[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Thu Apr 13 08:23:52 UTC 2017
The branch master has been updated
via 9612e15760784c59d3104bfe49e75323e5776bb1 (commit)
via da26ff3085d895cb732150d1766d3d75dbb85338 (commit)
via 49005bb8b3e134d5c8c5c8fc87aecb74d1437286 (commit)
from 8edefd7bb323f84abfbc381e4ba13c02925673b9 (commit)
- Log -----------------------------------------------------------------
commit 9612e15760784c59d3104bfe49e75323e5776bb1
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Apr 12 11:52:52 2017 +0200
ASN.1: adapt our use of INTxx et al by making them explicitely embedded
Fixes #3191
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3199)
commit da26ff3085d895cb732150d1766d3d75dbb85338
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Apr 12 11:50:48 2017 +0200
ASN.1: change INTxx, UINTxx and Z variants to be embedable
Fixes #3191
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3199)
commit 49005bb8b3e134d5c8c5c8fc87aecb74d1437286
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Apr 12 11:48:12 2017 +0200
ASN.1: extend the possibilities to embed data instead of pointers
Also, when "allocating" or "deallocating" an embedded item, never call
prim_new() or prim_free(). Call prim_clear() instead.
Fixes #3191
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3199)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/evp_asn1.c | 2 +-
crypto/asn1/n_pkey.c | 2 +-
crypto/asn1/tasn_fre.c | 7 ++++++-
crypto/asn1/tasn_new.c | 8 +++++++-
crypto/asn1/x_int64.c | 52 ++++++++++++++++++++++++++++++++++++-------------
crypto/cms/cms_asn1.c | 26 ++++++++++++-------------
crypto/dh/dh_asn1.c | 2 +-
crypto/dsa/dsa_asn1.c | 2 +-
crypto/ec/ec_asn1.c | 12 ++++++------
crypto/rsa/rsa_asn1.c | 2 +-
include/openssl/asn1t.h | 5 +++++
ssl/ssl_asn1.c | 18 ++++++++---------
test/asn1_encode_test.c | 16 +++++++--------
13 files changed, 97 insertions(+), 57 deletions(-)
diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c
index 718e688..f3b675e 100644
--- a/crypto/asn1/evp_asn1.c
+++ b/crypto/asn1/evp_asn1.c
@@ -52,7 +52,7 @@ typedef struct {
} asn1_int_oct;
ASN1_SEQUENCE(asn1_int_oct) = {
- ASN1_SIMPLE(asn1_int_oct, num, INT32),
+ ASN1_EMBED(asn1_int_oct, num, INT32),
ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING)
} static_ASN1_SEQUENCE_END(asn1_int_oct)
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index 34a0d03..d1fb8a1 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -48,7 +48,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_P
IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
ASN1_SEQUENCE(NETSCAPE_PKEY) = {
- ASN1_SIMPLE(NETSCAPE_PKEY, version, INT32),
+ ASN1_EMBED(NETSCAPE_PKEY, version, INT32),
ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
} static_ASN1_SEQUENCE_END(NETSCAPE_PKEY)
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index 3c98efb..ae91461 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -155,7 +155,12 @@ void asn1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
if (it) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
- if (pf && pf->prim_free) {
+ if (embed) {
+ if (pf && pf->prim_clear) {
+ pf->prim_clear(pval, it);
+ return;
+ }
+ } else if (pf && pf->prim_free) {
pf->prim_free(pval, it);
return;
}
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index e9b8377..f695e38 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -266,8 +266,14 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
if (it->funcs) {
const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
- if (pf->prim_new)
+ if (embed) {
+ if (pf->prim_clear) {
+ pf->prim_clear(pval, it);
+ return 1;
+ }
+ } else if (pf->prim_new) {
return pf->prim_new(pval, it);
+ }
}
if (it->itype == ASN1_ITYPE_MSTRING)
diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c
index 63a3277..714e2f7 100644
--- a/crypto/asn1/x_int64.c
+++ b/crypto/asn1/x_int64.c
@@ -28,13 +28,21 @@
static int uint64_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(uint64_t *)pval = 0;
