grpc 1.35.0.pre1 → 1.37.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +121 -89
- data/include/grpc/grpc.h +15 -1
- data/include/grpc/grpc_security.h +16 -11
- data/include/grpc/impl/codegen/port_platform.h +2 -0
- data/src/core/ext/filters/client_channel/client_channel.cc +359 -331
- data/src/core/ext/filters/client_channel/client_channel.h +0 -2
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/config_selector.h +9 -1
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +9 -4
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +24 -142
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +2 -2
- data/src/core/ext/filters/client_channel/lb_policy.cc +3 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +3 -5
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +8 -6
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +289 -170
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +5 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +8 -25
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +232 -110
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +10 -9
- data/src/core/ext/filters/client_channel/resolver.cc +5 -5
- data/src/core/ext/filters/client_channel/resolver.h +1 -12
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +36 -45
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -2
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +3 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +34 -50
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +16 -14
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +18 -15
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +4 -4
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +307 -155
- data/src/core/ext/filters/client_channel/server_address.cc +9 -0
- data/src/core/ext/filters/client_channel/server_address.h +31 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +69 -146
- data/src/core/ext/filters/client_channel/subchannel.h +63 -95
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +10 -8
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +500 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/max_age/max_age_filter.cc +35 -32
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +2 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +3 -2
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +490 -178
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +11 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +11 -1
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +1 -1
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +62 -18
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +39 -7
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -1
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +5 -1
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +1 -1
- data/src/core/ext/transport/chttp2/transport/internal.h +1 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +11 -16
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +42 -59
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +3 -2
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +15 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +25 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +75 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +2 -2
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +9 -9
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +7 -7
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +28 -13
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +6 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +25 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +11 -5
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +41 -7
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +23 -21
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +122 -77
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +13 -9
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +37 -5
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +11 -9
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +44 -27
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +57 -16
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +150 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +19 -21
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +64 -51
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +16 -13
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +50 -18
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +4 -7
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +0 -17
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +30 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +85 -73
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +0 -3
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.c +0 -2
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +0 -1
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +21 -4
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +29 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/authority.upb.c +5 -5
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/{udpa/core/v1 → xds/core/v3}/resource.upb.c +9 -9
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +168 -171
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +405 -420
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +2 -2
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +12 -9
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +177 -171
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +88 -88
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +153 -153
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +10 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +33 -20
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +56 -59
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +116 -111
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +129 -121
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +21 -24
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +17 -13
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +753 -724
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +10 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +22 -25
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +371 -377
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +12 -16
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +112 -108
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +45 -53
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +177 -180
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +92 -102
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +5 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +32 -42
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +30 -40
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +4 -7
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +38 -44
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +30 -33
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +8 -7
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +9 -9
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +9 -8
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +8 -8
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +14 -11
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/xds_api.cc +2149 -666
- data/src/core/ext/xds/xds_api.h +321 -119
- data/src/core/ext/xds/xds_bootstrap.cc +80 -45
- data/src/core/ext/xds/xds_bootstrap.h +17 -5
- data/src/core/ext/xds/xds_certificate_provider.cc +180 -74
- data/src/core/ext/xds/xds_certificate_provider.h +83 -44
- data/src/core/ext/xds/xds_client.cc +181 -34
- data/src/core/ext/xds/xds_client.h +29 -0
- data/src/core/ext/xds/xds_client_stats.cc +2 -1
- data/src/core/ext/xds/xds_client_stats.h +2 -2
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +425 -24
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +7 -0
- data/src/core/lib/channel/channelz.cc +92 -4
- data/src/core/lib/channel/channelz.h +30 -1
- data/src/core/lib/channel/channelz_registry.cc +14 -0
- data/src/core/lib/channel/handshaker.cc +2 -44
- data/src/core/lib/channel/handshaker.h +1 -18
- data/src/core/lib/channel/status_util.cc +12 -2
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/gpr/log.cc +6 -1
- data/src/core/lib/gpr/sync_abseil.cc +3 -6
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gprpp/atomic.h +3 -3
- data/src/core/lib/gprpp/dual_ref_counted.h +3 -3
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/ref_counted.h +1 -1
- data/src/core/lib/gprpp/ref_counted_ptr.h +2 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +1 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/httpcli_security_connector.cc +2 -2
- data/src/core/lib/iomgr/buffer_list.h +1 -1
- data/src/core/lib/iomgr/cfstream_handle.cc +2 -2
- data/src/core/lib/iomgr/error.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +11 -8
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +3 -3
- data/src/core/lib/iomgr/ev_epollex_linux.cc +4 -4
- data/src/core/lib/iomgr/ev_posix.cc +3 -3
- data/src/core/lib/iomgr/exec_ctx.cc +6 -2
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +0 -1
- data/src/core/lib/iomgr/resource_quota.cc +1 -1
- data/src/core/lib/iomgr/sockaddr_utils.cc +121 -1
- data/src/core/lib/iomgr/sockaddr_utils.h +25 -0
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +1 -0
- data/src/core/lib/iomgr/tcp_client_posix.cc +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +5 -8
- data/src/core/lib/iomgr/tcp_uv.cc +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +2 -2
- data/src/core/lib/iomgr/timer_manager.cc +1 -1
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/credentials.h +2 -1
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +2 -2
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +1 -1
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +1 -1
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +7 -6
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +0 -3
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +0 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +2 -1
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +1 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +2 -1
- data/src/core/lib/security/credentials/tls/tls_credentials.h +1 -1
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +128 -59
- data/src/core/lib/security/credentials/xds/xds_credentials.h +3 -3
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +5 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +9 -4
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +32 -14
- data/src/core/lib/security/transport/security_handshaker.cc +33 -5
- data/src/core/lib/security/transport/server_auth_filter.cc +7 -0
- data/src/core/lib/slice/slice_intern.cc +5 -6
- data/src/core/lib/surface/channel.h +3 -3
- data/src/core/lib/surface/completion_queue.cc +1 -1
- data/src/core/lib/surface/init.cc +13 -15
- data/src/core/lib/surface/lame_client.cc +38 -19
- data/src/core/lib/surface/lame_client.h +4 -3
- data/src/core/lib/surface/server.cc +43 -36
- data/src/core/lib/surface/server.h +76 -14
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/metadata.cc +6 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +14 -0
- data/src/core/plugin_registry/grpc_plugin_registry.cc +12 -0
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +18 -24
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +16 -21
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +1 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +1 -3
- data/src/core/tsi/fake_transport_security.cc +11 -2
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -3
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +2 -4
- data/src/core/tsi/ssl_transport_security.cc +0 -3
- data/src/core/tsi/ssl_transport_security.h +0 -3
- data/src/ruby/ext/grpc/extconf.rb +9 -1
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +11 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +4 -1
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/generic/client_stub.rb +4 -2
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +7 -0
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +32 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +2 -2
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +1 -0
- data/third_party/boringssl-with-bazel/err_data.c +715 -713
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +4 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -14
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +11 -2
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +3 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +136 -213
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +12 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +9 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +135 -43
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +51 -32
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +18 -29
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +1 -29
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +29 -23
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +1 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +39 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +11 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +25 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +40 -20
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +3 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +652 -545
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +19 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +56 -26
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +12 -2
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +67 -33
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -8
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +287 -99
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +139 -36
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +4 -3
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +11 -20
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +10 -5
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +37 -16
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +0 -1
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +20 -14
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +7 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +5 -7
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +362 -50
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +48 -15
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +66 -24
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +140 -84
- data/src/core/ext/upb-generated/udpa/core/v1/authority.upb.h +0 -60
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.c +0 -52
- data/src/core/ext/upb-generated/udpa/core/v1/collection_entry.upb.h +0 -143
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.c +0 -42
- data/src/core/ext/upb-generated/udpa/core/v1/context_params.upb.h +0 -84
- data/src/core/ext/upb-generated/udpa/core/v1/resource.upb.h +0 -94
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.c +0 -54
- data/src/core/ext/upb-generated/udpa/core/v1/resource_locator.upb.h +0 -173
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.c +0 -36
- data/src/core/ext/upb-generated/udpa/core/v1/resource_name.upb.h +0 -92
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.c +0 -42
- data/src/core/ext/upbdefs-generated/udpa/core/v1/authority.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.c +0 -62
- data/src/core/ext/upbdefs-generated/udpa/core/v1/collection_entry.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.c +0 -45
- data/src/core/ext/upbdefs-generated/udpa/core/v1/context_params.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.c +0 -49
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource.upbdefs.h +0 -35
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.c +0 -68
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_locator.upbdefs.h +0 -40
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.c +0 -51
- data/src/core/ext/upbdefs-generated/udpa/core/v1/resource_name.upbdefs.h +0 -35
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/authorization/authorization_engine.cc +0 -177
- data/src/core/lib/security/authorization/authorization_engine.h +0 -84
- data/src/core/lib/security/authorization/evaluate_args.cc +0 -148
- data/src/core/lib/security/authorization/evaluate_args.h +0 -59
- data/src/core/lib/security/authorization/mock_cel/activation.h +0 -57
- data/src/core/lib/security/authorization/mock_cel/cel_expr_builder_factory.h +0 -44
- data/src/core/lib/security/authorization/mock_cel/cel_expression.h +0 -69
- data/src/core/lib/security/authorization/mock_cel/cel_value.h +0 -97
- data/src/core/lib/security/authorization/mock_cel/evaluator_core.h +0 -67
- data/src/core/lib/security/authorization/mock_cel/flat_expr_builder.h +0 -57
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +0 -504
- data/third_party/upb/upb/json_decode.c +0 -1443
- data/third_party/upb/upb/json_decode.h +0 -23
- data/third_party/upb/upb/json_encode.c +0 -713
- data/third_party/upb/upb/json_encode.h +0 -36
@@ -108,11 +108,10 @@ static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
|
|
108
108
|
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT);
|
109
109
|
return NULL;
|
110
110
|
}
|
111
|
-
if (!(ia5 =
|
111
|
+
if (!(ia5 = ASN1_IA5STRING_new()))
|
112
112
|
goto err;
|
113
|
-
if (!ASN1_STRING_set(
|
114
|
-
|
115
|
-
M_ASN1_IA5STRING_free(ia5);
|
113
|
+
if (!ASN1_STRING_set(ia5, str, strlen(str))) {
|
114
|
+
ASN1_IA5STRING_free(ia5);
|
116
115
|
goto err;
|
117
116
|
}
|
118
117
|
return ia5;
|
@@ -122,7 +122,7 @@ const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
|
|
122
122
|
return sk_X509V3_EXT_METHOD_value(ext_list, idx);
|
123
123
|
}
|
124
124
|
|
125
|
-
const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
|
125
|
+
const X509V3_EXT_METHOD *X509V3_EXT_get(const X509_EXTENSION *ext)
|
126
126
|
{
|
127
127
|
int nid;
|
128
128
|
if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
|
@@ -203,7 +203,7 @@ int X509V3_add_standard_extensions(void)
|
|
203
203
|
|
204
204
|
/* Return an extension internal structure */
|
205
205
|
|
206
|
-
void *X509V3_EXT_d2i(X509_EXTENSION *ext)
|
206
|
+
void *X509V3_EXT_d2i(const X509_EXTENSION *ext)
|
207
207
|
{
|
208
208
|
const X509V3_EXT_METHOD *method;
|
209
209
|
const unsigned char *p;
|
@@ -217,49 +217,38 @@ void *X509V3_EXT_d2i(X509_EXTENSION *ext)
|
|
217
217
|
return method->d2i(NULL, &p, ext->value->length);
|
218
218
|
}
|
219
219
|
|
220
|
-
|
221
|
-
*
|
222
|
-
* variable returns the last found extension and can be used to retrieve
|
223
|
-
* multiple extensions of the same NID. However multiple extensions with the
|
224
|
-
* same NID is usually due to a badly encoded certificate so if idx is NULL
|
225
|
-
* we choke if multiple extensions exist. The "crit" variable is set to the
|
226
|
-
* critical value. The return value is the decoded extension or NULL on
|
227
|
-
* error. The actual error can have several different causes, the value of
|
228
|
-
* *crit reflects the cause: >= 0, extension found but not decoded (reflects
|
229
|
-
* critical value). -1 extension not found. -2 extension occurs more than
|
230
|
-
* once.
