aboutsummaryrefslogtreecommitdiff
path: root/crypto/heimdal/lib/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/lib/asn1')
-rw-r--r--crypto/heimdal/lib/asn1/ChangeLog1665
-rw-r--r--crypto/heimdal/lib/asn1/Makefile.am254
-rw-r--r--crypto/heimdal/lib/asn1/Makefile.in1473
-rw-r--r--crypto/heimdal/lib/asn1/asn1-common.h79
-rw-r--r--crypto/heimdal/lib/asn1/asn1-template.h141
-rw-r--r--crypto/heimdal/lib/asn1/asn1_err.et29
-rw-r--r--crypto/heimdal/lib/asn1/asn1_gen.c186
-rw-r--r--crypto/heimdal/lib/asn1/asn1_print.c352
-rw-r--r--crypto/heimdal/lib/asn1/asn1_queue.h167
-rw-r--r--crypto/heimdal/lib/asn1/asn1parse.c2861
-rw-r--r--crypto/heimdal/lib/asn1/asn1parse.h249
-rw-r--r--crypto/heimdal/lib/asn1/asn1parse.y1037
-rw-r--r--crypto/heimdal/lib/asn1/canthandle.asn134
-rw-r--r--crypto/heimdal/lib/asn1/check-common.c422
-rw-r--r--crypto/heimdal/lib/asn1/check-common.h74
-rw-r--r--crypto/heimdal/lib/asn1/check-der.c1115
-rw-r--r--crypto/heimdal/lib/asn1/check-gen.c1311
-rw-r--r--crypto/heimdal/lib/asn1/check-timegm.c81
-rw-r--r--crypto/heimdal/lib/asn1/cms.asn1157
-rw-r--r--crypto/heimdal/lib/asn1/cms.opt2
-rw-r--r--crypto/heimdal/lib/asn1/der-private.h82
-rw-r--r--crypto/heimdal/lib/asn1/der-protos.h628
-rw-r--r--crypto/heimdal/lib/asn1/der.c142
-rw-r--r--crypto/heimdal/lib/asn1/der.h105
-rw-r--r--crypto/heimdal/lib/asn1/der_cmp.c116
-rw-r--r--crypto/heimdal/lib/asn1/der_copy.c181
-rw-r--r--crypto/heimdal/lib/asn1/der_format.c170
-rw-r--r--crypto/heimdal/lib/asn1/der_free.c144
-rw-r--r--crypto/heimdal/lib/asn1/der_get.c647
-rw-r--r--crypto/heimdal/lib/asn1/der_length.c248
-rw-r--r--crypto/heimdal/lib/asn1/der_locl.h63
-rw-r--r--crypto/heimdal/lib/asn1/der_put.c479
-rw-r--r--crypto/heimdal/lib/asn1/digest.asn1179
-rw-r--r--crypto/heimdal/lib/asn1/extra.c141
-rw-r--r--crypto/heimdal/lib/asn1/gen.c1054
-rw-r--r--crypto/heimdal/lib/asn1/gen_copy.c251
-rw-r--r--crypto/heimdal/lib/asn1/gen_decode.c731
-rw-r--r--crypto/heimdal/lib/asn1/gen_encode.c550
-rw-r--r--crypto/heimdal/lib/asn1/gen_free.c191
-rw-r--r--crypto/heimdal/lib/asn1/gen_glue.c156
-rw-r--r--crypto/heimdal/lib/asn1/gen_length.c279
-rw-r--r--crypto/heimdal/lib/asn1/gen_locl.h102
-rw-r--r--crypto/heimdal/lib/asn1/gen_seq.c119
-rw-r--r--crypto/heimdal/lib/asn1/gen_template.c918
-rw-r--r--crypto/heimdal/lib/asn1/hash.c206
-rw-r--r--crypto/heimdal/lib/asn1/hash.h87
-rw-r--r--crypto/heimdal/lib/asn1/heim_asn1.h52
-rw-r--r--crypto/heimdal/lib/asn1/krb5.asn1825
-rw-r--r--crypto/heimdal/lib/asn1/krb5.opt6
-rw-r--r--crypto/heimdal/lib/asn1/kx509.asn131
-rw-r--r--crypto/heimdal/lib/asn1/lex.c2729
-rw-r--r--crypto/heimdal/lib/asn1/lex.h42
-rw-r--r--crypto/heimdal/lib/asn1/lex.l300
-rw-r--r--crypto/heimdal/lib/asn1/main.c207
-rw-r--r--crypto/heimdal/lib/asn1/pkcs12.asn181
-rw-r--r--crypto/heimdal/lib/asn1/pkcs8.asn130
-rw-r--r--crypto/heimdal/lib/asn1/pkcs9.asn128
-rw-r--r--crypto/heimdal/lib/asn1/pkinit.asn1200
-rw-r--r--crypto/heimdal/lib/asn1/rfc2459.asn1562
-rw-r--r--crypto/heimdal/lib/asn1/setchgpw2.asn1193
-rw-r--r--crypto/heimdal/lib/asn1/symbol.c108
-rw-r--r--crypto/heimdal/lib/asn1/symbol.h162
-rw-r--r--crypto/heimdal/lib/asn1/template.c1119
-rw-r--r--crypto/heimdal/lib/asn1/test.asn1138
-rw-r--r--crypto/heimdal/lib/asn1/test.gen14
-rw-r--r--crypto/heimdal/lib/asn1/timegm.c136
-rw-r--r--crypto/heimdal/lib/asn1/version-script.map6
67 files changed, 26627 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/asn1/ChangeLog b/crypto/heimdal/lib/asn1/ChangeLog
new file mode 100644
index 000000000000..523e24bad03a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/ChangeLog
@@ -0,0 +1,1665 @@
+2008-04-09 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: add id-pkinit-kdf
+
+ * pkinit.asn1: add PkinitSP80056AOtherInfo
+
+2008-04-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: Use unsigned where appropriate.
+
+2008-03-22 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: Match name in ClientCanonicalizedNames with -10
+
+ * k5.asn1: add referral-valid-until
+
+2008-01-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * asn1-common.h gen.c der.c gen_encode.c: add and use der_{malloc,free}
+
+2007-12-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * libasn1.h: remove, not used.
+
+2007-12-04 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add DigestTypes, add --seq to antoher type.
+
+ * digest.asn1: Add supportedMechs request.
+
+2007-10-18 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: Some "old" windows enctypes. From Andy Polyakov.
+
+2007-07-23 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Fold in pk-init-alg-agilty.
+
+ * pkinit.asn1: Fold in pk-init-alg-agilty.
+
+2007-07-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * parse.y: Passe object id is its part of the module defintion
+ statement.
+
+2007-07-14 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-gen.c: test SEQ OF SIZE (...)
+
+ * Makefile.am: Include more sizeof tests.
+
+2007-07-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * try to avoid aliasing of pointers enum {} vs int
+
+2007-07-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * test.asn1: Test SIZE attribute for SEQ and OCTET STRING
+
+ * parse.y (OctetStringType): add SIZE to OCTET STRING.
+
+ * Makefile.am: New library version.
+
+2007-07-02 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: Re-add size limits.
+
+ * k5.asn1: Add size limits from RFC 4120.
+
+ * gen_decode.c: Check range on SEQ OF and OCTET STRING.
+
+ * asn1_err.et (min|max|exact) constraints.
+
+ * parse.y: Parse size limitations to SEQ OF.
+
+2007-06-28 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add AuthorityInfoAccessSyntax.
+
+ * rfc2459.asn1: Add AuthorityInfoAccessSyntax.
+
+ * rfc2459.asn1: Add authorityInfoAccess, rename proxyCertInfo.
+
+ * Makefile.am: Add authorityInfoAccess, rename proxyCertInfo.
+
+2007-06-27 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_get.c (der_get_time): avoid using wrapping of octet_string
+ and realloc.
+
+ * der_get.c: No need to undef timetm, we don't use it any more.
+
+ * timegm.c: Fix spelling caused by too much query-replace.
+
+ * gen.c: Include <limits.h> for UINT_MAX.
+
+ * gen_decode.c: Check for multipication overrun.
+
+ * gen_encode.c: Paranoia check in buffer overun in output
+ function.
+
+ * check-der.c: Test boolean.
+
+ * check-der.c: test universal strings.
+
+ * check-der.c: Test failure cases for der_get_tag.
+
+ * check-der.c: test dates from last century.
+
+ * check-der.c: Move zero length integercheck to a better place.
+
+ * check-der.c: Test zero length integer.
+
+2007-06-18 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Init data to something.
+
+2007-06-15 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: Add KRB5-AUTHDATA-INITIAL-VERIFIED-CAS.
+
+2007-06-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: Make the pkinit nonce signed (like the kerberos
+ nonce).
+
+2007-06-03 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Free more memory.
+
+ * der_format.c: Don't accect zero length hex numbers.
+
+ * check-der.c: Also free right memory.
+
+ * main.c: Close asn1 file when done.
+
+ * check-der.c: more check for der_parse_hex_heim_integer
+
+ * der_format.c (der_parse_hex_heim_integer): check length before
+ reading data.
+
+ * check-gen.c (test_authenticator): free memory
+
+2007-05-31 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add MS-UPN-SAN
+
+ * pkinit.asn1: add MS-UPN-SAN
+
+ * rfc2459.asn1: Do evil things to handle IMPLICIT encoded
+ structures. Add id-ms-client-authentication.
+
+2007-05-30 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add asn1_id_ms_cert_enroll_domaincontroller.x
+
+2007-05-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: Add struct units; as a forward declaration. Pointed out
+ by Marcus Watts.
+
+ * rfc2459.asn1: Netscape extentions
+
+ * Makefile.am: add U.S. Federal PKI Common Policy Framework
+
+ * rfc2459.asn1: add U.S. Federal PKI Common Policy Framework
+
+2007-04-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_seq.c: Handle the case of resize to 0 and realloc that
+ returns NULL.
+
+ * check-gen.c (check_seq): free seq.
+
+2007-04-19 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c (test_heim_oid_format_same): avoid leaking memory in
+ the non failure case too
+
+2007-04-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: remove extra ^Q
+
+2007-04-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_get.c: Allow trailing NULs. We allow this since MIT Kerberos
+ sends an strings in the NEED_PREAUTH case that includes a trailing
+ NUL.
+
+2007-02-17 Love Hörnquist Åstrand <lha@it.su.se>
+
+
+ * Makefile.am: Add PA-ClientCanonicalized and friends.
+
+ * k5.asn1: Add PA-ClientCanonicalized and friends.
+
+2007-02-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Drop one over INT_MAX test-case.
+
+2007-02-05 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: add id-pkinit-ms-eku
+
+ * pkinit.asn1: fill in more bits of id-pkinit-ms-san
+
+2007-02-02 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * digest.asn1: rename hash-a1 to session key
+
+2007-02-01 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * digest.asn1: Add elements to send in requestResponse to KDC and
+ get status of the request.
+
+2007-01-31 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: seq rules for CRLDistributionPoints
+
+2007-01-30 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add CRLDistributionPoints and friends
+
+2007-01-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: check BMPstring oddlength more
+
+ * check-der.c: Test for NUL char in string in GENERAL STRING.
+
+ * der_get.c: Check for NUL characters in string and return
+ ASN1_BAD_CHARACTER error-code if we find them.
+
+ * asn1_err.et: Add BAD_CHARACTER error.
+
+2007-01-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add id-at-streetAddress.
+
+ * rfc2459.asn1: Add id-at-streetAddress.
+
+2007-01-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: Add PKIXXmppAddr and id-pkix-on-xmppAddr.
+
+2006-12-30 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add id-pkix-kp oids.
+
+ * rfc2459.asn1: Add id-pkix-kp oids.
+
+2006-12-29 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_encode.c: Named bit strings have this horrible, disgusting,
+ compress bits until they are no longer really there but stuff in
+ an initial octet anyway encoding scheme. Try to get it right and
+ calculate the initial octet runtime instead of compiletime.
+
+ * check-gen.c: Check all other silly bitstring combinations.
+
+ * Makefile.am: Add --sequence=Extensions to rfc2459.
+
+2006-12-28 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * kx509.asn1: Add kx509.
+
+ * Makefile.am: Add kx509.
+
+ * Add VisibleString parsing
+
+2006-12-15 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add ntlm files.
+
+ * digest.asn1: Add bits for handling NTLM.
+
+2006-12-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add pkix proxy cert policy lang oids
+
+ * rfc2459.asn1: add pkix proxy cert policy lang oids
+
+2006-12-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: unbreak id-pe-proxyCertInfo
+
+ * rfc2459.asn1: Add id-pkix-on-dnsSRV and related oids
+
+2006-11-28 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add explicit depenency to LIB_roken for libasn1.la,
+ make AIX happy.
+
+2006-11-27 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_format.c (der_print_heim_oid): oid with zero length is
+ invalid, fail to print.
+
+2006-11-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_format.c (der_print_heim_oid): use delim when printing.
+
+2006-11-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: Make KRB5-PADATA-S4U2SELF pa type 129.
+
+2006-10-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * asn1_err.et: add EXTRA_DATA
+
+2006-10-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-gen.c: avoid leaking memory
+
+ * check-der.c: avoid leaking memory
+
+ * der_format.c (der_parse_heim_oid): avoid leaking memory
+
+ * check-common.c: Print size_t as (unsigned long) and cast.
+
+ * check-common.c: Try to align data, IA64's gets upset if its
+ unaligned.
+
+ * lex.l: add missing */
+
+ * lex.c: need %e for hpux lex
+
+2006-10-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: remove dups from gen_files_test, add check-timegm.
+
+ * Makefile.am: include more test.asn1 built files
+
+ * Makefile.am: More files, now for make check.
+
+2006-10-19 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add missing files
+
+ * Makefile.am (asn1_compile_SOURCES): add gen_locl.h
+
+ * check-timegm.c: Add check for _der_timegm.
+
+ * der_get.c (generalizedtime2time): always use _der_timegm.
+
+ * timegm.c: make more strict
+
+ * der_locl.h: Rename timegm to _der_timegm.