+ *pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint64_t));
+ if (*pval == NULL)
+ return 0;
return 1;
}
static void uint64_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(uint64_t *)pval = 0;
+ OPENSSL_free(*pval);
+ *pval = NULL;
+}
+
+static void uint64_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ **(uint64_t **)pval = 0;
}
static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
@@ -43,7 +51,7 @@ static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
uint64_t utmp;
int neg = 0;
/* this exists to bypass broken gcc optimization */
- char *cp = (char *)pval;
+ char *cp = (char *)*pval;
/* use memcpy, because we may not be uint64_t aligned */
memcpy(&utmp, cp, sizeof(utmp));
@@ -65,9 +73,13 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
uint64_t utmp = 0;
- char *cp = (char *)pval;
+ char *cp;
int neg = 0;
+ if (*pval == NULL && !uint64_new(pval, it))
+ return 0;
+
+ cp = (char *)*pval;
if (!c2i_uint64_int(&utmp, &neg, &cont, len))
return 0;
if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
@@ -90,21 +102,29 @@ static int uint64_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx)
{
if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
- return BIO_printf(out, "%jd\n", *(int64_t *)pval);
- return BIO_printf(out, "%ju\n", *(uint64_t *)pval);
+ return BIO_printf(out, "%jd\n", **(int64_t **)pval);
+ return BIO_printf(out, "%ju\n", **(uint64_t **)pval);
}
/* 32-bit variants */
static int uint32_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(uint32_t *)pval = 0;
+ *pval = (ASN1_VALUE *)OPENSSL_zalloc(sizeof(uint32_t));
+ if (*pval == NULL)
+ return 0;
return 1;
}
static void uint32_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- *(uint32_t *)pval = 0;
+ OPENSSL_free(*pval);
+ *pval = NULL;
+}
+
+static void uint32_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ **(uint32_t **)pval = 0;
}
static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
@@ -113,7 +133,7 @@ static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
uint32_t utmp;
int neg = 0;
/* this exists to bypass broken gcc optimization */
- char *cp = (char *)pval;
+ char *cp = (char *)*pval;
/* use memcpy, because we may not be uint32_t aligned */
memcpy(&utmp, cp, sizeof(utmp));
@@ -143,9 +163,13 @@ static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
{
uint64_t utmp = 0;
uint32_t utmp2 = 0;
- char *cp = (char *)pval;
+ char *cp;
int neg = 0;
+ if (*pval == NULL && !uint64_new(pval, it))
+ return 0;
+
+ cp = (char *)*pval;
if (!c2i_uint64_int(&utmp, &neg, &cont, len))
return 0;
if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
@@ -174,8 +198,8 @@ static int uint32_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
int indent, const ASN1_PCTX *pctx)
{
if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED)
- return BIO_printf(out, "%d\n", *(int32_t *)pval);
- return BIO_printf(out, "%u\n", *(uint32_t *)pval);
+ return BIO_printf(out, "%d\n", **(int32_t **)pval);
+ return BIO_printf(out, "%u\n", **(uint32_t **)pval);
}
@@ -185,7 +209,7 @@ static ASN1_PRIMITIVE_FUNCS uint32_pf = {
NULL, 0,
uint32_new,
uint32_free,
- uint32_free, /* Clear should set to initial value */
+ uint32_clear,
uint32_c2i,
uint32_i2c,
uint32_print
@@ -195,7 +219,7 @@ static ASN1_PRIMITIVE_FUNCS uint64_pf = {
NULL, 0,
uint64_new,
uint64_free,
- uint64_free, /* Clear should set to initial value */
+ uint64_clear,
uint64_c2i,
uint64_i2c,
uint64_print
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index a6981a7..8b32abe 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -56,7 +56,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
}
ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
- ASN1_SIMPLE(CMS_SignerInfo, version, INT32),
+ ASN1_EMBED(CMS_SignerInfo, version, INT32),
ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier),
ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR),
ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0),