|
231
|
-
*/
|
232
|
-
|
233
|
-
void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
|
234
|
-
int *idx)
|
220
|
+
void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *extensions, int nid,
|
221
|
+
int *out_critical, int *out_idx)
|
235
222
|
{
|
236
223
|
int lastpos;
|
237
224
|
size_t i;
|
238
225
|
X509_EXTENSION *ex, *found_ex = NULL;
|
239
|
-
if (!
|
240
|
-
if (
|
241
|
-
*
|
242
|
-
if (
|
243
|
-
*
|
226
|
+
if (!extensions) {
|
227
|
+
if (out_idx)
|
228
|
+
*out_idx = -1;
|
229
|
+
if (out_critical)
|
230
|
+
*out_critical = -1;
|
244
231
|
return NULL;
|
245
232
|
}
|
246
|
-
if (
|
247
|
-
lastpos = *
|
233
|
+
if (out_idx)
|
234
|
+
lastpos = *out_idx + 1;
|
248
235
|
else
|
249
236
|
lastpos = 0;
|
250
237
|
if (lastpos < 0)
|
251
238
|
lastpos = 0;
|
252
|
-
for (i = lastpos; i < sk_X509_EXTENSION_num(
|
253
|
-
ex = sk_X509_EXTENSION_value(
|
239
|
+
for (i = lastpos; i < sk_X509_EXTENSION_num(extensions); i++) {
|
240
|
+
ex = sk_X509_EXTENSION_value(extensions, i);
|
254
241
|
if (OBJ_obj2nid(ex->object) == nid) {
|
255
|
-
if (
|
256
|
-
|
242
|
+
if (out_idx) {
|
243
|
+
/* TODO(https://crbug.com/boringssl/379): Consistently reject
|
244
|
+
* duplicate extensions. */
|
245
|
+
*out_idx = i;
|
257
246
|
found_ex = ex;
|
258
247
|
break;
|
259
248
|
} else if (found_ex) {
|
260
249
|
/* Found more than one */
|
261
|
-
if (
|
262
|
-
*
|
250
|
+
if (out_critical)
|
251
|
+
*out_critical = -2;
|
263
252
|
return NULL;
|
264
253
|
}
|
265
254
|
found_ex = ex;
|
@@ -267,16 +256,16 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
|
|
267
256
|
}
|
268
257
|
if (found_ex) {
|
269
258
|
/* Found it */
|
270
|
-
if (
|
271
|
-
*
|
259
|
+
if (out_critical)
|
260
|
+
*out_critical = X509_EXTENSION_get_critical(found_ex);
|
272
261
|
return X509V3_EXT_d2i(found_ex);
|
273
262
|
}
|
274
263
|
|
275
264
|
/* Extension not found */
|
276
|
-
if (
|
277
|
-
*
|
278
|
-
if (
|
279
|
-
*
|
265
|
+
if (out_idx)
|
266
|
+
*out_idx = -1;
|
267
|
+
if (out_critical)
|
268
|
+
*out_critical = -1;
|
280
269
|
return NULL;
|
281
270
|
}
|
282
271
|
|
@@ -183,7 +183,7 @@ int X509V3_extensions_print(BIO *bp, const char *title,
|
|
183
183
|
return 0;
|
184
184
|
if (!X509V3_EXT_print(bp, ex, flag, indent + 4)) {
|
185
185
|
BIO_printf(bp, "%*s", indent + 4, "");
|
186
|
-
|
186
|
+
ASN1_STRING_print(bp, ex->value);
|
187
187
|
}
|
188
188
|
if (BIO_write(bp, "\n", 1) <= 0)
|
189
189
|
return 0;
|
@@ -83,18 +83,18 @@ char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, const ASN1_OCTET_STRING *
|
|
83
83
|
}
|
84
84
|
|
85
85
|
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
|
86
|
-
X509V3_CTX *ctx, char *str)
|
86
|
+
X509V3_CTX *ctx, const char *str)
|
87
87
|
{
|
88
88
|
ASN1_OCTET_STRING *oct;
|
89
89
|
long length;
|
90
90
|
|
91
|
-
if (!(oct =
|
91
|
+
if (!(oct = ASN1_OCTET_STRING_new())) {
|
92
92
|
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
93
93
|
return NULL;
|
94
94
|
}
|
95
95
|
|
96
96
|
if (!(oct->data = x509v3_hex_to_bytes(str, &length))) {
|
97
|
-
|
97
|
+
ASN1_OCTET_STRING_free(oct);
|
98
98
|
return NULL;
|
99
99
|
}
|
100
100
|
|
@@ -115,7 +115,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
|
|
115
115
|
if (strcmp(str, "hash"))
|
116
116
|
return s2i_ASN1_OCTET_STRING(method, ctx, str);
|
117
117
|
|
118
|
-
if (!(oct =
|
118
|
+
if (!(oct = ASN1_OCTET_STRING_new())) {
|
119
119
|
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
120
120
|
return NULL;
|
121
121
|
}
|
@@ -142,7 +142,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
|
|
142
142
|
(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
|
143
143
|
goto err;
|
144
144
|
|
145
|
-
if (!
|
145
|
+
if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
|
146
146
|
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
|
147
147
|
goto err;
|
148
148
|
}
|
@@ -150,6 +150,6 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
|
|
150
150
|
return oct;
|
151
151
|
|
152
152
|
err:
|
153
|
-
|
153
|
+
ASN1_OCTET_STRING_free(oct);
|
154
154
|
return NULL;
|
155
155
|
}
|
@@ -147,7 +147,7 @@ int X509V3_add_value_bool(const char *name, int asn1_bool,
|
|
147
147
|
return X509V3_add_value(name, "FALSE", extlist);
|
148
148
|
}
|
149
149
|
|
150
|
-
int X509V3_add_value_bool_nf(char *name, int asn1_bool,
|
150
|
+
int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
|
151
151
|
STACK_OF(CONF_VALUE) **extlist)
|
152
152
|
{
|
153
153
|
if (asn1_bool)
|
@@ -194,7 +194,7 @@ static char *bignum_to_string(const BIGNUM *bn)
|
|
194
194
|
return ret;
|
195
195
|
}
|
196
196
|
|
197
|
-
char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
|
197
|
+
char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a)
|
198
198
|
{
|
199
199
|
BIGNUM *bntmp = NULL;
|
200
200
|
char *strtmp = NULL;
|
@@ -207,7 +207,7 @@ char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
|
|
207
207
|
return strtmp;
|
208
208
|
}
|
209
209
|
|
210
|
-
char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
|
210
|
+
char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a)
|
211
211
|
{
|
212
212
|
BIGNUM *bntmp = NULL;
|
213
213
|
char *strtmp = NULL;
|
@@ -220,7 +220,7 @@ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
|
|
220
220
|
return strtmp;
|
221
221
|
}
|
222
222
|
|
223
|
-
ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
|
223
|
+
ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value)
|
224
224
|
{
|
225
225
|
BIGNUM *bn = NULL;
|
226
226
|
ASN1_INTEGER *aint;
|
@@ -282,7 +282,7 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
|
|
282
282
|
return ret;
|
283
283
|
}
|
284
284
|
|
285
|
-
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
|
285
|
+
int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool)
|
286
286
|
{
|
287
287
|
char *btmp;
|
288
288
|
if (!(btmp = value->value))
|
@@ -304,7 +304,7 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
|
|
304
304
|
return 0;
|
305
305
|
}
|
306
306
|
|
307
|
-
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
|
307
|
+
int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint)
|
308
308
|
{
|
309
309
|
ASN1_INTEGER *itmp;
|
310
310
|
if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
|
@@ -157,7 +157,7 @@
|
|
157
157
|
#endif
|
158
158
|
|
159
159
|
#if GNU_PROPERTY_AARCH64_POINTER_AUTH != 0 || GNU_PROPERTY_AARCH64_BTI != 0
|
160
|
-
.pushsection note.gnu.property, "a";
|
160
|
+
.pushsection .note.gnu.property, "a";
|
161
161
|
.balign 8;
|
162
162
|
.long 4;
|
163
163
|
.long 0x10;
|
@@ -166,8 +166,8 @@
|
|
166
166
|
.long 0xc0000000; /* GNU_PROPERTY_AARCH64_FEATURE_1_AND */
|
167
167
|
.long 4;
|
168
168
|
.long (GNU_PROPERTY_AARCH64_POINTER_AUTH | GNU_PROPERTY_AARCH64_BTI);
|
169
|
-
.long 0
|
170
|
-
.popsection
|
169
|
+
.long 0;
|
170
|
+
.popsection;
|
171
171
|
#endif
|
172
172
|
|
173
173
|
#endif /* defined __ASSEMBLER__ */
|
@@ -4,21 +4,21 @@
|
|
4
4
|
* This package is an SSL implementation written
|
5
5
|
* by Eric Young (eay@cryptsoft.com).
|
6
6
|
* The implementation was written so as to conform with Netscapes SSL.
|
7
|
-
*
|
7
|
+
*
|
8
8
|
* This library is free for commercial and non-commercial use as long as
|
9
9
|
* the following conditions are aheared to. The following conditions
|
10
10
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
11
11
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
12
12
|
* included with this distribution is covered by the same copyright terms
|
13
13
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
14
|
-
*
|
14
|
+
*
|
15
15
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
16
16
|
* the code are not to be removed.
|
17
17
|
* If this package is used in a product, Eric Young should be given attribution
|
18
18
|
* as the author of the parts of the library used.
|
19
19
|
* This can be in the form of a textual message at program startup or
|
20
20
|
* in documentation (online or textual) provided with the package.
