diff options
author | Adam Langley <agl@google.com> | 2015-05-11 17:20:37 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2015-05-12 23:06:14 +0000 |
commit | e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5 (patch) | |
tree | 6e43e34595ecf887c26c32b86d8ab097fe8cac64 /src/crypto/x509v3 | |
parent | b3106a0cc1493bbe0505c0ec0ce3da4ca90a29ae (diff) | |
download | external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.zip external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.gz external_boringssl-e9ada863a7b3e81f5d2b1e3bdd2305da902a87f5.tar.bz2 |
external/boringssl: bump revision.
This change bumps the BoringSSL revision to the current tip-of-tree.
Change-Id: I91d5bf467e16e8d86cb19a4de873985f524e5faa
Diffstat (limited to 'src/crypto/x509v3')
-rw-r--r-- | src/crypto/x509v3/CMakeLists.txt | 4 | ||||
-rw-r--r-- | src/crypto/x509v3/tabtest.c | 9 | ||||
-rw-r--r-- | src/crypto/x509v3/v3_alt.c | 2 | ||||
-rw-r--r-- | src/crypto/x509v3/v3_conf.c | 76 | ||||
-rw-r--r-- | src/crypto/x509v3/v3_cpols.c | 14 | ||||
-rw-r--r-- | src/crypto/x509v3/v3_purp.c | 3 | ||||
-rw-r--r-- | src/crypto/x509v3/v3_utl.c | 88 | ||||
-rw-r--r-- | src/crypto/x509v3/v3nametest.c | 11 | ||||
-rw-r--r-- | src/crypto/x509v3/x509v3_error.c | 147 |
9 files changed, 90 insertions, 264 deletions
diff --git a/src/crypto/x509v3/CMakeLists.txt b/src/crypto/x509v3/CMakeLists.txt index 26de0ed..ffa5a4a 100644 --- a/src/crypto/x509v3/CMakeLists.txt +++ b/src/crypto/x509v3/CMakeLists.txt @@ -41,7 +41,6 @@ add_library( v3_skey.c v3_sxnet.c v3_utl.c - x509v3_error.c ) add_executable( @@ -50,11 +49,12 @@ add_executable( v3nametest.c ) +target_link_libraries(v3name_test crypto) + add_executable( tab_test tabtest.c ) -target_link_libraries(v3name_test crypto) target_link_libraries(tab_test crypto) diff --git a/src/crypto/x509v3/tabtest.c b/src/crypto/x509v3/tabtest.c index 26ecc6c..6b97e91 100644 --- a/src/crypto/x509v3/tabtest.c +++ b/src/crypto/x509v3/tabtest.c @@ -62,13 +62,17 @@ #include <stdio.h> +#include <openssl/base.h> #include <openssl/crypto.h> #include <openssl/x509v3.h> +#if !defined(BORINGSSL_SHARED_LIBRARY) #include "ext_dat.h" +#endif int main(void) { +#if !defined(BORINGSSL_SHARED_LIBRARY) int i, prev = -1, bad = 0; const X509V3_EXT_METHOD *const *tmp; CRYPTO_library_init(); @@ -91,4 +95,9 @@ int main(void) printf("PASS\n"); return 0; } +#else + /* TODO(davidben): Fix this test in the shared library build. */ + printf("PASS\n"); + return 0; +#endif } diff --git a/src/crypto/x509v3/v3_alt.c b/src/crypto/x509v3/v3_alt.c index 113cf45..f547316 100644 --- a/src/crypto/x509v3/v3_alt.c +++ b/src/crypto/x509v3/v3_alt.c @@ -583,6 +583,8 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) return 0; objlen = p - value; objtmp = OPENSSL_malloc(objlen + 1); + if (objtmp == NULL) + return 0; strncpy(objtmp, value, objlen); objtmp[objlen] = 0; gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); diff --git a/src/crypto/x509v3/v3_conf.c b/src/crypto/x509v3/v3_conf.c index 7606ac1..cb6569f 100644 --- a/src/crypto/x509v3/v3_conf.c +++ b/src/crypto/x509v3/v3_conf.c @@ -67,6 +67,8 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> +#include "../internal.h" + static int v3_check_critical(char **value); static int v3_check_generic(char **value); @@ -260,6 +262,7 @@ static int v3_check_generic(char **value) static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int gen_type, X509V3_CTX *ctx) + OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { unsigned char *ext_der=NULL; long ext_len; @@ -454,76 +457,3 @@ void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, ctx->flags = flags; } -/* TODO(fork): remove */ -#if 0 -/* Old conf compatibility functions */ - -X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - char *name, char *value) - { - CONF ctmp; - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_nconf(&ctmp, ctx, name, value); - } - -/* LHASH *conf: Config file */ -/* char *value: Value */ -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - int ext_nid, char *value) - { - CONF ctmp; - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value); - } - -static