Remove ASN1_METHOD code replace with new ASN1 alternative.

45e27385 · Dr. Stephen Henson · b173acfc · 45e27385 · 45e27385 · 45e27385
8 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 Changes between 0.9.8 and 0.9.9  [xx XXX xxxx]
+  *) Remove the ancient ASN1_METHOD code. This was only ever used in one
+     place for the (very old) "NETSCAPE" format certificates which are now
+     handled using new ASN1 code equivalents.
  *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
     pointer and make the SSL_METHOD parameter in SSL_CTX_new,
     SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.

--- a/apps/apps.c
+++ b/apps/apps.c
@@ -745,8 +745,6 @@ static int load_pkcs12(BIO *err, BIO *in, const char *desc,
 X509 *load_cert(BIO *err, const char *file, int format,
 	const char *pass, ENGINE *e, const char *cert_descrip)
 	{
-	ASN1_HEADER *ah=NULL;
-	BUF_MEM *buf=NULL;
 	X509 *x=NULL;
 	BIO *cert;
@@ -776,46 +774,21 @@ X509 *load_cert(BIO *err, const char *file, int format,
 		x=d2i_X509_bio(cert,NULL);
 	else if (format == FORMAT_NETSCAPE)
 		{
-		const unsigned char *p,*op;
+		NETSCAPE_X509 *nx;
-		int size=0,i;
+		nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL);
+		if (nx == NULL)
-		/* We sort of have to do it this way because it is sort of nice
-		 * to read the header first and check it, then
-		 * try to read the certificate */
-		buf=BUF_MEM_new();
-		for (;;)
-			{
-			if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
-				goto end;
-			i=BIO_read(cert,&(buf->data[size]),1024*10);
-			size+=i;
-			if (i == 0) break;
-			if (i < 0)
-				{
-				perror("reading certificate");
 				goto end;
-				}
-			}
-		p=(unsigned char *)buf->data;
-		op=p;
-		/* First load the header */
+		if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data,
-		if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
+			nx->header->length) != 0))
-			goto end;
-		if ((ah->header == NULL) || (ah->header->data == NULL) ||
-			(strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
-			ah->header->length) != 0))
 			{
+			NETSCAPE_X509_free(nx);
 			BIO_printf(err,"Error reading header on certificate\n");
 			goto end;
 			}
-		/* header is ok, so now read the object */
+		x=nx->cert;
-		p=op;
+		nx->cert = NULL;
-		ah->meth=X509_asn1_meth();
+		NETSCAPE_X509_free(nx);
-		if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
-			goto end;
-		x=(X509 *)ah->data;
-		ah->data=NULL;
 		}
 	else if (format == FORMAT_PEM)
 		x=PEM_read_bio_X509_AUX(cert,NULL,
@@ -837,9 +810,7 @@ end:
 		BIO_printf(err,"unable to load certificate\n");
 		ERR_print_errors(err);
 		}
-	if (ah != NULL) ASN1_HEADER_free(ah);
 	if (cert != NULL) BIO_free(cert);
-	if (buf != NULL) BUF_MEM_free(buf);
 	return(x);
 	}

--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1033,16 +1033,15 @@ bad:
 		}
 	else if (outformat == FORMAT_NETSCAPE)
 		{
-		ASN1_HEADER ah;
+		NETSCAPE_X509 nx;
-		ASN1_OCTET_STRING os;
+		ASN1_OCTET_STRING hdr;
-		os.data=(unsigned char *)NETSCAPE_CERT_HDR;
+		hdr.data=(unsigned char *)NETSCAPE_CERT_HDR;
-		os.length=strlen(NETSCAPE_CERT_HDR);
+		hdr.length=strlen(NETSCAPE_CERT_HDR);
-		ah.header= &os;
+		nx.header= &hdr;
-		ah.data=(char *)x;
+		nx.cert=x;
-		ah.meth=X509_asn1_meth();
-		i=ASN1_i2d_bio_of(ASN1_HEADER,i2d_ASN1_HEADER,out,&ah);
+		i=ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509),out,&nx);
 		}
 	else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");