|
21
|
-
*
|
21
|
+
*
|
22
22
|
* Redistribution and use in source and binary forms, with or without
|
23
23
|
* modification, are permitted provided that the following conditions
|
24
24
|
* are met:
|
@@ -33,10 +33,10 @@
|
|
33
33
|
* Eric Young (eay@cryptsoft.com)"
|
34
34
|
* The word 'cryptographic' can be left out if the rouines from the library
|
35
35
|
* being used are not cryptographic related :-).
|
36
|
-
* 4. If you include any Windows specific code (or a derivative thereof) from
|
36
|
+
* 4. If you include any Windows specific code (or a derivative thereof) from
|
37
37
|
* the apps directory (application code) you must include an acknowledgement:
|
38
38
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
39
|
-
*
|
39
|
+
*
|
40
40
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
41
41
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
42
42
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
@@ -48,7 +48,7 @@
|
|
48
48
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
49
49
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
50
50
|
* SUCH DAMAGE.
|
51
|
-
*
|
51
|
+
*
|
52
52
|
* The licence and distribution terms for any publically available version or
|
53
53
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
54
54
|
* copied and put under another distribution licence
|
@@ -67,400 +67,548 @@
|
|
67
67
|
|
68
68
|
#include <openssl/bn.h>
|
69
69
|
|
70
|
-
#ifdef
|
70
|
+
#ifdef __cplusplus
|
71
71
|
extern "C" {
|
72
72
|
#endif
|
73
73
|
|
74
74
|
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
#define
|
91
|
-
#define
|
92
|
-
#define
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
#define
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
#define
|
110
|
-
|
111
|
-
|
112
|
-
#define
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
#define
|
117
|
-
|
118
|
-
|
119
|
-
#define
|
120
|
-
|
121
|
-
|
122
|
-
#define
|
123
|
-
|
124
|
-
|
125
|
-
#define
|
126
|
-
#define
|
127
|
-
#define
|
128
|
-
#define
|
129
|
-
#define
|
130
|
-
|
131
|
-
|
132
|
-
#define
|
133
|
-
#define
|
134
|
-
#define
|
135
|
-
#define
|
136
|
-
#define
|
137
|
-
#define
|
138
|
-
#define
|
139
|
-
#define
|
140
|
-
#define
|
141
|
-
#define
|
142
|
-
#define
|
143
|
-
#define
|
144
|
-
#define
|
145
|
-
#define
|
146
|
-
#define
|
147
|
-
#define
|
148
|
-
#define
|
149
|
-
#define
|
150
|
-
#define
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
#define
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
75
|
+
// Legacy ASN.1 library.
|
76
|
+
//
|
77
|
+
// This header is part of OpenSSL's ASN.1 implementation. It is retained for
|
78
|
+
// compatibility but otherwise underdocumented and not actively maintained. Use
|
79
|
+
// the new |CBS| and |CBB| library in <openssl/bytestring.h> instead.
|
80
|
+
|
81
|
+
|
82
|
+
// Tag constants.
|
83
|
+
//
|
84
|
+
// These constants are used in various APIs to specify ASN.1 types and tag
|
85
|
+
// components. See the specific API's documentation for details on which values
|
86
|
+
// are used and how.
|
87
|
+
|
88
|
+
// The following constants are tag classes.
|
89
|
+
#define V_ASN1_UNIVERSAL 0x00
|
90
|
+
#define V_ASN1_APPLICATION 0x40
|
91
|
+
#define V_ASN1_CONTEXT_SPECIFIC 0x80
|
92
|
+
#define V_ASN1_PRIVATE 0xc0
|
93
|
+
|
94
|
+
// V_ASN1_CONSTRUCTED indicates an element is constructed, rather than
|
95
|
+
// primitive.
|
96
|
+
#define V_ASN1_CONSTRUCTED 0x20
|
97
|
+
|
98
|
+
// V_ASN1_PRIMITIVE_TAG is the highest tag number which can be encoded in a
|
99
|
+
// single byte. Note this is unrelated to whether an element is constructed or
|
100
|
+
// primitive.
|
101
|
+
//
|
102
|
+
// TODO(davidben): Make this private.
|
103
|
+
#define V_ASN1_PRIMITIVE_TAG 0x1f
|
104
|
+
|
105
|
+
// V_ASN1_MAX_UNIVERSAL is the highest supported universal tag number. It is
|
106
|
+
// necessary to avoid ambiguity with |V_ASN1_NEG|.
|
107
|
+
//
|
108
|
+
// TODO(davidben): Make this private.
|
109
|
+
#define V_ASN1_MAX_UNIVERSAL 0xff
|
110
|
+
|
111
|
+
// V_ASN1_UNDEF is used in some APIs to indicate an ASN.1 element is omitted.
|
112
|
+
#define V_ASN1_UNDEF (-1)
|
113
|
+
|
114
|
+
// V_ASN1_APP_CHOOSE is used in some APIs to specify a default ASN.1 type based
|
115
|
+
// on the context.
|
116
|
+
#define V_ASN1_APP_CHOOSE (-2)
|
117
|
+
|
118
|
+
// V_ASN1_OTHER is used in |ASN1_TYPE| to indicate a non-universal ASN.1 type.
|
119
|
+
#define V_ASN1_OTHER (-3)
|
120
|
+
|
121
|
+
// V_ASN1_ANY is used by the ASN.1 templates to indicate an ANY type.
|
122
|
+
#define V_ASN1_ANY (-4)
|
123
|
+
|
124
|
+
// The following constants are tag numbers for universal types.
|
125
|
+
#define V_ASN1_EOC 0
|
126
|
+
#define V_ASN1_BOOLEAN 1
|
127
|
+
#define V_ASN1_INTEGER 2
|
128
|
+
#define V_ASN1_BIT_STRING 3
|
129
|
+
#define V_ASN1_OCTET_STRING 4
|
130
|
+
#define V_ASN1_NULL 5
|
131
|
+
#define V_ASN1_OBJECT 6
|
132
|
+
#define V_ASN1_OBJECT_DESCRIPTOR 7
|
133
|
+
#define V_ASN1_EXTERNAL 8
|
134
|
+
#define V_ASN1_REAL 9
|
135
|
+
#define V_ASN1_ENUMERATED 10
|
136
|
+
#define V_ASN1_UTF8STRING 12
|
137
|
+
#define V_ASN1_SEQUENCE 16
|
138
|
+
#define V_ASN1_SET 17
|
139
|
+
#define V_ASN1_NUMERICSTRING 18
|
140
|
+
#define V_ASN1_PRINTABLESTRING 19
|
141
|
+
#define V_ASN1_T61STRING 20
|
142
|
+
#define V_ASN1_TELETEXSTRING 20
|
143
|
+
#define V_ASN1_VIDEOTEXSTRING 21
|
144
|
+
#define V_ASN1_IA5STRING 22
|
145
|
+
#define V_ASN1_UTCTIME 23
|
146
|
+
#define V_ASN1_GENERALIZEDTIME 24
|
147
|
+
#define V_ASN1_GRAPHICSTRING 25
|
148
|
+
#define V_ASN1_ISO64STRING 26
|
149
|
+
#define V_ASN1_VISIBLESTRING 26
|
150
|
+
#define V_ASN1_GENERALSTRING 27
|
151
|
+
#define V_ASN1_UNIVERSALSTRING 28
|
152
|
+
#define V_ASN1_BMPSTRING 30
|
153
|
+
|
154
|
+
// The following constants are used for |ASN1_STRING| values that represent
|
155
|
+
// negative INTEGER and ENUMERATED values. See |ASN1_STRING| for more details.
|
156
|
+
#define V_ASN1_NEG 0x100
|
157
|
+
#define V_ASN1_NEG_INTEGER (V_ASN1_INTEGER | V_ASN1_NEG)
|
158
|
+
#define V_ASN1_NEG_ENUMERATED (V_ASN1_ENUMERATED | V_ASN1_NEG)
|
159
|
+
|
160
|
+
|
161
|
+
// Strings.
|
162
|
+
//
|
163
|
+
// ASN.1 contains a myriad of string types, as well as types that contain data
|
164
|
+
// that may be encoded into a string. This library uses a single type,
|
165
|
+
// |ASN1_STRING|, to represent most values.
|
166
|
+
|
167
|
+
// An asn1_string_st (aka |ASN1_STRING|) represents a value of a string-like
|
168
|
+
// ASN.1 type. It contains a type field, and a byte string data field with a
|
169
|
+
// type-specific representation.
|
170
|
+
//
|
171
|
+
// When representing a string value, the type field is one of
|
172
|
+
// |V_ASN1_OCTET_STRING|, |V_ASN1_UTF8STRING|, |V_ASN1_NUMERICSTRING|,
|
173
|
+
// |V_ASN1_PRINTABLESTRING|, |V_ASN1_T61STRING|, |V_ASN1_VIDEOTEXSTRING|,
|
174
|
+
// |V_ASN1_IA5STRING|, |V_ASN1_GRAPHICSTRING|, |V_ASN1_ISO64STRING|,
|
175
|
+
// |V_ASN1_VISIBLESTRING|, |V_ASN1_GENERALSTRING|, |V_ASN1_UNIVERSALSTRING|, or
|
176
|
+
// |V_ASN1_BMPSTRING|. The data contains the byte representation of of the
|
177
|
+
// string.
|
178
|
+
//
|
179
|
+
// When representing a BIT STRING value, the type field is |V_ASN1_BIT_STRING|.
|
180
|
+
// The data contains the encoded form of the BIT STRING, including any padding
|
181
|
+
// bits added to round to a whole number of bytes, but excluding the leading
|
182
|
+
// byte containing the number of padding bits. The number of padding bits is
|
183
|
+
// encoded in the flags field. See |ASN1_STRING_FLAG_BITS_LEFT| for details. For
|
184
|
+
// example, DER encodes the BIT STRING {1, 0} as {0x06, 0x80 = 0b10_000000}. The
|
185
|
+
// |ASN1_STRING| representation has data of {0x80} and flags of
|
186
|
+
// ASN1_STRING_FLAG_BITS_LEFT | 6.
|
187
|
+
//
|
188
|
+
// When representing an INTEGER or ENUMERATED value, the data contains the
|
189
|
+
// big-endian encoding of the absolute value of the integer. The sign bit is
|
190
|
+
// encoded in the type: non-negative values have a type of |V_ASN1_INTEGER| or
|
191
|
+
// |V_ASN1_ENUMERATED|, while negative values have a type of
|
192
|
+
// |V_ASN1_NEG_INTEGER| or |V_ASN1_NEG_ENUMERATED|. Note this differs from DER's
|
193
|
+
// two's complement representation.
|
194
|
+
//
|
195
|
+
// When representing a GeneralizedTime or UTCTime value, the type field is
|
196
|
+
// |V_ASN1_GENERALIZEDTIME| or |V_ASN1_UTCTIME|, respectively. The data contains
|
197
|
+
// the DER encoding of the value. For example, the UNIX epoch would be
|
198
|
+
// "19700101000000Z" for a GeneralizedTime and "700101000000Z" for a UTCTime.