@@ -76,7 +76,7 @@ ASN1_CHOICE(CMS_RevocationInfoChoice) = {
} ASN1_CHOICE_END(CMS_RevocationInfoChoice)
ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
- ASN1_SIMPLE(CMS_SignedData, version, INT32),
+ ASN1_EMBED(CMS_SignedData, version, INT32),
ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR),
ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo),
ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
@@ -96,7 +96,7 @@ ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
} static_ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
- ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, INT32),
+ ASN1_EMBED(CMS_KeyTransRecipientInfo, version, INT32),
ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier),
ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
@@ -162,7 +162,7 @@ static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
}
ASN1_SEQUENCE_cb(CMS_KeyAgreeRecipientInfo, cms_kari_cb) = {
- ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, INT32),
+ ASN1_EMBED(CMS_KeyAgreeRecipientInfo, version, INT32),
ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0),
ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1),
ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
@@ -176,14 +176,14 @@ ASN1_SEQUENCE(CMS_KEKIdentifier) = {
} static_ASN1_SEQUENCE_END(CMS_KEKIdentifier)
ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
- ASN1_SIMPLE(CMS_KEKRecipientInfo, version, INT32),
+ ASN1_EMBED(CMS_KEKRecipientInfo, version, INT32),
ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier),
ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
- ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, INT32),
+ ASN1_EMBED(CMS_PasswordRecipientInfo, version, INT32),
ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0),
ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
@@ -225,7 +225,7 @@ ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type)
ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
- ASN1_SIMPLE(CMS_EnvelopedData, version, INT32),
+ ASN1_EMBED(CMS_EnvelopedData, version, INT32),
ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0),
ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo),
ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
@@ -233,20 +233,20 @@ ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
- ASN1_SIMPLE(CMS_DigestedData, version, INT32),
+ ASN1_EMBED(CMS_DigestedData, version, INT32),
ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo),
ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING)
} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData)
ASN1_NDEF_SEQUENCE(CMS_EncryptedData) = {
- ASN1_SIMPLE(CMS_EncryptedData, version, INT32),
+ ASN1_EMBED(CMS_EncryptedData, version, INT32),
ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo),
ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData)
ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
- ASN1_SIMPLE(CMS_AuthenticatedData, version, INT32),
+ ASN1_EMBED(CMS_AuthenticatedData, version, INT32),
ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0),
ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo),
ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR),
@@ -258,7 +258,7 @@ ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
} static_ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
- ASN1_SIMPLE(CMS_CompressedData, version, INT32),
+ ASN1_EMBED(CMS_CompressedData, version, INT32),
ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
@@ -337,7 +337,7 @@ ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
ASN1_CHOICE(CMS_ReceiptsFrom) = {
- ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, INT32, 0),
+ ASN1_IMP_EMBED(CMS_ReceiptsFrom, d.allOrFirstTier, INT32, 0),
ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
} static_ASN1_CHOICE_END(CMS_ReceiptsFrom)
@@ -348,7 +348,7 @@ ASN1_SEQUENCE(CMS_ReceiptRequest) = {
} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
ASN1_SEQUENCE(CMS_Receipt) = {