+
+2006-10-17 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * timegm.c: vJust fail if tm_mon is out of range for now XXXX this
+ is wrong.
+
+2006-10-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: extra depencies on der-protos.h
+
+2006-10-14 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Prefix primitive types with der_.
+
+ * timegm.c: rename the buildin timegm to _der_timegm
+
+ * heim_asn1.h: move prototype away from here.
+
+ * der_format.c: Add der_parse_heim_oid
+
+ * gen_free.c: prefix primitive types with der_
+
+ * der_copy.c: prefix primitive types with der_
+
+ * gen_length.c: prefix primitive types with der_
+
+ * der_length.c: prefix primitive types with der_
+
+ * der_cmp.c: prefix primitive types with der_
+
+ * gen_free.c: prefix primitive types with der_
+
+ * der_free.c: prefix primitive types with der_
+
+ * gen_copy.c: prefix primitive types with der_
+
+ * der_copy.c: rename copy_ to der_copy_
+
+ * Makefile.am: Add der-protos.h to nodist_include_HEADERS.
+
+ * der.h: use newly built <der-protos.h>
+
+ * Makefile.am: Generate der prototypes.
+
+ * gen.c: move any definitions here.
+
+ * asn1-common.h: move any definitions here.
+
+ * der.h: remove der_parse_oid prototype, it was never implemented.
+
+ * der.h: New der_print_heim_oid signature. Test
+ der_parse_heim_oid
+
+ * check-der.c: New der_print_heim_oid signature. Test
+ der_parse_heim_oid
+
+2006-10-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * lex.l: Grow an even larger output table size.
+
+ * Makefile.am: split build files into dist_ and noinst_ SOURCES
+
+2006-10-04 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_seq.c: In generation of remove_TYPE: if you just removed the
+ last element, you must not memmove memory beyond the array. From
+ Andrew Bartlett
+
+2006-10-01 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * lex.l: Grow (%p, %a, %n) tables for Solaris 10 lex. From Harald
+ Barth.
+
+2006-09-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): drop unused variable realtype.
+
+2006-09-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add KRB5SignedPath and friends.
+
+ * k5.asn1: Add KRB5SignedPath and friends.
+
+ * Makefile.am: Add new sequence generation for GeneralNames.
+
+2006-09-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * CMS.asn1 (CMSVersion): rename versions from v0 to CMSVersion_v0,
+ ...
+
+2006-09-05 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add TESTSeqOf for testing sequence generation code.
+
+ * check-gen.c: Add sequence tests.
+
+ * test.asn1: Add TESTSeqOf for testing sequence generation code.
+
+ * gen_seq.c: fix warning.
+
+ * gen_seq.c: make generated data work
+
+ * setchgpw2.asn1: enctype is part of the krb5 module now, use that
+ instead of locally defining it.
+
+ * Makefile.am: asn1_compile += gen_seq.c
+
+ * gen_locl.h: add new prototypes, remove unused ones.
+
+ * gen.c: Generate sequence function.
+
+ * main.c: add --sequence
+
+ * gen_seq.c: Add generated add_ and remove_ for "SEQUENCE OF
+ TType". I'm tried of writing realloc(foo->data,
+ sizeof(foo->data[0]) + (foo->len + 1)); Only generated for those
+ type that is enabled by the command flag --sequence.
+
+2006-08-25 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * digest.asn1 (DigestRequest): add authid
+
+ * digest.asn1: Comment describing on how to communicate the sasl
+ int/conf mode.
+
+2006-08-23 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * digest.asn1: Add some missing fields needed for digest.
+
+2006-08-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * digest.asn1: Tweak to make consisten and more easier to use.
+
+2006-07-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Remove CMS symmetric encryption support. Add
+ DigestProtocol.
+
+ * digest.asn1: DigestProtocol
+
+ * k5.asn1: Remove CMS symmetric encryption support.
+
+2006-06-22 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c (check_fail_heim_integer): disable test
+
+ * der_get.c (der_get_heim_integer): revert part of previous
+
+ * der_get.c (der_get_heim_integer): Add more checks
+
+ * asn1_print.c: Add printing of bignums and use der_print_heim_oid
+
+ * check-der.c (test_heim_oid_format_same): add printing on failure
+
+ * check-der.c: Add one check for heim_int, add checking for oid
+ printing
+
+2006-06-06 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Impersonation support bits (and sort)
+
+ * k5.asn1: Impersonation support bits.
+
+2006-05-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_format.c (der_parse_hex_heim_integer): avoid shadowing.
+
+2006-04-29 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add ExternalPrincipalIdentifiers, shared between
+ several elements.
+
+ * pkinit.asn1: Add ExternalPrincipalIdentifiers, shared between
+ several elements.
+
+2006-04-28 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * parse.y: Add missing ;'s, found by bison on a SuSE 8.2 machine.
+
+2006-04-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add definitions from RFC 3820, Proxy Certificate
+ Profile.
+
+ * rfc2459.asn1: Add definitions from RFC 3820, Proxy Certificate
+ Profile.
+
+2006-04-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: Add id-Userid
+
+ * Makefile.am: Add UID and email
+
+ * pkcs9.asn1: Add id-pkcs9-emailAddress
+
+ * Makefile.am: Add attribute type oids from X520 and RFC 2247 DC
+ oid
+
+ * rfc2459.asn1: Add attribute type oids from X520 and RFC 2247 DC
+ oid
+
+2006-04-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add sha-1 and sha-2
+
+ * rfc2459.asn1: add sha-1 and sha-2
+
+2006-04-15 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add id-pkcs1-sha256WithRSAEncryption and friends
+
+ * rfc2459.asn1: Add id-pkcs1-sha256WithRSAEncryption and friends
+
+ * CMS.asn1: Turn CMSRC2CBCParameter.rc2ParameterVersion into a
+ constrained integer
+
+2006-04-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * hash.c (hashtabnew): check for NULL before setting structure.
+ Coverity, NetBSD CID#4
+
+2006-03-31 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: gen_files_rfc2459 += asn1_ExtKeyUsage.x
+
+ * rfc2459.asn1: Add ExtKeyUsage.
+
+ * gen.c (generate_header_of_codefile): remove unused variable.
+
+2006-03-30 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: Put all the IMPORTed headers into the headerfile to avoid
+ hidden depencies.
+
+2006-03-27 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add id-pkinit-ms-san.
+
+ * pkinit.asn1: Add id-pkinit-ms-san.
+
+ * k5.asn1 (PADATA-TYPE): Add KRB5-PADATA-PA-PK-OCSP-RESPONSE
+
+2006-03-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add pkinit-san.
+
+ * pkinit.asn1: Rename id-pksan to id-pkinit-san
+
+2006-03-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c (init_generate): Nothing in the generated files needs
+ timegm(), so no need to provide a prototype for it.
+
+2006-02-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: paChecksum is now OPTIONAL so it can be upgraded to
+ something better then SHA1
+
+2006-01-31 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * extra.c: Stub-generator now generates alloc statements for
+ tagless ANY OPTIONAL, remove workaround.
+
+ * check-gen.c: check for "tagless ANY OPTIONAL"
+
+ * test.asn1: check for "tagless ANY OPTIONAL"
+
+2006-01-30 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der.h: UniversalString and BMPString are both implemented.
+
+ * der.h: Remove , after the last element of enum.
+
+ * asn1_gen.c: Spelling.
+
+2006-01-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_length.c (length_heim_integer): Try handle negative length
+ of integers better.
+
+ * der_get.c (der_get_heim_integer): handle negative integers.
+
+ * check-der.c: check heim_integer.
+
+2006-01-18 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Its cRLReason, not cRLReasons
+
+ * canthandle.asn1: "Allocation is done on CONTEXT tags" works just
+ fine.
+
+ * rfc2459.asn1: Add CRL structures and OIDs.
+
+ * Makefile.am: Add CRL and TESTAlloc structures and OIDs.
+
+ * check-gen.c: Check OPTIONAL context-tagless elements.
+
+ * test.asn1: Check OPTIONAL context-tagless elements.
+
+ * der_cmp.c (heim_integer_cmp): make it work with negative
+ numbers.
+
+2006-01-17 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: check that der_parse_hex_heim_integer() handles odd
+ length numbers.
+
+ * der_format.c (der_parse_hex_heim_integer): make more resiliant
+ to errors, handle odd length numbers.
+
+2006-01-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add RSAPrivateKey
+
+ * rfc2459.asn1: Add RSAPrivateKey.
+
+2006-01-05 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_copy.c (copy_heim_integer): copy the negative flag
+
+2005-12-14 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * parse.y: Drop ExceptionSpec for now, its not used.
+
+2005-12-06 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * test.asn1: Add test string for constraints.
+
+ * symbol.h: Add support for part of the Constraint-s
+
+ * gen.c: Set new constraints pointer in Type to NULL for inline
+ constructed types.
+
+ * parse.y: Add support for parsing part of the Constraint-s
+
+2005-10-29 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Add some X9.57 (DSA) oids, sort lines
+
+ * rfc2459.asn1: Add some X9.57 (DSA) oids.
+
+2005-10-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: Remove pk-init-19 support.
+
+ * pkinit.asn1: Fix comment
+
+ * check-der.c: Add tests for parse and print functions for
+ heim_integer.
+
+ * Makefile.am: Add parse and print functions for heim_integer.
+
+ * der_format.c: Add parse and print functions for heim_integer.
+
+ * der.h: Add parse and print functions for heim_integer.
+
+2005-09-22 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am (gen_files_rfc2459) += asn1_DHPublicKey.x
+
+ * rfc2459.asn1: Add DHPublicKey, and INTEGER to for storing the DH
+ public key in the SubjectPublicKeyInfo.subjectPublicKey BIT
+ STRING.
+
+2005-09-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c: TSequenceOf/TSetOf: Increase the length of the
+ array after successful decoding the next element, so that the
+ array don't contain heap-data.
+
+2005-09-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Avoid empty array initiators.
+
+ * pkcs8.asn1 (PKCS8PrivateKeyInfo): Inline SET OF to avoid
+ compiler "feature"
+
+ * check-common.c: Avoid signedness warnings.
+
+ * check-common.h: Makes bytes native platform signed to avoid
+ casting everywhere
+
+ * check-der.c: Don't depend on malloc(very-very-larger-value) will
+ fail. Cast to unsigned long before printing size_t.
+
+ * check-gen.c: Don't depend on malloc(very-very-larger-value) will
+ fail.
+
+ * check-gen.c: Fix signedness warnings.
+
+ * lex.l: unput() have to hanppen in actions for flex 2.5.31, can
+ do them in user code sesction, so move up handle_comment and
+ handle_string into action, not much sharing was done anyway.
+
+2005-09-09 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c (test_one_int): len and len_len is size_t
+
+2005-08-23 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_encode.c: Change name of oldret for each instance its used
+ to avoid shadow warning. From: Stefan Metzmacher
+ <metze@samba.org>.
+
+ * gen_length.c: Change name of oldret for each instance its used
+ to avoid shadow warning. From: Stefan Metzmacher
+ <metze@samba.org>.
+
+ * gen_decode.c: Change name of oldret for each instance its used
+ to avoid shadow warning. From: Stefan Metzmacher
+ <metze@samba.org>.
+
+ * parse.y: Const poision yyerror.
+
+ * gen.c: Const poision.
+
+2005-08-22 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: Add KRB5-PADATA-PK-AS-09-BINDING, client send
+ this (with an empty pa-data.padata-value) to tell the KDC that the
+ client support the binding the PA-REP to the AS-REQ packet. This
+ is to fix the problem lack of binding the AS-REQ to the PK-AS-REP
+ in pre PK-INIT-27. The nonce is replaced with a asCheckSum.
+
+2005-08-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * canthandle.asn1: Allocation is done on CONTEXT tags.
+
+ * asn1_gen.c: rename optind to optidx to avoid shadow warnings
+
+2005-07-28 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: add id-rsadsi-rc2-cbc
+
+ * Makefile.am: add another oid for rc2
+
+2005-07-27 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: Make variable initiation constant by moving them to
+ global context
+
+ * check-gen.c: change to c89 comment
+
+2005-07-27 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: remove duplicate asn1_CMSAttributes.x
+
+2005-07-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * asn1_print.c: rename optind to optidx
+
+ * Makefile.am: Update to pkinit-27
+
+ * pkinit.asn1: Update to pkinit-27
+
+2005-07-25 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: make it work for non c99 compilers too
+
+ * check-der.c: start testing BIT STRING
+
+ * der_cmp.c (heim_bit_string_cmp): try handle corner cases better
+
+ * gen_free.c (free_type): free bignum integers
+
+2005-07-23 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add PKCS12-OctetString
+
+ * pkcs12.asn1: add PKCS12-OctetString
+
+ * Makefile.am: add new files
+
+ * rfc2459.asn1: include SET OF in Attribute to make the type more
+ useful
+
+ * CMS.asn1: handle IMPLICIT and share some common structures
+
+2005-07-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: Include enough workarounds that this even might
+ work.
+
+ * check-gen.c: Two implicit tests, one with all structures inlined
+
+ * test.asn1: fix workaround for IMPLICIT CONS case
+
+ * canthandle.asn1: fix workaround for IMPLICIT CONS case
+
+ * asn1_print.c: hint that there are IMPLICIT content when we find
+ it
+
+ * check-gen.c: Added #ifdef out test for IMPLICIT tagging.
+
+ * Makefile.am: test several IMPLICIT tag level deep
+
+ * test.asn1: test several IMPLICIT tag level deep
+
+ * test.asn1: tests for IMPLICIT
+
+ * Makefile.am: tests for IMPLICIT
+
+ * canthandle.asn1: Expand on what is wrong with the IMPLICIT
+ tagging
+
+ * rfc2459.asn1: some of the structure are in the IMPLICIT TAGS
+ module
+
+2005-07-19 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * asn1_print.c: print size_t by casting to unsigned long and use
+ right printf format tags are unsigned integers
+
+ * gen.c (generate_constant): oid elements are unsigned
+
+ * gen_decode.c (decode_type): tagdatalen should be an size_t.