--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -22,24 +22,24 @@ LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
 	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
 	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
 	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
-	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+	x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
 	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
 	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
 	f_int.c f_string.c n_pkey.c \
-	f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
+	f_enum.c x_pkey.c a_bool.c x_exten.c \
-	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
+	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
 	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
 LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
 	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
 	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
 	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
 	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
-	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+	x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
 	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
 	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
 	f_int.o f_string.o n_pkey.o \
-	f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
+	f_enum.o x_pkey.o a_bool.o x_exten.o \
-	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
+	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
 	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
 SRC= $(LIBSRC)

--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -516,21 +516,11 @@ typedef struct asn1_type_st
 DECLARE_STACK_OF(ASN1_TYPE)
 DECLARE_ASN1_SET_OF(ASN1_TYPE)
-typedef struct asn1_method_st
+typedef struct NETSCAPE_X509_st
-	{
-	i2d_of_void *i2d;
-	d2i_of_void *d2i;
-	void *(*create)(void);
-	void (*destroy)(void *);
-	} ASN1_METHOD;
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st
 	{
 	ASN1_OCTET_STRING *header;
-	void *data;
+	X509 *cert;
-	ASN1_METHOD *meth;
+	} NETSCAPE_X509;
-	} ASN1_HEADER;
 /* This is used to contain a list of bit names */
 typedef struct BIT_STRING_BITNAME_st {
@@ -944,19 +934,11 @@ int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump
 #endif
 const char *ASN1_tag2str(int tag);
-/* Used to load and write netscape format cert/key */
+/* Used to load and write netscape format cert */
-int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
-ASN1_HEADER *ASN1_HEADER_new(void );
-void ASN1_HEADER_free(ASN1_HEADER *a);
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
-/* Not used that much at this point, except for the first two */
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
 int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
 	unsigned char *data, int len);

--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -128,19 +128,6 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
 IMPLEMENT_ASN1_FUNCTIONS(X509)
 IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-static ASN1_METHOD meth=
-    {
-    (I2D_OF(void))  i2d_X509,
-    (D2I_OF(void)) d2i_X509,
-    (void *(*)(void))X509_new,
-    (void (*)(void *)) X509_free
-    };
-ASN1_METHOD *X509_asn1_meth(void)
-	{
-	return(&meth);
-	}
 int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
        {

--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -62,17 +62,6 @@
 #include <openssl/rsa.h>
 #include <openssl/asn1t.h>
-static ASN1_METHOD method={
-        (I2D_OF(void))     i2d_RSAPrivateKey,
-        (D2I_OF(void))     d2i_RSAPrivateKey,
-        (void *(*)(void))  RSA_new,
-        (void (*)(void *)) RSA_free};
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
-	{
-	return(&method);
-	}
 /* Override the default free and new methods */
 static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
 {