- ASN1_SIMPLE(CMS_Receipt, version, INT32),
+ ASN1_EMBED(CMS_Receipt, version, INT32),
ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index f65d065..1a40633 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -34,7 +34,7 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
ASN1_SIMPLE(DH, p, BIGNUM),
ASN1_SIMPLE(DH, g, BIGNUM),
- ASN1_OPT(DH, length, ZINT32),
+ ASN1_OPT_EMBED(DH, length, ZINT32),
} ASN1_SEQUENCE_END_cb(DH, DHparams)
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 6f9fe3e..7de00c7 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -75,7 +75,7 @@ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
}
ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
- ASN1_SIMPLE(DSA, version, INT32),
+ ASN1_EMBED(DSA, version, INT32),
ASN1_SIMPLE(DSA, p, BIGNUM),
ASN1_SIMPLE(DSA, q, BIGNUM),
ASN1_SIMPLE(DSA, g, BIGNUM),
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 6493515..d57f3b4 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -155,9 +155,9 @@ typedef struct ec_privatekey_st {
/* the OpenSSL ASN.1 definitions */
ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
- ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, INT32),
- ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, INT32),
- ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, INT32)
+ ASN1_EMBED(X9_62_PENTANOMIAL, k1, INT32),
+ ASN1_EMBED(X9_62_PENTANOMIAL, k2, INT32),
+ ASN1_EMBED(X9_62_PENTANOMIAL, k3, INT32)
} static_ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
@@ -172,7 +172,7 @@ ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
} ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
- ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, INT32),
+ ASN1_EMBED(X9_62_CHARACTERISTIC_TWO, m, INT32),
ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
} static_ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
@@ -199,7 +199,7 @@ ASN1_SEQUENCE(X9_62_CURVE) = {
} static_ASN1_SEQUENCE_END(X9_62_CURVE)
ASN1_SEQUENCE(ECPARAMETERS) = {
- ASN1_SIMPLE(ECPARAMETERS, version, INT32),
+ ASN1_EMBED(ECPARAMETERS, version, INT32),
ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
@@ -221,7 +221,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
ASN1_SEQUENCE(EC_PRIVATEKEY) = {
- ASN1_SIMPLE(EC_PRIVATEKEY, version, INT32),
+ ASN1_EMBED(EC_PRIVATEKEY, version, INT32),
ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index ef79a27..43c8fc2 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -32,7 +32,7 @@ static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
}
ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
- ASN1_SIMPLE(RSA, version, INT32),
+ ASN1_EMBED(RSA, version, INT32),
ASN1_SIMPLE(RSA, n, BIGNUM),
ASN1_SIMPLE(RSA, e, BIGNUM),
ASN1_SIMPLE(RSA, d, CBIGNUM),
diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h
index a73d4a8..537ee2e 100644
--- a/include/openssl/asn1t.h
+++ b/include/openssl/asn1t.h
@@ -346,17 +346,22 @@ extern "C" {
/* OPTIONAL simple type */
# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+# define ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
/* IMPLICIT tagged simple type */
# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+# define ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
/* IMPLICIT tagged OPTIONAL simple type */
# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
/* Same as above but EXPLICIT */
# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+# define ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
/* SEQUENCE OF type */
# define ASN1_SEQUENCE_OF(stname, field, type) \
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index b4eb98e..2be0d67 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -70,31 +70,31 @@ typedef struct {
} SSL_SESSION_ASN1;
ASN1_SEQUENCE(SSL_SESSION_ASN1) = {
- ASN1_SIMPLE(SSL_SESSION_ASN1, version, UINT32),
- ASN1_SIMPLE(SSL_SESSION_ASN1, ssl_version, INT32),
+ ASN1_EMBED(SSL_SESSION_ASN1, version, UINT32),
+ ASN1_EMBED(SSL_SESSION_ASN1, ssl_version, INT32),