+
+ * extra.c (decode_heim_any): tag is unsigned int.
+
+ * der_get.c (der_match_tag): tag is unsigned int.
+
+ * gen_length.c (length_type): cast size_t argument to unsigned
+ long and use appropriate printf format
+
+ * check-der.c (check_fail_bitstring): check for length overflow
+
+ * der_get.c: rewrite integer overflow tests w/o SIZE_T_MAX
+
+ * check-common.c (generic_decode_fail): only copy in if checklen
+ its less then 0xffffff and larger than 0.
+
+ * gen_decode.c (find_tag): find external references, we can't
+ handle those, so tell user that instead of crashing
+
+2005-07-18 Dave Love <fx@gnu.org>
+
+ * extra.c (free_heim_any_set): Fix return.
+
+ * gen_decode.c (find_tag): Fix return in TType case.
+
+2005-07-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_encode.c (TChoice): add () to make sure variable expression
+ is evaluated correctly
+
+ * gen_length.c (TChoice): add () to make sure variable expression
+ is evaluated correctly
+
+ * k5.asn1: reapply 1.43 that got lost in the merge: rename pvno to
+ krb5-pvno
+
+2005-07-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): TChoice: set the label
+
+ * check-gen.c (cmp_Name): do at least some checking
+
+ * gen_locl.h: rename function filename() to get_filename() to
+ avoid shadowing
+
+ * lex.l: rename function filename() to get_filename() to avoid
+ shadowing
+
+ * gen.c: rename function filename() to get_filename() to avoid
+ shadowing
+
+ * check-der.c: add failure checks for large oid elements
+
+ * check-gen.c: add failure checks for tag (and large tags)
+
+ * der_get.c: Check for integer overflows in tags and oid elements.
+
+2005-07-10 Assar Westerlund <assar@kth.se>
+
+ * gen_decode.c: Fix decoding of choices to select which branch to
+ try based on the tag and return an error if that branch fails.
+
+ * check-gen.c: Fix short choice test cases.
+
+2005-07-09 Assar Westerlund <assar@kth.se>
+
+ * symbol.c:
+ * parse.y:
+ * main.c:
+ * lex.l:
+ * gen_length.c:
+ * gen_free.c:
+ * gen_encode.c:
+ * gen_decode.c:
+ * gen_copy.c:
+ * gen.c:
+ * extra.c:
+ * check-gen.c:
+ * check-der.c:
+ * check-common.c:
+ * asn1_print.c:
+ * asn1_gen.c:
+ Use emalloc, ecalloc, and estrdup.
+ Check return value from asprintf.
+ Make sure that malloc(0) returning NULL is not treated as an
+ error.
+
+2005-07-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-gen.c: test cases for CHOICE, its too liberal right now,
+ it don't fail hard on failure on after it successfully decoded the
+ first tag in a choice branch
+
+ * asn1_gen.c: calculate the basename for the output file,
+ pretty-print tag number
+
+ * test.gen: sample for asn1_gen
+
+ * check-gen.c: check errors in SEQUENCE
+
+ * Makefile.am: build asn1_gen, TESTSeq and new, and class/type/tag
+ string<->num converter.
+
+ * test.asn1: TESTSeq, for testing SEQUENCE
+
+ * asn1_gen.c: generator for asn1 data
+
+ * asn1_print.c: use class/type/tag string<->num converter.
+
+ * der.c: Add class/type/tag string<->num converter.
+
+ * der.h: Add class/type/tag string<->num converter.
+ Prototypes/structures for new time bits.
+
+2005-07-09 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_get.c (der_get_unsigned) check for length overflow
+ (der_get_integer) ditto
+ (der_get_general_string) ditto
+
+ * der_get.c: check for overruns using SIZE_T_MAX
+
+ * check-der.c: check BIT STRING and OBJECT IDENTIFIER error cases
+
+ * check-common.c (generic_decode_fail): allocate 4K for the over
+ sized memory test
+
+ * der_get.c (der_get_oid): check for integer overruns and
+ unterminated oid correctly
+
+ * check-common.h (map_alloc, generic_decode_fail): prototypes
+
+ * check-common.c (map_alloc): make input buffer const
+ (generic_decode_fail): verify decoding failures
+
+2005-07-05 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_encode.c: split up the printf for SET OF, also use the
+ generate name for the symbol in the SET OF, if not, the name might
+ contain non valid variable name characters (like -)
+
+2005-07-04 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: move pkcs12 defines into their own namespace
+
+ * pkcs12.asn1: move pkcs12 defines into their own namespace
+
+ * pkcs9.asn1: add PKCS9-friendlyName with workaround for SET OF
+ bug
+
+ * heim_asn1.h: reuse heim_octet_string for heim_any types
+
+ * main.c: use optidx, handle the case where name is missing and
+ use base of filename then
+
+ * asn1-common.h: include ASN1_MALLOC_ENCODE
+
+ * gen_decode.c: use less context so lower indentention level, add
+ missing {} where needed
+
+2005-07-02 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_copy.c: Use a global variable to keep track of if the 'goto
+ fail' was used, and use that to only generate the label if needed.
+
+ * asn1_print.c: do indefinite form loop detection and stop after
+ 10000 recursive indefinite forms, stops crashing due to running
+ out of stack
+
+ * asn1_print.c: catch badly formated indefinite length data
+ (missing EndOfContent tag) add (negative) indent flag to speed up
+ testing
+
+2005-07-01 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * canthandle.asn1: Can't handle primitives in CHOICE
+
+ * gen_decode.c: Check if malloc failes
+
+ * gen_copy.c: Make sure to free memory on failure
+
+ * gen_decode.c: Check if malloc failes, rename "reallen" to
+ tagdatalen since that is what it is.
+
+2005-05-29 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * prefix Der_class with ASN1_C_ to avoid problems with system
+ headerfiles that pollute the name space
+
+2005-05-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkcs12.asn1: add PKCS12CertBag
+
+ * pkcs9.asn1: add pkcs9 certtype x509 certificate
+
+ * Makefile.am: add pkcs12 certbag and pkcs9 certtype x509
+ certificate
+
+ * pkcs12.asn1: split off PKCS12Attributes from SafeBag so it can
+ be reused
+
+ * Makefile.am: add PKCS12Attributes
+
+2005-05-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * canthandle.asn1: fix tags in example
+
+2005-05-02 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: Let the Windows nonce be an int32 (signed), if not
+ it will fail when using Windows PK-INIT.
+
+2005-05-01 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add pkcs12-PBEParams
+
+ * pkcs12.asn1: add pkcs12-PBEParams
+
+ * parse.y: objid_element: exit when the condition fails
+
+2005-04-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_glue.c: 1.8: switch the units variable to a
+ function. gcc-4.1 needs the size of the structure if its defined
+ as extern struct units foo_units[] an we don't want to include
+ <parse_units.h> in the generate headerfile
+
+2005-03-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add the des-ede3-cbc oid that ansi x9.52 uses
+
+ * rfc2459.asn1: add the des-ede3-cbc oid that ansi x9.52 uses
+
+ * Makefile.am: add oids for x509
+
+ * rfc2459.asn1: add oids now when the compiler can handle them
+
+2005-03-19 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add pkcs9 files
+
+ * pkcs9.asn1: add small number of oids from pkcs9
+
+2005-03-14 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add a bunch of pkcs1/pkcs2/pkcs3/aes oids
+
+ * rfc2459.asn1: add a bunch of pkcs1/pkcs2/pkcs3/aes oids
+
+2005-03-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: merge pa-numbers
+
+2005-03-09 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add oid's
+
+ * rfc2459.asn1: add encryption oids
+
+ * CMS.asn1: add signedAndEnvelopedData oid
+
+ * pkcs12.asn1: add pkcs12 oids
+
+ * CMS.asn1: add pkcs7 oids
+
+2005-03-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c (generate_header_of_codefile): break out the header
+ section generation
+ (generate_constant): generate a function that return the oid
+ inside a heim_oid
+
+ * parse.y: fix the ordering of the oid's
+
+ * parse.y: handle OBJECT IDENTIFIER as value construct
+
+2005-02-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Preserve content of CHOICE element that is unknown if ellipsis
+ was used when defining the structure
+
+2005-02-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * parse.y: use ANS1_TAILQ macros
+
+ * *.[ch]: use ASN1_TAILQ macros
+
+ * asn1_queue.h: inline bsd sys/queue.h and rename TAILQ to
+ ASN1_TAILQ to avoid problems with name polluting headerfiles
+
+2005-01-19 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: pull in <krb5-types.h>
+
+2005-01-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Add BMPString and UniversalString
+
+ * k5.asn1 (EtypeList): make INTEGER constrained (use krb5int32)
+
+2005-01-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: add GeneralNames
+
+2004-11-21 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: use unsigned integer for len of SequenceOf/SetOf and
+ bitstring names
+
+2004-11-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: switch to krb5int32 and krb5uint32
+
+ * Unify that three integer types TInteger TUInteger and TBigInteger.
+ Start to use constrained integers where appropriate.
+
+2004-10-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * CMS.asn1: remove no longer used commented out elements
+
+ * gen_glue.c: make units structures const
+
+2004-10-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * lex.l: handle hex number with [a-fA-F] in them
+
+2004-10-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_free.c: free _save for CHOICE too
+
+ * rfc2459.asn1: use Name and not heim_any
+
+ * gen_decode.c: if malloc for _save failes, goto fail so we free
+ the structure
+
+ * gen_copy.c: copy _save for CHOICE too
+
+ * gen.c: add _save for CHOICE too
+
+ * CMS.asn1: RecipientIdentifier and SignerIdentifier is the same
+ name is CMSIdentifier and add glue for that so we can share code
+ use Name and not heim_any
+
+2004-10-03 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: drop AlgorithmIdentifierNonOpt add
+ {RC2CBC,}CBCParameter here where they belong
+
+ * CMS.asn1: add {RC2CBC,}CBCParameter here where they belong
+
+ * rfc2459.asn1: drop AlgorithmIdentifierNonOpt
+
+ * rfc2459.asn1: stop using AlgorithmIdentifierNonOpt hint that we
+ really want to use Name and some MS stuff
+
+2004-09-05 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * asn1_print.c: handle end of content, this is part BER support,
+ however, OCTET STRING need some tweeking too.
+
+ * der.h: add UT_EndOfContent
+
+ * test.asn1: test asn1 spec file
+
+ * check-gen.c: check larget tags
+
+ * Makefile.am: add test asn1 spec file that we can use for testing
+ constructs that doesn't exists in already existing spec (like
+ large tags)
+
+ * der_put.c (der_put_tag): make sure there are space for the head
+ tag when we are dealing with large tags (>30)
+
+ * check-gen.c: add test for tag length
+
+ * check-common.c: export the map_ functions for OVERRUN/UNDERRUN
+ detection restore the SIGSEGV handler when test is done
+
+ * check-common.h: export the map_ functions for OVERRUN/UNDERRUN
+ detection
+
+ * gen_decode.c: check that the tag-length is not longer the length
+ use forwstr on some more places
+
+ * parse.y: revert part of 1.14.2.21, multiple IMPORT isn't allowed
+
+ * pkinit.asn1: correct usage of IMPORT
+
+ * CMS.asn1: correct usage of IMPORT
+
+ * pkcs8.asn1: pkcs8, encrypting private key
+
+ * pkcs12.asn1: pkcs12, key/crl/certificate file transport PDU
+
+ * Makefile.am: add pkcs8 and pkcs12
+
+ * der_free.c: reset length when freing primitives
+
+ * CMS.asn1: add EncryptedData
+
+2004-08-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): if the entry is already optional
+ when parsing a tag and we allocate the structure, not pass down
+ optional since that will case the subtype's decode_type also to
+ allocate an entry. and we'll leak an entry. Bug from Luke Howard
+ <lukeh@padl.com>. While here, use calloc.
+
+2004-04-29 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: shift the last added etypes one step so rc2 doesn't
+ stomp on cram-md5
+
+2004-04-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * k5.asn1: add ETYPE_AESNNN_CBC_NONE
+
+ * CMS.asn1: add CMS symmetrical parameters moved to k5.asn1
+
+ * k5.asn1: add CMS symmetrical parameters here, more nametypes
+ enctype rc2-cbc
+
+2004-04-25 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c: free data on decode failure
+
+2004-04-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add CBCParameter and RC2CBCParameter
+
+ * CMS.asn1: add CBCParameter and RC2CBCParameter
+
+2004-04-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * check-der.c: add simple test for oid's, used to trigger malloc
+ bugs in you have picky malloc (like valgrind/purify/third)
+
+ * der_get.c (der_get_oid): handle all oid components being smaller
+ then 127 and allocate one extra element since first byte is split
+ to to elements.
+
+2004-04-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * canthandle.asn1: one thing handled
+
+ * gen_decode.c: handle OPTIONAL CONS-tag-less elements
+
+ * der_length.c (length_len): since length is no longer the same as
+ an unsigned, do the length counting here. ("unsigned" is zero
+ padded when most significate bit is set, length is not)
+
+2004-04-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * canthandle.asn1: document by example what the encoder can't
+ handle right now
+
+ * Makefile.am: add more stuff needed whem implementing x509
+ preserve TBSCertificate
+
+ * rfc2459.asn1: add more stuff needed whem implementing x509
+
+ * CMS.asn1: move some type to rfc2459.asn1 where they belong (and
+ import them)
+
+ * gen.c: preserve the raw data when asked too
+
+ * gen_decode.c: preserve the raw data when asked too
+
+ * gen_copy.c: preserve the raw data when asked too
+
+ * gen_free.c: preserve the raw data when asked too
+
+ * gen_locl.h: add preserve_type
+
+ * heim_asn1.h: add heim_any_cmp
+
+ * main.c: add flag --preserve-binary=Symbol1,Symbol2,... that make
+ the compiler generate stubs to save the raw data, its not used
+ right now when generating the stat
+
+ * k5.asn1: Windows uses PADATA 15 for the request too
+
+ * extra.c: add heim_any_cmp
+
+ * der_put.c: implement UTCtime correctly
+
+ * der_locl.h: remove #ifdef HAVE_TIMEGM\ntimegm\n#endif here from
+ der.h so one day der.h can get installed
+
+ * der_length.c: implement UTCtime correctly
+
+ * der_get.c: implement UTCtime correctly, prefix dce_fix with
+ _heim_fix
+
+ * der_copy.c: make copy_bit_string work again
+
+ * der_cmp.c: add octet_string, integer, bit_string cmp functions
+
+ * der.h: hide away more symbols, add more _cmp functions
+
+2004-03-06 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: add more pkix types make k5 use rfc150 bitstrings,
+ everything else use der bitstrings
+
+ * main.c: as a compile time option, handle no rfc1510 bitstrings
+
+ * gen_locl.h: rfc1510 bitstrings flag
+
+ * gen_length.c: as a compile time option, handle no rfc1510
+ bitstrings
+
+ * gen_encode.c: as a compile time option, handle no rfc1510
+ bitstrings
+
+ * gen_decode.c: handle no rfc1510 bitstrings
+
+ * check-gen.c: test for bitstrings
+
+ * rfc2459.asn1: add Certificates and KeyUsage
+
+2004-02-22 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * pkinit.asn1: use Name from PKIX
+
+ * rfc2459.asn1: add more silly string types to DirectoryString
+
+ * gen_encode.c: add checks for data overflow when encoding
+ TBitString with members encode SET OF correctly by bytewise
+ sorting the members
+
+ * gen_decode.c: add checks for data overrun when encoding
+ TBitString with members
+
+ * der_put.c: add _heim_der_set_sort
+
+ * der_cmp.c: rename oid_cmp to heim_oid_cmp
+
+ * der.h: rename oid_cmp to heim_oid_cmp, add _heim_der_set_sort
+
+ * check-gen.c: add check for Name and (commented out) heim_integer
+
+ * check-der.c: test for "der_length.c: Fix len_unsigned for
+ certain negative integers, it got the length wrong" , from
+ Panasas, Inc.
+
+ * der_length.c: Fix len_unsigned for certain negative integers, it
+ got the length wrong, fix from Panasas, Inc.
+
+ rename len_int and len_unsigned to _heim_\&
+
+ * gen_length.c: 1.14: (length_type): TSequenceOf: add up the size
+ of all the elements, don't use just the size of the last element.
+
+2004-02-20 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: include defintion of Name
+
+ * pkinit.asn1: no need for ContentType, its cms internal
+
+ * CMS.asn1: move ContentInfo to CMS
+
+ * pkinit.asn1: update to pk-init-18, move ContentInfo to CMS
+
+ * Makefile.am: align with pk-init-18, move contentinfo to cms
+
+2004-02-17 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_get.c: rewrite previous commit
+
+ * der_get.c (der_get_heim_integer): handle positive integer
+ starting with 0
+
+ * der_length.c (der_put_heim_integer): try handle negative
+ integers better (?)
+
+ * der_put.c (der_put_heim_integer): try handle negative integers
+ better
+
+ * der_get.c (der_get_heim_integer): dont abort on negative integer just
+ return ASN1_OVERRUN for now
+
+ * parse.y: add ia5string, and printablestring
+
+ * gen_length.c: add ia5string, and printablestring
+
+ * gen_free.c: add ia5string, and printablestring
+
+ * gen_decode.c: add ia5string, and printablestring
+
+ * gen_copy.c: add ia5string, and printablestring
+
+ * gen.c: add ia5string, printablestring, and utf8string change
+ implemetation of heim_integer and store the data as bigendian byte
+ array with a external flag for signedness
+
+ * der_put.c: add ia5string, printablestring, and utf8string change
+ implemetation of heim_integer and store the data as bigendian byte
+ array with a external flag for signedness
+
+ * der_length.c: add ia5string, printablestring, and utf8string
+ change implemetation of heim_integer and store the data as
+ bigendian byte array with a external flag for signedness
+
+ * der_get.c: add ia5string, printablestring, and utf8string change
+ implemetation of heim_integer and store the data as bigendian byte
+ array with a external flag for signedness
+
+ * der_free.c: add ia5string, printablestring, and utf8string
+
+ * der_copy.c: add ia5string, printablestring, and utf8string
+
+ * der.h: add ia5string, printablestring, and utf8string
+
+ * asn1-common.h: add signedness flag to heim_integer, add
+ ia5string and printablestring
+
+2004-02-13 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * rfc2459.asn1: use BIGINTEGER where appropriate
+
+ * setchgpw2.asn1: spelling and add op-req again
+
+2004-02-12 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: clean up better
+
+2004-02-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): TTag, don't overshare the reallen
+ variable
+
+ * Makefile.am: adapt to log file name change
+
+ * gen.c: genereate log file name based on base name
+
+2003-11-26 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: += asn1_AlgorithmIdentifierNonOpt.x
+
+ * rfc2459.asn1: add AlgorithmIdentifierNonOpt and use it where
+ it's needed, make DomainParameters.validationParms heim_any as a
+ hack. Both are workarounds for the problem with heimdal's asn1
+ compiler have with decoing context tagless OPTIONALs.
+
+ * pkinit.asn1: don't import AlgorithmIdentifier
+
+2003-11-25 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_put.c (der_put_bit_string): make it work somewhat better
+ (should really prune off all trailing zeros)
+
+ * gen_encode.c (encode_type): bit string is not a constructed type
+
+ * der_length.c (length_bit_string): calculate right length for
+ bitstrings
+
+2003-11-24 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_cmp.c (oid_cmp): compare the whole array, not just
+ length/sizeof(component)
+
+ * check-common.c: mmap the scratch areas, mprotect before and
+ after, align data to the edge of the mprotect()ed area to provoke
+ bugs
+
+ * Makefile.am: add DomainParameters, ValidationParms
+
+ * rfc2459.asn1: add DomainParameters, ValidationParms
+
+ * check-der.c: add free function
+
+ * check-common.h: add free function
+
+ * check-common.c: add free function
+
+ * check-gen.c: check KRB-ERROR
+
+ * asn1_print.c: check end of tag_names loop into APPL class tags
+
+2003-11-23 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_put.c (der_put_generalized_time): check size, not *size
+
+2003-11-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type/TBitString): skip over
+ skipped-bits-in-last-octet octet
+
+ * gen_glue.c (generate_units): generate units in reverse order to
+ keep unparse_units happy
+
+2003-11-08 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * Makefile.am: generate all silly pkinit files
+
+ * pkinit.asn1: make it work again, add strange ms structures
+
+ * k5.asn1: PROV-SRV-LOCATION, PacketCable provisioning server
+ location, PKT-SP-SEC-I09-030728
+
+ * asn1-common.h: add bit string
+
+ * der_put.c: add bit string and utctime
+
+ * gen.c: add bit string and utctime
+
+ * gen_copy.c: add bit string and utctime
+
+ * der_copy.c: add bit string
+
+ * gen_decode.c: add utctime and bitstring
+
+ * gen_encode.c: add utctime and bitstring
+
+ * gen_free.c: add utctime and bitstring
+
+ * gen_glue.c: don't generate glue for member-less bit strings
+
+ * der_cmp.c: compare function for oids
+
+ * gen_length.c: add utc time, make bit string work for bits
+ strings w/o any members
+
+ * der_cmp.c: compare function for oids
+
+ * der.h: update boolean prototypes add utctime and bit_string
+
+ * der_free.c: add free_bit_string
+
+ * der_get.c: add bit string and utctime
+
+ * der_length.c: add bit string and utctime, fix memory leak in
+ length_generalized_time
+
+ * CMS.asn1: make EncryptedContentInfo.encryptedContent a OCTET
+ STRING to make the generator do the right thing with IMPLICIT
+ mumble OPTIONAL, make CertificateSet a heim_any_set
+
+ * extra.c, heim_asn1.h: add any_set, instead of just consuming one
+ der object, its consumes the rest of the data avaible
+
+ * extra.c, heim_asn1.h: extern implementation of ANY, decoder
+ needs to have hack removed when generator handles tagless optional
+ data
+
+ * pkinit.asn1: add KdcDHKeyInfo-Win2k
+
+2003-11-07 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * der_copy.c (copy_oid): copy all components
+
+ * parse.y: parse UTCTime, allow multiple IMPORT
+
+ * symbol.h: add TUTCTime
+
+ * rfc2459.asn1: update
+
+ * x509.asn1: update
+
+ * pkinit.asn1: update
+
+ * CMS.asn1: new file
+
+ * asn1_print.c: print some more lengths, check length before
+ steping out in the void, parse SET, only go down CONTEXT of type
+ CONS (not PRIM)
+
+2003-09-17 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_encode.c (TChoice, TSequence): code element in reverse
+ order...
+
+2003-09-16 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen.c: store NULL's as int's for now
+
+ * parse.y: remove dup of type def of UsefulType
+
+2003-09-11 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): if malloc failes, return ENOMEM
+
+2003-09-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * parse.y: kw_UTF8String is a token put tag around the OID
+
+ * asn1_print.c (UT_Integer): when the integer is larger then int
+ can handle, just print BIG INT and its size
+
+2003-09-10 Love Hörnquist Åstrand <lha@it.su.se>
+
+ * gen_decode.c (decode_type): TTag, try to generate prettier code
+ in the non optional case, also remember to update length
+
+2003-01-22 Johan Danielsson <joda@pdc.kth.se>
+
+ * gen_decode.c: add flag to decode broken DCE BER encoding
+
+ * gen_locl.h: add flag to decode broken DCE BER encoding
+
+ * main.c: add flag to decode broken DCE BER encoding
+
diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am
new file mode 100644
index 000000000000..47158b88aa42
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/Makefile.am
@@ -0,0 +1,254 @@
+# $Id$
+
+include $(top_srcdir)/Makefile.am.common
+
+YFLAGS = -d -t
+
+lib_LTLIBRARIES = libasn1.la
+libasn1_la_LDFLAGS = -version-info 8:0:0
+
+noinst_LTLIBRARIES = libasn1base.la
+
+if versionscript
+libasn1_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map
+endif
+
+
+libasn1_la_LIBADD = \
+ libasn1base.la \
+ @LIB_com_err@ \
+ $(LIBADD_roken)
+
+BUILT_SOURCES = \
+ $(gen_files_rfc2459:.x=.c) \
+ $(gen_files_cms:.x=.c) \
+ $(gen_files_krb5:.x=.c) \
+ $(gen_files_pkinit:.x=.c) \
+ $(gen_files_pkcs8:.x=.c) \
+ $(gen_files_pkcs9:.x=.c) \
+ $(gen_files_pkcs12:.x=.c) \
+ $(gen_files_digest:.x=.c) \
+ $(gen_files_kx509:.x=.c)
+
+gen_files_krb5 = asn1_krb5_asn1.x
+gen_files_cms = asn1_cms_asn1.x
+gen_files_rfc2459 = asn1_rfc2459_asn1.x
+gen_files_pkinit = asn1_pkinit_asn1.x
+gen_files_pkcs12 = asn1_pkcs12_asn1.x
+gen_files_pkcs8 = asn1_pkcs8_asn1.x
+gen_files_pkcs9 = asn1_pkcs9_asn1.x
+gen_files_test = asn1_test_asn1.x
+gen_files_digest = asn1_digest_asn1.x
+gen_files_kx509 = asn1_kx509_asn1.x
+
+noinst_PROGRAMS = asn1_gen
+
+libexec_heimdal_PROGRAMS = asn1_compile asn1_print
+
+TESTS = check-der check-gen check-timegm check-ber check-template
+check_PROGRAMS = $(TESTS)
+
+asn1_gen_SOURCES = asn1_gen.c
+asn1_print_SOURCES = asn1_print.c
+check_der_SOURCES = check-der.c check-common.c check-common.h
+
+check_template_SOURCES = check-template.c check-common.c check-common.h
+nodist_check_template_SOURCES = $(gen_files_test:.x=.c)
+
+dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h
+nodist_check_gen_SOURCES = $(gen_files_test:.x=.c)
+
+build_HEADERZ = asn1-template.h
+
+asn1_compile_SOURCES = \
+ asn1_queue.h \
+ asn1parse.y \
+ der.h \
+ gen.c \
+ gen_copy.c \
+ gen_decode.c \
+ gen_encode.c \
+ gen_free.c \
+ gen_glue.c \
+ gen_length.c \
+ gen_locl.h \
+ gen_seq.c \
+ gen_template.c \
+ hash.c \
+ hash.h \
+ lex.l \
+ lex.h \
+ main.c \
+ asn1-template.h \
+ symbol.c \
+ symbol.h
+
+dist_libasn1base_la_SOURCES = \
+ der_locl.h \
+ der.c \
+ der.h \
+ der_get.c \
+ der_put.c \
+ der_free.c \
+ der_length.c \
+ der_copy.c \
+ der_cmp.c \
+ der_format.c \
+ heim_asn1.h \
+ extra.c \
+ template.c \
+ timegm.c
+
+nodist_libasn1base_la_SOURCES = \
+ asn1_err.h \
+ asn1_err.c
+
+nodist_libasn1_la_SOURCES = $(BUILT_SOURCES)
+
+asn1_compile_LDADD = \
+ $(LIB_roken) $(LEXLIB)
+
+check_der_LDADD = \
+ libasn1base.la \
+ $(LIB_roken)
+
+check_template_LDADD = $(check_der_LDADD)
+asn1_print_LDADD = $(check_der_LDADD) $(LIB_com_err)
+asn1_gen_LDADD = $(check_der_LDADD)
+check_timegm_LDADD = $(check_der_LDADD)
+
+check_gen_LDADD = \
+ libasn1.la \
+ $(LIB_roken)
+
+check_ber_LDADD = $(check_gen_LDADD)
+
+CLEANFILES = \
+ $(BUILT_SOURCES) \
+ $(gen_files_rfc2459) \
+ $(gen_files_cms) \
+ $(gen_files_krb5) \
+ $(gen_files_pkinit) \
+ $(gen_files_pkcs8) \
+ $(gen_files_pkcs9) \
+ $(gen_files_pkcs12) \
+ $(gen_files_digest) \
+ $(gen_files_kx509) \
+ $(gen_files_test) $(nodist_check_gen_SOURCES) \
+ asn1_err.c asn1_err.h \
+ rfc2459_asn1_files rfc2459_asn1*.h* \
+ cms_asn1_files cms_asn1*.h* \
+ krb5_asn1_files krb5_asn1*.h* \
+ pkinit_asn1_files pkinit_asn1*.h* \
+ pkcs8_asn1_files pkcs8_asn1*.h* \
+ pkcs9_asn1_files pkcs9_asn1*.h* \
+ pkcs12_asn1_files pkcs12_asn1*.h* \
+ digest_asn1_files digest_asn1*.h* \
+ kx509_asn1_files kx509_asn1*.h* \
+ test_asn1_files test_asn1*.h*
+
+dist_include_HEADERS = der.h heim_asn1.h der-protos.h der-private.h
+dist_include_HEADERS += asn1-common.h
+
+nodist_include_HEADERS = asn1_err.h
+nodist_include_HEADERS += krb5_asn1.h
+nodist_include_HEADERS += pkinit_asn1.h
+nodist_include_HEADERS += cms_asn1.h
+nodist_include_HEADERS += rfc2459_asn1.h
+nodist_include_HEADERS += pkcs8_asn1.h
+nodist_include_HEADERS += pkcs9_asn1.h
+nodist_include_HEADERS += pkcs12_asn1.h
+nodist_include_HEADERS += digest_asn1.h
+nodist_include_HEADERS += kx509_asn1.h
+
+priv_headers = krb5_asn1-priv.h
+priv_headers += pkinit_asn1-priv.h
+priv_headers += cms_asn1-priv.h
+priv_headers += rfc2459_asn1-priv.h
+priv_headers += pkcs8_asn1-priv.h
+priv_headers += pkcs9_asn1-priv.h
+priv_headers += pkcs12_asn1-priv.h
+priv_headers += digest_asn1-priv.h
+priv_headers += kx509_asn1-priv.h
+priv_headers += test_asn1.h test_asn1-priv.h
+
+
+
+$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(libasn1base_la_OBJECTS): asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(check_gen_OBJECTS): test_asn1.h
+$(check_template_OBJECTS): test_asn1_files
+$(asn1_print_OBJECTS): krb5_asn1.h
+
+asn1parse.h: asn1parse.c
+
+$(gen_files_krb5) krb5_asn1.hx krb5_asn1-priv.hx: krb5_asn1_files
+$(gen_files_pkinit) pkinit_asn1.hx pkinit_asn1-priv.hx: pkinit_asn1_files
+$(gen_files_pkcs8) pkcs8_asn1.hx pkcs8_asn1-priv.hx: pkcs8_asn1_files
+$(gen_files_pkcs9) pkcs9_asn1.hx pkcs9_asn1-priv.hx: pkcs9_asn1_files
+$(gen_files_pkcs12) pkcs12_asn1.hx pkcs12_asn1-priv.hx: pkcs12_asn1_files
+$(gen_files_digest) digest_asn1.hx digest_asn1-priv.hx: digest_asn1_files
+$(gen_files_kx509) kx509_asn1.hx kx509_asn1-priv.hx: kx509_asn1_files
+$(gen_files_rfc2459) rfc2459_asn1.hx rfc2459_asn1-priv.hx: rfc2459_asn1_files
+$(gen_files_cms) cms_asn1.hx cms_asn1-priv.hx: cms_asn1_files
+$(gen_files_test) test_asn1.hx test_asn1-priv.hx: test_asn1_files
+
+rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1
+ $(ASN1_COMPILE) --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1)
+
+cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/cms.asn1 $(srcdir)/cms.opt
+ $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/cms.opt $(srcdir)/cms.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1)
+
+krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/krb5.asn1 $(srcdir)/krb5.opt
+ $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/krb5.opt $(srcdir)/krb5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1)
+
+pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1)
+
+pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1)
+
+pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1)
+
+pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1)
+
+digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1)
+
+kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1)
+
+test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1
+ $(ASN1_COMPILE) --one-code-file --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1)
+
+
+EXTRA_DIST = \
+ NTMakefile \
+ asn1_compile-version.rc \
+ libasn1-exports.def \
+ cms.asn1 \
+ cms.opt \
+ asn1_err.et \
+ canthandle.asn1 \
+ digest.asn1 \
+ krb5.asn1 \
+ krb5.opt \
+ kx509.asn1 \
+ pkcs12.asn1 \
+ pkcs8.asn1 \
+ pkcs9.asn1 \
+ pkinit.asn1 \
+ rfc2459.asn1 \
+ setchgpw2.asn1 \
+ test.asn1 \
+ test.gen \
+ version-script.map
+
+$(srcdir)/der-protos.h:
+ cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1base_la_SOURCES) || rm -f der-protos.h
+
+$(srcdir)/der-private.h:
+ cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p der-private.h $(dist_libasn1base_la_SOURCES) || rm -f der-private.h
diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in
new file mode 100644
index 000000000000..ab377b3090f2
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/Makefile.in
@@ -0,0 +1,1473 @@
+# Makefile.in generated by automake 1.11.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
+# Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# $Id$
+
+# $Id$
+
+# $Id$
+
+
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+DIST_COMMON = $(dist_include_HEADERS) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in $(top_srcdir)/Makefile.am.common \
+ $(top_srcdir)/cf/Makefile.am.common ChangeLog asn1parse.c \
+ asn1parse.h lex.c
+@versionscript_TRUE@am__append_1 = $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map
+noinst_PROGRAMS = asn1_gen$(EXEEXT)
+libexec_heimdal_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT)
+TESTS = check-der$(EXEEXT) check-gen$(EXEEXT) check-timegm$(EXEEXT) \
+ check-ber$(EXEEXT) check-template$(EXEEXT)
+check_PROGRAMS = $(am__EXEEXT_1)
+subdir = lib/asn1
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/cf/aix.m4 \
+ $(top_srcdir)/cf/auth-modules.m4 \
+ $(top_srcdir)/cf/broken-getaddrinfo.m4 \
+ $(top_srcdir)/cf/broken-glob.m4 \
+ $(top_srcdir)/cf/broken-realloc.m4 \
+ $(top_srcdir)/cf/broken-snprintf.m4 $(top_srcdir)/cf/broken.m4 \
+ $(top_srcdir)/cf/broken2.m4 $(top_srcdir)/cf/c-attribute.m4 \
+ $(top_srcdir)/cf/capabilities.m4 \
+ $(top_srcdir)/cf/check-compile-et.m4 \
+ $(top_srcdir)/cf/check-getpwnam_r-posix.m4 \
+ $(top_srcdir)/cf/check-man.m4 \
+ $(top_srcdir)/cf/check-netinet-ip-and-tcp.m4 \
+ $(top_srcdir)/cf/check-type-extra.m4 \
+ $(top_srcdir)/cf/check-var.m4 $(top_srcdir)/cf/check-x.m4 \
+ $(top_srcdir)/cf/check-xau.m4 $(top_srcdir)/cf/crypto.m4 \
+ $(top_srcdir)/cf/db.m4 $(top_srcdir)/cf/destdirs.m4 \
+ $(top_srcdir)/cf/dispatch.m4 $(top_srcdir)/cf/dlopen.m4 \
+ $(top_srcdir)/cf/find-func-no-libs.m4 \
+ $(top_srcdir)/cf/find-func-no-libs2.m4 \
+ $(top_srcdir)/cf/find-func.m4 \
+ $(top_srcdir)/cf/find-if-not-broken.m4 \
+ $(top_srcdir)/cf/framework-security.m4 \
+ $(top_srcdir)/cf/have-struct-field.m4 \
+ $(top_srcdir)/cf/have-type.m4 $(top_srcdir)/cf/irix.m4 \
+ $(top_srcdir)/cf/krb-bigendian.m4 \
+ $(top_srcdir)/cf/krb-func-getlogin.m4 \
+ $(top_srcdir)/cf/krb-ipv6.m4 $(top_srcdir)/cf/krb-prog-ln-s.m4 \
+ $(top_srcdir)/cf/krb-readline.m4 \
+ $(top_srcdir)/cf/krb-struct-spwd.m4 \
+ $(top_srcdir)/cf/krb-struct-winsize.m4 \
+ $(top_srcdir)/cf/largefile.m4 $(top_srcdir)/cf/libtool.m4 \
+ $(top_srcdir)/cf/ltoptions.m4 $(top_srcdir)/cf/ltsugar.m4 \
+ $(top_srcdir)/cf/ltversion.m4 $(top_srcdir)/cf/lt~obsolete.m4 \
+ $(top_srcdir)/cf/mips-abi.m4 $(top_srcdir)/cf/misc.m4 \
+ $(top_srcdir)/cf/need-proto.m4 $(top_srcdir)/cf/osfc2.m4 \
+ $(top_srcdir)/cf/otp.m4 $(top_srcdir)/cf/pkg.m4 \
+ $(top_srcdir)/cf/proto-compat.m4 $(top_srcdir)/cf/pthreads.m4 \
+ $(top_srcdir)/cf/resolv.m4 $(top_srcdir)/cf/retsigtype.m4 \
+ $(top_srcdir)/cf/roken-frag.m4 \
+ $(top_srcdir)/cf/socket-wrapper.m4 $(top_srcdir)/cf/sunos.m4 \
+ $(top_srcdir)/cf/telnet.m4 $(top_srcdir)/cf/test-package.m4 \
+ $(top_srcdir)/cf/version-script.m4 $(top_srcdir)/cf/wflags.m4 \
+ $(top_srcdir)/cf/win32.m4 $(top_srcdir)/cf/with-all.m4 \
+ $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/include/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__installdirs = "$(DESTDIR)$(libdir)" \
+ "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)" \
+ "$(DESTDIR)$(includedir)"
+LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libasn1_la_DEPENDENCIES = libasn1base.la $(am__DEPENDENCIES_1)
+am__objects_1 = asn1_rfc2459_asn1.lo
+am__objects_2 = asn1_cms_asn1.lo
+am__objects_3 = asn1_krb5_asn1.lo
+am__objects_4 = asn1_pkinit_asn1.lo
+am__objects_5 = asn1_pkcs8_asn1.lo
+am__objects_6 = asn1_pkcs9_asn1.lo
+am__objects_7 = asn1_pkcs12_asn1.lo
+am__objects_8 = asn1_digest_asn1.lo
+am__objects_9 = asn1_kx509_asn1.lo
+am__objects_10 = $(am__objects_1) $(am__objects_2) $(am__objects_3) \
+ $(am__objects_4) $(am__objects_5) $(am__objects_6) \
+ $(am__objects_7) $(am__objects_8) $(am__objects_9)
+nodist_libasn1_la_OBJECTS = $(am__objects_10)
+libasn1_la_OBJECTS = $(nodist_libasn1_la_OBJECTS)
+libasn1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(libasn1_la_LDFLAGS) $(LDFLAGS) -o $@
+libasn1base_la_LIBADD =
+dist_libasn1base_la_OBJECTS = der.lo der_get.lo der_put.lo der_free.lo \
+ der_length.lo der_copy.lo der_cmp.lo der_format.lo extra.lo \
+ template.lo timegm.lo
+nodist_libasn1base_la_OBJECTS = asn1_err.lo
+libasn1base_la_OBJECTS = $(dist_libasn1base_la_OBJECTS) \
+ $(nodist_libasn1base_la_OBJECTS)
+am__EXEEXT_1 = check-der$(EXEEXT) check-gen$(EXEEXT) \
+ check-timegm$(EXEEXT) check-ber$(EXEEXT) \
+ check-template$(EXEEXT)
+PROGRAMS = $(libexec_heimdal_PROGRAMS) $(noinst_PROGRAMS)
+am_asn1_compile_OBJECTS = asn1parse.$(OBJEXT) gen.$(OBJEXT) \
+ gen_copy.$(OBJEXT) gen_decode.$(OBJEXT) gen_encode.$(OBJEXT) \
+ gen_free.$(OBJEXT) gen_glue.$(OBJEXT) gen_length.$(OBJEXT) \
+ gen_seq.$(OBJEXT) gen_template.$(OBJEXT) hash.$(OBJEXT) \
+ lex.$(OBJEXT) main.$(OBJEXT) symbol.$(OBJEXT)
+asn1_compile_OBJECTS = $(am_asn1_compile_OBJECTS)
+asn1_compile_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
+am_asn1_gen_OBJECTS = asn1_gen.$(OBJEXT)
+asn1_gen_OBJECTS = $(am_asn1_gen_OBJECTS)
+am__DEPENDENCIES_2 = libasn1base.la $(am__DEPENDENCIES_1)
+asn1_gen_DEPENDENCIES = $(am__DEPENDENCIES_2)
+am_asn1_print_OBJECTS = asn1_print.$(OBJEXT)
+asn1_print_OBJECTS = $(am_asn1_print_OBJECTS)
+asn1_print_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1)
+check_ber_SOURCES = check-ber.c
+check_ber_OBJECTS = check-ber.$(OBJEXT)
+am__DEPENDENCIES_3 = libasn1.la $(am__DEPENDENCIES_1)
+check_ber_DEPENDENCIES = $(am__DEPENDENCIES_3)
+am_check_der_OBJECTS = check-der.$(OBJEXT) check-common.$(OBJEXT)
+check_der_OBJECTS = $(am_check_der_OBJECTS)
+check_der_DEPENDENCIES = libasn1base.la $(am__DEPENDENCIES_1)
+dist_check_gen_OBJECTS = check-gen.$(OBJEXT) check-common.$(OBJEXT)
+am__objects_11 = asn1_test_asn1.$(OBJEXT)
+nodist_check_gen_OBJECTS = $(am__objects_11)
+check_gen_OBJECTS = $(dist_check_gen_OBJECTS) \
+ $(nodist_check_gen_OBJECTS)
+check_gen_DEPENDENCIES = libasn1.la $(am__DEPENDENCIES_1)
+am_check_template_OBJECTS = check-template.$(OBJEXT) \
+ check-common.$(OBJEXT)
+nodist_check_template_OBJECTS = $(am__objects_11)
+check_template_OBJECTS = $(am_check_template_OBJECTS) \
+ $(nodist_check_template_OBJECTS)
+check_template_DEPENDENCIES = $(am__DEPENDENCIES_2)
+check_timegm_SOURCES = check-timegm.c
+check_timegm_OBJECTS = check-timegm.$(OBJEXT)
+check_timegm_DEPENDENCIES = $(am__DEPENDENCIES_2)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+ $(LDFLAGS) -o $@
+@MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ ||
+LEXCOMPILE = $(LEX) $(LFLAGS) $(AM_LFLAGS)
+LTLEXCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(LEX) $(LFLAGS) $(AM_LFLAGS)
+YLWRAP = $(top_srcdir)/ylwrap
+@MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ ||
+YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
+LTYACCCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
+ --mode=compile $(YACC) $(YFLAGS) $(AM_YFLAGS)
+SOURCES = $(nodist_libasn1_la_SOURCES) $(dist_libasn1base_la_SOURCES) \
+ $(nodist_libasn1base_la_SOURCES) $(asn1_compile_SOURCES) \
+ $(asn1_gen_SOURCES) $(asn1_print_SOURCES) check-ber.c \
+ $(check_der_SOURCES) $(dist_check_gen_SOURCES) \
+ $(nodist_check_gen_SOURCES) $(check_template_SOURCES) \
+ $(nodist_check_template_SOURCES) check-timegm.c
+DIST_SOURCES = $(dist_libasn1base_la_SOURCES) $(asn1_compile_SOURCES) \
+ $(asn1_gen_SOURCES) $(asn1_print_SOURCES) check-ber.c \
+ $(check_der_SOURCES) $(dist_check_gen_SOURCES) \
+ $(check_template_SOURCES) check-timegm.c
+HEADERS = $(dist_include_HEADERS) $(nodist_include_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+am__tty_colors = \
+red=; grn=; lgn=; blu=; std=
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMTAR = @AMTAR@
+AR = @AR@
+ASN1_COMPILE = @ASN1_COMPILE@
+ASN1_COMPILE_DEP = @ASN1_COMPILE_DEP@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CAPNG_CFLAGS = @CAPNG_CFLAGS@
+CAPNG_LIBS = @CAPNG_LIBS@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+COMPILE_ET = @COMPILE_ET@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DBHEADER = @DBHEADER@
+DBLIB = @DBLIB@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DIR_com_err = @DIR_com_err@
+DIR_hcrypto = @DIR_hcrypto@
+DIR_hdbdir = @DIR_hdbdir@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GREP = @GREP@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_hcrypto = @INCLUDE_hcrypto@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+INCLUDE_krb4 = @INCLUDE_krb4@
+INCLUDE_libedit = @INCLUDE_libedit@
+INCLUDE_libintl = @INCLUDE_libintl@
+INCLUDE_openldap = @INCLUDE_openldap@
+INCLUDE_readline = @INCLUDE_readline@
+INCLUDE_sqlite3 = @INCLUDE_sqlite3@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LDFLAGS_VERSION_SCRIPT = @LDFLAGS_VERSION_SCRIPT@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBADD_roken = @LIBADD_roken@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_NDBM = @LIB_NDBM@
+LIB_XauFileName = @LIB_XauFileName@
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_XauWriteAuth = @LIB_XauWriteAuth@
+LIB_bswap16 = @LIB_bswap16@
+LIB_bswap32 = @LIB_bswap32@
+LIB_com_err = @LIB_com_err@
+LIB_com_err_a = @LIB_com_err_a@
+LIB_com_err_so = @LIB_com_err_so@
+LIB_crypt = @LIB_crypt@
+LIB_db_create = @LIB_db_create@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dispatch_async_f = @LIB_dispatch_async_f@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_dns_search = @LIB_dns_search@
+LIB_door_create = @LIB_door_create@
+LIB_freeaddrinfo = @LIB_freeaddrinfo@
+LIB_gai_strerror = @LIB_gai_strerror@
+LIB_getaddrinfo = @LIB_getaddrinfo@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_gethostbyname2 = @LIB_gethostbyname2@
+LIB_getnameinfo = @LIB_getnameinfo@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_hcrypto = @LIB_hcrypto@
+LIB_hcrypto_a = @LIB_hcrypto_a@
+LIB_hcrypto_appl = @LIB_hcrypto_appl@
+LIB_hcrypto_so = @LIB_hcrypto_so@
+LIB_hesiod = @LIB_hesiod@
+LIB_hstrerror = @LIB_hstrerror@
+LIB_kdb = @LIB_kdb@
+LIB_krb4 = @LIB_krb4@
+LIB_libedit = @LIB_libedit@
+LIB_libintl = @LIB_libintl@
+LIB_loadquery = @LIB_loadquery@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_openldap = @LIB_openldap@
+LIB_openpty = @LIB_openpty@
+LIB_otp = @LIB_otp@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_ndestroy = @LIB_res_ndestroy@
+LIB_res_nsearch = @LIB_res_nsearch@
+LIB_res_search = @LIB_res_search@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_sqlite3 = @LIB_sqlite3@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NO_AFS = @NO_AFS@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKG_CONFIG = @PKG_CONFIG@
+PTHREAD_CFLAGS = @PTHREAD_CFLAGS@
+PTHREAD_LDADD = @PTHREAD_LDADD@
+PTHREAD_LIBADD = @PTHREAD_LIBADD@
+RANLIB = @RANLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SLC = @SLC@
+SLC_DEP = @SLC_DEP@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VERSIONING = @VERSIONING@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+XMKMF = @XMKMF@
+X_CFLAGS = @X_CFLAGS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_LIBS = @X_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+YACC = @YACC@
+YFLAGS = -d -t
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dpagaix_cflags = @dpagaix_cflags@
+dpagaix_ldadd = @dpagaix_ldadd@
+dpagaix_ldflags = @dpagaix_ldflags@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+subdirs = @subdirs@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+SUFFIXES = .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8
+DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include
+AM_CPPFLAGS = $(INCLUDES_roken)
+@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME
+AM_CFLAGS = $(WFLAGS)
+CP = cp
+buildinclude = $(top_builddir)/include
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_setpcred = @LIB_setpcred@
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+libexec_heimdaldir = $(libexecdir)/heimdal
+NROFF_MAN = groff -mandoc -Tascii
+LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+
+@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+LIB_heimbase = $(top_builddir)/base/libheimbase.la
+@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la
+lib_LTLIBRARIES = libasn1.la
+libasn1_la_LDFLAGS = -version-info 8:0:0 $(am__append_1)
+noinst_LTLIBRARIES = libasn1base.la
+libasn1_la_LIBADD = \
+ libasn1base.la \
+ @LIB_com_err@ \
+ $(LIBADD_roken)
+
+BUILT_SOURCES = \
+ $(gen_files_rfc2459:.x=.c) \
+ $(gen_files_cms:.x=.c) \
+ $(gen_files_krb5:.x=.c) \
+ $(gen_files_pkinit:.x=.c) \
+ $(gen_files_pkcs8:.x=.c) \
+ $(gen_files_pkcs9:.x=.c) \
+ $(gen_files_pkcs12:.x=.c) \
+ $(gen_files_digest:.x=.c) \
+ $(gen_files_kx509:.x=.c)
+
+gen_files_krb5 = asn1_krb5_asn1.x
+gen_files_cms = asn1_cms_asn1.x
+gen_files_rfc2459 = asn1_rfc2459_asn1.x
+gen_files_pkinit = asn1_pkinit_asn1.x
+gen_files_pkcs12 = asn1_pkcs12_asn1.x
+gen_files_pkcs8 = asn1_pkcs8_asn1.x
+gen_files_pkcs9 = asn1_pkcs9_asn1.x
+gen_files_test = asn1_test_asn1.x
+gen_files_digest = asn1_digest_asn1.x
+gen_files_kx509 = asn1_kx509_asn1.x
+asn1_gen_SOURCES = asn1_gen.c
+asn1_print_SOURCES = asn1_print.c
+check_der_SOURCES = check-der.c check-common.c check-common.h
+check_template_SOURCES = check-template.c check-common.c check-common.h
+nodist_check_template_SOURCES = $(gen_files_test:.x=.c)
+dist_check_gen_SOURCES = check-gen.c check-common.c check-common.h
+nodist_check_gen_SOURCES = $(gen_files_test:.x=.c)
+build_HEADERZ = asn1-template.h
+asn1_compile_SOURCES = \
+ asn1_queue.h \
+ asn1parse.y \
+ der.h \
+ gen.c \
+ gen_copy.c \
+ gen_decode.c \
+ gen_encode.c \
+ gen_free.c \
+ gen_glue.c \
+ gen_length.c \
+ gen_locl.h \
+ gen_seq.c \
+ gen_template.c \
+ hash.c \
+ hash.h \
+ lex.l \
+ lex.h \
+ main.c \
+ asn1-template.h \
+ symbol.c \
+ symbol.h
+
+dist_libasn1base_la_SOURCES = \
+ der_locl.h \
+ der.c \
+ der.h \
+ der_get.c \
+ der_put.c \
+ der_free.c \
+ der_length.c \
+ der_copy.c \
+ der_cmp.c \
+ der_format.c \
+ heim_asn1.h \
+ extra.c \
+ template.c \
+ timegm.c
+
+nodist_libasn1base_la_SOURCES = \
+ asn1_err.h \
+ asn1_err.c
+
+nodist_libasn1_la_SOURCES = $(BUILT_SOURCES)
+asn1_compile_LDADD = \
+ $(LIB_roken) $(LEXLIB)
+
+check_der_LDADD = \
+ libasn1base.la \
+ $(LIB_roken)
+
+check_template_LDADD = $(check_der_LDADD)
+asn1_print_LDADD = $(check_der_LDADD) $(LIB_com_err)
+asn1_gen_LDADD = $(check_der_LDADD)
+check_timegm_LDADD = $(check_der_LDADD)
+check_gen_LDADD = \
+ libasn1.la \
+ $(LIB_roken)
+
+check_ber_LDADD = $(check_gen_LDADD)
+CLEANFILES = \
+ $(BUILT_SOURCES) \
+ $(gen_files_rfc2459) \
+ $(gen_files_cms) \
+ $(gen_files_krb5) \
+ $(gen_files_pkinit) \
+ $(gen_files_pkcs8) \
+ $(gen_files_pkcs9) \
+ $(gen_files_pkcs12) \
+ $(gen_files_digest) \
+ $(gen_files_kx509) \
+ $(gen_files_test) $(nodist_check_gen_SOURCES) \
+ asn1_err.c asn1_err.h \
+ rfc2459_asn1_files rfc2459_asn1*.h* \
+ cms_asn1_files cms_asn1*.h* \
+ krb5_asn1_files krb5_asn1*.h* \
+ pkinit_asn1_files pkinit_asn1*.h* \
+ pkcs8_asn1_files pkcs8_asn1*.h* \
+ pkcs9_asn1_files pkcs9_asn1*.h* \
+ pkcs12_asn1_files pkcs12_asn1*.h* \
+ digest_asn1_files digest_asn1*.h* \
+ kx509_asn1_files kx509_asn1*.h* \
+ test_asn1_files test_asn1*.h*
+
+dist_include_HEADERS = der.h heim_asn1.h der-protos.h der-private.h \
+ asn1-common.h
+nodist_include_HEADERS = asn1_err.h krb5_asn1.h pkinit_asn1.h \
+ cms_asn1.h rfc2459_asn1.h pkcs8_asn1.h pkcs9_asn1.h \
+ pkcs12_asn1.h digest_asn1.h kx509_asn1.h
+priv_headers = krb5_asn1-priv.h pkinit_asn1-priv.h cms_asn1-priv.h \
+ rfc2459_asn1-priv.h pkcs8_asn1-priv.h pkcs9_asn1-priv.h \
+ pkcs12_asn1-priv.h digest_asn1-priv.h kx509_asn1-priv.h \
+ test_asn1.h test_asn1-priv.h
+EXTRA_DIST = \
+ NTMakefile \
+ asn1_compile-version.rc \
+ libasn1-exports.def \
+ cms.asn1 \
+ cms.opt \
+ asn1_err.et \
+ canthandle.asn1 \
+ digest.asn1 \
+ krb5.asn1 \
+ krb5.opt \
+ kx509.asn1 \
+ pkcs12.asn1 \
+ pkcs8.asn1 \
+ pkcs9.asn1 \
+ pkinit.asn1 \
+ rfc2459.asn1 \
+ setchgpw2.asn1 \
+ test.asn1 \
+ test.gen \
+ version-script.map
+
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .et .h .x .z .hx .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .l .lo .o .obj .y
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --foreign lib/asn1/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+ }
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libasn1.la: $(libasn1_la_OBJECTS) $(libasn1_la_DEPENDENCIES)
+ $(libasn1_la_LINK) -rpath $(libdir) $(libasn1_la_OBJECTS) $(libasn1_la_LIBADD) $(LIBS)
+libasn1base.la: $(libasn1base_la_OBJECTS) $(libasn1base_la_DEPENDENCIES)
+ $(LINK) $(libasn1base_la_OBJECTS) $(libasn1base_la_LIBADD) $(LIBS)
+
+clean-checkPROGRAMS:
+ @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \
+ echo " rm -f" $$list; \
+ rm -f $$list || exit $$?; \
+ test -n "$(EXEEXT)" || exit 0; \
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+install-libexec_heimdalPROGRAMS: $(libexec_heimdal_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(libexec_heimdaldir)" || $(MKDIR_P) "$(DESTDIR)$(libexec_heimdaldir)"
+ @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed 's/$(EXEEXT)$$//' | \
+ while read p p1; do if test -f $$p || test -f $$p1; \
+ then echo "$$p"; echo "$$p"; else :; fi; \
+ done | \
+ sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \
+ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
+ sed 'N;N;N;s,\n, ,g' | \
+ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
+ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
+ if ($$2 == $$4) files[d] = files[d] " " $$1; \
+ else { print "f", $$3 "/" $$4, $$1; } } \
+ END { for (d in files) print "f", d, files[d] }' | \
+ while read type dir files; do \
+ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
+ test -z "$$files" || { \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(libexec_heimdaldir)$$dir'"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(libexec_heimdaldir)$$dir" || exit $$?; \
+ } \
+ ; done
+
+uninstall-libexec_heimdalPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(libexec_heimdal_PROGRAMS)'; test -n "$(libexec_heimdaldir)" || list=; \
+ files=`for p in $$list; do echo "$$p"; done | \
+ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