char *conf_lhash_get_string(void *db, char *section, char *value) - { - return CONF_get_string(db, section, value); - } - -static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section) - { - return CONF_get_section(db, section); - } - -static const X509V3_CONF_METHOD conf_lhash_method = { -conf_lhash_get_string, -conf_lhash_get_section, -NULL, -NULL -}; - -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash) - { - ctx->db_meth = &conf_lhash_method; - ctx->db = lhash; - } - -int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - char *section, X509 *cert) - { - CONF ctmp; - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert); - } - -/* Same as above but for a CRL */ - -int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - char *section, X509_CRL *crl) - { - CONF ctmp; - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl); - } - -/* Add extensions to certificate request */ - -int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - char *section, X509_REQ *req) - { - CONF ctmp; - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req); - } -#endif diff --git a/src/crypto/x509v3/v3_cpols.c b/src/crypto/x509v3/v3_cpols.c index d5a8c3c..cbe596b 100644 --- a/src/crypto/x509v3/v3_cpols.c +++ b/src/crypto/x509v3/v3_cpols.c @@ -228,7 +228,14 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, goto merr; /* TODO(fork): const correctness */ qual->pqualid = (ASN1_OBJECT*) OBJ_nid2obj(NID_id_qt_cps); + if (qual->pqualid == NULL) { + OPENSSL_PUT_ERROR(X509V3, policy_section, ERR_R_INTERNAL_ERROR); + goto err; + } qual->d.cpsuri = M_ASN1_IA5STRING_new(); + if (qual->d.cpsuri == NULL) { + goto err; + } if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) goto merr; } else if(!name_cmp(cnf->name, "userNotice")) { @@ -287,12 +294,19 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if(!(qual = POLICYQUALINFO_new())) goto merr; /* TODO(fork): const correctness */ qual->pqualid = (ASN1_OBJECT *) OBJ_nid2obj(NID_id_qt_unotice); + if (qual->pqualid == NULL) + { + OPENSSL_PUT_ERROR(X509V3, notice_section, ERR_R_INTERNAL_ERROR); + goto err; + } if(!(not = USERNOTICE_new())) goto merr; qual->d.usernotice = not; for(i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); if(!strcmp(cnf->name, "explicitText")) { not->exptext = M_ASN1_VISIBLESTRING_new(); + if (not->exptext == NULL) + goto merr; if(!ASN1_STRING_set(not->exptext, cnf->value, strlen(cnf->value))) goto merr; } else if(!strcmp(cnf->name, "organization")) { diff --git a/src/crypto/x509v3/v3_purp.c b/src/crypto/x509v3/v3_purp.c index 6daf632..3f175c9 100644 --- a/src/crypto/x509v3/v3_purp.c +++ b/src/crypto/x509v3/v3_purp.c @@ -63,6 +63,7 @@ #include <openssl/digest.h> #include <openssl/mem.h> #include <openssl/obj.h> +#include <openssl/thread.h> #include <openssl/x509_vfy.h> #include <openssl/x509v3.h> @@ -200,7 +201,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, name_dup = BUF_strdup(name); sname_dup = BUF_strdup(sname); if (name_dup == NULL || sname_dup == NULL) { - OPENSSL_PUT_ERROR(X509, X509_TRUST_add, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(X509V3, X509_PURPOSE_add, ERR_R_MALLOC_FAILURE); if (name_dup != NULL) OPENSSL_free(name_dup); if (sname_dup != NULL) diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index d081c1c..27a91ff 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -262,6 +262,8 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) int state; /* We are going to modify the line so copy it first */ linebuf = BUF_strdup(line); + if (linebuf == NULL) + goto err; state = HDR_NAME; ntmp = NULL; /* Go through all characters */ @@ -850,9 +852,11 @@ static int equal_wildcard(const unsigned char *pattern, size_t pattern_len, */ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, - unsigned int flags, - const unsigned char *b, size_t blen) + unsigned int flags, const char *b, size_t blen, + char **peername) { + int rv = 0; + if (!a->data || !a->length) return 0; if (cmp_type > 0) @@ -860,27 +864,31 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, if (cmp_type != a->type) return 0; if (cmp_type == V_ASN1_IA5STRING) - return