|
199
|
+
//
|
200
|
+
// TODO(davidben): |ASN1_TYPE| additionally uses |ASN1_STRING| to represent
|
201
|
+
// various other odd cases. It also likes to assume unknown universal tags are
|
202
|
+
// string types. Make a note here when documenting |ASN1_TYPE|.
|
203
|
+
//
|
204
|
+
// |ASN1_STRING| additionally has the following typedefs: |ASN1_BIT_STRING|,
|
205
|
+
// |ASN1_BMPSTRING|, |ASN1_ENUMERATED|, |ASN1_GENERALIZEDTIME|,
|
206
|
+
// |ASN1_GENERALSTRING|, |ASN1_IA5STRING|, |ASN1_INTEGER|, |ASN1_OCTET_STRING|,
|
207
|
+
// |ASN1_PRINTABLESTRING|, |ASN1_T61STRING|, |ASN1_TIME|,
|
208
|
+
// |ASN1_UNIVERSALSTRING|, |ASN1_UTCTIME|, |ASN1_UTF8STRING|, and
|
209
|
+
// |ASN1_VISIBLESTRING|. Other than |ASN1_TIME|, these correspond to universal
|
210
|
+
// ASN.1 types. |ASN1_TIME| represents a CHOICE of UTCTime and GeneralizedTime,
|
211
|
+
// with a cutoff of 2049, as used in Section 4.1.2.5 of RFC 5280.
|
212
|
+
//
|
213
|
+
// For clarity, callers are encouraged to use the appropriate typedef when
|
214
|
+
// available. They are the same type as |ASN1_STRING|, so a caller may freely
|
215
|
+
// pass them into functions expecting |ASN1_STRING|, such as
|
216
|
+
// |ASN1_STRING_length|.
|
217
|
+
//
|
218
|
+
// If a function returns an |ASN1_STRING| where the typedef or ASN.1 structure
|
219
|
+
// implies constraints on the type field, callers may assume that the type field
|
220
|
+
// is correct. However, if a function takes an |ASN1_STRING| as input, callers
|
221
|
+
// must ensure the type field matches. These invariants are not captured by the
|
222
|
+
// C type system and may not be checked at runtime. For example, callers may
|
223
|
+
// assume the output of |X509_get0_serialNumber| has type |V_ASN1_INTEGER| or
|
224
|
+
// |V_ASN1_NEG_INTEGER|. Callers must not pass a string of type
|
225
|
+
// |V_ASN1_OCTET_STRING| to |X509_set_serialNumber|. Doing so may break
|
226
|
+
// invariants on the |X509| object and break the |X509_get0_serialNumber|
|
227
|
+
// invariant.
|
228
|
+
//
|
229
|
+
// TODO(davidben): This is very unfriendly. Getting the type field wrong should
|
230
|
+
// not cause memory errors, but it may do strange things. We should add runtime
|
231
|
+
// checks to anything that consumes |ASN1_STRING|s from the caller.
|
232
|
+
struct asn1_string_st {
|
233
|
+
int length;
|
234
|
+
int type;
|
235
|
+
unsigned char *data;
|
236
|
+
long flags;
|
237
|
+
};
|
238
|
+
|
239
|
+
// ASN1_STRING_FLAG_BITS_LEFT indicates, in a BIT STRING |ASN1_STRING|, that
|
240
|
+
// flags & 0x7 contains the number of padding bits added to the BIT STRING
|
241
|
+
// value. When not set, all trailing zero bits in the last byte are implicitly
|
242
|
+
// treated as padding. This behavior is deprecated and should not be used.
|
243
|
+
#define ASN1_STRING_FLAG_BITS_LEFT 0x08
|
244
|
+
|
245
|
+
// ASN1_STRING_FLAG_MSTRING indicates that the |ASN1_STRING| is an MSTRING type,
|
246
|
+
// which is how this library refers to a CHOICE type of several string types.
|
247
|
+
// For example, DirectoryString as defined in RFC5280.
|
248
|
+
//
|
249
|
+
// TODO(davidben): This is only used in one place within the library and is easy
|
250
|
+
// to accidentally drop. Can it be removed?
|
251
|
+
#define ASN1_STRING_FLAG_MSTRING 0x040
|
252
|
+
|
253
|
+
// ASN1_STRING_type_new returns a newly-allocated empty |ASN1_STRING| object of
|
254
|
+
// type |type|, or NULL on error.
|
255
|
+
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_type_new(int type);
|
256
|
+
|
257
|
+
// ASN1_STRING_new returns a newly-allocated empty |ASN1_STRING| object with an
|
258
|
+
// arbitrary type. Prefer one of the type-specific constructors, such as
|
259
|
+
// |ASN1_OCTET_STRING_new|, or |ASN1_STRING_type_new|.
|
260
|
+
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_new(void);
|
261
|
+
|
262
|
+
// ASN1_STRING_free releases memory associated with |str|.
|
263
|
+
OPENSSL_EXPORT void ASN1_STRING_free(ASN1_STRING *str);
|
264
|
+
|
265
|
+
// ASN1_STRING_copy sets |dst| to a copy of |str|. It returns one on success and
|
266
|
+
// zero on error.
|
267
|
+
OPENSSL_EXPORT int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
|
268
|
+
|
269
|
+
// ASN1_STRING_dup returns a newly-allocated copy of |str|, or NULL on error.
|
270
|
+
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str);
|
271
|
+
|
272
|
+
// ASN1_STRING_type returns the type of |str|. This value will be one of the
|
273
|
+
// |V_ASN1_*| constants.
|
274
|
+
OPENSSL_EXPORT int ASN1_STRING_type(const ASN1_STRING *str);
|
275
|
+
|
276
|
+
// ASN1_STRING_get0_data returns a pointer to |str|'s contents. Callers should
|
277
|
+
// use |ASN1_STRING_length| to determine the length of the string. The string
|
278
|
+
// may have embedded NUL bytes and may not be NUL-terminated.
|
279
|
+
OPENSSL_EXPORT const unsigned char *ASN1_STRING_get0_data(
|
280
|
+
const ASN1_STRING *str);
|
281
|
+
|
282
|
+
// ASN1_STRING_data returns a mutable pointer to |str|'s contents. Callers
|
283
|
+
// should use |ASN1_STRING_length| to determine the length of the string. The
|
284
|
+
// string may have embedded NUL bytes and may not be NUL-terminated.
|
285
|
+
//
|
286
|
+
// Prefer |ASN1_STRING_get0_data|.
|
287
|
+
OPENSSL_EXPORT unsigned char *ASN1_STRING_data(ASN1_STRING *str);
|
288
|
+
|
289
|
+
// ASN1_STRING_length returns the length of |str|, in bytes.
|
290
|
+
OPENSSL_EXPORT int ASN1_STRING_length(const ASN1_STRING *str);
|
291
|
+
|
292
|
+
// ASN1_STRING_cmp compares |a| and |b|'s type and contents. It returns an
|
293
|
+
// integer equal to, less than, or greater than zero if |a| is equal to, less
|
294
|
+
// than, or greater than |b|, respectively. The comparison is suitable for
|
295
|
+
// sorting, but callers should not rely on the particular comparison.
|
296
|
+
//
|
297
|
+
// Note if |a| or |b| are BIT STRINGs, this function does not compare the
|
298
|
+
// |ASN1_STRING_FLAG_BITS_LEFT| flags.
|
299
|
+
//
|
300
|
+
// TODO(davidben): The BIT STRING comparison seems like a bug. Fix it?
|
301
|
+
OPENSSL_EXPORT int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
|
302
|
+
|
303
|
+
// ASN1_STRING_set sets the contents of |str| to a copy of |len| bytes from
|
304
|
+
// |data|. It returns one on success and zero on error.
|
305
|
+
OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
|
306
|
+
|
307
|
+
// ASN1_STRING_set0 sets the contents of |str| to |len| bytes from |data|. It
|
308
|
+
// takes ownership of |data|, which must have been allocated with
|
309
|
+
// |OPENSSL_malloc|.
|
310
|
+
OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
|
311
|
+
|
312
|
+
// TODO(davidben): Pull up and document functions specific to individual string
|
313
|
+
// types.
|
314
|
+
|
315
|
+
|
316
|
+
// Underdocumented functions.
|
317
|
+
//
|
318
|
+
// The following functions are not yet documented and organized.
|
319
|
+
|
320
|
+
// For use with d2i_ASN1_type_bytes()
|
321
|
+
#define B_ASN1_NUMERICSTRING 0x0001
|
322
|
+
#define B_ASN1_PRINTABLESTRING 0x0002
|
323
|
+
#define B_ASN1_T61STRING 0x0004
|
324
|
+
#define B_ASN1_TELETEXSTRING 0x0004
|
325
|
+
#define B_ASN1_VIDEOTEXSTRING 0x0008
|
326
|
+
#define B_ASN1_IA5STRING 0x0010
|
327
|
+
#define B_ASN1_GRAPHICSTRING 0x0020
|
328
|
+
#define B_ASN1_ISO64STRING 0x0040
|
329
|
+
#define B_ASN1_VISIBLESTRING 0x0040
|
330
|
+
#define B_ASN1_GENERALSTRING 0x0080
|
331
|
+
#define B_ASN1_UNIVERSALSTRING 0x0100
|
332
|
+
#define B_ASN1_OCTET_STRING 0x0200
|
333
|
+
#define B_ASN1_BIT_STRING 0x0400
|
334
|
+
#define B_ASN1_BMPSTRING 0x0800
|
335
|
+
#define B_ASN1_UNKNOWN 0x1000
|
336
|
+
#define B_ASN1_UTF8STRING 0x2000
|
337
|
+
#define B_ASN1_UTCTIME 0x4000
|
338
|
+
#define B_ASN1_GENERALIZEDTIME 0x8000
|
339
|
+
#define B_ASN1_SEQUENCE 0x10000
|
340
|
+
|
341
|
+
// For use with ASN1_mbstring_copy()
|
342
|
+
#define MBSTRING_FLAG 0x1000
|
343
|
+
#define MBSTRING_UTF8 (MBSTRING_FLAG)
|
344
|
+
// |MBSTRING_ASC| refers to Latin-1, not ASCII. It is used with TeletexString
|
345
|
+
// which, in turn, is treated as Latin-1 rather than T.61 by OpenSSL and most
|
346
|
+
// other software.