+ -e 's/$$/$(EXEEXT)/' `; \
+ test -n "$$list" || exit 0; \
+ echo " ( cd '$(DESTDIR)$(libexec_heimdaldir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(libexec_heimdaldir)" && rm -f $$files
+
+clean-libexec_heimdalPROGRAMS:
+ @list='$(libexec_heimdal_PROGRAMS)'; test -n "$$list" || exit 0; \
+ echo " rm -f" $$list; \
+ rm -f $$list || exit $$?; \
+ test -n "$(EXEEXT)" || exit 0; \
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+
+clean-noinstPROGRAMS:
+ @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \
+ echo " rm -f" $$list; \
+ rm -f $$list || exit $$?; \
+ test -n "$(EXEEXT)" || exit 0; \
+ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f" $$list; \
+ rm -f $$list
+asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES)
+ @rm -f asn1_compile$(EXEEXT)
+ $(LINK) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS)
+asn1_gen$(EXEEXT): $(asn1_gen_OBJECTS) $(asn1_gen_DEPENDENCIES)
+ @rm -f asn1_gen$(EXEEXT)
+ $(LINK) $(asn1_gen_OBJECTS) $(asn1_gen_LDADD) $(LIBS)
+asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES)
+ @rm -f asn1_print$(EXEEXT)
+ $(LINK) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS)
+check-ber$(EXEEXT): $(check_ber_OBJECTS) $(check_ber_DEPENDENCIES)
+ @rm -f check-ber$(EXEEXT)
+ $(LINK) $(check_ber_OBJECTS) $(check_ber_LDADD) $(LIBS)
+check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES)
+ @rm -f check-der$(EXEEXT)
+ $(LINK) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS)
+check-gen$(EXEEXT): $(check_gen_OBJECTS) $(check_gen_DEPENDENCIES)
+ @rm -f check-gen$(EXEEXT)
+ $(LINK) $(check_gen_OBJECTS) $(check_gen_LDADD) $(LIBS)
+check-template$(EXEEXT): $(check_template_OBJECTS) $(check_template_DEPENDENCIES)
+ @rm -f check-template$(EXEEXT)
+ $(LINK) $(check_template_OBJECTS) $(check_template_LDADD) $(LIBS)
+check-timegm$(EXEEXT): $(check_timegm_OBJECTS) $(check_timegm_DEPENDENCIES)
+ @rm -f check-timegm$(EXEEXT)
+ $(LINK) $(check_timegm_OBJECTS) $(check_timegm_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_cms_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_digest_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_err.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_gen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_krb5_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_kx509_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs12_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs8_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkcs9_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_pkinit_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_print.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_rfc2459_asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1_test_asn1.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1parse.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-ber.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-common.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-der.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-gen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-template.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check-timegm.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_cmp.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_copy.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_format.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_free.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_get.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_length.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/der_put.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/extra.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_copy.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_decode.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_encode.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_free.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_glue.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_length.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_seq.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gen_template.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hash.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lex.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/symbol.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/template.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/timegm.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+.l.c:
+ $(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE)
+
+.y.c:
+ $(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h $*.h y.output $*.output -- $(YACCCOMPILE)
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+install-dist_includeHEADERS: $(dist_include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \
+ done
+
+uninstall-dist_includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(dist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ test -n "$$files" || exit 0; \
+ echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(includedir)" && rm -f $$files
+install-nodist_includeHEADERS: $(nodist_include_HEADERS)
+ @$(NORMAL_INSTALL)
+ test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)"
+ @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+ for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ echo "$$d$$p"; \
+ done | $(am__base_list) | \
+ while read files; do \
+ echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \
+ $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \
+ done
+
+uninstall-nodist_includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(nodist_include_HEADERS)'; test -n "$(includedir)" || list=; \
+ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+ test -n "$$files" || exit 0; \
+ echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \
+ cd "$(DESTDIR)$(includedir)" && rm -f $$files
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ set x; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in files) print i; }; }'`; \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ $(am__tty_colors); \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *[\ \ ]$$tst[\ \ ]*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ col=$$red; res=XPASS; \
+ ;; \
+ *) \
+ col=$$grn; res=PASS; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *[\ \ ]$$tst[\ \ ]*) \
+ xfail=`expr $$xfail + 1`; \
+ col=$$lgn; res=XFAIL; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ col=$$red; res=FAIL; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ col=$$blu; res=SKIP; \
+ fi; \
+ echo "$${col}$$res$${std}: $$tst"; \
+ done; \
+ if test "$$all" -eq 1; then \
+ tests="test"; \
+ All=""; \
+ else \
+ tests="tests"; \
+ All="All "; \
+ fi; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="$$All$$all $$tests passed"; \
+ else \
+ if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \
+ banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all $$tests failed"; \
+ else \
+ if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \
+ banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ if test "$$skip" -eq 1; then \
+ skipped="($$skip test was not run)"; \
+ else \
+ skipped="($$skip tests were not run)"; \
+ fi; \
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ if test "$$failed" -eq 0; then \
+ echo "$$grn$$dashes"; \
+ else \
+ echo "$$red$$dashes"; \
+ fi; \
+ echo "$$banner"; \
+ test -z "$$skipped" || echo "$$skipped"; \
+ test -z "$$report" || echo "$$report"; \
+ echo "$$dashes$$std"; \
+ test "$$failed" -eq 0; \
+ else :; fi
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="$(top_distdir)" distdir="$(distdir)" \
+ dist-hook
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(libexec_heimdaldir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -rm -f asn1parse.c
+ -rm -f asn1parse.h
+ -rm -f lex.c
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-am
+
+clean-am: clean-checkPROGRAMS clean-generic clean-libLTLIBRARIES \
+ clean-libexec_heimdalPROGRAMS clean-libtool \
+ clean-noinstLTLIBRARIES clean-noinstPROGRAMS mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-dist_includeHEADERS \
+ install-nodist_includeHEADERS
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-data-hook
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES \
+ install-libexec_heimdalPROGRAMS
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-dist_includeHEADERS uninstall-libLTLIBRARIES \
+ uninstall-libexec_heimdalPROGRAMS \
+ uninstall-nodist_includeHEADERS
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) uninstall-hook
+.MAKE: all check check-am install install-am install-data-am \
+ install-exec-am install-strip uninstall-am
+
+.PHONY: CTAGS GTAGS all all-am all-local check check-TESTS check-am \
+ check-local clean clean-checkPROGRAMS clean-generic \
+ clean-libLTLIBRARIES clean-libexec_heimdalPROGRAMS \
+ clean-libtool clean-noinstLTLIBRARIES clean-noinstPROGRAMS \
+ ctags dist-hook distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-data-hook install-dist_includeHEADERS \
+ install-dvi install-dvi-am install-exec install-exec-am \
+ install-exec-hook install-html install-html-am install-info \
+ install-info-am install-libLTLIBRARIES \
+ install-libexec_heimdalPROGRAMS install-man \
+ install-nodist_includeHEADERS install-pdf install-pdf-am \
+ install-ps install-ps-am install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-dist_includeHEADERS \
+ uninstall-hook uninstall-libLTLIBRARIES \
+ uninstall-libexec_heimdalPROGRAMS \
+ uninstall-nodist_includeHEADERS
+
+
+install-suid-programs:
+ @foo='$(bin_SUIDS)'; \
+ for file in $$foo; do \
+ x=$(DESTDIR)$(bindir)/$$file; \
+ if chown 0:0 $$x && chmod u+s $$x; then :; else \
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ) $(nobase_include_HEADERS)
+ @foo='$(include_HEADERS) $(dist_include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \
+ for f in $$foo; do \
+ f=`basename $$f`; \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done ; \
+ foo='$(nobase_include_HEADERS)'; \
+ for f in $$foo; do \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ $(mkdir_p) $(buildinclude)/`dirname $$f` ; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done
+
+all-local: install-build-headers
+
+check-local::
+ @if test '$(CHECK_LOCAL)' = "no-check-local"; then \
+ foo=''; elif test '$(CHECK_LOCAL)'; then \
+ foo='$(CHECK_LOCAL)'; else \
+ foo='$(PROGRAMS)'; fi; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if (./$$i --version && ./$$i --help) > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0 || exit 1; \
+ fi
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+
+.hx.h:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+#NROFF_MAN = nroff -man
+.1.cat1:
+ $(NROFF_MAN) $< > $@
+.3.cat3:
+ $(NROFF_MAN) $< > $@
+.5.cat5:
+ $(NROFF_MAN) $< > $@
+.8.cat8:
+ $(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+ @foo='$(man1_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.1) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat3-mans:
+ @foo='$(man3_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.3) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat5-mans:
+ @foo='$(man5_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.5) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat8-mans:
+ @foo='$(man8_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.8) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh install "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+uninstall-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh uninstall "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-hook: install-cat-mans
+uninstall-hook: uninstall-cat-mans
+
+.et.h:
+ $(COMPILE_ET) $<
+.et.c:
+ $(COMPILE_ET) $<
+
+#
+# Useful target for debugging
+#
+
+check-valgrind:
+ tobjdir=`cd $(top_builddir) && pwd` ; \
+ tsrcdir=`cd $(top_srcdir) && pwd` ; \
+ env TESTS_ENVIRONMENT="$${tsrcdir}/cf/maybe-valgrind.sh -s $${tsrcdir} -o $${tobjdir}" make check
+
+#
+# Target to please samba build farm, builds distfiles in-tree.
+# Will break when automake changes...
