subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject svn commit: r1603841 - in /subversion/branches/svn-auth-x509/subversion/libsvn_subr: x509.h x509parse.c
Date Thu, 19 Jun 2014 11:50:31 GMT
Author: stsp
Date: Thu Jun 19 11:50:31 2014
New Revision: 1603841

URL: http://svn.apache.org/r1603841
Log:
On the svn-auth-x509 branch:

* subversion/libsvn_subr/x509.h,
  subversion/libsvn_subr/x509parse.c: Replace tabs with spaces.

Modified:
    subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
    subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c

Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h?rev=1603841&r1=1603840&r2=1603841&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509.h Thu Jun 19 11:50:31 2014
@@ -123,50 +123,50 @@
  * Structures for parsing X.509 certificates
  */
 typedef struct _x509_buf {
-	int tag;
-	int len;
-	unsigned char *p;
+  int tag;
+  int len;
+  unsigned char *p;
 } x509_buf;
 
 typedef struct _x509_name {
-	x509_buf oid;
-	x509_buf val;
-	struct _x509_name *next;
+  x509_buf oid;
+  x509_buf val;
+  struct _x509_name *next;
 } x509_name;
 
 typedef struct _x509_time {
-	int year, mon, day;
-	int hour, min, sec;
+  int year, mon, day;
+  int hour, min, sec;
 } x509_time;
 
 typedef struct _x509_cert {
-	x509_buf raw;
-	x509_buf tbs;
+  x509_buf raw;
+  x509_buf tbs;
 
-	int version;
-	x509_buf serial;
-	x509_buf sig_oid1;
+  int version;
+  x509_buf serial;
+  x509_buf sig_oid1;
 
-	x509_buf issuer_raw;
-	x509_buf subject_raw;
+  x509_buf issuer_raw;
+  x509_buf subject_raw;
 
-	x509_name issuer;
-	x509_name subject;
+  x509_name issuer;
+  x509_name subject;
 
-	x509_time valid_from;
-	x509_time valid_to;
+  x509_time valid_from;
+  x509_time valid_to;
 
-	x509_buf pk_oid;
+  x509_buf pk_oid;
 
-	x509_buf issuer_id;
-	x509_buf subject_id;
-	x509_buf v3_ext;
+  x509_buf issuer_id;
+  x509_buf subject_id;
+  x509_buf v3_ext;
 
-	int ca_istrue;
-	int max_pathlen;
+  int ca_istrue;
+  int max_pathlen;
 
-	x509_buf sig_oid2;
-	x509_buf sig;
+  x509_buf sig_oid2;
+  x509_buf sig;
 
 } x509_cert;
 
@@ -174,19 +174,19 @@ typedef struct _x509_cert {
 extern "C" {
 #endif
 
-	/**
-	 * \brief          Parse one or more certificates and add them
-	 *                 to the chained list
-	 *
-	 * \param chain    points to the start of the chain
-	 * \param buf      buffer holding the certificate data
-	 * \param buflen   size of the buffer
-	 *
-	 * \return         0 if successful, or a specific X509 error code
-	 */
-	int x509parse_crt(x509_cert * chain, const unsigned char *buf, int buflen);
+  /**
+   * \brief          Parse one or more certificates and add them
+   *                 to the chained list
+   *
+   * \param chain    points to the start of the chain
+   * \param buf      buffer holding the certificate data
+   * \param buflen   size of the buffer
+   *
+   * \return         0 if successful, or a specific X509 error code
+   */
+  int x509parse_crt(x509_cert * chain, const unsigned char *buf, int buflen);
 
 #ifdef __cplusplus
 }
 #endif
-#endif				/* x509.h */
+#endif        /* x509.h */

Modified: subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c
URL: http://svn.apache.org/viewvc/subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c?rev=1603841&r1=1603840&r2=1603841&view=diff
==============================================================================
--- subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c (original)
+++ subversion/branches/svn-auth-x509/subversion/libsvn_subr/x509parse.c Thu Jun 19 11:50:31
2014
@@ -1,47 +1,47 @@
 /*
- *	X.509 certificate and private key decoding
+ *  X.509 certificate and private key decoding
  *
- *	Based on XySSL: Copyright (C) 2006-2008	 Christophe Devine
+ *  Based on XySSL: Copyright (C) 2006-2008   Christophe Devine
  *
- *	Copyright (C) 2009	Paul Bakker <polarssl_maintainer at polarssl dot org>
+ *  Copyright (C) 2009  Paul Bakker <polarssl_maintainer at polarssl dot org>
  *
- *	All rights reserved.
+ *  All rights reserved.
  *
- *	Redistribution and use in source and binary forms, with or without
- *	modification, are permitted provided that the following conditions
- *	are met:
- *
- *	  * Redistributions of source code must retain the above copyright
- *		notice, this list of conditions and the following disclaimer.
- *	  * Redistributions in binary form must reproduce the above copyright
- *		notice, this list of conditions and the following disclaimer in the
- *		documentation and/or other materials provided with the distribution.
- *	  * Neither the names of PolarSSL or XySSL nor the names of its contributors
- *		may be used to endorse or promote products derived from this software
- *		without specific prior written permission.
- *
- *	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- *	"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- *	LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- *	FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- *	OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- *	SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- *	TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- *	PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- *	LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- *	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- *	SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions
+ *  are met:
+ *
+ *    * Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *    * Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *    * Neither the names of PolarSSL or XySSL nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ *  FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ *  TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ *  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 /*
- *	The ITU-T X.509 standard defines a certificat format for PKI.
+ *  The ITU-T X.509 standard defines a certificat format for PKI.
  *
- *	http://www.ietf.org/rfc/rfc2459.txt
- *	http://www.ietf.org/rfc/rfc3279.txt
+ *  http://www.ietf.org/rfc/rfc2459.txt
+ *  http://www.ietf.org/rfc/rfc3279.txt
  *
- *	ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
+ *  ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
  *
- *	http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
- *	http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
  */
 
 #include "x509.h"
@@ -56,362 +56,362 @@
  */
 static int asn1_get_len(unsigned char **p, const unsigned char *end, int *len)
 {
-	if ((end - *p) < 1)
-		return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+  if ((end - *p) < 1)
+    return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
 
-	if ((**p & 0x80) == 0)
-		*len = *(*p)++;
-	else {
-		switch (**p & 0x7F) {
-		case 1:
-			if ((end - *p) < 2)
-				return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
-
-			*len = (*p)[1];
-			(*p) += 2;
-			break;
-
-		case 2:
-			if ((end - *p) < 3)
-				return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
-
-			*len = ((*p)[1] << 8) | (*p)[2];
-			(*p) += 3;
-			break;
-
-		default:
-			return (TROPICSSL_ERR_ASN1_INVALID_LENGTH);
-			break;
-		}
-	}
+  if ((**p & 0x80) == 0)
+    *len = *(*p)++;
+  else {
+    switch (**p & 0x7F) {
+    case 1:
+      if ((end - *p) < 2)
+        return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+
+      *len = (*p)[1];
+      (*p) += 2;
+      break;
+
+    case 2:
+      if ((end - *p) < 3)
+        return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+
+      *len = ((*p)[1] << 8) | (*p)[2];
+      (*p) += 3;
+      break;
+
+    default:
+      return (TROPICSSL_ERR_ASN1_INVALID_LENGTH);
+      break;
+    }
+  }
 
-	if (*len > (int)(end - *p))
-		return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+  if (*len > (int)(end - *p))
+    return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
 
-	return (0);
+  return (0);
 }
 
 static int asn1_get_tag(unsigned char **p,
-			const unsigned char *end, int *len, int tag)
+      const unsigned char *end, int *len, int tag)
 {
-	if ((end - *p) < 1)
-		return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+  if ((end - *p) < 1)
+    return (TROPICSSL_ERR_ASN1_OUT_OF_DATA);
 
-	if (**p != tag)
-		return (TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
+  if (**p != tag)
+    return (TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
 
-	(*p)++;
+  (*p)++;
 
-	return (asn1_get_len(p, end, len));
+  return (asn1_get_len(p, end, len));
 }
 
 static int asn1_get_int(unsigned char **p, const unsigned char *end, int *val)
 {
-	int ret, len;
+  int ret, len;
 
-	if ((ret = asn1_get_tag(p, end, &len, ASN1_INTEGER)) != 0)
-		return (ret);
+  if ((ret = asn1_get_tag(p, end, &len, ASN1_INTEGER)) != 0)
+    return (ret);
 
-	if (len > (int)sizeof(int) || (**p & 0x80) != 0)
-		return (TROPICSSL_ERR_ASN1_INVALID_LENGTH);
+  if (len > (int)sizeof(int) || (**p & 0x80) != 0)
+    return (TROPICSSL_ERR_ASN1_INVALID_LENGTH);
 
-	*val = 0;
+  *val = 0;
 
-	while (len-- > 0) {
-		*val = (*val << 8) | **p;
-		(*p)++;
-	}
+  while (len-- > 0) {
+    *val = (*val << 8) | **p;
+    (*p)++;
+  }
 
-	return (0);
+  return (0);
 }
 
 /*
- *	Version	 ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+ *  Version   ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
  */
 static int x509_get_version(unsigned char **p, const unsigned char *end, int *ver)
 {
-	int ret, len;
+  int ret, len;
 
-	if ((ret = asn1_get_tag(p, end, &len,
-				ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0))
-	    != 0) {
-		if (ret == TROPICSSL_ERR_ASN1_UNEXPECTED_TAG)
-			return (*ver = 0);
+  if ((ret = asn1_get_tag(p, end, &len,
+        ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0))
+      != 0) {
+    if (ret == TROPICSSL_ERR_ASN1_UNEXPECTED_TAG)
+      return (*ver = 0);
 
-		return (ret);
-	}
+    return (ret);
+  }
 
-	end = *p + len;
+  end = *p + len;
 
-	if ((ret = asn1_get_int(p, end, ver)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_VERSION | ret);
+  if ((ret = asn1_get_int(p, end, ver)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_VERSION | ret);
 
-	if (*p != end)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_VERSION |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  if (*p != end)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_VERSION |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
 
-	return (0);
+  return (0);
 }
 
 /*
- *	CertificateSerialNumber	 ::=  INTEGER
+ *  CertificateSerialNumber   ::=  INTEGER
  */
 static int x509_get_serial(unsigned char **p,
-			   const unsigned char *end, x509_buf * serial)
+         const unsigned char *end, x509_buf * serial)
 {
-	int ret;
+  int ret;
 
-	if ((end - *p) < 1)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL |
-			TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+  if ((end - *p) < 1)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL |
+      TROPICSSL_ERR_ASN1_OUT_OF_DATA);
 
-	if (**p != (ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2) &&
-	    **p != ASN1_INTEGER)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL |
-			TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
+  if (**p != (ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2) &&
+      **p != ASN1_INTEGER)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL |
+      TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
 
-	serial->tag = *(*p)++;
+  serial->tag = *(*p)++;
 
-	if ((ret = asn1_get_len(p, end, &serial->len)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL | ret);
+  if ((ret = asn1_get_len(p, end, &serial->len)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_SERIAL | ret);
 
-	serial->p = *p;
-	*p += serial->len;
+  serial->p = *p;
+  *p += serial->len;
 
-	return (0);
+  return (0);
 }
 
 /*
- *	AlgorithmIdentifier	 ::=  SEQUENCE	{
- *		 algorithm				 OBJECT IDENTIFIER,
- *		 parameters				 ANY DEFINED BY algorithm OPTIONAL	}
+ *  AlgorithmIdentifier   ::=  SEQUENCE  {
+ *     algorithm         OBJECT IDENTIFIER,
+ *     parameters         ANY DEFINED BY algorithm OPTIONAL  }
  */
 static int x509_get_alg(unsigned char **p, const unsigned char *end, x509_buf * alg)
 {
-	int ret, len;
+  int ret, len;
 
-	if ((ret = asn1_get_tag(p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
+  if ((ret = asn1_get_tag(p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
 
-	end = *p + len;
-	alg->tag = **p;
+  end = *p + len;
+  alg->tag = **p;
 
-	if ((ret = asn1_get_tag(p, end, &alg->len, ASN1_OID)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
+  if ((ret = asn1_get_tag(p, end, &alg->len, ASN1_OID)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
 
-	alg->p = *p;
-	*p += alg->len;
+  alg->p = *p;
+  *p += alg->len;
 
-	if (*p == end)
-		return (0);
+  if (*p == end)
+    return (0);
 
-	/*
-	 * assume the algorithm parameters must be NULL
-	 */
-	if ((ret = asn1_get_tag(p, end, &len, ASN1_NULL)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
+  /*
+   * assume the algorithm parameters must be NULL
+   */
+  if ((ret = asn1_get_tag(p, end, &len, ASN1_NULL)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_ALG | ret);
 
-	if (*p != end)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_ALG |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  if (*p != end)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_ALG |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
 
-	return (0);
+  return (0);
 }
 
 /*
- *	RelativeDistinguishedName ::=
- *	  SET OF AttributeTypeAndValue
+ *  RelativeDistinguishedName ::=
+ *    SET OF AttributeTypeAndValue
  *
- *	AttributeTypeAndValue ::= SEQUENCE {
- *	  type	   AttributeType,
- *	  value	   AttributeValue }
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value     AttributeValue }
  *
- *	AttributeType ::= OBJECT IDENTIFIER
+ *  AttributeType ::= OBJECT IDENTIFIER
  *
- *	AttributeValue ::= ANY DEFINED BY AttributeType
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
  */
 static int x509_get_name(unsigned char **p, const unsigned char *end, x509_name * cur)
 {
-	int ret, len;
-	const unsigned char *end2;
-	x509_buf *oid;
-	x509_buf *val;
+  int ret, len;
+  const unsigned char *end2;
+  x509_buf *oid;
+  x509_buf *val;
 
-	if ((ret = asn1_get_tag(p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SET)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
+  if ((ret = asn1_get_tag(p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SET)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
 
-	end2 = end;
-	end = *p + len;
+  end2 = end;
+  end = *p + len;
 
-	if ((ret = asn1_get_tag(p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
+  if ((ret = asn1_get_tag(p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
 
-	if (*p + len != end)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  if (*p + len != end)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
 
-	oid = &cur->oid;
-	oid->tag = **p;
+  oid = &cur->oid;
+  oid->tag = **p;
 
-	if ((ret = asn1_get_tag(p, end, &oid->len, ASN1_OID)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
+  if ((ret = asn1_get_tag(p, end, &oid->len, ASN1_OID)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
 
-	oid->p = *p;
-	*p += oid->len;
+  oid->p = *p;
+  *p += oid->len;
 
-	if ((end - *p) < 1)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
-			TROPICSSL_ERR_ASN1_OUT_OF_DATA);
+  if ((end - *p) < 1)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
+      TROPICSSL_ERR_ASN1_OUT_OF_DATA);
 
-	if (**p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
-	    **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
-	    **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
-			TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
+  if (**p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
+      **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
+      **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
+      TROPICSSL_ERR_ASN1_UNEXPECTED_TAG);
 
-	val = &cur->val;
-	val->tag = *(*p)++;
+  val = &cur->val;
+  val->tag = *(*p)++;
 
-	if ((ret = asn1_get_len(p, end, &val->len)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
+  if ((ret = asn1_get_len(p, end, &val->len)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME | ret);
 
-	val->p = *p;
-	*p += val->len;
+  val->p = *p;
+  *p += val->len;
 
-	cur->next = NULL;
+  cur->next = NULL;
 
-	if (*p != end)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  if (*p != end)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_NAME |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
 
-	/*
-	 * recurse until end of SEQUENCE is reached
-	 */
-	if (*p == end2)
-		return (0);
+  /*
+   * recurse until end of SEQUENCE is reached
+   */
+  if (*p == end2)
+    return (0);
 
-	cur->next = (x509_name *) malloc(sizeof(x509_name));
+  cur->next = (x509_name *) malloc(sizeof(x509_name));
 
-	if (cur->next == NULL)
-		return (1);
+  if (cur->next == NULL)
+    return (1);
 
-	return (x509_get_name(p, end2, cur->next));
+  return (x509_get_name(p, end2, cur->next));
 }
 
 /*
- *	Validity ::= SEQUENCE {
- *		 notBefore		Time,
- *		 notAfter		Time }
- *
- *	Time ::= CHOICE {
- *		 utcTime		UTCTime,
- *		 generalTime	GeneralizedTime }
+ *  Validity ::= SEQUENCE {
+ *     notBefore    Time,
+ *     notAfter    Time }
+ *
+ *  Time ::= CHOICE {
+ *     utcTime    UTCTime,
+ *     generalTime  GeneralizedTime }
  */
 static int x509_get_dates(unsigned char **p,
-			  const unsigned char *end, x509_time * from, x509_time * to)
+        const unsigned char *end, x509_time * from, x509_time * to)
 {
-	int ret, len;
-	char date[64];
+  int ret, len;
+  char date[64];
 
-	if ((ret = asn1_get_tag(p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
+  if ((ret = asn1_get_tag(p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
 
-	end = *p + len;
+  end = *p + len;
 
-	/*
-	 * TODO: also handle GeneralizedTime
-	 */
-	if ((ret = asn1_get_tag(p, end, &len, ASN1_UTC_TIME)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
+  /*
+   * TODO: also handle GeneralizedTime
+   */
+  if ((ret = asn1_get_tag(p, end, &len, ASN1_UTC_TIME)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
 
-	memset(date, 0, sizeof(date));
-	memcpy(date, *p, (len < (int)sizeof(date) - 1) ?
-	       len : (int)sizeof(date) - 1);
+  memset(date, 0, sizeof(date));
+  memcpy(date, *p, (len < (int)sizeof(date) - 1) ?
+         len : (int)sizeof(date) - 1);
 
-	if (sscanf(date, "%2d%2d%2d%2d%2d%2d",
-		   &from->year, &from->mon, &from->day,
-		   &from->hour, &from->min, &from->sec) < 5)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE);
+  if (sscanf(date, "%2d%2d%2d%2d%2d%2d",
+       &from->year, &from->mon, &from->day,
+       &from->hour, &from->min, &from->sec) < 5)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE);
 
-	from->year += 100 * (from->year < 90);
-	from->year += 1900;
+  from->year += 100 * (from->year < 90);
+  from->year += 1900;
 
-	*p += len;
+  *p += len;
 
-	if ((ret = asn1_get_tag(p, end, &len, ASN1_UTC_TIME)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
+  if ((ret = asn1_get_tag(p, end, &len, ASN1_UTC_TIME)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE | ret);
 
-	memset(date, 0, sizeof(date));
-	memcpy(date, *p, (len < (int)sizeof(date) - 1) ?
-	       len : (int)sizeof(date) - 1);
+  memset(date, 0, sizeof(date));
+  memcpy(date, *p, (len < (int)sizeof(date) - 1) ?
+         len : (int)sizeof(date) - 1);
 
-	if (sscanf(date, "%2d%2d%2d%2d%2d%2d",
-		   &to->year, &to->mon, &to->day,
-		   &to->hour, &to->min, &to->sec) < 5)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE);
+  if (sscanf(date, "%2d%2d%2d%2d%2d%2d",
+       &to->year, &to->mon, &to->day,
+       &to->hour, &to->min, &to->sec) < 5)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE);
 
-	to->year += 100 * (to->year < 90);
-	to->year += 1900;
+  to->year += 100 * (to->year < 90);
+  to->year += 1900;
 
-	*p += len;
+  *p += len;
 
-	if (*p != end)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_DATE |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  if (*p != end)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_DATE |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
 
-	return (0);
+  return (0);
 }
 
 static int x509_get_sig(unsigned char **p, const unsigned char *end, x509_buf * sig)
 {
-	int ret, len;
+  int ret, len;
 
-	sig->tag = **p;
+  sig->tag = **p;
 
-	if ((ret = asn1_get_tag(p, end, &len, ASN1_BIT_STRING)) != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_SIGNATURE | ret);
+  if ((ret = asn1_get_tag(p, end, &len, ASN1_BIT_STRING)) != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_SIGNATURE | ret);
 
-	if (--len < 1 || *(*p)++ != 0)
-		return (TROPICSSL_ERR_X509_CERT_INVALID_SIGNATURE);
+  if (--len < 1 || *(*p)++ != 0)
+    return (TROPICSSL_ERR_X509_CERT_INVALID_SIGNATURE);
 
-	sig->len = len;
-	sig->p = *p;
+  sig->len = len;
+  sig->p = *p;
 
-	*p += len;
+  *p += len;
 
-	return (0);
+  return (0);
 }
 
 /*
  * X.509 v2/v3 unique identifier (not parsed)
  */
 static int x509_get_uid(unsigned char **p,
-			const unsigned char *end, x509_buf * uid, int n)
+      const unsigned char *end, x509_buf * uid, int n)
 {
-	int ret;
+  int ret;
 
-	if (*p == end)
-		return (0);
+  if (*p == end)
+    return (0);
 
-	uid->tag = **p;
+  uid->tag = **p;
 
-	if ((ret = asn1_get_tag(p, end, &uid->len,
-				ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n))
-	    != 0) {
-		if (ret == TROPICSSL_ERR_ASN1_UNEXPECTED_TAG)
-			return (0);
+  if ((ret = asn1_get_tag(p, end, &uid->len,
+        ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n))
+      != 0) {
+    if (ret == TROPICSSL_ERR_ASN1_UNEXPECTED_TAG)
+      return (0);
 
-		return (ret);
-	}
+    return (ret);
+  }
 
-	uid->p = *p;
-	*p += uid->len;
+  uid->p = *p;
+  *p += uid->len;
 
-	return (0);
+  return (0);
 }
 
 /*
@@ -419,191 +419,191 @@ static int x509_get_uid(unsigned char **
  */
 static int _x509parse_crt_1(x509_cert * chain, unsigned char *buf, int buflen)
 {
-	int ret, len;
-	unsigned char *p;
-	const unsigned char *end;
-	x509_cert *crt;
-
-	crt = chain;
-
-	/*
-	 * Copy the raw DER data.
-	 */
-	p = (unsigned char *)malloc(len = buflen);
-
-	if (p == NULL)
-		return (1);
-
-	memcpy(p, buf, buflen);
-
-	buflen = 0;
-
-	crt->raw.p = p;
-	crt->raw.len = len;
-	end = p + len;
-
-	/*
-	 * Certificate  ::=      SEQUENCE  {
-	 *              tbsCertificate           TBSCertificate,
-	 *              signatureAlgorithm       AlgorithmIdentifier,
-	 *              signatureValue           BIT STRING      }
-	 */
-	if ((ret = asn1_get_tag(&p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT);
-	}
-
-	if (len != (int)(end - p)) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
-	}
-
-	/*
-	 * TBSCertificate  ::=  SEQUENCE  {
-	 */
-	crt->tbs.p = p;
-
-	if ((ret = asn1_get_tag(&p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
-	}
-
-	end = p + len;
-	crt->tbs.len = end - crt->tbs.p;
-
-	/*
-	 * Version      ::=      INTEGER  {      v1(0), v2(1), v3(2)  }
-	 *
-	 * CertificateSerialNumber      ::=      INTEGER
-	 *
-	 * signature                    AlgorithmIdentifier
-	 */
-	if ((ret = x509_get_version(&p, end, &crt->version)) != 0 ||
-	    (ret = x509_get_serial(&p, end, &crt->serial)) != 0 ||
-	    (ret = x509_get_alg(&p, end, &crt->sig_oid1)) != 0) {
-		return (ret);
-	}
-
-	crt->version++;
-
-	if (crt->version > 3) {
-		return (TROPICSSL_ERR_X509_CERT_UNKNOWN_VERSION);
-	}
-
-	if (crt->sig_oid1.len != 9 ||
-	    memcmp(crt->sig_oid1.p, OID_PKCS1, 8) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG);
-	}
-
-	if (crt->sig_oid1.p[8] < 2 || crt->sig_oid1.p[8] > 5) {
-		return (TROPICSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG);
-	}
-
-	/*
-	 * issuer                               Name
-	 */
-	crt->issuer_raw.p = p;
-
-	if ((ret = asn1_get_tag(&p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
-	}
-
-	if ((ret = x509_get_name(&p, p + len, &crt->issuer)) != 0) {
-		return (ret);
-	}
-
-	crt->issuer_raw.len = p - crt->issuer_raw.p;
-
-	/*
-	 * Validity ::= SEQUENCE {
-	 *              notBefore          Time,
-	 *              notAfter           Time }
-	 *
-	 */
-	if ((ret = x509_get_dates(&p, end, &crt->valid_from,
-				  &crt->valid_to)) != 0) {
-		return (ret);
-	}
-
-	/*
-	 * subject                              Name
-	 */
-	crt->subject_raw.p = p;
-
-	if ((ret = asn1_get_tag(&p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
-	}
-
-	if ((ret = x509_get_name(&p, p + len, &crt->subject)) != 0) {
-		return (ret);
-	}
-
-	crt->subject_raw.len = p - crt->subject_raw.p;
-
-	/*
-	 * SubjectPublicKeyInfo  ::=  SEQUENCE
-	 *              algorithm                        AlgorithmIdentifier,
-	 *              subjectPublicKey         BIT STRING      }
-	 */
-	if ((ret = asn1_get_tag(&p, end, &len,
-				ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
-	}
+  int ret, len;
+  unsigned char *p;
+  const unsigned char *end;
+  x509_cert *crt;
+
+  crt = chain;
+
+  /*
+   * Copy the raw DER data.
+   */
+  p = (unsigned char *)malloc(len = buflen);
+
+  if (p == NULL)
+    return (1);
+
+  memcpy(p, buf, buflen);
+
+  buflen = 0;
+
+  crt->raw.p = p;
+  crt->raw.len = len;
+  end = p + len;
+
+  /*
+   * Certificate  ::=      SEQUENCE  {
+   *              tbsCertificate           TBSCertificate,
+   *              signatureAlgorithm       AlgorithmIdentifier,
+   *              signatureValue           BIT STRING      }
+   */
+  if ((ret = asn1_get_tag(&p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT);
+  }
+
+  if (len != (int)(end - p)) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  }
+
+  /*
+   * TBSCertificate  ::=  SEQUENCE  {
+   */
+  crt->tbs.p = p;
+
+  if ((ret = asn1_get_tag(&p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
+  }
+
+  end = p + len;
+  crt->tbs.len = end - crt->tbs.p;
+
+  /*
+   * Version      ::=      INTEGER  {      v1(0), v2(1), v3(2)  }
+   *
+   * CertificateSerialNumber      ::=      INTEGER
+   *
+   * signature                    AlgorithmIdentifier
+   */
+  if ((ret = x509_get_version(&p, end, &crt->version)) != 0 ||
+      (ret = x509_get_serial(&p, end, &crt->serial)) != 0 ||
+      (ret = x509_get_alg(&p, end, &crt->sig_oid1)) != 0) {
+    return (ret);
+  }
+
+  crt->version++;
+
+  if (crt->version > 3) {
+    return (TROPICSSL_ERR_X509_CERT_UNKNOWN_VERSION);
+  }
+
+  if (crt->sig_oid1.len != 9 ||
+      memcmp(crt->sig_oid1.p, OID_PKCS1, 8) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG);
+  }
+
+  if (crt->sig_oid1.p[8] < 2 || crt->sig_oid1.p[8] > 5) {
+    return (TROPICSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG);
+  }
+
+  /*
+   * issuer                               Name
+   */
+  crt->issuer_raw.p = p;
+
+  if ((ret = asn1_get_tag(&p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
+  }
+
+  if ((ret = x509_get_name(&p, p + len, &crt->issuer)) != 0) {
+    return (ret);
+  }
+
+  crt->issuer_raw.len = p - crt->issuer_raw.p;
+
+  /*
+   * Validity ::= SEQUENCE {
+   *              notBefore          Time,
+   *              notAfter           Time }
+   *
+   */
+  if ((ret = x509_get_dates(&p, end, &crt->valid_from,
+          &crt->valid_to)) != 0) {
+    return (ret);
+  }
+
+  /*
+   * subject                              Name
+   */
+  crt->subject_raw.p = p;
+
+  if ((ret = asn1_get_tag(&p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
+  }
+
+  if ((ret = x509_get_name(&p, p + len, &crt->subject)) != 0) {
+    return (ret);
+  }
+
+  crt->subject_raw.len = p - crt->subject_raw.p;
+
+  /*
+   * SubjectPublicKeyInfo  ::=  SEQUENCE
+   *              algorithm                        AlgorithmIdentifier,
+   *              subjectPublicKey         BIT STRING      }
+   */
+  if ((ret = asn1_get_tag(&p, end, &len,
+        ASN1_CONSTRUCTED | ASN1_SEQUENCE)) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT | ret);
+  }
 
   /* Skip pubkey. */
   p += len;
 
-	/*
-	 *      issuerUniqueID  [1]      IMPLICIT UniqueIdentifier OPTIONAL,
-	 *                                               -- If present, version shall be v2 or v3
-	 *      subjectUniqueID [2]      IMPLICIT UniqueIdentifier OPTIONAL,
-	 *                                               -- If present, version shall be v2 or v3
-	 *      extensions              [3]      EXPLICIT Extensions OPTIONAL
-	 *                                               -- If present, version shall be v3
-	 */
-	if (crt->version == 2 || crt->version == 3) {
-		ret = x509_get_uid(&p, end, &crt->issuer_id, 1);
-		if (ret != 0) {
-			return (ret);
-		}
-	}
-
-	if (crt->version == 2 || crt->version == 3) {
-		ret = x509_get_uid(&p, end, &crt->subject_id, 2);
-		if (ret != 0) {
-			return (ret);
-		}
-	}
-
-	if (p != end) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
-	}
-
-	end = crt->raw.p + crt->raw.len;
-
-	/*
-	 *      signatureAlgorithm       AlgorithmIdentifier,
-	 *      signatureValue           BIT STRING
-	 */
-	if ((ret = x509_get_alg(&p, end, &crt->sig_oid2)) != 0) {
-		return (ret);
-	}
-
-	if (memcmp(crt->sig_oid1.p, crt->sig_oid2.p, 9) != 0) {
-		return (TROPICSSL_ERR_X509_CERT_SIG_MISMATCH);
-	}
-
-	if ((ret = x509_get_sig(&p, end, &crt->sig)) != 0) {
-		return (ret);
-	}
-
-	if (p != end) {
-		return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
-			TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
-	}
+  /*
+   *      issuerUniqueID  [1]      IMPLICIT UniqueIdentifier OPTIONAL,
+   *                                               -- If present, version shall be v2 or
v3
+   *      subjectUniqueID [2]      IMPLICIT UniqueIdentifier OPTIONAL,
+   *                                               -- If present, version shall be v2 or
v3
+   *      extensions              [3]      EXPLICIT Extensions OPTIONAL
+   *                                               -- If present, version shall be v3
+   */
+  if (crt->version == 2 || crt->version == 3) {
+    ret = x509_get_uid(&p, end, &crt->issuer_id, 1);
+    if (ret != 0) {
+      return (ret);
+    }
+  }
+
+  if (crt->version == 2 || crt->version == 3) {
+    ret = x509_get_uid(&p, end, &crt->subject_id, 2);
+    if (ret != 0) {
+      return (ret);
+    }
+  }
+
+  if (p != end) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  }
+
+  end = crt->raw.p + crt->raw.len;
+
+  /*
+   *      signatureAlgorithm       AlgorithmIdentifier,
+   *      signatureValue           BIT STRING
+   */
+  if ((ret = x509_get_alg(&p, end, &crt->sig_oid2)) != 0) {
+    return (ret);
+  }
+
+  if (memcmp(crt->sig_oid1.p, crt->sig_oid2.p, 9) != 0) {
+    return (TROPICSSL_ERR_X509_CERT_SIG_MISMATCH);
+  }
+
+  if ((ret = x509_get_sig(&p, end, &crt->sig)) != 0) {
+    return (ret);
+  }
+
+  if (p != end) {
+    return (TROPICSSL_ERR_X509_CERT_INVALID_FORMAT |
+      TROPICSSL_ERR_ASN1_LENGTH_MISMATCH);
+  }
 
-	return (0);
+  return (0);
 }



Mime
View raw message