|
347
|
+
#define MBSTRING_ASC (MBSTRING_FLAG | 1)
|
348
|
+
#define MBSTRING_BMP (MBSTRING_FLAG | 2)
|
349
|
+
#define MBSTRING_UNIV (MBSTRING_FLAG | 4)
|
350
|
+
|
351
|
+
#define DECLARE_ASN1_SET_OF(type) // filled in by mkstack.pl
|
352
|
+
#define IMPLEMENT_ASN1_SET_OF(type) // nothing, no longer needed
|
353
|
+
|
354
|
+
// These are used internally in the ASN1_OBJECT to keep track of
|
355
|
+
// whether the names and data need to be free()ed
|
356
|
+
#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 // internal use
|
357
|
+
#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 // internal use
|
358
|
+
#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 // internal use
|
359
|
+
struct asn1_object_st {
|
360
|
+
const char *sn, *ln;
|
361
|
+
int nid;
|
362
|
+
int length;
|
363
|
+
const unsigned char *data; // data remains const after init
|
364
|
+
int flags; // Should we free this one
|
365
|
+
};
|
178
366
|
|
179
367
|
DEFINE_STACK_OF(ASN1_OBJECT)
|
180
368
|
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
/* ASN1_ENCODING structure: this is used to save the received
|
206
|
-
* encoding of an ASN1 type. This is useful to get round
|
207
|
-
* problems with invalid encodings which can break signatures.
|
208
|
-
*/
|
209
|
-
|
210
|
-
typedef struct ASN1_ENCODING_st
|
211
|
-
{
|
212
|
-
unsigned char *enc; /* DER encoding */
|
213
|
-
long len; /* Length of encoding */
|
214
|
-
int modified; /* set to 1 if 'enc' is invalid */
|
215
|
-
/* alias_only is zero if |enc| owns the buffer that it points to
|
216
|
-
* (although |enc| may still be NULL). If one, |enc| points into a
|
217
|
-
* buffer that is owned elsewhere. */
|
218
|
-
unsigned alias_only:1;
|
219
|
-
/* alias_only_on_next_parse is one iff the next parsing operation
|
220
|
-
* should avoid taking a copy of the input and rather set
|
221
|
-
* |alias_only|. */
|
222
|
-
unsigned alias_only_on_next_parse:1;
|
223
|
-
} ASN1_ENCODING;
|
224
|
-
|
225
|
-
#define STABLE_FLAGS_MALLOC 0x01
|
226
|
-
#define STABLE_NO_MASK 0x02
|
227
|
-
#define DIRSTRING_TYPE \
|
228
|
-
(B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
|
229
|
-
#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
|
369
|
+
// ASN1_ENCODING structure: this is used to save the received
|
370
|
+
// encoding of an ASN1 type. This is useful to get round
|
371
|
+
// problems with invalid encodings which can break signatures.
|
372
|
+
|
373
|
+
typedef struct ASN1_ENCODING_st {
|
374
|
+
unsigned char *enc; // DER encoding
|
375
|
+
long len; // Length of encoding
|
376
|
+
int modified; // set to 1 if 'enc' is invalid
|
377
|
+
// alias_only is zero if |enc| owns the buffer that it points to
|
378
|
+
// (although |enc| may still be NULL). If one, |enc| points into a
|
379
|
+
// buffer that is owned elsewhere.
|
380
|
+
unsigned alias_only : 1;
|
381
|
+
// alias_only_on_next_parse is one iff the next parsing operation
|
382
|
+
// should avoid taking a copy of the input and rather set
|
383
|
+
// |alias_only|.
|
384
|
+
unsigned alias_only_on_next_parse : 1;
|
385
|
+
} ASN1_ENCODING;
|
386
|
+
|
387
|
+
#define STABLE_FLAGS_MALLOC 0x01
|
388
|
+
#define STABLE_NO_MASK 0x02
|
389
|
+
#define DIRSTRING_TYPE \
|
390
|
+
(B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_BMPSTRING | \
|
391
|
+
B_ASN1_UTF8STRING)
|
392
|
+
#define PKCS9STRING_TYPE (DIRSTRING_TYPE | B_ASN1_IA5STRING)
|
230
393
|
|
231
394
|
typedef struct asn1_string_table_st {
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
395
|
+
int nid;
|
396
|
+
long minsize;
|
397
|
+
long maxsize;
|
398
|
+
unsigned long mask;
|
399
|
+
unsigned long flags;
|
237
400
|
} ASN1_STRING_TABLE;
|
238
401
|
|
239
|
-
|
402
|
+
// size limits: this stuff is taken straight from RFC2459
|
240
403
|
|
241
|
-
#define ub_name
|
242
|
-
#define ub_common_name
|
243
|
-
#define ub_locality_name
|
244
|
-
#define ub_state_name
|
245
|
-
#define ub_organization_name
|
246
|
-
#define ub_organization_unit_name
|
247
|
-
#define ub_title
|
248
|
-
#define ub_email_address
|
404
|
+
#define ub_name 32768
|
405
|
+
#define ub_common_name 64
|
406
|
+
#define ub_locality_name 128
|
407
|
+
#define ub_state_name 128
|
408
|
+
#define ub_organization_name 64
|
409
|
+
#define ub_organization_unit_name 64
|
410
|
+
#define ub_title 64
|
411
|
+
#define ub_email_address 128
|
249
412
|
|
250
|
-
|
251
|
-
|
252
|
-
*/
|
413
|
+
// Declarations for template structures: for full definitions
|
414
|
+
// see asn1t.h
|
253
415
|
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
|
254
416
|
typedef struct ASN1_TLC_st ASN1_TLC;
|
255
|
-
|
417
|
+
// This is just an opaque pointer
|
256
418
|
typedef struct ASN1_VALUE_st ASN1_VALUE;
|
257
419
|
|
258
|
-
|
420
|
+
// Declare ASN1 functions: the implement macro in in asn1t.h
|
259
421
|
|
260
422
|
#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
|
261
423
|
|
262
424
|
#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
|
263
|
-
|
425
|
+
DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
|
264
426
|
|
265
427
|
#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
|
266
|
-
|
267
|
-
|
428
|
+
DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
|
429
|
+
DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
|
268
430
|
|
269
431
|
#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
|
274
|
-
OPENSSL_EXPORT type *d2i_##name(type **a, const unsigned char **in, long len); \
|
275
|
-
OPENSSL_EXPORT int i2d_##name(type *a, unsigned char **out); \
|
276
|
-
DECLARE_ASN1_ITEM(itname)
|
432
|
+
DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
|
433
|
+
DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
|
277
434
|
|
278
|
-
#define
|
279
|
-
|
280
|
-
|
281
|
-
|
435
|
+
#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
|
436
|
+
OPENSSL_EXPORT type *d2i_##name(type **a, const unsigned char **in, \
|
437
|
+
long len); \
|
438
|
+
OPENSSL_EXPORT int i2d_##name(type *a, unsigned char **out); \
|
439
|
+
DECLARE_ASN1_ITEM(itname)
|
282
440
|
|
283
|
-
#define
|
284
|
-
|
441
|
+
#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
|
442
|
+
OPENSSL_EXPORT type *d2i_##name(type **a, const unsigned char **in, \
|
443
|
+
long len); \
|
444
|
+
OPENSSL_EXPORT int i2d_##name(const type *a, unsigned char **out); \
|
445
|
+
DECLARE_ASN1_ITEM(name)
|
285
446
|
|
286
447
|
#define DECLARE_ASN1_FUNCTIONS_const(name) \
|
287
|
-
|
288
|
-
|
448
|
+
DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
|
449
|
+
DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
|
289
450
|
|
290
451
|
#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
|
291
|
-
|
292
|
-
|
452
|
+
OPENSSL_EXPORT type *name##_new(void); \
|
453
|
+
OPENSSL_EXPORT void name##_free(type *a);
|
293
454
|
|
294
455
|
#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
|
295
|
-
|
456
|
+
DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
|
296
457
|
|
297
|
-
#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname)
|
298
|
-
|
299
|
-
|
458
|
+
#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
|
459
|
+
OPENSSL_EXPORT int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
460
|
+
const ASN1_PCTX *pctx);
|
300
461
|
|
301
462
|
typedef void *d2i_of_void(void **, const unsigned char **, long);
|
302
463
|
typedef int i2d_of_void(const void *, unsigned char **);
|
303
464
|
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
/* ASN1_ITEM pointer exported type */
|
465
|
+
// The following macros and typedefs allow an ASN1_ITEM
|
466
|
+
// to be embedded in a structure and referenced. Since
|
467
|
+
// the ASN1_ITEM pointers need to be globally accessible
|
468
|
+
// (possibly from shared libraries) they may exist in
|
469
|
+
// different forms. On platforms that support it the
|
470
|
+
// ASN1_ITEM structure itself will be globally exported.
|
471
|
+
// Other platforms will export a function that returns
|
472
|
+
// an ASN1_ITEM pointer.
|
473
|
+
//
|
474
|
+
// To handle both cases transparently the macros below
|
475
|
+
// should be used instead of hard coding an ASN1_ITEM
|
476
|
+
// pointer in a structure.
|
477
|
+
//
|
478
|
+
// The structure will look like this:
|
479
|
+
//
|
480
|
+
// typedef struct SOMETHING_st {
|
481
|
+
// ...
|
482
|
+
// ASN1_ITEM_EXP *iptr;
|
483
|
+
// ...
|
484
|
+
// } SOMETHING;
|
485
|
+
//
|
486
|
+
// It would be initialised as e.g.:
|
487
|
+
//
|
488
|
+
// SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
|
489
|
+
//
|
490
|
+
// and the actual pointer extracted with:
|
491
|
+
//
|
492
|
+
// const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
|
493
|
+
//
|
494
|
+
// Finally an ASN1_ITEM pointer can be extracted from an
|
495
|
+
// appropriate reference with: ASN1_ITEM_rptr(X509). This
|
496
|
+
// would be used when a function takes an ASN1_ITEM * argument.
|
497
|
+
//
|
498
|
+
|
499
|
+
// ASN1_ITEM pointer exported type
|
340
500
|
typedef const ASN1_ITEM ASN1_ITEM_EXP;
|
341
501
|
|
342
|
-
|
502
|
+
// Macro to obtain ASN1_ITEM pointer from exported type
|
343
503
|
#define ASN1_ITEM_ptr(iptr) (iptr)
|
344
504
|
|
345
|
-
|
505
|
+
// Macro to include ASN1_ITEM pointer from base type
|
346
506
|
#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
|
347
507
|
|
348
508
|
#define ASN1_ITEM_rptr(ref) (&(ref##_it))
|
349
509
|
|
350
|
-
#define DECLARE_ASN1_ITEM(name)
|
351
|
-
extern OPENSSL_EXPORT const ASN1_ITEM name##_it;
|
510
|
+
#define DECLARE_ASN1_ITEM(name) extern OPENSSL_EXPORT const ASN1_ITEM name##_it;
|
352
511
|
|
353
|
-
|
512
|
+
// Parameters used by ASN1_STRING_print_ex()
|
354
513
|
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
*/
|
514
|
+
// These determine which characters to escape:
|
515
|
+
// RFC2253 special characters, control characters and
|
516
|
+
// MSB set characters
|
359
517
|
|
360
|
-
#define ASN1_STRFLGS_ESC_2253
|
361
|
-
#define ASN1_STRFLGS_ESC_CTRL
|
362
|
-
#define ASN1_STRFLGS_ESC_MSB
|
518
|
+
#define ASN1_STRFLGS_ESC_2253 1
|
519
|
+
#define ASN1_STRFLGS_ESC_CTRL 2
|
520
|
+
#define ASN1_STRFLGS_ESC_MSB 4
|
363
521
|
|
364
522
|
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
*/
|
523
|
+
// This flag determines how we do escaping: normally
|
524
|
+
// RC2253 backslash only, set this to use backslash and
|
525
|
+
// quote.
|
369
526
|
|
370
|
-
#define ASN1_STRFLGS_ESC_QUOTE
|
527
|
+
#define ASN1_STRFLGS_ESC_QUOTE 8
|
371
528
|
|
372
529
|
|
373
|
-
|
530
|
+
// These three flags are internal use only.
|
374
531
|
|
375
|
-
|
376
|
-
#define CHARTYPE_PRINTABLESTRING
|
377
|
-
|
378
|
-
#define CHARTYPE_FIRST_ESC_2253
|
379
|
-
|
380
|
-
#define CHARTYPE_LAST_ESC_2253
|
532
|
+
// Character is a valid PrintableString character
|
533
|
+
#define CHARTYPE_PRINTABLESTRING 0x10
|
534
|
+
// Character needs escaping if it is the first character
|
535
|
+
#define CHARTYPE_FIRST_ESC_2253 0x20
|
536
|
+
// Character needs escaping if it is the last character
|
537
|
+
#define CHARTYPE_LAST_ESC_2253 0x40
|
381
538
|
|
382
|
-
|
383
|
-
|
384
|
-
*/
|
539
|
+
// NB the internal flags are safely reused below by flags
|
540
|
+
// handled at the top level.
|
385
541
|
|
386
|
-
|
387
|
-
|
388
|
-
*/
|
542
|
+
// If this is set we convert all character strings
|
543
|
+
// to UTF8 first
|
389
544
|
|
390
|
-
#define ASN1_STRFLGS_UTF8_CONVERT
|
545
|
+
#define ASN1_STRFLGS_UTF8_CONVERT 0x10
|
391
546
|
|
392
|
-
|
393
|
-
|
394
|
-
|
395
|
-
*/
|
547
|
+
// If this is set we don't attempt to interpret content:
|
548
|
+
// just assume all strings are 1 byte per character. This
|
549
|
+
// will produce some pretty odd looking output!
|
396
550
|
|
397
|
-
#define ASN1_STRFLGS_IGNORE_TYPE
|
551
|
+
#define ASN1_STRFLGS_IGNORE_TYPE 0x20
|
398
552
|
|
399
|
-
|
400
|
-
#define ASN1_STRFLGS_SHOW_TYPE
|
553
|
+
// If this is set we include the string type in the output
|
554
|
+
#define ASN1_STRFLGS_SHOW_TYPE 0x40
|
401
555
|
|
402
|
-
|
403
|
-
|
404
|
-
|
405
|
-
|
406
|
-
|
407
|
-
|
408
|
-
*/
|
556
|
+
// This determines which strings to display and which to
|
557
|
+
// 'dump' (hex dump of content octets or DER encoding). We can
|
558
|
+
// only dump non character strings or everything. If we
|
559
|
+
// don't dump 'unknown' they are interpreted as character
|
560
|
+
// strings with 1 octet per character and are subject to
|
561
|
+
// the usual escaping options.
|
409
562
|
|
410
|
-
#define ASN1_STRFLGS_DUMP_ALL
|
411
|
-
#define ASN1_STRFLGS_DUMP_UNKNOWN
|
563
|
+
#define ASN1_STRFLGS_DUMP_ALL 0x80
|
564
|
+
#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
|
412
565
|
|
413
|
-
|
414
|
-
|
415
|
-
|
416
|
-
*/
|
566
|
+
// These determine what 'dumping' does, we can dump the
|
567
|
+
// content octets or the DER encoding: both use the
|
568
|
+
// RFC2253 #XXXXX notation.
|
417
569
|
|
418
|
-
#define ASN1_STRFLGS_DUMP_DER
|
570
|
+
#define ASN1_STRFLGS_DUMP_DER 0x200
|
419
571
|
|
420
|
-
|
421
|
-
|
422
|
-
|
423
|
-
*/
|
572
|
+
// All the string flags consistent with RFC2253,
|
573
|
+
// escaping control characters isn't essential in
|
574
|
+
// RFC2253 but it is advisable anyway.
|
424
575
|
|
425
|
-
#define ASN1_STRFLGS_RFC2253
|
426
|
-
|
427
|
-
|
428
|
-
|
429
|
-
ASN1_STRFLGS_DUMP_UNKNOWN | \
|
430
|
-
ASN1_STRFLGS_DUMP_DER)
|
576
|
+
#define ASN1_STRFLGS_RFC2253 \
|
577
|
+
(ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | \
|
578
|
+
ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN | \
|
579
|
+
ASN1_STRFLGS_DUMP_DER)
|
431
580
|
|
432
581
|
DEFINE_STACK_OF(ASN1_INTEGER)
|
433
582
|
DECLARE_ASN1_SET_OF(ASN1_INTEGER)
|
434
583
|
|
435
|
-
struct asn1_type_st
|
436
|
-
|
437
|
-
|
438
|
-
|
439
|
-
|
440
|
-
|
441
|
-
|
442
|
-
|
443
|
-
|
444
|
-
|
445
|
-
|
446
|
-
|
447
|
-
|
448
|
-
|
449
|
-
|
450
|
-
|
451
|
-
|
452
|
-
|
453
|
-
|
454
|
-
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
|
462
|
-
|
463
|
-
};
|
584
|
+
struct asn1_type_st {
|
585
|
+
int type;
|
586
|
+
union {
|
587
|
+
char *ptr;
|
588
|
+
ASN1_BOOLEAN boolean;
|
589
|
+
ASN1_STRING *asn1_string;
|
590
|
+
ASN1_OBJECT *object;
|
591
|
+
ASN1_INTEGER *integer;
|
592
|
+
ASN1_ENUMERATED *enumerated;
|
593
|
+
ASN1_BIT_STRING *bit_string;
|
594
|
+
ASN1_OCTET_STRING *octet_string;
|
595
|
+
ASN1_PRINTABLESTRING *printablestring;
|
596
|
+
ASN1_T61STRING *t61string;
|
597
|
+
ASN1_IA5STRING *ia5string;
|
598
|
+
ASN1_GENERALSTRING *generalstring;
|
599
|
+
ASN1_BMPSTRING *bmpstring;
|
600
|
+
ASN1_UNIVERSALSTRING *universalstring;
|
601
|
+
ASN1_UTCTIME *utctime;
|
602
|
+
ASN1_GENERALIZEDTIME *generalizedtime;
|
603
|
+
ASN1_VISIBLESTRING *visiblestring;
|
604
|
+
ASN1_UTF8STRING *utf8string;
|
605
|
+
// set and sequence are left complete and still
|
606
|
+
// contain the set or sequence bytes
|
607
|
+
ASN1_STRING *set;
|
608
|
+
ASN1_STRING *sequence;
|
609
|
+
ASN1_VALUE *asn1_value;
|
610
|
+
} value;
|
611
|
+
};
|
464
612
|
|
465
613
|
DEFINE_STACK_OF(ASN1_TYPE)
|
466
614
|
DECLARE_ASN1_SET_OF(ASN1_TYPE)
|
@@ -470,151 +618,81 @@ typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
|
|
470
618
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
|
471
619
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
|
472
620
|
|
473
|
-
struct X509_algor_st
|
474
|
-
|
475
|
-
|
476
|
-
|
477
|
-
} /* X509_ALGOR */;
|
621
|
+
struct X509_algor_st {
|
622
|
+
ASN1_OBJECT *algorithm;
|
623
|
+
ASN1_TYPE *parameter;
|
624
|
+
} /* X509_ALGOR */;
|
478
625
|
|
479
626
|
DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
|
480
627
|
|
481
|
-
|
628
|
+
// This is used to contain a list of bit names
|
482
629
|
typedef struct BIT_STRING_BITNAME_st {
|
483
|
-
|
484
|
-
|
485
|
-
|
630
|
+
int bitnum;
|
631
|
+
const char *lname;
|
632
|
+
const char *sname;
|
486
633
|
} BIT_STRING_BITNAME;
|
487
634
|
|
488
|
-
|
489
|
-
|
490
|
-
#define
|
491
|
-
#define
|
492
|
-
|
493
|
-
|
494
|
-
#define
|
495
|
-
|
496
|
-
#define
|
497
|
-
#define
|
498
|
-
|
499
|
-
#define
|
500
|
-
|
501
|
-
#define
|
502
|
-
|
503
|
-
#define
|
504
|
-
|
505
|
-
#define
|
506
|
-
#define
|
507
|
-
|
508
|
-
#define
|
509
|
-
|
510
|
-
|
511
|
-
#define
|
512
|
-
|
513
|
-
#define
|
514
|
-
#define
|
515
|
-
|
516
|
-
#define
|
517
|
-
|
518
|
-
|
519
|
-
#define
|
520
|
-
|
521
|
-
#define
|
522
|
-
#define
|
523
|
-
|
524
|
-
#define
|
525
|
-
|
526
|
-
#define
|
527
|
-
#define
|
528
|
-
|
529
|
-
#define
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
#define
|
534
|
-
|
535
|
-
|
536
|
-
|
537
|
-
|
538
|
-
|
539
|
-
|
540
|
-
|
541
|
-
|
542
|
-
|
543
|
-
|
544
|
-
|
545
|
-
|
546
|
-
B_ASN1_PRINTABLESTRING| \
|
547
|
-
B_ASN1_TELETEXSTRING|\
|
548
|
-
B_ASN1_BMPSTRING|\
|
549
|
-
B_ASN1_UNIVERSALSTRING|\
|
550
|
-
B_ASN1_UTF8STRING
|
635
|
+
// M_ASN1_* are legacy aliases for various |ASN1_STRING| functions. Use the
|
636
|
+
// functions themselves.
|
637
|
+
#define M_ASN1_STRING_length(x) ASN1_STRING_length(x)
|
638
|
+
#define M_ASN1_STRING_type(x) ASN1_STRING_type(x)
|
639
|
+
#define M_ASN1_STRING_data(x) ASN1_STRING_data(x)
|
640
|
+
#define M_ASN1_BIT_STRING_new() ASN1_BIT_STRING_new()
|
641
|
+
#define M_ASN1_BIT_STRING_free(a) ASN1_BIT_STRING_free(a)
|
642
|
+
#define M_ASN1_BIT_STRING_dup(a) ASN1_STRING_dup(a)
|
643
|
+
#define M_ASN1_BIT_STRING_cmp(a, b) ASN1_STRING_cmp(a, b)
|
644
|
+
#define M_ASN1_BIT_STRING_set(a, b, c) ASN1_BIT_STRING_set(a, b, c)
|
645
|
+
#define M_ASN1_INTEGER_new() ASN1_INTEGER_new()
|
646
|
+
#define M_ASN1_INTEGER_free(a) ASN1_INTEGER_free(a)
|
647
|
+
#define M_ASN1_INTEGER_dup(a) ASN1_INTEGER_dup(a)
|
648
|
+
#define M_ASN1_INTEGER_cmp(a, b) ASN1_INTEGER_cmp(a, b)
|
649
|
+
#define M_ASN1_ENUMERATED_new() ASN1_ENUMERATED_new()
|
650
|
+
#define M_ASN1_ENUMERATED_free(a) ASN1_ENUMERATED_free(a)
|
651
|
+
#define M_ASN1_ENUMERATED_dup(a) ASN1_STRING_dup(a)
|
652
|
+
#define M_ASN1_ENUMERATED_cmp(a, b) ASN1_STRING_cmp(a, b)
|
653
|
+
#define M_ASN1_OCTET_STRING_new() ASN1_OCTET_STRING_new()
|
654
|
+
#define M_ASN1_OCTET_STRING_free(a) ASN1_OCTET_STRING_free()
|
655
|
+
#define M_ASN1_OCTET_STRING_dup(a) ASN1_OCTET_STRING_dup(a)
|
656
|
+
#define M_ASN1_OCTET_STRING_cmp(a, b) ASN1_OCTET_STRING_cmp(a, b)
|
657
|
+
#define M_ASN1_OCTET_STRING_set(a, b, c) ASN1_OCTET_STRING_set(a, b, c)
|
658
|
+
#define M_ASN1_OCTET_STRING_print(a, b) ASN1_STRING_print(a, b)
|
659
|
+
#define M_ASN1_PRINTABLESTRING_new() ASN1_PRINTABLESTRING_new()
|
660
|
+
#define M_ASN1_PRINTABLESTRING_free(a) ASN1_PRINTABLESTRING_free(a)
|
661
|
+
#define M_ASN1_IA5STRING_new() ASN1_IA5STRING_new()
|
662
|
+
#define M_ASN1_IA5STRING_free(a) ASN1_IA5STRING_free(a)
|
663
|
+
#define M_ASN1_IA5STRING_dup(a) ASN1_STRING_dup(a)
|
664
|
+
#define M_ASN1_UTCTIME_new() ASN1_UTCTIME_new()
|
665
|
+
#define M_ASN1_UTCTIME_free(a) ASN1_UTCTIME_free(a)
|
666
|
+
#define M_ASN1_UTCTIME_dup(a) ASN1_STRING_dup(a)
|
667
|
+
#define M_ASN1_T61STRING_new() ASN1_T61STRING_new()
|
668
|
+
#define M_ASN1_T61STRING_free(a) ASN1_T61STRING_free(a)
|
669
|
+
#define M_ASN1_GENERALIZEDTIME_new() ASN1_GENERALIZEDTIME_new()
|
670
|
+
#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_GENERALIZEDTIME_free(a)
|
671
|
+
#define M_ASN1_GENERALIZEDTIME_dup(a) ASN1_STRING_dup(a)
|
672
|
+
#define M_ASN1_GENERALSTRING_new() ASN1_GENERALSTRING_new()
|
673
|
+
#define M_ASN1_GENERALSTRING_free(a) ASN1_GENERALSTRING_free(a)
|
674
|
+
#define M_ASN1_UNIVERSALSTRING_new() ASN1_UNIVERSALSTRING_new()
|
675
|
+
#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_UNIVERSALSTRING_free(a)
|
676
|
+
#define M_ASN1_BMPSTRING_new() ASN1_BMPSTRING_new()
|
677
|
+
#define M_ASN1_BMPSTRING_free(a) ASN1_BMPSTRING_free(a)
|
678
|
+
#define M_ASN1_VISIBLESTRING_new() ASN1_VISIBLESTRING_new()
|
679
|
+
#define M_ASN1_VISIBLESTRING_free(a) ASN1_VISIBLESTRING_free(a)
|
680
|
+
#define M_ASN1_UTF8STRING_new() ASN1_UTF8STRING_new()
|
681
|
+
#define M_ASN1_UTF8STRING_free(a) ASN1_UTF8STRING_free(a)
|
682
|
+
|
683
|
+
#define B_ASN1_TIME B_ASN1_UTCTIME | B_ASN1_GENERALIZEDTIME
|
684
|
+
|
685
|
+
#define B_ASN1_PRINTABLE \
|
686
|
+
B_ASN1_NUMERICSTRING | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | \
|
687
|
+
B_ASN1_IA5STRING | B_ASN1_BIT_STRING | B_ASN1_UNIVERSALSTRING | \
|
688
|
+
B_ASN1_BMPSTRING | B_ASN1_UTF8STRING | B_ASN1_SEQUENCE | B_ASN1_UNKNOWN
|
689
|
+
|
690
|
+
#define B_ASN1_DIRECTORYSTRING \
|
691
|
+
B_ASN1_PRINTABLESTRING | B_ASN1_TELETEXSTRING | B_ASN1_BMPSTRING | \
|
692
|
+
B_ASN1_UNIVERSALSTRING | B_ASN1_UTF8STRING
|
551
693
|
|
552
694
|
#define B_ASN1_DISPLAYTEXT \
|
553
|
-
|
554
|
-
B_ASN1_VISIBLESTRING| \
|
555
|
-
B_ASN1_BMPSTRING|\
|
556
|
-
B_ASN1_UTF8STRING
|
557
|
-
|
558
|
-
#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
|
559
|
-
#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
560
|
-
|
561
|
-
#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
|
562
|
-
#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
563
|
-
|
564
|
-
#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
|
565
|
-
#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
566
|
-
|
567
|
-
#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
|
568
|
-
ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
|
569
|
-
#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
570
|
-
|
571
|
-
#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
|
572
|
-
ASN1_STRING_type_new(V_ASN1_T61STRING)
|
573
|
-
#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
574
|
-
|
575
|
-
#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
|
576
|
-
ASN1_STRING_type_new(V_ASN1_IA5STRING)
|
577
|
-
#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
578
|
-
#define M_ASN1_IA5STRING_dup(a) \
|
579
|
-
(ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
|
580
|
-
|
581
|
-
#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
|
582
|
-
ASN1_STRING_type_new(V_ASN1_UTCTIME)
|
583
|
-
#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
584
|
-
#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
|
585
|
-
ASN1_STRING_dup((const ASN1_STRING *)a)
|
586
|
-
|
587
|
-
#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
|
588
|
-
ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
|
589
|
-
#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
590
|
-
#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
|
591
|
-
(const ASN1_STRING *)a)
|
592
|
-
|
593
|
-
#define M_ASN1_TIME_new() (ASN1_TIME *)\
|
594
|
-
ASN1_STRING_type_new(V_ASN1_UTCTIME)
|
595
|
-
#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
596
|
-
#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
|
597
|
-
ASN1_STRING_dup((const ASN1_STRING *)a)
|
598
|
-
|
599
|
-
#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
|
600
|
-
ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
|
601
|
-
#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
602
|
-
|
603
|
-
#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
|
604
|
-
ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
|
605
|
-
#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
606
|
-
|
607
|
-
#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
|
608
|
-
ASN1_STRING_type_new(V_ASN1_BMPSTRING)
|
609
|
-
#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
610
|
-
|
611
|
-
#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
|
612
|
-
ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
|
613
|
-
#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
614
|
-
|
615
|
-
#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
|
616
|
-
ASN1_STRING_type_new(V_ASN1_UTF8STRING)
|
617
|
-
#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
695
|
+
B_ASN1_IA5STRING | B_ASN1_VISIBLESTRING | B_ASN1_BMPSTRING | B_ASN1_UTF8STRING
|
618
696
|
|
619
697
|
DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
|
620
698
|
|
@@ -623,56 +701,53 @@ OPENSSL_EXPORT void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
|
|
623
701
|
OPENSSL_EXPORT int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
|
624
702
|
OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
|
625
703
|
|
626
|
-
OPENSSL_EXPORT ASN1_OBJECT *
|
627
|
-
OPENSSL_EXPORT void
|
628
|
-
OPENSSL_EXPORT int
|
629
|
-
OPENSSL_EXPORT ASN1_OBJECT *
|
630
|
-
|
631
|
-
|
632
|
-
|
704
|
+
OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_new(void);
|
705
|
+
OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a);
|
706
|
+
OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp);
|
707
|
+
OPENSSL_EXPORT ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a,
|
708
|
+
const unsigned char **pp,
|
709
|
+
long length);
|
710
|
+
OPENSSL_EXPORT ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a,
|
711
|
+
const unsigned char **pp,
|
712
|
+
long length);
|
633
713
|
|
634
714
|
DECLARE_ASN1_ITEM(ASN1_OBJECT)
|
635
715
|
|
636
716
|
DECLARE_ASN1_SET_OF(ASN1_OBJECT)
|
637
717
|
|
638
|
-
OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_new(void);
|
639
|
-
OPENSSL_EXPORT void ASN1_STRING_free(ASN1_STRING *a);
|
640
|
-
OPENSSL_EXPORT int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
|
641
|
-
OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a);
|
642
|
-
OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_type_new(int type );
|
643
|
-
OPENSSL_EXPORT int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
|
644
|
-
/* Since this is used to store all sorts of things, via macros, for now, make
|
645
|
-
its data void * */
|
646
|
-
OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
|
647
|
-
OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
|
648
|
-
OPENSSL_EXPORT int ASN1_STRING_length(const ASN1_STRING *x);
|
649
|
-
OPENSSL_EXPORT void ASN1_STRING_length_set(ASN1_STRING *x, int n);
|
650
|
-
OPENSSL_EXPORT int ASN1_STRING_type(const ASN1_STRING *x);
|
651
|
-
OPENSSL_EXPORT unsigned char * ASN1_STRING_data(ASN1_STRING *x);
|
652
|
-
OPENSSL_EXPORT const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x);
|
653
|
-
|
654
718
|
DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
|
655
|
-
OPENSSL_EXPORT int
|
656
|
-
|
657
|
-
OPENSSL_EXPORT
|
658
|
-
|
659
|
-
|
660
|
-
OPENSSL_EXPORT int
|
661
|
-
|
662
|
-
OPENSSL_EXPORT int
|
663
|
-
|
719
|
+
OPENSSL_EXPORT int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a,
|
720
|
+
unsigned char **pp);
|
721
|
+
OPENSSL_EXPORT ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
|
722
|
+
const unsigned char **pp,
|
723
|
+
long length);
|
724
|
+
OPENSSL_EXPORT int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
|
725
|
+
int length);
|
726
|
+
OPENSSL_EXPORT int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n,
|
727
|
+
int value);
|
728
|
+
OPENSSL_EXPORT int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
|
729
|
+
OPENSSL_EXPORT int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
|
730
|
+
unsigned char *flags, int flags_len);
|
731
|
+
|
732
|
+
OPENSSL_EXPORT int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
|
733
|
+
OPENSSL_EXPORT int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp,
|
734
|
+
long length);
|
664
735
|
|
665
736
|
DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
|
666
|
-
OPENSSL_EXPORT int
|
667
|
-
OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,
|
668
|
-
|
669
|
-
|
737
|
+
OPENSSL_EXPORT int i2c_ASN1_INTEGER(const ASN1_INTEGER *a, unsigned char **pp);