ASN1_SIMPLE(SSL_SESSION_ASN1, cipher, ASN1_OCTET_STRING),
ASN1_SIMPLE(SSL_SESSION_ASN1, session_id, ASN1_OCTET_STRING),
ASN1_SIMPLE(SSL_SESSION_ASN1, master_key, ASN1_OCTET_STRING),
ASN1_IMP_OPT(SSL_SESSION_ASN1, key_arg, ASN1_OCTET_STRING, 0),
- ASN1_EXP_OPT(SSL_SESSION_ASN1, time, ZINT64, 1),
- ASN1_EXP_OPT(SSL_SESSION_ASN1, timeout, ZINT64, 2),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, time, ZINT64, 1),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, timeout, ZINT64, 2),
ASN1_EXP_OPT(SSL_SESSION_ASN1, peer, X509, 3),
ASN1_EXP_OPT(SSL_SESSION_ASN1, session_id_context, ASN1_OCTET_STRING, 4),
- ASN1_EXP_OPT(SSL_SESSION_ASN1, verify_result, ZINT32, 5),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, verify_result, ZINT32, 5),
ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_hostname, ASN1_OCTET_STRING, 6),
#ifndef OPENSSL_NO_PSK
ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity_hint, ASN1_OCTET_STRING, 7),
ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity, ASN1_OCTET_STRING, 8),
#endif
- ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_lifetime_hint, ZUINT64, 9),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_tick_lifetime_hint, ZUINT64, 9),
ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick, ASN1_OCTET_STRING, 10),
ASN1_EXP_OPT(SSL_SESSION_ASN1, comp_id, ASN1_OCTET_STRING, 11),
#ifndef OPENSSL_NO_SRP
ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12),
#endif
- ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZUINT64, 13),
- ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_age_add, ZUINT32, 14),
- ASN1_EXP_OPT(SSL_SESSION_ASN1, max_early_data, ZUINT32, 15),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, flags, ZUINT64, 13),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_tick_age_add, ZUINT32, 14),
+ ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, max_early_data, ZUINT32, 15),
ASN1_EXP_OPT(SSL_SESSION_ASN1, alpn_selected, ASN1_OCTET_STRING, 16)
} static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1)
diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c
index 91b1e58..a24b284 100644
--- a/test/asn1_encode_test.c
+++ b/test/asn1_encode_test.c
@@ -276,8 +276,8 @@ typedef struct {
ASN1_SEQUENCE(ASN1_INT32_DATA) = {
ASN1_SIMPLE(ASN1_INT32_DATA, success, ASN1_FBOOLEAN),
- ASN1_SIMPLE(ASN1_INT32_DATA, test_int32, INT32),
- ASN1_EXP_OPT(ASN1_INT32_DATA, test_zint32, ZINT32, 0)
+ ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
+ ASN1_EXP_OPT_EMBED(ASN1_INT32_DATA, test_zint32, ZINT32, 0)
} static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
@@ -323,8 +323,8 @@ typedef struct {
ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
ASN1_SIMPLE(ASN1_UINT32_DATA, success, ASN1_FBOOLEAN),
- ASN1_SIMPLE(ASN1_UINT32_DATA, test_uint32, UINT32),
- ASN1_EXP_OPT(ASN1_UINT32_DATA, test_zuint32, ZUINT32, 0)
+ ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
+ ASN1_EXP_OPT_EMBED(ASN1_UINT32_DATA, test_zuint32, ZUINT32, 0)
} static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
@@ -370,8 +370,8 @@ typedef struct {
ASN1_SEQUENCE(ASN1_INT64_DATA) = {
ASN1_SIMPLE(ASN1_INT64_DATA, success, ASN1_FBOOLEAN),
- ASN1_SIMPLE(ASN1_INT64_DATA, test_int64, INT64),
- ASN1_EXP_OPT(ASN1_INT64_DATA, test_zint64, ZINT64, 0)
+ ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
+ ASN1_EXP_OPT_EMBED(ASN1_INT64_DATA, test_zint64, ZINT64, 0)
} static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
@@ -418,8 +418,8 @@ typedef struct {
ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
ASN1_SIMPLE(ASN1_UINT64_DATA, success, ASN1_FBOOLEAN),
- ASN1_SIMPLE(ASN1_UINT64_DATA, test_uint64, UINT64),
- ASN1_EXP_OPT(ASN1_UINT64_DATA, test_zuint64, ZUINT64, 0)
+ ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
+ ASN1_EXP_OPT_EMBED(ASN1_UINT64_DATA, test_zuint64, ZUINT64, 0)
} static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
More information about the openssl-commits
mailing list