equal(a->data, a->length, b, blen, flags); - if (a->length == (int)blen && !memcmp(a->data, b, blen)) - return 1; - else - return 0; + rv = equal(a->data, a->length, + (unsigned char *)b, blen, flags); + else if (a->length == (int)blen && !memcmp(a->data, b, blen)) + rv = 1; + if (rv > 0 && peername) + *peername = BUF_strndup((char *)a->data, a->length); } else { - int astrlen, rv; + int astrlen; unsigned char *astr; astrlen = ASN1_STRING_to_UTF8(&astr, a); if (astrlen < 0) return -1; - rv = equal(astr, astrlen, b, blen, flags); + rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); OPENSSL_free(astr); - return rv; + if (rv > 0 && peername) + *peername = BUF_strndup((char *)astr, astrlen); } + return rv; } -static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags, int check_type) +static int do_x509_check(X509 *x, const char *chk, size_t chklen, + unsigned int flags, int check_type, + char **peername) { GENERAL_NAMES *gens = NULL; X509_NAME *name = NULL; @@ -889,6 +897,7 @@ static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen, int cnid; int alt_type; int san_present = 0; + int rv = 0; equal_fn equal; /* See below, this flag is internal-only */ @@ -918,13 +927,9 @@ static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen, equal = equal_case; } - if (chklen == 0) - chklen = strlen((const char *)chk); - gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); if (gens) { - int rv = 0; for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { GENERAL_NAME *gen; @@ -939,16 +944,14 @@ static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen, cstr = gen->d.dNSName; else cstr = gen->d.iPAddress; - if (do_check_string(cstr, alt_type, equal, flags, - chk, chklen)) - { - rv = 1; + /* Positive on success, negative on error! */ + if ((rv = do_check_string(cstr, alt_type, equal, flags, + chk, chklen, peername)) != 0) break; - } } GENERAL_NAMES_free(gens); - if (rv) - return 1; + if (rv != 0) + return rv; if (!cnid || (san_present && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT))) @@ -962,38 +965,53 @@ static int do_x509_check(X509 *x, const unsigned char *chk, size_t chklen, ASN1_STRING *str; ne = X509_NAME_get_entry(name, j); str = X509_NAME_ENTRY_get_data(ne); - if (do_check_string(str, -1, equal, flags, chk, chklen)) - return 1; + /* Positive on success, negative on error! */ + if ((rv = do_check_string(str, -1, equal, flags, + chk, chklen, peername)) != 0) + return rv; } return 0; } -int X509_check_host(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags) +int X509_check_host(X509 *x, const char *chk, size_t chklen, + unsigned int flags, char **peername) { - return do_x509_check(x, chk, chklen, flags, GEN_DNS); + if (chk == NULL) + return -2; + if (memchr(chk, '\0', chklen)) + return -2; + return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername); } -int X509_check_email(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags) +int X509_check_email(X509 *x, const char *chk, size_t chklen, + unsigned int flags) { - return do_x509_check(x, chk, chklen, flags, GEN_EMAIL); + if (chk == NULL) + return -2; + if (memchr(chk, '\0', chklen)) + return -2; + return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); } int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, unsigned int flags) { - return do_x509_check(x, chk, chklen, flags, GEN_IPADD); + if (chk == NULL) + return -2; + return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL); } int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) { unsigned char ipout[16]; - int iplen; - iplen = a2i_ipadd(ipout, ipasc); + size_t iplen; + + if (ipasc == NULL) + return -2; + iplen = (size_t) a2i_ipadd(ipout, ipasc); if (iplen == 0) return -2; - return do_x509_check(x, ipout, (size_t)iplen, flags, GEN_IPADD); + return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL); } /* Convert IP addresses both IPv4 and IPv6 into an diff --git a/src/crypto/x509v3/v3nametest.c b/src/crypto/x509v3/v3nametest.c index b2e9c09..a3197e6 100644 --- a/src/crypto/x509v3/v3nametest.c +++ b/src/crypto/x509v3/v3nametest.c @@ -52,6 +52,7 @@ * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). */ +#include <stdarg.h> #include <string.h> #include <openssl/crypto.h> @@ -332,8 +333,7 @@ static void run_cert(X509 *crt, const char *nameincert, int match, ret; memcpy(name, *pname, namelen); - ret = X509_check_host(crt, (const unsigned char *)name, - namelen, 0); + ret = X509_check_host(crt, name, namelen, 0, NULL); match = -1; if (ret < 0) { @@ -351,8 +351,8 @@ static void run_cert(X509 *crt, const char *nameincert, match = 1; check_message(fn, "host", nameincert, match, *pname); - ret = X509_check_host(crt, (const unsigned char *)name, - namelen, X509_CHECK_FLAG_NO_WILDCARDS); + ret = X509_check_host(crt, name, namelen, + X509_CHECK_FLAG_NO_WILDCARDS, NULL); match = -1; if (ret < 0) { @@ -371,8 +371,7 @@ static void run_cert(X509 *crt, const char *nameincert, check_message(fn, "host-no-wildcards", nameincert, match, *pname); - ret = X509_check_email(crt, (const unsigned char *)name, - namelen, 0); + ret = X509_check_email(crt, name, namelen, 0); match = -1; if (fn->email) { diff --git a/src/crypto/x509v3/x509v3_error.c b/src/crypto/x509v3/x509v3_error.c deleted file mode 100644 index 9fbca5f..0000000 --- a/src/crypto/x509v3/x509v3_error.c +++ /dev/null @@ -1,147 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#include <openssl/err.h> - -#include <openssl/x509v3.h> - -const ERR_STRING_DATA X509V3_error_string_data[] = { - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_add_id_INTEGER, 0), "SXNET_add_id_INTEGER"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_add_id_asc, 0), "SXNET_add_id_asc"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_add_id_ulong, 0), "SXNET_add_id_ulong"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_get_id_asc, 0), "SXNET_get_id_asc"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_get_id_ulong, 0), "SXNET_get_id_ulong"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_add, 0), "X509V3_EXT_add"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_add_alias, 0), "X509V3_EXT_add_alias"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_free, 0), "X509V3_EXT_free"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_i2d, 0), "X509V3_EXT_i2d"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_nconf, 0), "X509V3_EXT_nconf"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_add1_i2d, 0), "X509V3_add1_i2d"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_add_value, 0), "X509V3_add_value"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_get_section, 0), "X509V3_get_section"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_get_string, 0), "X509V3_get_string"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_get_value_bool, 0), "X509V3_get_value_bool"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_parse_list, 0), "X509V3_parse_list"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509_PURPOSE_add, 0), "X509_PURPOSE_add"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509_PURPOSE_set, 0), "X509_PURPOSE_set"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_a2i_GENERAL_NAME, 0), "a2i_GENERAL_NAME"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_copy_email, 0), "copy_email"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_copy_issuer, 0), "copy_issuer"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_do_dirname, 0), "do_dirname"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_do_ext_i2d, 0), "do_ext_i2d"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_do_ext_nconf, 0), "do_ext_nconf"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_gnames_from_sectname, 0), "gnames_from_sectname"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_hex_to_string, 0), "hex_to_string"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_i2s_ASN1_ENUMERATED, 0), "i2s_ASN1_ENUMERATED"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_i2s_ASN1_IA5STRING, 0), "i2s_ASN1_IA5STRING"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_i2s_ASN1_INTEGER, 0), "i2s_ASN1_INTEGER"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_i2v_AUTHORITY_INFO_ACCESS, 0), "i2v_AUTHORITY_INFO_ACCESS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_notice_section, 0), "notice_section"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_nref_nos, 0), "nref_nos"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_policy_section, 0), "policy_section"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_process_pci_value, 0), "process_pci_value"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_r2i_certpol, 0), "r2i_certpol"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_r2i_pci, 0), "r2i_pci"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_s2i_ASN1_IA5STRING, 0), "s2i_ASN1_IA5STRING"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_s2i_ASN1_INTEGER, 0), "s2i_ASN1_INTEGER"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_s2i_ASN1_OCTET_STRING, 0), "s2i_ASN1_OCTET_STRING"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_s2i_skey_id, 0), "s2i_skey_id"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_set_dist_point_name, 0), "set_dist_point_name"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_string_to_hex, 0), "string_to_hex"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_ASN1_BIT_STRING, 0), "v2i_ASN1_BIT_STRING"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_AUTHORITY_INFO_ACCESS, 0), "v2i_AUTHORITY_INFO_ACCESS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_AUTHORITY_KEYID, 0), "v2i_AUTHORITY_KEYID"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_BASIC_CONSTRAINTS, 0), "v2i_BASIC_CONSTRAINTS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_EXTENDED_KEY_USAGE, 0), "v2i_EXTENDED_KEY_USAGE"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_GENERAL_NAMES, 0), "v2i_GENERAL_NAMES"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_GENERAL_NAME_ex, 0), "v2i_GENERAL_NAME_ex"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_NAME_CONSTRAINTS, 0), "v2i_NAME_CONSTRAINTS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_POLICY_CONSTRAINTS, 0), "v2i_POLICY_CONSTRAINTS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_POLICY_MAPPINGS, 0), "v2i_POLICY_MAPPINGS"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_crld, 0), "v2i_crld"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_idp, 0), "v2i_idp"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_issuer_alt, 0), "v2i_issuer_alt"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v2i_subject_alt, 0), "v2i_subject_alt"}, - {ERR_PACK(ERR_LIB_X509V3, X509V3_F_v3_generic_extension, 0), "v3_generic_extension"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BAD_IP_ADDRESS), "BAD_IP_ADDRESS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BAD_OBJECT), "BAD_OBJECT"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BN_DEC2BN_ERROR), "BN_DEC2BN_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "BN_TO_ASN1_INTEGER_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_CANNOT_FIND_FREE_FUNCTION), "CANNOT_FIND_FREE_FUNCTION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DIRNAME_ERROR), "DIRNAME_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DISTPOINT_ALREADY_SET), "DISTPOINT_ALREADY_SET"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DUPLICATE_ZONE_ID), "DUPLICATE_ZONE_ID"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_CONVERTING_ZONE), "ERROR_CONVERTING_ZONE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_CREATING_EXTENSION), "ERROR_CREATING_EXTENSION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_IN_EXTENSION), "ERROR_IN_EXTENSION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXPECTED_A_SECTION_NAME), "EXPECTED_A_SECTION_NAME"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_EXISTS), "EXTENSION_EXISTS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_NAME_ERROR), "EXTENSION_NAME_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_NOT_FOUND), "EXTENSION_NOT_FOUND"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "EXTENSION_SETTING_NOT_SUPPORTED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_VALUE_ERROR), "EXTENSION_VALUE_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ILLEGAL_EMPTY_EXTENSION), "ILLEGAL_EMPTY_EXTENSION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ILLEGAL_HEX_DIGIT), "ILLEGAL_HEX_DIGIT"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "INCORRECT_POLICY_SYNTAX_TAG"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_ASNUMBER), "INVALID_ASNUMBER"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_ASRANGE), "INVALID_ASRANGE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_BOOLEAN_STRING), "INVALID_BOOLEAN_STRING"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_EXTENSION_STRING), "INVALID_EXTENSION_STRING"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_INHERITANCE), "INVALID_INHERITANCE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_IPADDRESS), "INVALID_IPADDRESS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_MULTIPLE_RDNS), "INVALID_MULTIPLE_RDNS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NAME), "INVALID_NAME"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_ARGUMENT), "INVALID_NULL_ARGUMENT"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_NAME), "INVALID_NULL_NAME"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_VALUE), "INVALID_NULL_VALUE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NUMBER), "INVALID_NUMBER"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NUMBERS), "INVALID_NUMBERS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_OBJECT_IDENTIFIER), "INVALID_OBJECT_IDENTIFIER"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_OPTION), "INVALID_OPTION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_POLICY_IDENTIFIER), "INVALID_POLICY_IDENTIFIER"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_PROXY_POLICY_SETTING), "INVALID_PROXY_POLICY_SETTING"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_PURPOSE), "INVALID_PURPOSE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SAFI), "INVALID_SAFI"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SECTION), "INVALID_SECTION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SYNTAX), "INVALID_SYNTAX"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ISSUER_DECODE_ERROR), "ISSUER_DECODE_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_MISSING_VALUE), "MISSING_VALUE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "NEED_ORGANIZATION_AND_NUMBERS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_CONFIG_DATABASE), "NO_CONFIG_DATABASE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_ISSUER_CERTIFICATE), "NO_ISSUER_CERTIFICATE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_ISSUER_DETAILS), "NO_ISSUER_DETAILS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_POLICY_IDENTIFIER), "NO_POLICY_IDENTIFIER"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_PUBLIC_KEY), "NO_PUBLIC_KEY"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_SUBJECT_DETAILS), "NO_SUBJECT_DETAILS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ODD_NUMBER_OF_DIGITS), "ODD_NUMBER_OF_DIGITS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_OPERATION_NOT_DEFINED), "OPERATION_NOT_DEFINED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_OTHERNAME_ERROR), "OTHERNAME_ERROR"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "POLICY_LANGUAGE_ALREADY_DEFINED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_PATH_LENGTH), "POLICY_PATH_LENGTH"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "POLICY_PATH_LENGTH_ALREADY_DEFINED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_SECTION_NOT_FOUND), "SECTION_NOT_FOUND"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "UNABLE_TO_GET_ISSUER_DETAILS"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "UNABLE_TO_GET_ISSUER_KEYID"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "UNKNOWN_BIT_STRING_ARGUMENT"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_EXTENSION), "UNKNOWN_EXTENSION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_EXTENSION_NAME), "UNKNOWN_EXTENSION_NAME"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_OPTION), "UNKNOWN_OPTION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNSUPPORTED_OPTION), "UNSUPPORTED_OPTION"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNSUPPORTED_TYPE), "UNSUPPORTED_TYPE"}, - {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_USER_TOO_LONG), "USER_TOO_LONG"}, - {0, NULL}, -}; |