@ DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS) -#ifdef __cplusplus +#ifdef __cplusplus } #endif @@ -1162,8 +1233,8 @@ using ScopedX509_STORE_CTX = BSSL_NAMESPACE_END -} /* extern C++ */ -#endif /* !BORINGSSL_NO_CXX */ +} // extern C++ +#endif // !BORINGSSL_NO_CXX #define X509_R_AKID_MISMATCH 100 #define X509_R_BAD_PKCS7_VERSION 101 @@ -1203,5 +1274,8 @@ BSSL_NAMESPACE_END #define X509_R_NAME_TOO_LONG 135 #define X509_R_INVALID_PARAMETER 136 #define X509_R_SIGNATURE_ALGORITHM_MISMATCH 137 +#define X509_R_DELTA_CRL_WITHOUT_CRL_NUMBER 138 +#define X509_R_INVALID_FIELD_FOR_VERSION 139 +#define X509_R_INVALID_VERSION 140 #endif diff --git a/Sources/CCryptoBoringSSL/include/boringssl_prefix_symbols_nasm.inc b/Sources/CCryptoBoringSSL/include/boringssl_prefix_symbols_nasm.inc index e6bad165..5e6c272a 100644 --- a/Sources/CCryptoBoringSSL/include/boringssl_prefix_symbols_nasm.inc +++ b/Sources/CCryptoBoringSSL/include/boringssl_prefix_symbols_nasm.inc @@ -1570,7 +1570,6 @@ %xdefine _TRUST_TOKEN_ISSUER_set_metadata_key _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_ISSUER_set_metadata_key %xdefine _TRUST_TOKEN_ISSUER_set_srr_key _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_ISSUER_set_srr_key %xdefine _TRUST_TOKEN_decode_private_metadata _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_decode_private_metadata -%xdefine _TRUST_TOKEN_experiment_v0 _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_experiment_v0 %xdefine _TRUST_TOKEN_experiment_v1 _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_experiment_v1 %xdefine _TRUST_TOKEN_free _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_free %xdefine _TRUST_TOKEN_generate_key _ %+ BORINGSSL_PREFIX %+ _TRUST_TOKEN_generate_key @@ -1650,8 +1649,10 @@ %xdefine _X509_CERT_AUX_new _ %+ BORINGSSL_PREFIX %+ _X509_CERT_AUX_new %xdefine _X509_CERT_AUX_print _ %+ BORINGSSL_PREFIX %+ _X509_CERT_AUX_print %xdefine _X509_CINF_free _ %+ BORINGSSL_PREFIX %+ _X509_CINF_free +%xdefine _X509_CINF_get_signature _ %+ BORINGSSL_PREFIX %+ _X509_CINF_get_signature %xdefine _X509_CINF_it _ %+ BORINGSSL_PREFIX %+ _X509_CINF_it %xdefine _X509_CINF_new _ %+ BORINGSSL_PREFIX %+ _X509_CINF_new +%xdefine _X509_CINF_set_modified _ %+ BORINGSSL_PREFIX %+ _X509_CINF_set_modified %xdefine _X509_CRL_INFO_free _ %+ BORINGSSL_PREFIX %+ _X509_CRL_INFO_free %xdefine _X509_CRL_INFO_it _ %+ BORINGSSL_PREFIX %+ _X509_CRL_INFO_it %xdefine _X509_CRL_INFO_new _ %+ BORINGSSL_PREFIX %+ _X509_CRL_INFO_new @@ -1672,14 +1673,19 @@ %xdefine _X509_CRL_get0_lastUpdate _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get0_lastUpdate %xdefine _X509_CRL_get0_nextUpdate _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get0_nextUpdate %xdefine _X509_CRL_get0_signature _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get0_signature +%xdefine _X509_CRL_get_REVOKED _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_REVOKED %xdefine _X509_CRL_get_ext _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext %xdefine _X509_CRL_get_ext_by_NID _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_NID %xdefine _X509_CRL_get_ext_by_OBJ _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_OBJ %xdefine _X509_CRL_get_ext_by_critical _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_critical %xdefine _X509_CRL_get_ext_count _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_count %xdefine _X509_CRL_get_ext_d2i _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_d2i +%xdefine _X509_CRL_get_issuer _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_issuer +%xdefine _X509_CRL_get_lastUpdate _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_lastUpdate %xdefine _X509_CRL_get_meth_data _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_meth_data +%xdefine _X509_CRL_get_nextUpdate _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_nextUpdate %xdefine _X509_CRL_get_signature_nid _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_signature_nid +%xdefine _X509_CRL_get_version _ %+ BORINGSSL_PREFIX %+ _X509_CRL_get_version %xdefine _X509_CRL_it _ %+ BORINGSSL_PREFIX %+ _X509_CRL_it %xdefine _X509_CRL_match _ %+ BORINGSSL_PREFIX %+ _X509_CRL_match %xdefine _X509_CRL_new _ %+ BORINGSSL_PREFIX %+ _X509_CRL_new @@ -1814,6 +1820,8 @@ %xdefine _X509_REQ_get_extensions _ %+ BORINGSSL_PREFIX %+ _X509_REQ_get_extensions %xdefine _X509_REQ_get_pubkey _ %+ BORINGSSL_PREFIX %+ _X509_REQ_get_pubkey %xdefine _X509_REQ_get_signature_nid _ %+ BORINGSSL_PREFIX %+ _X509_REQ_get_signature_nid +%xdefine _X509_REQ_get_subject_name _ %+ BORINGSSL_PREFIX %+ _X509_REQ_get_subject_name +%xdefine _X509_REQ_get_version _ %+ BORINGSSL_PREFIX %+ _X509_REQ_get_version %xdefine _X509_REQ_it _ %+ BORINGSSL_PREFIX %+ _X509_REQ_it %xdefine _X509_REQ_new _ %+ BORINGSSL_PREFIX %+ _X509_REQ_new %xdefine _X509_REQ_print _ %+ BORINGSSL_PREFIX %+ _X509_REQ_print @@ -2003,6 +2011,8 @@ %xdefine _X509_get0_tbs_sigalg _ %+ BORINGSSL_PREFIX %+ _X509_get0_tbs_sigalg %xdefine _X509_get1_email _ %+ BORINGSSL_PREFIX %+ _X509_get1_email %xdefine _X509_get1_ocsp _ %+ BORINGSSL_PREFIX %+ _X509_get1_ocsp +%xdefine _X509_get_X509_PUBKEY _ %+ BORINGSSL_PREFIX %+ _X509_get_X509_PUBKEY +%xdefine _X509_get_cert_info _ %+ BORINGSSL_PREFIX %+ _X509_get_cert_info %xdefine _X509_get_default_cert_area _ %+ BORINGSSL_PREFIX %+ _X509_get_default_cert_area %xdefine _X509_get_default_cert_dir _ %+ BORINGSSL_PREFIX %+ _X509_get_default_cert_dir %xdefine _X509_get_default_cert_dir_env _ %+ BORINGSSL_PREFIX %+ _X509_get_default_cert_dir_env @@ -2021,10 +2031,13 @@ %xdefine _X509_get_extension_flags _ %+ BORINGSSL_PREFIX %+ _X509_get_extension_flags %xdefine _X509_get_issuer_name _ %+ BORINGSSL_PREFIX %+ _X509_get_issuer_name %xdefine _X509_get_key_usage _ %+ BORINGSSL_PREFIX %+ _X509_get_key_usage +%xdefine _X509_get_notAfter _ %+ BORINGSSL_PREFIX %+ _X509_get_notAfter +%xdefine _X509_get_notBefore _ %+ BORINGSSL_PREFIX %+ _X509_get_notBefore %xdefine _X509_get_pubkey _ %+ BORINGSSL_PREFIX %+ _X509_get_pubkey %xdefine _X509_get_serialNumber _ %+ BORINGSSL_PREFIX %+ _X509_get_serialNumber %xdefine _X509_get_signature_nid _ %+ BORINGSSL_PREFIX %+ _X509_get_signature_nid %xdefine _X509_get_subject_name _ %+ BORINGSSL_PREFIX %+ _X509_get_subject_name +%xdefine _X509_get_version _ %+ BORINGSSL_PREFIX %+ _X509_get_version %xdefine _X509_getm_notAfter _ %+ BORINGSSL_PREFIX %+ _X509_getm_notAfter %xdefine _X509_getm_notBefore _ %+ BORINGSSL_PREFIX %+ _X509_getm_notBefore %xdefine _X509_gmtime_adj _ %+ BORINGSSL_PREFIX %+ _X509_gmtime_adj @@ -2419,9 +2432,7 @@ %xdefine _ec_get_x_coordinate_as_scalar _ %+ BORINGSSL_PREFIX %+ _ec_get_x_coordinate_as_scalar %xdefine _ec_group_new _ %+ BORINGSSL_PREFIX %+ _ec_group_new %xdefine _ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 _ %+ BORINGSSL_PREFIX %+ _ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 -%xdefine _ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 _ %+ BORINGSSL_PREFIX %+ _ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 %xdefine _ec_hash_to_scalar_p384_xmd_sha512_draft07 _ %+ BORINGSSL_PREFIX %+ _ec_hash_to_scalar_p384_xmd_sha512_draft07 -%xdefine _ec_hash_to_scalar_p521_xmd_sha512_draft06 _ %+ BORINGSSL_PREFIX %+ _ec_hash_to_scalar_p521_xmd_sha512_draft06 %xdefine _ec_init_precomp _ %+ BORINGSSL_PREFIX %+ _ec_init_precomp %xdefine _ec_jacobian_to_affine _ %+ BORINGSSL_PREFIX %+ _ec_jacobian_to_affine %xdefine _ec_jacobian_to_affine_batch _ %+ BORINGSSL_PREFIX %+ _ec_jacobian_to_affine_batch @@ -2656,13 +2667,6 @@ %xdefine _pkcs7_bundle _ %+ BORINGSSL_PREFIX %+ _pkcs7_bundle %xdefine _pkcs7_parse_header _ %+ BORINGSSL_PREFIX %+ _pkcs7_parse_header %xdefine _pkcs8_pbe_decrypt _ %+ BORINGSSL_PREFIX %+ _pkcs8_pbe_decrypt -%xdefine _pmbtoken_exp0_blind _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_blind -%xdefine _pmbtoken_exp0_client_key_from_bytes _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_client_key_from_bytes -%xdefine _pmbtoken_exp0_generate_key _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_generate_key -%xdefine _pmbtoken_exp0_issuer_key_from_bytes _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_issuer_key_from_bytes -%xdefine _pmbtoken_exp0_read _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_read -%xdefine _pmbtoken_exp0_sign _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_sign -%xdefine _pmbtoken_exp0_unblind _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp0_unblind %xdefine _pmbtoken_exp1_blind _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp1_blind %xdefine _pmbtoken_exp1_client_key_from_bytes _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp1_client_key_from_bytes %xdefine _pmbtoken_exp1_generate_key _ %+ BORINGSSL_PREFIX %+ _pmbtoken_exp1_generate_key @@ -2777,6 +2781,7 @@ %xdefine _x509_rsa_ctx_to_pss _ %+ BORINGSSL_PREFIX %+ _x509_rsa_ctx_to_pss %xdefine _x509_rsa_pss_to_ctx _ %+ BORINGSSL_PREFIX %+ _x509_rsa_pss_to_ctx %xdefine _x509v3_bytes_to_hex _ %+ BORINGSSL_PREFIX %+ _x509v3_bytes_to_hex +%xdefine _x509v3_cache_extensions _ %+ BORINGSSL_PREFIX %+ _x509v3_cache_extensions %xdefine _x509v3_hex_to_bytes _ %+ BORINGSSL_PREFIX %+ _x509v3_hex_to_bytes %xdefine _x509v3_looks_like_dns_name _ %+ BORINGSSL_PREFIX %+ _x509v3_looks_like_dns_name %xdefine _x509v3_name_cmp _ %+ BORINGSSL_PREFIX %+ _x509v3_name_cmp @@ -4337,7 +4342,6 @@ %xdefine TRUST_TOKEN_ISSUER_set_metadata_key BORINGSSL_PREFIX %+ _TRUST_TOKEN_ISSUER_set_metadata_key %xdefine TRUST_TOKEN_ISSUER_set_srr_key BORINGSSL_PREFIX %+ _TRUST_TOKEN_ISSUER_set_srr_key %xdefine TRUST_TOKEN_decode_private_metadata BORINGSSL_PREFIX %+ _TRUST_TOKEN_decode_private_metadata -%xdefine TRUST_TOKEN_experiment_v0 BORINGSSL_PREFIX %+ _TRUST_TOKEN_experiment_v0 %xdefine TRUST_TOKEN_experiment_v1 BORINGSSL_PREFIX %+ _TRUST_TOKEN_experiment_v1 %xdefine TRUST_TOKEN_free BORINGSSL_PREFIX %+ _TRUST_TOKEN_free %xdefine TRUST_TOKEN_generate_key BORINGSSL_PREFIX %+ _TRUST_TOKEN_generate_key @@ -4417,8 +4421,10 @@ %xdefine X509_CERT_AUX_new BORINGSSL_PREFIX %+ _X509_CERT_AUX_new %xdefine X509_CERT_AUX_print BORINGSSL_PREFIX %+ _X509_CERT_AUX_print %xdefine X509_CINF_free BORINGSSL_PREFIX %+ _X509_CINF_free +%xdefine X509_CINF_get_signature BORINGSSL_PREFIX %+ _X509_CINF_get_signature %xdefine X509_CINF_it BORINGSSL_PREFIX %+ _X509_CINF_it %xdefine X509_CINF_new BORINGSSL_PREFIX %+ _X509_CINF_new +%xdefine X509_CINF_set_modified BORINGSSL_PREFIX %+ _X509_CINF_set_modified %xdefine X509_CRL_INFO_free BORINGSSL_PREFIX %+ _X509_CRL_INFO_free %xdefine X509_CRL_INFO_it BORINGSSL_PREFIX %+ _X509_CRL_INFO_it %xdefine X509_CRL_INFO_new BORINGSSL_PREFIX %+ _X509_CRL_INFO_new @@ -4439,14 +4445,19 @@ %xdefine X509_CRL_get0_lastUpdate BORINGSSL_PREFIX %+ _X509_CRL_get0_lastUpdate %xdefine X509_CRL_get0_nextUpdate BORINGSSL_PREFIX %+ _X509_CRL_get0_nextUpdate %xdefine X509_CRL_get0_signature BORINGSSL_PREFIX %+ _X509_CRL_get0_signature +%xdefine X509_CRL_get_REVOKED BORINGSSL_PREFIX %+ _X509_CRL_get_REVOKED %xdefine X509_CRL_get_ext BORINGSSL_PREFIX %+ _X509_CRL_get_ext %xdefine X509_CRL_get_ext_by_NID BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_NID %xdefine X509_CRL_get_ext_by_OBJ BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_OBJ %xdefine X509_CRL_get_ext_by_critical BORINGSSL_PREFIX %+ _X509_CRL_get_ext_by_critical %xdefine X509_CRL_get_ext_count BORINGSSL_PREFIX %+ _X509_CRL_get_ext_count %xdefine X509_CRL_get_ext_d2i BORINGSSL_PREFIX %+ _X509_CRL_get_ext_d2i +%xdefine X509_CRL_get_issuer BORINGSSL_PREFIX %+ _X509_CRL_get_issuer +%xdefine X509_CRL_get_lastUpdate BORINGSSL_PREFIX %+ _X509_CRL_get_lastUpdate %xdefine X509_CRL_get_meth_data BORINGSSL_PREFIX %+ _X509_CRL_get_meth_data +%xdefine X509_CRL_get_nextUpdate BORINGSSL_PREFIX %+ _X509_CRL_get_nextUpdate %xdefine X509_CRL_get_signature_nid BORINGSSL_PREFIX %+ _X509_CRL_get_signature_nid +%xdefine X509_CRL_get_version BORINGSSL_PREFIX %+ _X509_CRL_get_version %xdefine X509_CRL_it BORINGSSL_PREFIX %+ _X509_CRL_it %xdefine X509_CRL_match BORINGSSL_PREFIX %+ _X509_CRL_match %xdefine X509_CRL_new BORINGSSL_PREFIX %+ _X509_CRL_new @@ -4581,6 +4592,8 @@ %xdefine X509_REQ_get_extensions BORINGSSL_PREFIX %+ _X509_REQ_get_extensions %xdefine X509_REQ_get_pubkey BORINGSSL_PREFIX %+ _X509_REQ_get_pubkey %xdefine X509_REQ_get_signature_nid BORINGSSL_PREFIX %+ _X509_REQ_get_signature_nid +%xdefine X509_REQ_get_subject_name BORINGSSL_PREFIX %+ _X509_REQ_get_subject_name +%xdefine X509_REQ_get_version BORINGSSL_PREFIX %+ _X509_REQ_get_version %xdefine X509_REQ_it BORINGSSL_PREFIX %+ _X509_REQ_it %xdefine X509_REQ_new BORINGSSL_PREFIX %+ _X509_REQ_new %xdefine X509_REQ_print BORINGSSL_PREFIX %+ _X509_REQ_print @@ -4770,6 +4783,8 @@ %xdefine X509_get0_tbs_sigalg BORINGSSL_PREFIX %+ _X509_get0_tbs_sigalg %xdefine X509_get1_email BORINGSSL_PREFIX %+ _X509_get1_email %xdefine X509_get1_ocsp BORINGSSL_PREFIX %+ _X509_get1_ocsp +%xdefine X509_get_X509_PUBKEY BORINGSSL_PREFIX %+ _X509_get_X509_PUBKEY +%xdefine X509_get_cert_info BORINGSSL_PREFIX %+ _X509_get_cert_info %xdefine X509_get_default_cert_area BORINGSSL_PREFIX %+ _X509_get_default_cert_area %xdefine X509_get_default_cert_dir BORINGSSL_PREFIX %+ _X509_get_default_cert_dir %xdefine X509_get_default_cert_dir_env BORINGSSL_PREFIX %+ _X509_get_default_cert_dir_env @@ -4788,10 +4803,13 @@ %xdefine X509_get_extension_flags BORINGSSL_PREFIX %+ _X509_get_extension_flags %xdefine X509_get_issuer_name BORINGSSL_PREFIX %+ _X509_get_issuer_name %xdefine X509_get_key_usage BORINGSSL_PREFIX %+ _X509_get_key_usage +%xdefine X509_get_notAfter BORINGSSL_PREFIX %+ _X509_get_notAfter +%xdefine X509_get_notBefore BORINGSSL_PREFIX %+ _X509_get_notBefore %xdefine X509_get_pubkey BORINGSSL_PREFIX %+ _X509_get_pubkey %xdefine X509_get_serialNumber BORINGSSL_PREFIX %+ _X509_get_serialNumber %xdefine X509_get_signature_nid BORINGSSL_PREFIX %+ _X509_get_signature_nid %xdefine X509_get_subject_name BORINGSSL_PREFIX %+ _X509_get_subject_name +%xdefine X509_get_version BORINGSSL_PREFIX %+ _X509_get_version %xdefine X509_getm_notAfter BORINGSSL_PREFIX %+ _X509_getm_notAfter %xdefine X509_getm_notBefore BORINGSSL_PREFIX %+ _X509_getm_notBefore %xdefine X509_gmtime_adj BORINGSSL_PREFIX %+ _X509_gmtime_adj @@ -5186,9 +5204,7 @@ %xdefine ec_get_x_coordinate_as_scalar BORINGSSL_PREFIX %+ _ec_get_x_coordinate_as_scalar %xdefine ec_group_new BORINGSSL_PREFIX %+ _ec_group_new %xdefine ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 BORINGSSL_PREFIX %+ _ec_hash_to_curve_p384_xmd_sha512_sswu_draft07 -%xdefine ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 BORINGSSL_PREFIX %+ _ec_hash_to_curve_p521_xmd_sha512_sswu_draft06 %xdefine ec_hash_to_scalar_p384_xmd_sha512_draft07 BORINGSSL_PREFIX %+ _ec_hash_to_scalar_p384_xmd_sha512_draft07 -%xdefine ec_hash_to_scalar_p521_xmd_sha512_draft06 BORINGSSL_PREFIX %+ _ec_hash_to_scalar_p521_xmd_sha512_draft06 %xdefine ec_init_precomp BORINGSSL_PREFIX %+ _ec_init_precomp %xdefine ec_jacobian_to_affine BORINGSSL_PREFIX %+ _ec_jacobian_to_affine %xdefine ec_jacobian_to_affine_batch BORINGSSL_PREFIX %+ _ec_jacobian_to_affine_batch @@ -5423,13 +5439,6 @@ %xdefine pkcs7_bundle BORINGSSL_PREFIX %+ _pkcs7_bundle %xdefine pkcs7_parse_header BORINGSSL_PREFIX %+ _pkcs7_parse_header %xdefine pkcs8_pbe_decrypt BORINGSSL_PREFIX %+ _pkcs8_pbe_decrypt -%xdefine pmbtoken_exp0_blind BORINGSSL_PREFIX %+ _pmbtoken_exp0_blind -%xdefine pmbtoken_exp0_client_key_from_bytes BORINGSSL_PREFIX %+ _pmbtoken_exp0_client_key_from_bytes -%xdefine pmbtoken_exp0_generate_key BORINGSSL_PREFIX %+ _pmbtoken_exp0_generate_key -%xdefine pmbtoken_exp0_issuer_key_from_bytes BORINGSSL_PREFIX %+ _pmbtoken_exp0_issuer_key_from_bytes -%xdefine pmbtoken_exp0_read BORINGSSL_PREFIX %+ _pmbtoken_exp0_read -%xdefine pmbtoken_exp0_sign BORINGSSL_PREFIX %+ _pmbtoken_exp0_sign -%xdefine pmbtoken_exp0_unblind BORINGSSL_PREFIX %+ _pmbtoken_exp0_unblind %xdefine pmbtoken_exp1_blind BORINGSSL_PREFIX %+ _pmbtoken_exp1_blind %xdefine pmbtoken_exp1_client_key_from_bytes BORINGSSL_PREFIX %+ _pmbtoken_exp1_client_key_from_bytes %xdefine pmbtoken_exp1_generate_key BORINGSSL_PREFIX %+ _pmbtoken_exp1_generate_key @@ -5544,6 +5553,7 @@ %xdefine x509_rsa_ctx_to_pss BORINGSSL_PREFIX %+ _x509_rsa_ctx_to_pss %xdefine x509_rsa_pss_to_ctx BORINGSSL_PREFIX %+ _x509_rsa_pss_to_ctx %xdefine x509v3_bytes_to_hex BORINGSSL_PREFIX %+ _x509v3_bytes_to_hex +%xdefine x509v3_cache_extensions BORINGSSL_PREFIX %+ _x509v3_cache_extensions %xdefine x509v3_hex_to_bytes BORINGSSL_PREFIX %+ _x509v3_hex_to_bytes %xdefine x509v3_looks_like_dns_name BORINGSSL_PREFIX %+ _x509v3_looks_like_dns_name %xdefine x509v3_name_cmp BORINGSSL_PREFIX %+ _x509v3_name_cmp