|
738
|
+
OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,
|
739
|
+
const unsigned char **pp,
|
740
|
+
long length);
|
741
|
+
OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
|
742
|
+
OPENSSL_EXPORT int ASN1_INTEGER_cmp(const ASN1_INTEGER *x,
|
743
|
+
const ASN1_INTEGER *y);
|
670
744
|
|
671
745
|
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
|
672
746
|
|
673
747
|
OPENSSL_EXPORT int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
|
674
|
-
OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
|
675
|
-
OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
|
748
|
+
OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
|
749
|
+
OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
|
750
|
+
int offset_day, long offset_sec);
|
676
751
|
OPENSSL_EXPORT int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
|
677
752
|
OPENSSL_EXPORT int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
|
678
753
|
#if 0
|
@@ -680,15 +755,22 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
|
|
680
755
|
#endif
|
681
756
|
|
682
757
|
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
|
683
|
-
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(
|
684
|
-
|
685
|
-
OPENSSL_EXPORT
|
686
|
-
|
758
|
+
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(
|
759
|
+
ASN1_GENERALIZEDTIME *s, time_t t);
|
760
|
+
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(
|
761
|
+
ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec);
|
762
|
+
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s,
|
763
|
+
const char *str);
|
764
|
+
OPENSSL_EXPORT int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from,
|
765
|
+
const ASN1_TIME *to);
|
687
766
|
|
688
767
|
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
|
689
|
-
OPENSSL_EXPORT ASN1_OCTET_STRING *
|
690
|
-
|
691
|
-
OPENSSL_EXPORT int
|
768
|
+
OPENSSL_EXPORT ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(
|
769
|
+
const ASN1_OCTET_STRING *a);
|
770
|
+
OPENSSL_EXPORT int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
|
771
|
+
const ASN1_OCTET_STRING *b);
|
772
|
+
OPENSSL_EXPORT int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str,
|
773
|
+
const unsigned char *data, int len);
|
692
774
|
|
693
775
|
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
|
694
776
|
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
|
@@ -708,42 +790,50 @@ DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
|
|
708
790
|
DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
|
709
791
|
DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
|
710
792
|
|
711
|
-
|
712
|
-
|
713
|
-
|
714
|
-
OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t, int offset_day, long offset_sec);
|
793
|
+
OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
|
794
|
+
OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
|
795
|
+
long offset_sec);
|
715
796
|
OPENSSL_EXPORT int ASN1_TIME_check(const ASN1_TIME *t);
|
716
|
-
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(
|
797
|
+
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(
|
798
|
+
const ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
|
717
799
|
OPENSSL_EXPORT int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
|
718
800
|
|
719
801
|
OPENSSL_EXPORT int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a);
|
720
802
|
OPENSSL_EXPORT int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a);
|
721
803
|
OPENSSL_EXPORT int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a);
|
722
804
|
OPENSSL_EXPORT int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type);
|
723
|
-
OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf,int buf_len,
|
805
|
+
OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf, int buf_len,
|
806
|
+
const ASN1_OBJECT *a);
|
724
807
|
|
725
|
-
OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,
|
808
|
+
OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,
|
809
|
+
int len, const char *sn,
|
810
|
+
const char *ln);
|
726
811
|
|
727
812
|
OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
|
728
813
|
OPENSSL_EXPORT int ASN1_INTEGER_set_uint64(ASN1_INTEGER *out, uint64_t v);
|
729
814
|
OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a);
|
730
|
-
OPENSSL_EXPORT ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn,
|
731
|
-
|
815
|
+
OPENSSL_EXPORT ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn,
|
816
|
+
ASN1_INTEGER *ai);
|
817
|
+
OPENSSL_EXPORT BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
|
732
818
|
|
733
819
|
OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
|
734
820
|
OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
|
735
|
-
OPENSSL_EXPORT ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn,
|
736
|
-
|
821
|
+
OPENSSL_EXPORT ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn,
|
822
|
+
ASN1_ENUMERATED *ai);
|
823
|
+
OPENSSL_EXPORT BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai,
|
824
|
+
BIGNUM *bn);
|
737
825
|
|
738
|
-
|
739
|
-
|
826
|
+
// General
|
827
|
+
// given a string, return the correct type, max is the maximum length
|
740
828
|
OPENSSL_EXPORT int ASN1_PRINTABLE_type(const unsigned char *s, int max);
|
741
829
|
|
742
830
|
OPENSSL_EXPORT unsigned long ASN1_tag2bit(int tag);
|
743
831
|
|
744
|
-
|
745
|
-
OPENSSL_EXPORT int ASN1_get_object(const unsigned char **pp, long *plength,
|
746
|
-
|
832
|
+
// SPECIALS
|
833
|
+
OPENSSL_EXPORT int ASN1_get_object(const unsigned char **pp, long *plength,
|
834
|
+
int *ptag, int *pclass, long omax);
|
835
|
+
OPENSSL_EXPORT void ASN1_put_object(unsigned char **pp, int constructed,
|
836
|
+
int length, int tag, int xclass);
|
747
837
|
OPENSSL_EXPORT int ASN1_put_eoc(unsigned char **pp);
|
748
838
|
OPENSSL_EXPORT int ASN1_object_size(int constructed, int length, int tag);
|
749
839
|
|
@@ -752,7 +842,8 @@ OPENSSL_EXPORT void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
|
|
752
842
|
#ifndef OPENSSL_NO_FP_API
|
753
843
|
OPENSSL_EXPORT void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
|
754
844
|
OPENSSL_EXPORT int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
|
755
|
-
OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
|
845
|
+
OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str,
|
846
|
+
unsigned long flags);
|
756
847
|
#endif
|
757
848
|
|
758
849
|
OPENSSL_EXPORT int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
|
@@ -760,43 +851,58 @@ OPENSSL_EXPORT int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
|
|
760
851
|
OPENSSL_EXPORT void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
|
761
852
|
OPENSSL_EXPORT int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
|
762
853
|
OPENSSL_EXPORT int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
|
763
|
-
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *fp,
|
854
|
+
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *fp,
|
855
|
+
const ASN1_GENERALIZEDTIME *a);
|
764
856
|
OPENSSL_EXPORT int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
|
765
857
|
OPENSSL_EXPORT int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
|
766
|
-
OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str,
|
858
|
+
OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str,
|
859
|
+
unsigned long flags);
|
767
860
|
OPENSSL_EXPORT const char *ASN1_tag2str(int tag);
|
768
861
|
|
769
|
-
|
862
|
+
// Used to load and write netscape format cert
|
770
863
|
|
771
|
-
OPENSSL_EXPORT void *ASN1_item_unpack(const ASN1_STRING *oct,
|
864
|
+
OPENSSL_EXPORT void *ASN1_item_unpack(const ASN1_STRING *oct,
|
865
|
+
const ASN1_ITEM *it);
|
772
866
|
|
773
|
-
OPENSSL_EXPORT ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
|
867
|
+
OPENSSL_EXPORT ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
|
868
|
+
ASN1_OCTET_STRING **oct);
|
774
869
|
|
775
870
|
OPENSSL_EXPORT void ASN1_STRING_set_default_mask(unsigned long mask);
|
776
871
|
OPENSSL_EXPORT int ASN1_STRING_set_default_mask_asc(const char *p);
|
777
872
|
OPENSSL_EXPORT unsigned long ASN1_STRING_get_default_mask(void);
|
778
|
-
OPENSSL_EXPORT int ASN1_mbstring_copy(ASN1_STRING **out,
|
779
|
-
|
780
|
-
|
781
|
-
OPENSSL_EXPORT
|
873
|
+
OPENSSL_EXPORT int ASN1_mbstring_copy(ASN1_STRING **out,
|
874
|
+
const unsigned char *in, int len,
|
875
|
+
int inform, unsigned long mask);
|
876
|
+
OPENSSL_EXPORT int ASN1_mbstring_ncopy(ASN1_STRING **out,
|
877
|
+
const unsigned char *in, int len,
|
878
|
+
int inform, unsigned long mask,
|
879
|
+
long minsize, long maxsize);
|
880
|
+
|
881
|
+
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
|
882
|
+
const unsigned char *in,
|
883
|
+
int inlen, int inform,
|
884
|
+
int nid);
|
782
885
|
OPENSSL_EXPORT ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
|
783
|
-
OPENSSL_EXPORT int ASN1_STRING_TABLE_add(int, long, long, unsigned long,
|
886
|
+
OPENSSL_EXPORT int ASN1_STRING_TABLE_add(int, long, long, unsigned long,
|
887
|
+
unsigned long);
|
784
888
|
OPENSSL_EXPORT void ASN1_STRING_TABLE_cleanup(void);
|
785
889
|
|
786
|
-
|
890
|
+
// ASN1 template functions
|
787
891
|
|
788
|
-
|
892
|
+
// Old API compatible functions
|
789
893
|
OPENSSL_EXPORT ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
|
790
894
|
OPENSSL_EXPORT void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
|
791
|
-
OPENSSL_EXPORT ASN1_VALUE *
|
792
|
-
|
793
|
-
|
895
|
+
OPENSSL_EXPORT ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val,
|
896
|
+
const unsigned char **in, long len,
|
897
|
+
const ASN1_ITEM *it);
|
898
|
+
OPENSSL_EXPORT int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out,
|
899
|
+
const ASN1_ITEM *it);
|
794
900
|
|
795
901
|
OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
|
796
902
|
OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
|
797
903
|
|
798
904
|
|
799
|
-
#ifdef
|
905
|
+
#ifdef __cplusplus
|
800
906
|
}
|
801
907
|
|
802
908
|
extern "C++" {
|
@@ -809,7 +915,7 @@ BORINGSSL_MAKE_DELETER(ASN1_TYPE, ASN1_TYPE_free)
|
|
809
915
|
|
810
916
|
BSSL_NAMESPACE_END
|
811
917
|
|
812
|
-
}
|
918
|
+
} // extern C++
|
813
919
|
|
814
920
|
#endif
|
815
921
|
|
@@ -906,5 +1012,6 @@ BSSL_NAMESPACE_END
|
|
906
1012
|
#define ASN1_R_WRONG_TAG 190
|
907
1013
|
#define ASN1_R_WRONG_TYPE 191
|
908
1014
|
#define ASN1_R_NESTED_TOO_DEEP 192
|
1015
|
+
#define ASN1_R_BAD_TEMPLATE 193
|
909
1016
|
|
910
1017
|
#endif
|