--- a/util/libeay.num
+++ b/util/libeay.num
 SSLeay                                  1	EXIST::FUNCTION:
 SSLeay_version                          2	EXIST::FUNCTION:
-ASN1_BIT_STRING_asn1_meth               3	EXIST::FUNCTION:
+ASN1_BIT_STRING_asn1_meth               3	NOEXIST::FUNCTION:
-ASN1_HEADER_free                        4	EXIST::FUNCTION:
+ASN1_HEADER_free                        4	NOEXIST::FUNCTION:
-ASN1_HEADER_new                         5	EXIST::FUNCTION:
+ASN1_HEADER_new                         5	NOEXIST::FUNCTION:
-ASN1_IA5STRING_asn1_meth                6	EXIST::FUNCTION:
+ASN1_IA5STRING_asn1_meth                6	NOEXIST::FUNCTION:
 ASN1_INTEGER_get                        7	EXIST::FUNCTION:
 ASN1_INTEGER_set                        8	EXIST::FUNCTION:
 ASN1_INTEGER_to_BN                      9	EXIST::FUNCTION:
@@ -469,7 +469,7 @@ RC2_set_key                             476	EXIST::FUNCTION:RC2
 RC4                                     477	EXIST::FUNCTION:RC4
 RC4_options                             478	EXIST::FUNCTION:RC4
 RC4_set_key                             479	EXIST::FUNCTION:RC4
-RSAPrivateKey_asn1_meth                 480	EXIST::FUNCTION:RSA
+RSAPrivateKey_asn1_meth                 480	NOEXIST::FUNCTION:
 RSAPrivateKey_dup                       481	EXIST::FUNCTION:RSA
 RSAPublicKey_dup                        482	EXIST::FUNCTION:RSA
 RSA_PKCS1_SSLeay                        483	EXIST::FUNCTION:RSA
@@ -624,7 +624,7 @@ X509_STORE_set_default_paths            630	EXIST::FUNCTION:STDIO
 X509_VAL_free                           631	EXIST::FUNCTION:
 X509_VAL_new                            632	EXIST::FUNCTION:
 X509_add_ext                            633	EXIST::FUNCTION:
-X509_asn1_meth                          634	EXIST::FUNCTION:
+X509_asn1_meth                          634	NOEXIST::FUNCTION:
 X509_certificate_type                   635	EXIST::FUNCTION:
 X509_check_private_key                  636	EXIST::FUNCTION:
 X509_cmp_current_time                   637	EXIST::FUNCTION:
@@ -704,7 +704,7 @@ bn_sqr_words                            710	EXIST::FUNCTION:
 _ossl_old_crypt                         711	EXIST:!NeXT,!PERL5:FUNCTION:DES
 d2i_ASN1_BIT_STRING                     712	EXIST::FUNCTION:
 d2i_ASN1_BOOLEAN                        713	EXIST::FUNCTION:
-d2i_ASN1_HEADER                         714	EXIST::FUNCTION:
+d2i_ASN1_HEADER                         714	NOEXIST::FUNCTION:
 d2i_ASN1_IA5STRING                      715	EXIST::FUNCTION:
 d2i_ASN1_INTEGER                        716	EXIST::FUNCTION:
 d2i_ASN1_OBJECT                         717	EXIST::FUNCTION:
@@ -809,7 +809,7 @@ i2a_ASN1_OBJECT                         816	EXIST::FUNCTION:BIO
 i2a_ASN1_STRING                         817	EXIST::FUNCTION:BIO
 i2d_ASN1_BIT_STRING                     818	EXIST::FUNCTION:
 i2d_ASN1_BOOLEAN                        819	EXIST::FUNCTION:
-i2d_ASN1_HEADER                         820	EXIST::FUNCTION:
+i2d_ASN1_HEADER                         820	NOEXIST::FUNCTION:
 i2d_ASN1_IA5STRING                      821	EXIST::FUNCTION:
 i2d_ASN1_INTEGER                        822	EXIST::FUNCTION:
 i2d_ASN1_OBJECT                         823	EXIST::FUNCTION:
@@ -3368,3 +3368,15 @@ BN_GF2m_mod_inv_arr                     3768	EXIST::FUNCTION:
 ENGINE_unregister_ECDSA                 3769	EXIST::FUNCTION:ENGINE
 BN_BLINDING_set_thread_id               3770	EXIST::FUNCTION:
 DSO_pathbyaddr                          3771	EXIST::FUNCTION:
+d2i_NETSCAPE_X509                       3772	EXIST::FUNCTION:
+i2d_ISSUING_DIST_POINT                  3773	EXIST::FUNCTION:
+NETSCAPE_X509_free                      3774	EXIST::FUNCTION:
+ISSUING_DIST_POINT_new                  3775	EXIST::FUNCTION:
+d2i_ISSUING_DIST_POINT                  3776	EXIST::FUNCTION:
+NETSCAPE_X509_it                        3777	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_X509_it                        3777	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ISSUING_DIST_POINT_free                 3778	EXIST::FUNCTION:
+i2d_NETSCAPE_X509                       3779	EXIST::FUNCTION:
+ISSUING_DIST_POINT_it                   3780	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ISSUING_DIST_POINT_it                   3780	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+NETSCAPE_X509_new                       3781	EXIST::FUNCTION: