From 96204e40a8886a80af7d7385e848c262d159dc16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Sat, 14 Oct 2006 09:42:43 +0000 Subject: [PATCH] prefix der primitives with der_ git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18453 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hx509/cert.c | 48 ++++++++++++++++---------------- lib/hx509/cms.c | 64 +++++++++++++++++++++---------------------- lib/hx509/collector.c | 4 +-- lib/hx509/crypto.c | 50 ++++++++++++++++----------------- lib/hx509/hxtool.c | 26 +++++++++--------- lib/hx509/ks_p12.c | 26 +++++++++--------- lib/hx509/name.c | 20 +++++++------- lib/hx509/print.c | 6 ++-- lib/hx509/req.c | 2 +- lib/hx509/revoke.c | 11 ++++---- 10 files changed, 129 insertions(+), 128 deletions(-) diff --git a/lib/hx509/cert.c b/lib/hx509/cert.c index d19ca01c9..a883c453b 100644 --- a/lib/hx509/cert.c +++ b/lib/hx509/cert.c @@ -262,8 +262,8 @@ hx509_cert_free(hx509_cert cert) free(cert->data); for (i = 0; i < cert->attrs.len; i++) { - free_octet_string(&cert->attrs.val[i]->data); - free_oid(&cert->attrs.val[i]->oid); + der_free_octet_string(&cert->attrs.val[i]->data); + der_free_oid(&cert->attrs.val[i]->oid); free(cert->attrs.val[i]); } free(cert->attrs.val); @@ -355,7 +355,7 @@ find_extension(const Certificate *cert, const heim_oid *oid, int *idx) return NULL; for (;*idx < c->extensions->len; (*idx)++) { - if (heim_oid_cmp(&c->extensions->val[*idx].extnID, oid) == 0) + if (der_heim_oid_cmp(&c->extensions->val[*idx].extnID, oid) == 0) return &c->extensions->val[(*idx)++]; } return NULL; @@ -464,7 +464,7 @@ add_to_list(hx509_octet_string_list *list, const heim_octet_string *entry) if (p == NULL) return ENOMEM; list->val = p; - ret = copy_octet_string(entry, &list->val[list->len]); + ret = der_copy_octet_string(entry, &list->val[list->len]); if (ret) return ret; list->len++; @@ -476,7 +476,7 @@ hx509_free_octet_string_list(hx509_octet_string_list *list) { int i; for (i = 0; i < list->len; i++) - free_octet_string(&list->val[i]); + der_free_octet_string(&list->val[i]); free(list->val); list->val = NULL; list->len = 0; @@ -506,7 +506,7 @@ hx509_cert_find_subjectAltName_otherName(hx509_cert cert, for (j = 0; j < sa.len; j++) { if (sa.val[j].element == choice_GeneralName_otherName && - heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) + der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) { ret = add_to_list(list, &sa.val[j].u.otherName.value); if (ret) { @@ -667,7 +667,7 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, if (ai.keyIdentifier == NULL) /* XXX */ diff = -1; else - diff = heim_octet_string_cmp(ai.keyIdentifier, &si); + diff = der_heim_octet_string_cmp(ai.keyIdentifier, &si); if (diff) goto out; @@ -938,7 +938,7 @@ AlgorithmIdentifier_cmp(const AlgorithmIdentifier *p, const AlgorithmIdentifier *q) { int diff; - diff = heim_oid_cmp(&p->algorithm, &q->algorithm); + diff = der_heim_oid_cmp(&p->algorithm, &q->algorithm); if (diff) return diff; if (p->parameters) { @@ -959,15 +959,15 @@ int _hx509_Certificate_cmp(const Certificate *p, const Certificate *q) { int diff; - diff = heim_bit_string_cmp(&p->signatureValue, &q->signatureValue); + diff = der_heim_bit_string_cmp(&p->signatureValue, &q->signatureValue); if (diff) return diff; diff = AlgorithmIdentifier_cmp(&p->signatureAlgorithm, &q->signatureAlgorithm); if (diff) return diff; - diff = heim_octet_string_cmp(&p->tbsCertificate._save, - &q->tbsCertificate._save); + diff = der_heim_octet_string_cmp(&p->tbsCertificate._save, + &q->tbsCertificate._save); return diff; } @@ -1002,7 +1002,7 @@ hx509_cert_get_base_subject(hx509_context context, hx509_cert c, hx509_name *nam int hx509_cert_get_serialnumber(hx509_cert p, heim_integer *i) { - return copy_heim_integer(&p->data->tbsCertificate.serialNumber, i); + return der_copy_heim_integer(&p->data->tbsCertificate.serialNumber, i); } hx509_private_key @@ -1114,7 +1114,7 @@ match_RDN(const RelativeDistinguishedName *c, return HX509_NAME_CONSTRAINT_ERROR; for (i = 0; i < n->len; i++) { - if (heim_oid_cmp(&c->val[i].type, &n->val[i].type) != 0) + if (der_heim_oid_cmp(&c->val[i].type, &n->val[i].type) != 0) return HX509_NAME_CONSTRAINT_ERROR; if (_hx509_name_ds_cmp(&c->val[i].value, &n->val[i].value) != 0) return HX509_NAME_CONSTRAINT_ERROR; @@ -1152,7 +1152,7 @@ match_general_name(const GeneralName *c, const GeneralName *n, int *match) switch(c->element) { case choice_GeneralName_otherName: - if (heim_oid_cmp(&c->u.otherName.type_id, + if (der_heim_oid_cmp(&c->u.otherName.type_id, &n->u.otherName.type_id) != 0) return HX509_NAME_CONSTRAINT_ERROR; if (heim_any_cmp(&c->u.otherName.value, @@ -1469,8 +1469,8 @@ hx509_verify_path(hx509_context context, j = name.u.rdnSequence.len; if (name.u.rdnSequence.len < 2 || name.u.rdnSequence.val[j - 1].len > 1 - || heim_oid_cmp(&name.u.rdnSequence.val[j - 1].val[0].type, - oid_id_at_commonName())) + || der_heim_oid_cmp(&name.u.rdnSequence.val[j - 1].val[0].type, + oid_id_at_commonName())) { free_ProxyCertInfo(&info); hx509_clear_error_string(context); @@ -1724,8 +1724,8 @@ _hx509_set_cert_attribute(hx509_context context, if (a == NULL) return ENOMEM; - copy_octet_string(attr, &a->data); - copy_oid(oid, &a->oid); + der_copy_octet_string(attr, &a->data); + der_copy_oid(oid, &a->oid); cert->attrs.val[cert->attrs.len] = a; cert->attrs.len++; @@ -1738,7 +1738,7 @@ hx509_cert_get_attribute(hx509_cert cert, const heim_oid *oid) { int i; for (i = 0; i < cert->attrs.len; i++) - if (heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0) + if (der_heim_oid_cmp(oid, &cert->attrs.val[i]->oid) == 0) return cert->attrs.val[i]; return NULL; } @@ -1870,7 +1870,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert return 0; if ((q->match & HX509_QUERY_MATCH_SERIALNUMBER) - && heim_integer_cmp(&c->tbsCertificate.serialNumber, q->serial) != 0) + && der_heim_integer_cmp(&c->tbsCertificate.serialNumber, q->serial) != 0) return 0; if ((q->match & HX509_QUERY_MATCH_ISSUER_NAME) @@ -1887,7 +1887,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert ret = find_extension_subject_key_id(c, &si); if (ret == 0) { - if (heim_octet_string_cmp(&si, q->subject_id) != 0) + if (der_heim_octet_string_cmp(&si, q->subject_id) != 0) ret = 1; free_SubjectKeyIdentifier(&si); } @@ -1928,7 +1928,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert a = hx509_cert_get_attribute(cert, oid_id_pkcs_9_at_localKeyId()); if (a == NULL) return 0; - if (heim_octet_string_cmp(&a->data, q->local_key_id) != 0) + if (der_heim_octet_string_cmp(&a->data, q->local_key_id) != 0) return 0; } @@ -1989,13 +1989,13 @@ hx509_cert_check_eku(hx509_context context, hx509_cert cert, } for (i = 0; i < e.len; i++) { - if (heim_oid_cmp(eku, &e.val[i]) == 0) { + if (der_heim_oid_cmp(eku, &e.val[i]) == 0) { free_ExtKeyUsage(&e); return 0; } if (allow_any_eku) { #if 0 - if (heim_oid_cmp(id_any_eku, &e.val[i]) == 0) { + if (der_heim_oid_cmp(id_any_eku, &e.val[i]) == 0) { free_ExtKeyUsage(&e); return 0; } diff --git a/lib/hx509/cms.c b/lib/hx509/cms.c index 79ce8c623..62f92c188 100644 --- a/lib/hx509/cms.c +++ b/lib/hx509/cms.c @@ -49,7 +49,7 @@ hx509_cms_wrap_ContentInfo(const heim_oid *oid, memset(res, 0, sizeof(*res)); memset(&ci, 0, sizeof(ci)); - ret = copy_oid(oid, &ci.contentType); + ret = der_copy_oid(oid, &ci.contentType); if (ret) return ret; ALLOC(ci.content, 1); @@ -92,15 +92,15 @@ hx509_cms_unwrap_ContentInfo(const heim_octet_string *in, if (ret) return ret; - ret = copy_oid(&ci.contentType, oid); + ret = der_copy_oid(&ci.contentType, oid); if (ret) { free_ContentInfo(&ci); return ret; } if (ci.content) { - ret = copy_octet_string(ci.content, out); + ret = der_copy_octet_string(ci.content, out); if (ret) { - free_oid(oid); + der_free_oid(oid); free_ContentInfo(&ci); return ret; } @@ -343,7 +343,7 @@ hx509_cms_unenvelope(hx509_context context, goto out; } - ret = copy_oid(&ed.encryptedContentInfo.contentType, contentType); + ret = der_copy_oid(&ed.encryptedContentInfo.contentType, contentType); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to copy EnvelopedData content oid"); @@ -393,12 +393,12 @@ hx509_cms_unenvelope(hx509_context context, out: - free_octet_string(&key); + der_free_octet_string(&key); if (ivec.length) - free_octet_string(&ivec); + der_free_octet_string(&ivec); if (ret) { - free_oid(contentType); - free_octet_string(content); + der_free_oid(contentType); + der_free_octet_string(content); } return ret; @@ -460,7 +460,7 @@ hx509_cms_envelope_1(hx509_context context, { AlgorithmIdentifier *enc_alg; enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm; - ret = copy_oid(encryption_type, &enc_alg->algorithm); + ret = der_copy_oid(encryption_type, &enc_alg->algorithm); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to set crypto oid " @@ -525,7 +525,7 @@ hx509_cms_envelope_1(hx509_context context, ed.version = 0; ed.originatorInfo = NULL; - ret = copy_oid(contentType, &ed.encryptedContentInfo.contentType); + ret = der_copy_oid(contentType, &ed.encryptedContentInfo.contentType); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to copy content oid for " @@ -547,10 +547,10 @@ hx509_cms_envelope_1(hx509_context context, out: if (ret) { - free_octet_string(content); + der_free_octet_string(content); } - free_octet_string(&key); - free_octet_string(&ivec); + der_free_octet_string(&key); + der_free_octet_string(&ivec); free_EnvelopedData(&ed); return ret; @@ -598,7 +598,7 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid) { int i; for (i = 0; i < attr->len; i++) - if (heim_oid_cmp(&attr->val[i].type, oid) == 0) + if (der_heim_oid_cmp(&attr->val[i].type, oid) == 0) return &attr->val[i]; return NULL; } @@ -730,7 +730,7 @@ hx509_cms_verify_signed(hx509_context context, &signer_info->digestAlgorithm, sd.encapContentInfo.eContent, &os); - free_octet_string(&os); + der_free_octet_string(&os); if (ret) { hx509_set_error_string(context, 0, ret, "Failed to verify messageDigest"); @@ -767,7 +767,7 @@ hx509_cms_verify_signed(hx509_context context, ALLOC(signed_data, 1); if (signed_data == NULL) { if (match_oid == &decode_oid) - free_oid(&decode_oid); + der_free_oid(&decode_oid); ret = ENOMEM; hx509_clear_error_string(context); continue; @@ -780,7 +780,7 @@ hx509_cms_verify_signed(hx509_context context, &size, ret); if (ret) { if (match_oid == &decode_oid) - free_oid(&decode_oid); + der_free_oid(&decode_oid); free(signed_data); hx509_clear_error_string(context); continue; @@ -795,13 +795,13 @@ hx509_cms_verify_signed(hx509_context context, if (ret) return ret; - if (heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) { + if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) { ret = HX509_CMS_DATA_OID_MISMATCH; hx509_set_error_string(context, 0, ret, "Oid in message mismatch from the expected"); } if (match_oid == &decode_oid) - free_oid(&decode_oid); + der_free_oid(&decode_oid); if (ret == 0) ret = hx509_verify_signature(context, @@ -811,7 +811,7 @@ hx509_cms_verify_signed(hx509_context context, &signer_info->signature); if (signed_data != sd.encapContentInfo.eContent) { - free_octet_string(signed_data); + der_free_octet_string(signed_data); free(signed_data); } if (ret) { @@ -836,7 +836,7 @@ hx509_cms_verify_signed(hx509_context context, return ret; } - ret = copy_oid(&sd.encapContentInfo.eContentType, contentType); + ret = der_copy_oid(&sd.encapContentInfo.eContentType, contentType); if (ret) { hx509_clear_error_string(context); goto out; @@ -858,8 +858,8 @@ out: if (ret) { if (*signer_certs) hx509_certs_free(signer_certs); - free_oid(contentType); - free_octet_string(content); + der_free_oid(contentType); + der_free_octet_string(content); } return ret; @@ -885,7 +885,7 @@ _hx509_set_digest_alg(DigestAlgorithmIdentifier *id, id->parameters->length = length; } else id->parameters = NULL; - ret = copy_oid(oid, &id->algorithm); + ret = der_copy_oid(oid, &id->algorithm); if (ret) { if (id->parameters) { free(id->parameters->data); @@ -911,13 +911,13 @@ add_one_attribute(Attribute **attr, return ENOMEM; (*attr) = d; - ret = copy_oid(oid, &(*attr)[*len].type); + ret = der_copy_oid(oid, &(*attr)[*len].type); if (ret) return ret; ALLOC_SEQ(&(*attr)[*len].value, 1); if ((*attr)[*len].value.val == NULL) { - free_oid(&(*attr)[*len].type); + der_free_oid(&(*attr)[*len].type); return ENOMEM; } @@ -963,7 +963,7 @@ hx509_cms_create_signed_1(hx509_context context, sd.version = CMSVersion_v3; - copy_oid(eContentType, &sd.encapContentInfo.eContentType); + der_copy_oid(eContentType, &sd.encapContentInfo.eContentType); ALLOC(sd.encapContentInfo.eContent, 1); if (sd.encapContentInfo.eContent == NULL) { hx509_clear_error_string(context); @@ -1033,7 +1033,7 @@ hx509_cms_create_signed_1(hx509_context context, &digest, &size, ret); - free_octet_string(&digest); + der_free_octet_string(&digest); if (ret) { hx509_clear_error_string(context); goto out; @@ -1052,7 +1052,7 @@ hx509_cms_create_signed_1(hx509_context context, } - if (heim_oid_cmp(eContentType, oid_id_pkcs7_data()) != 0) { + if (der_heim_oid_cmp(eContentType, oid_id_pkcs7_data()) != 0) { ASN1_MALLOC_ENCODE(ContentType, buf.data, @@ -1103,7 +1103,7 @@ hx509_cms_create_signed_1(hx509_context context, &signer_info->signatureAlgorithm, &signer_info->signature); - free_octet_string(&os); + der_free_octet_string(&os); if (ret) { hx509_clear_error_string(context); goto out; @@ -1217,7 +1217,7 @@ hx509_cms_decrypt_encrypted(hx509_context context, goto out; } - ret = copy_oid(&ed.encryptedContentInfo.contentType, contentType); + ret = der_copy_oid(&ed.encryptedContentInfo.contentType, contentType); if (ret) { hx509_clear_error_string(context); goto out; diff --git a/lib/hx509/collector.c b/lib/hx509/collector.c index 62ea4bcd4..5a6c8c2c3 100644 --- a/lib/hx509/collector.c +++ b/lib/hx509/collector.c @@ -102,7 +102,7 @@ free_private_key(struct private_key *key) free_AlgorithmIdentifier(&key->alg); if (key->private_key) _hx509_free_private_key(&key->private_key); - free_octet_string(&key->localKeyId); + der_free_octet_string(&key->localKeyId); free(key); } @@ -141,7 +141,7 @@ _hx509_collector_private_key_add(struct hx509_collector *c, goto out; } if (localKeyId) { - ret = copy_octet_string(localKeyId, &key->localKeyId); + ret = der_copy_octet_string(localKeyId, &key->localKeyId); if (ret) goto out; } else diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c index 5505eec7e..4cf0184f6 100644 --- a/lib/hx509/crypto.c +++ b/lib/hx509/crypto.c @@ -189,7 +189,7 @@ rsa_verify_signature(const struct signature_alg *sig_alg, } if (sig_alg->digest_oid && - heim_oid_cmp(&di.digestAlgorithm.algorithm, + der_heim_oid_cmp(&di.digestAlgorithm.algorithm, (*sig_alg->digest_oid)()) != 0) { ret = HX509_CRYPTO_OID_MISMATCH; @@ -236,15 +236,15 @@ rsa_create_signature(hx509_context context, else sig_oid = signer->signature_alg; - if (heim_oid_cmp(sig_oid, oid_id_pkcs1_sha256WithRSAEncryption()) == 0) { + if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha256WithRSAEncryption()) == 0) { digest_alg = hx509_signature_sha256(); - } else if (heim_oid_cmp(sig_oid, oid_id_pkcs1_sha1WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_sha1WithRSAEncryption()) == 0) { digest_alg = hx509_signature_sha1(); - } else if (heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { digest_alg = hx509_signature_md5(); - } else if (heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, oid_id_pkcs1_md5WithRSAEncryption()) == 0) { digest_alg = hx509_signature_md5(); - } else if (heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { + } else if (der_heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { digest_alg = hx509_signature_sha1(); } else return HX509_ALG_NOT_SUPP; @@ -285,7 +285,7 @@ rsa_create_signature(hx509_context context, sig->data, signer->private_key.rsa, RSA_PKCS1_PADDING); - free_octet_string(&indata); + der_free_octet_string(&indata); if (ret <= 0) return HX509_CMS_FAILED_CREATE_SIGATURE; if (ret < sig->length) @@ -317,7 +317,7 @@ create_signature(const struct signature_alg *sig_alg, else sig_oid = signer->signature_alg; - if (heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { + if (der_heim_oid_cmp(sig_oid, oid_id_dsa_with_sha1()) == 0) { mdtype = EVP_sha1(); digest_oid = oid_id_secsig_sha_1(); } else @@ -791,7 +791,7 @@ find_sig_alg(const heim_oid *oid) { int i; for (i = 0; sig_algs[i]; i++) - if (heim_oid_cmp((*sig_algs[i]->sig_oid)(), oid) == 0) + if (der_heim_oid_cmp((*sig_algs[i]->sig_oid)(), oid) == 0) return sig_algs[i]; return NULL; } @@ -803,7 +803,7 @@ find_key_alg(const heim_oid *oid) for (i = 0; sig_algs[i]; i++) { if (sig_algs[i]->key_oid == NULL) continue; - if (heim_oid_cmp((*sig_algs[i]->key_oid)(), oid) == 0) + if (der_heim_oid_cmp((*sig_algs[i]->key_oid)(), oid) == 0) return sig_algs[i]; } return NULL; @@ -829,7 +829,7 @@ _hx509_verify_signature(const Certificate *signer, const SubjectPublicKeyInfo *spi; spi = &signer->tbsCertificate.subjectPublicKeyInfo; - if (heim_oid_cmp(&spi->algorithm.algorithm, (*md->key_oid)()) != 0) + if (der_heim_oid_cmp(&spi->algorithm.algorithm, (*md->key_oid)()) != 0) return HX509_SIG_ALG_DONT_MATCH_KEY_ALG; } return (*md->verify_signature)(md, signer, alg, data, sig); @@ -947,9 +947,9 @@ _hx509_public_encrypt(const heim_octet_string *cleartext, ciphertext->length = ret; ciphertext->data = to; - ret = copy_oid(oid_id_pkcs1_rsaEncryption(), encryption_oid); + ret = der_copy_oid(oid_id_pkcs1_rsaEncryption(), encryption_oid); if (ret) { - free_octet_string(ciphertext); + der_free_octet_string(ciphertext); return ENOMEM; } @@ -980,7 +980,7 @@ _hx509_private_key_private_decrypt(const heim_octet_string *ciphertext, p->private_key.rsa, RSA_PKCS1_PADDING); if (ret <= 0) { - free_octet_string(cleartext); + der_free_octet_string(cleartext); return ENOMEM; } if (cleartext->length < ret) @@ -1326,7 +1326,7 @@ CMSRC2CBCParam_set(hx509_context context, const heim_octet_string *param, return HX509_CRYPTO_SIG_INVALID_FORMAT; } if (ivec) - ret = copy_octet_string(&rc2param.iv, ivec); + ret = der_copy_octet_string(&rc2param.iv, ivec); free_CMSRC2CBCParameter(&rc2param); if (ret) hx509_clear_error_string(context); @@ -1405,7 +1405,7 @@ find_cipher_by_oid(const heim_oid *oid) int i; for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++) - if (heim_oid_cmp(oid, (*ciphers[i].oid_func)()) == 0) + if (der_heim_oid_cmp(oid, (*ciphers[i].oid_func)()) == 0) return &ciphers[i]; return NULL; @@ -1461,7 +1461,7 @@ hx509_crypto_init(hx509_context context, (*crypto)->cipher = cipher; (*crypto)->c = (*cipher->evp_func)(); - if (copy_oid(enctype, &(*crypto)->oid)) { + if (der_copy_oid(enctype, &(*crypto)->oid)) { hx509_crypto_destroy(*crypto); *crypto = NULL; hx509_clear_error_string(context); @@ -1535,7 +1535,7 @@ hx509_crypto_set_random_key(hx509_crypto crypto, heim_octet_string *key) return HX509_CRYPTO_INTERNAL_ERROR; } if (key) - return copy_octet_string(&crypto->key, key); + return der_copy_octet_string(&crypto->key, key); else return 0; } @@ -1806,29 +1806,29 @@ find_string2key(const heim_oid *oid, const EVP_MD **md, PBE_string2key_func *s2k) { - if (heim_oid_cmp(oid, oid_id_pbewithSHAAnd40BitRC2_CBC()) == 0) { + if (der_heim_oid_cmp(oid, oid_id_pbewithSHAAnd40BitRC2_CBC()) == 0) { *c = EVP_rc2_40_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; return oid_private_rc2_40(); - } else if (heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC2_CBC()) == 0) { + } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC2_CBC()) == 0) { *c = EVP_rc2_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; return oid_id_pkcs3_rc2_cbc(); #if 0 - } else if (heim_oid_cmp(oid, oid_id_pbeWithSHAAnd40BitRC4()) == 0) { + } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd40BitRC4()) == 0) { *c = EVP_rc4_40(); *md = EVP_sha1(); *s2k = PBE_string2key; return NULL; - } else if (heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC4()) == 0) { + } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd128BitRC4()) == 0) { *c = EVP_rc4(); *md = EVP_sha1(); *s2k = PBE_string2key; return oid_id_pkcs3_rc4(); #endif - } else if (heim_oid_cmp(oid, oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC()) == 0) { + } else if (der_heim_oid_cmp(oid, oid_id_pbeWithSHAAnd3_KeyTripleDES_CBC()) == 0) { *c = EVP_des_ede3_cbc(); *md = EVP_sha1(); *s2k = PBE_string2key; @@ -1912,9 +1912,9 @@ _hx509_pbe_decrypt(hx509_context context, } out: if (key.data) - free_octet_string(&key); + der_free_octet_string(&key); if (iv.data) - free_octet_string(&iv); + der_free_octet_string(&iv); return ret; } diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index 65d5cce92..99e227f9e 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -125,9 +125,9 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - if (heim_oid_cmp(&oid, oid_id_pkcs7_signedData()) != 0) + if (der_heim_oid_cmp(&oid, oid_id_pkcs7_signedData()) != 0) errx(1, "Content is not SignedData"); - free_oid(&oid); + der_free_oid(&oid); co = uwco; } @@ -137,7 +137,7 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) ret = hx509_cms_verify_signed(context, ctx, co.data, co.length, store, &type, &c, &signers); if (co.data != p) - free_octet_string(&co); + der_free_octet_string(&co); if (ret) hx509_err(context, 1, ret, "hx509_cms_verify_signed"); @@ -155,7 +155,7 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_write_file: %d", ret); - free_octet_string(&c); + der_free_octet_string(&c); _hx509_unmap_file(p, sz); return 0; @@ -238,7 +238,7 @@ cms_create_sd(struct cms_create_sd_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); - free_octet_string(&o); + der_free_octet_string(&o); o = wo; } @@ -278,9 +278,9 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_unwrap_ContentInfo: %d", ret); - if (heim_oid_cmp(&oid, oid_id_pkcs7_envelopedData()) != 0) + if (der_heim_oid_cmp(&oid, oid_id_pkcs7_envelopedData()) != 0) errx(1, "Content is not SignedData"); - free_oid(&oid); + der_free_oid(&oid); co = uwco; } @@ -294,7 +294,7 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) ret = hx509_cms_unenvelope(context, certs, 0, co.data, co.length, NULL, &contentType, &o); if (co.data != p) - free_octet_string(&co); + der_free_octet_string(&co); if (ret) hx509_err(context, 1, ret, "hx509_cms_unenvelope"); @@ -305,7 +305,7 @@ cms_unenvelope(struct cms_unenvelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_write_file: %d", ret); - free_octet_string(&o); + der_free_octet_string(&o); return 0; } @@ -366,7 +366,7 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_cms_wrap_ContentInfo: %d", ret); - free_octet_string(&o); + der_free_octet_string(&o); o = wo; } @@ -376,7 +376,7 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv) if (ret) errx(1, "hx509_write_file: %d", ret); - free_octet_string(&o); + der_free_octet_string(&o); return 0; } @@ -753,7 +753,7 @@ ocsp_fetch(struct ocsp_fetch_options *opt, int argc, char **argv) } if (nonce) - free_octet_string(nonce); + der_free_octet_string(nonce); return 0; } @@ -846,7 +846,7 @@ request_create(struct request_create_options *opt, int argc, char **argv) if (ret == 0) rk_dumpdata(outfile, request.data, request.length); - free_octet_string(&request); + der_free_octet_string(&request); return 0; } diff --git a/lib/hx509/ks_p12.c b/lib/hx509/ks_p12.c index 82bb711ca..9a099e4b5 100644 --- a/lib/hx509/ks_p12.c +++ b/lib/hx509/ks_p12.c @@ -60,7 +60,7 @@ find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid) if (attrs == NULL) return NULL; for (i = 0; i < attrs->len; i++) - if (heim_oid_cmp(oid, &attrs->val[i].attrId) == 0) + if (der_heim_oid_cmp(oid, &attrs->val[i].attrId) == 0) return &attrs->val[i]; return NULL; } @@ -98,7 +98,7 @@ ShroudedKeyBag_parser(hx509_context context, ret = decode_PKCS8PrivateKeyInfo(content.data, content.length, &ki, NULL); - free_octet_string(&content); + der_free_octet_string(&content); if (ret) return ret; @@ -138,7 +138,7 @@ certBag_parser(hx509_context context, return ret; ret = decode_Certificate(os.data, os.length, &t, NULL); - free_octet_string(&os); + der_free_octet_string(&os); if (ret) return ret; @@ -209,7 +209,7 @@ safeContent_parser(hx509_context context, if (ret) return ret; ret = parse_safe_content(context, c, os.data, os.length); - free_octet_string(&os); + der_free_octet_string(&os); return ret; }; @@ -233,11 +233,11 @@ encryptedData_parser(hx509_context context, if (ret) return ret; - if (heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) + if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) ret = parse_safe_content(context, c, content.data, content.length); - free_octet_string(&content); - free_oid(&contentType); + der_free_octet_string(&content); + der_free_oid(&contentType); return ret; } @@ -269,11 +269,11 @@ envelopedData_parser(hx509_context context, return ret; } - if (heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) + if (der_heim_oid_cmp(&contentType, oid_id_pkcs7_data()) == 0) ret = parse_safe_content(context, c, content.data, content.length); - free_octet_string(&content); - free_oid(&contentType); + der_free_octet_string(&content); + der_free_oid(&contentType); return ret; } @@ -297,7 +297,7 @@ parse_pkcs12_type(hx509_context context, int i; for (i = 0; i < sizeof(bagtypes)/sizeof(bagtypes[0]); i++) - if (heim_oid_cmp((*bagtypes[i].oid)(), oid) == 0) + if (der_heim_oid_cmp((*bagtypes[i].oid)(), oid) == 0) (*bagtypes[i].func)(context, c, data, length, attrs); } @@ -338,7 +338,7 @@ p12_init(hx509_context context, if (ret) goto out; - if (heim_oid_cmp(&pfx.authSafe.contentType, oid_id_pkcs7_data()) != 0) { + if (der_heim_oid_cmp(&pfx.authSafe.contentType, oid_id_pkcs7_data()) != 0) { free_PKCS12_PFX(&pfx); ret = EINVAL; goto out; @@ -364,7 +364,7 @@ p12_init(hx509_context context, asdata.length, &as, NULL); - free_octet_string(&asdata); + der_free_octet_string(&asdata); if (ret) goto out; } diff --git a/lib/hx509/name.c b/lib/hx509/name.c index fc9e21364..2cf9551c2 100644 --- a/lib/hx509/name.c +++ b/lib/hx509/name.c @@ -119,7 +119,7 @@ oidtostring(const heim_oid *type) size_t i, total_len = 0; for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { - if (heim_oid_cmp((*no[i].o)(), type) == 0) + if (der_heim_oid_cmp((*no[i].o)(), type) == 0) return strdup(no[i].n); } @@ -240,7 +240,7 @@ _hx509_name_ds_cmp(const DirectoryString *ds1, const DirectoryString *ds2) c = strcmp(ds1->u.ia5String, ds2->u.ia5String); break; case choice_DirectoryString_teletexString: - c = heim_octet_string_cmp(&ds1->u.teletexString, + c = der_heim_octet_string_cmp(&ds1->u.teletexString, &ds2->u.teletexString); break; case choice_DirectoryString_printableString: @@ -250,12 +250,12 @@ _hx509_name_ds_cmp(const DirectoryString *ds1, const DirectoryString *ds2) c = strcmp(ds1->u.utf8String, ds2->u.utf8String); break; case choice_DirectoryString_universalString: - c = heim_universal_string_cmp(&ds1->u.universalString, - &ds2->u.universalString); + c = der_heim_universal_string_cmp(&ds1->u.universalString, + &ds2->u.universalString); break; case choice_DirectoryString_bmpString: - c = heim_bmp_string_cmp(&ds1->u.bmpString, - &ds2->u.bmpString); + c = der_heim_bmp_string_cmp(&ds1->u.bmpString, + &ds2->u.bmpString); break; default: c = 1; @@ -279,8 +279,8 @@ _hx509_name_cmp(const Name *n1, const Name *n2) return c; for (j = 0; j < n1->u.rdnSequence.val[i].len; j++) { - c = heim_oid_cmp(&n1->u.rdnSequence.val[i].val[j].type, - &n1->u.rdnSequence.val[i].val[j].type); + c = der_heim_oid_cmp(&n1->u.rdnSequence.val[i].val[j].type, + &n1->u.rdnSequence.val[i].val[j].type); if (c) return c; @@ -398,8 +398,8 @@ hx509_parse_name(const char *str, hx509_name *name) rdn->len = 1; - if (copy_oid(oid, &rdn->val[0].type) != 0) { - /* _hx509_abort("copy_oid"); */ + if (der_copy_oid(oid, &rdn->val[0].type) != 0) { + /* _hx509_abort("der_copy_oid"); */ goto out; } diff --git a/lib/hx509/print.c b/lib/hx509/print.c index e864cd6bb..831a9d1ad 100644 --- a/lib/hx509/print.c +++ b/lib/hx509/print.c @@ -82,7 +82,7 @@ hx509_print_func(hx509_vprint_func func, void *ctx, const char *fmt, ...) int hx509_oid_sprint(const heim_oid *oid, char **str) { - return der_print_heim_oid(oid, str); + return der_print_heim_oid(oid, '.', str); } void @@ -405,8 +405,8 @@ hx509_validate_cert(hx509_context context, for (i = 0; i < t->extensions->len; i++) { for (j = 0; check_extension[j].name; j++) - if (heim_oid_cmp((*check_extension[j].oid)(), - &t->extensions->val[i].extnID) == 0) + if (der_heim_oid_cmp((*check_extension[j].oid)(), + &t->extensions->val[i].extnID) == 0) break; if (check_extension[j].name == NULL) { int flags = HX509_VALIDATE_F_VERBOSE; diff --git a/lib/hx509/req.c b/lib/hx509/req.c index 6a3c32674..84b03c2d5 100644 --- a/lib/hx509/req.c +++ b/lib/hx509/req.c @@ -100,7 +100,7 @@ _hx509_request_add_eku(hx509_context context, return ENOMEM; req->eku.val = val; - ret = copy_oid(oid, &req->eku.val[req->eku.len]); + ret = der_copy_oid(oid, &req->eku.val[req->eku.len]); if (ret) return ret; diff --git a/lib/hx509/revoke.c b/lib/hx509/revoke.c index a82880da0..47041c303 100644 --- a/lib/hx509/revoke.c +++ b/lib/hx509/revoke.c @@ -225,7 +225,8 @@ parse_ocsp_basic(const void *data, size_t length, OCSPBasicOCSPResponse *basic) return EINVAL; } - ret = heim_oid_cmp(&resp.responseBytes->responseType, oid_id_pkix_ocsp_basic()); + ret = der_heim_oid_cmp(&resp.responseBytes->responseType, + oid_id_pkix_ocsp_basic()); if (ret != 0) { free_OCSPResponse(&resp); return EINVAL; @@ -535,7 +536,7 @@ hx509_revoke_verify(hx509_context context, for (i = 0; i < ocsp->ocsp.tbsResponseData.responses.len; i++) { heim_octet_string os; - ret = heim_integer_cmp(&ocsp->ocsp.tbsResponseData.responses.val[i].certID.serialNumber, + ret = der_heim_integer_cmp(&ocsp->ocsp.tbsResponseData.responses.val[i].certID.serialNumber, &c->tbsCertificate.serialNumber); if (ret != 0) continue; @@ -624,7 +625,7 @@ hx509_revoke_verify(hx509_context context, for (j = 0; j < crl->crl.tbsCertList.revokedCertificates->len; j++) { time_t t; - ret = heim_integer_cmp(&crl->crl.tbsCertList.revokedCertificates->val[j].userCertificate, + ret = der_heim_integer_cmp(&crl->crl.tbsCertList.revokedCertificates->val[j].userCertificate, &c->tbsCertificate.serialNumber); if (ret != 0) continue; @@ -787,7 +788,7 @@ hx509_ocsp_request(hx509_context context, es->len = 1; es->val = calloc(es->len, sizeof(es->val[0])); - ret = copy_oid(oid_id_pkix_ocsp_nonce(), &es->val[0].extnID); + ret = der_copy_oid(oid_id_pkix_ocsp_nonce(), &es->val[0].extnID); if (ret) abort(); @@ -935,7 +936,7 @@ hx509_ocsp_verify(hx509_context context, for (i = 0; i < basic.tbsResponseData.responses.len; i++) { - ret = heim_integer_cmp(&basic.tbsResponseData.responses.val[i].certID.serialNumber, + ret = der_heim_integer_cmp(&basic.tbsResponseData.responses.val[i].certID.serialNumber, &c->tbsCertificate.serialNumber); if (ret != 0) continue;