+#
+
+distdir-in-tree: $(DISTFILES) $(INFO_DEPS)
+ list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+ if test "$$subdir" != .; then \
+ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) distdir-in-tree) ; \
+ fi ; \
+ done
+
+$(asn1_compile_OBJECTS): asn1parse.h asn1parse.c $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(libasn1_la_OBJECTS): $(nodist_include_HEADERS) $(priv_headers) asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(libasn1base_la_OBJECTS): asn1_err.h $(srcdir)/der-protos.h $(srcdir)/der-private.h
+$(check_gen_OBJECTS): test_asn1.h
+$(check_template_OBJECTS): test_asn1_files
+$(asn1_print_OBJECTS): krb5_asn1.h
+
+asn1parse.h: asn1parse.c
+
+$(gen_files_krb5) krb5_asn1.hx krb5_asn1-priv.hx: krb5_asn1_files
+$(gen_files_pkinit) pkinit_asn1.hx pkinit_asn1-priv.hx: pkinit_asn1_files
+$(gen_files_pkcs8) pkcs8_asn1.hx pkcs8_asn1-priv.hx: pkcs8_asn1_files
+$(gen_files_pkcs9) pkcs9_asn1.hx pkcs9_asn1-priv.hx: pkcs9_asn1_files
+$(gen_files_pkcs12) pkcs12_asn1.hx pkcs12_asn1-priv.hx: pkcs12_asn1_files
+$(gen_files_digest) digest_asn1.hx digest_asn1-priv.hx: digest_asn1_files
+$(gen_files_kx509) kx509_asn1.hx kx509_asn1-priv.hx: kx509_asn1_files
+$(gen_files_rfc2459) rfc2459_asn1.hx rfc2459_asn1-priv.hx: rfc2459_asn1_files
+$(gen_files_cms) cms_asn1.hx cms_asn1-priv.hx: cms_asn1_files
+$(gen_files_test) test_asn1.hx test_asn1-priv.hx: test_asn1_files
+
+rfc2459_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/rfc2459.asn1
+ $(ASN1_COMPILE) --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints $(srcdir)/rfc2459.asn1 rfc2459_asn1 || (rm -f rfc2459_asn1_files ; exit 1)
+
+cms_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/cms.asn1 $(srcdir)/cms.opt
+ $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/cms.opt $(srcdir)/cms.asn1 cms_asn1 || (rm -f cms_asn1_files ; exit 1)
+
+krb5_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/krb5.asn1 $(srcdir)/krb5.opt
+ $(ASN1_COMPILE) --one-code-file --option-file=$(srcdir)/krb5.opt $(srcdir)/krb5.asn1 krb5_asn1 || (rm -f krb5_asn1_files ; exit 1)
+
+pkinit_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkinit.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkinit.asn1 pkinit_asn1 || (rm -f pkinit_asn1_files ; exit 1)
+
+pkcs8_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs8.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs8.asn1 pkcs8_asn1 || (rm -f pkcs8_asn1_files ; exit 1)
+
+pkcs9_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs9.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs9.asn1 pkcs9_asn1 || (rm -f pkcs9_asn1_files ; exit 1)
+
+pkcs12_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/pkcs12.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/pkcs12.asn1 pkcs12_asn1 || (rm -f pkcs12_asn1_files ; exit 1)
+
+digest_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/digest.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/digest.asn1 digest_asn1 || (rm -f digest_asn1_files ; exit 1)
+
+kx509_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/kx509.asn1
+ $(ASN1_COMPILE) --one-code-file $(srcdir)/kx509.asn1 kx509_asn1 || (rm -f kx509_asn1_files ; exit 1)
+
+test_asn1_files: asn1_compile$(EXEEXT) $(srcdir)/test.asn1
+ $(ASN1_COMPILE) --one-code-file --sequence=TESTSeqOf $(srcdir)/test.asn1 test_asn1 || (rm -f test_asn1_files ; exit 1)
+
+$(srcdir)/der-protos.h:
+ cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o der-protos.h $(dist_libasn1base_la_SOURCES) || rm -f der-protos.h
+
+$(srcdir)/der-private.h:
+ cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p der-private.h $(dist_libasn1base_la_SOURCES) || rm -f der-private.h
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/asn1/asn1-common.h b/crypto/heimdal/lib/asn1/asn1-common.h
new file mode 100644
index 000000000000..4083ebc23dd6
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1-common.h
@@ -0,0 +1,79 @@
+/* $Id$ */
+
+#include <stddef.h>
+#include <time.h>
+#include <krb5-types.h>
+
+#ifndef __asn1_common_definitions__
+#define __asn1_common_definitions__
+
+typedef struct heim_integer {
+ size_t length;
+ void *data;
+ int negative;
+} heim_integer;
+
+typedef struct heim_octet_string {
+ size_t length;
+ void *data;
+} heim_octet_string;
+
+typedef char *heim_general_string;
+typedef char *heim_utf8_string;
+typedef struct heim_octet_string heim_printable_string;
+typedef struct heim_octet_string heim_ia5_string;
+
+typedef struct heim_bmp_string {
+ size_t length;
+ uint16_t *data;
+} heim_bmp_string;
+
+typedef struct heim_universal_string {
+ size_t length;
+ uint32_t *data;
+} heim_universal_string;
+
+typedef char *heim_visible_string;
+
+typedef struct heim_oid {
+ size_t length;
+ unsigned *components;
+} heim_oid;
+
+typedef struct heim_bit_string {
+ size_t length;
+ void *data;
+} heim_bit_string;
+
+typedef struct heim_octet_string heim_any;
+typedef struct heim_octet_string heim_any_set;
+
+#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \
+ do { \
+ (BL) = length_##T((S)); \
+ (B) = malloc((BL)); \
+ if((B) == NULL) { \
+ (R) = ENOMEM; \
+ } else { \
+ (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \
+ (S), (L)); \
+ if((R) != 0) { \
+ free((B)); \
+ (B) = NULL; \
+ } \
+ } \
+ } while (0)
+
+#ifdef _WIN32
+#ifndef ASN1_LIB
+#define ASN1EXP __declspec(dllimport)
+#else
+#define ASN1EXP
+#endif
+#define ASN1CALL __stdcall
+#else
+#define ASN1EXP
+#define ASN1CALL
+#endif
+
+#endif
diff --git a/crypto/heimdal/lib/asn1/asn1-template.h b/crypto/heimdal/lib/asn1/asn1-template.h
new file mode 100644
index 000000000000..107706ce8340
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1-template.h
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* asn1 templates */
+
+#ifndef __TEMPLATE_H__
+#define __TEMPLATE_H__
+
+/* tag:
+ * 0..20 tag
+ * 21 type
+ * 22..23 class
+ * 24..27 flags
+ * 28..31 op
+ */
+
+/* parse:
+ * 0..11 type
+ * 12..23 unused
+ * 24..27 flags
+ * 28..31 op
+ */
+
+#define A1_OP_MASK (0xf0000000)
+#define A1_OP_TYPE (0x10000000)
+#define A1_OP_TYPE_EXTERN (0x20000000)
+#define A1_OP_TAG (0x30000000)
+#define A1_OP_PARSE (0x40000000)
+#define A1_OP_SEQOF (0x50000000)
+#define A1_OP_SETOF (0x60000000)
+#define A1_OP_BMEMBER (0x70000000)
+#define A1_OP_CHOICE (0x80000000)
+
+#define A1_FLAG_MASK (0x0f000000)
+#define A1_FLAG_OPTIONAL (0x01000000)
+#define A1_FLAG_IMPLICIT (0x02000000)
+
+#define A1_TAG_T(CLASS,TYPE,TAG) ((A1_OP_TAG) | (((CLASS) << 22) | ((TYPE) << 21) | (TAG)))
+#define A1_TAG_CLASS(x) (((x) >> 22) & 0x3)
+#define A1_TAG_TYPE(x) (((x) >> 21) & 0x1)
+#define A1_TAG_TAG(x) ((x) & 0x1fffff)
+
+#define A1_TAG_LEN(t) ((uintptr_t)(t)->ptr)
+#define A1_HEADER_LEN(t) ((uintptr_t)(t)->ptr)
+
+#define A1_PARSE_T(type) ((A1_OP_PARSE) | (type))
+#define A1_PARSE_TYPE_MASK 0xfff
+#define A1_PARSE_TYPE(x) (A1_PARSE_TYPE_MASK & (x))
+
+#define A1_PF_INDEFINTE 0x1
+#define A1_PF_ALLOW_BER 0x2
+
+#define A1_HF_PRESERVE 0x1
+#define A1_HF_ELLIPSIS 0x2
+
+#define A1_HBF_RFC1510 0x1
+
+
+struct asn1_template {
+ uint32_t tt;
+ size_t offset;
+ const void *ptr;
+};
+
+typedef int (*asn1_type_decode)(const unsigned char *, size_t, void *, size_t *);
+typedef int (*asn1_type_encode)(unsigned char *, size_t, const void *, size_t *);
+typedef size_t (*asn1_type_length)(const void *);
+typedef void (*asn1_type_release)(void *);
+typedef int (*asn1_type_copy)(const void *, void *);
+
+struct asn1_type_func {
+ asn1_type_encode encode;
+ asn1_type_decode decode;
+ asn1_type_length length;
+ asn1_type_copy copy;
+ asn1_type_release release;
+ size_t size;
+};
+
+struct template_of {
+ unsigned int len;
+ void *val;
+};
+
+enum template_types {
+ A1T_IMEMBER = 0,
+ A1T_HEIM_INTEGER,
+ A1T_INTEGER,
+ A1T_UNSIGNED,
+ A1T_GENERAL_STRING,
+ A1T_OCTET_STRING,
+ A1T_OCTET_STRING_BER,
+ A1T_IA5_STRING,
+ A1T_BMP_STRING,
+ A1T_UNIVERSAL_STRING,
+ A1T_PRINTABLE_STRING,
+ A1T_VISIBLE_STRING,
+ A1T_UTF8_STRING,
+ A1T_GENERALIZED_TIME,
+ A1T_UTC_TIME,
+ A1T_HEIM_BIT_STRING,
+ A1T_BOOLEAN,
+ A1T_OID,
+ A1T_TELETEX_STRING,
+ A1T_NULL
+};
+
+
+#endif
diff --git a/crypto/heimdal/lib/asn1/asn1_err.et b/crypto/heimdal/lib/asn1/asn1_err.et
new file mode 100644
index 000000000000..ac7a9ebaa527
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1_err.et
@@ -0,0 +1,29 @@
+#
+# Error messages for the asn.1 library
+#
+# This might look like a com_err file, but is not
+#
+id "$Id$"
+
+error_table asn1
+prefix ASN1
+error_code BAD_TIMEFORMAT, "ASN.1 failed call to system time library"
+error_code MISSING_FIELD, "ASN.1 structure is missing a required field"
+error_code MISPLACED_FIELD, "ASN.1 unexpected field number"
+error_code TYPE_MISMATCH, "ASN.1 type numbers are inconsistent"
+error_code OVERFLOW, "ASN.1 value too large"
+error_code OVERRUN, "ASN.1 encoding ended unexpectedly"
+error_code BAD_ID, "ASN.1 identifier doesn't match expected value"
+error_code BAD_LENGTH, "ASN.1 length doesn't match expected value"
+error_code BAD_FORMAT, "ASN.1 badly-formatted encoding"
+error_code PARSE_ERROR, "ASN.1 parse error"
+error_code EXTRA_DATA, "ASN.1 extra data past end of end structure"
+error_code BAD_CHARACTER, "ASN.1 invalid character in string"
+error_code MIN_CONSTRAINT, "ASN.1 too few elements"
+error_code MAX_CONSTRAINT, "ASN.1 too many elements"
+error_code EXACT_CONSTRAINT, "ASN.1 wrong number of elements"
+error_code INDEF_OVERRUN, "ASN.1 BER indefinte encoding overrun"
+error_code INDEF_UNDERRUN, "ASN.1 BER indefinte encoding underun"
+error_code GOT_BER, "ASN.1 got BER encoded when expected DER"
+error_code INDEF_EXTRA_DATA, "ASN.1 EoC tag contained data"
+end
diff --git a/crypto/heimdal/lib/asn1/asn1_gen.c b/crypto/heimdal/lib/asn1/asn1_gen.c
new file mode 100644
index 000000000000..01dc68051622
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1_gen.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <com_err.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <ctype.h>
+#include <getarg.h>
+#include <hex.h>
+#include <err.h>
+
+RCSID("$Id$");
+
+static int
+doit(const char *fn)
+{
+ char buf[2048];
+ char *fnout = NULL;
+ const char *bname;
+ unsigned long line = 0;
+ FILE *f, *fout;
+ size_t offset = 0;
+
+ f = fopen(fn, "r");
+ if (f == NULL)
+ err(1, "fopen");
+
+ bname = strrchr(fn, '/');
+ if (bname)
+ bname++;
+ else
+ bname = fn;
+
+ if (asprintf(&fnout, "%s.out", bname) < 0 || fnout == NULL)
+ errx(1, "malloc");
+
+ fout = fopen(fnout, "w");
+ if (fout == NULL)
+ err(1, "fopen: output file");
+
+ while (fgets(buf, sizeof(buf), f) != NULL) {
+ char *ptr, *class, *type, *tag, *length, *data, *foo;
+ int ret, l, c, ty, ta;
+ unsigned char p[6], *pdata;
+ size_t sz;
+
+ line++;
+
+ buf[strcspn(buf, "\r\n")] = '\0';
+ if (buf[0] == '#' || buf[0] == '\0')
+ continue;
+
+ ptr = buf;
+ while (isspace((unsigned char)*ptr))
+ ptr++;
+
+ class = strtok_r(ptr, " \t\n", &foo);
+ if (class == NULL) errx(1, "class missing on line %lu", line);
+ type = strtok_r(NULL, " \t\n", &foo);
+ if (type == NULL) errx(1, "type missing on line %lu", line);
+ tag = strtok_r(NULL, " \t\n", &foo);
+ if (tag == NULL) errx(1, "tag missing on line %lu", line);
+ length = strtok_r(NULL, " \t\n", &foo);
+ if (length == NULL) errx(1, "length missing on line %lu", line);
+ data = strtok_r(NULL, " \t\n", &foo);
+
+ c = der_get_class_num(class);
+ if (c == -1) errx(1, "no valid class on line %lu", line);
+ ty = der_get_type_num(type);
+ if (ty == -1) errx(1, "no valid type on line %lu", line);
+ ta = der_get_tag_num(tag);
+ if (ta == -1)
+ ta = atoi(tag);
+
+ l = atoi(length);
+
+ printf("line: %3lu offset: %3lu class: %d type: %d "
+ "tag: %3d length: %3d %s\n",
+ line, (unsigned long)offset, c, ty, ta, l,
+ data ? "<have data>" : "<no data>");
+
+ ret = der_put_length_and_tag(p + sizeof(p) - 1, sizeof(p),
+ l,
+ c,
+ ty,
+ ta,
+ &sz);
+ if (ret)
+ errx(1, "der_put_length_and_tag: %d", ret);
+
+ if (fwrite(p + sizeof(p) - sz , sz, 1, fout) != 1)
+ err(1, "fwrite length/tag failed");
+ offset += sz;
+
+ if (data) {
+ size_t datalen;
+
+ datalen = strlen(data) / 2;
+ pdata = emalloc(sz);
+
+ if (hex_decode(data, pdata, datalen) != datalen)
+ errx(1, "failed to decode data");
+
+ if (fwrite(pdata, datalen, 1, fout) != 1)
+ err(1, "fwrite data failed");
+ offset += datalen;
+
+ free(pdata);
+ }
+ }
+ printf("line: eof offset: %lu\n", (unsigned long)offset);
+
+ fclose(fout);
+ fclose(f);
+ return 0;
+}
+
+
+static int version_flag;
+static int help_flag;
+struct getargs args[] = {
+ { "version", 0, arg_flag, &version_flag },
+ { "help", 0, arg_flag, &help_flag }
+};
+int num_args = sizeof(args) / sizeof(args[0]);
+
+static void
+usage(int code)
+{
+ arg_printusage(args, num_args, NULL, "parse-file");
+ exit(code);
+}
+
+int
+main(int argc, char **argv)
+{
+ int optidx = 0;
+
+ setprogname (argv[0]);
+
+ if(getarg(args, num_args, argc, argv, &optidx))
+ usage(1);
+ if(help_flag)
+ usage(0);
+ if(version_flag) {
+ print_version(NULL);
+ exit(0);
+ }
+ argv += optidx;
+ argc -= optidx;
+ if (argc != 1)
+ usage (1);
+
+ return doit (argv[0]);
+}
diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c
new file mode 100644
index 000000000000..84446e0d8b98
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1_print.c
@@ -0,0 +1,352 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <com_err.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <getarg.h>
+#include <err.h>
+#include <der.h>
+
+static int indent_flag = 1;
+static int inner_flag = 0;
+
+static unsigned long indefinite_form_loop;
+static unsigned long indefinite_form_loop_max = 10000;
+
+static size_t
+loop (unsigned char *buf, size_t len, int indent)
+{
+ unsigned char *start_buf = buf;
+
+ while (len > 0) {
+ int ret;
+ Der_class class;
+ Der_type type;
+ unsigned int tag;
+ size_t sz;
+ size_t length;
+ size_t loop_length = 0;
+ int end_tag = 0;
+ const char *tagname;
+
+ ret = der_get_tag (buf, len, &class, &type, &tag, &sz);
+ if (ret)
+ errx (1, "der_get_tag: %s", error_message (ret));
+ if (sz > len)
+ errx (1, "unreasonable length (%u) > %u",
+ (unsigned)sz, (unsigned)len);
+ buf += sz;
+ len -= sz;
+ if (indent_flag) {
+ int i;
+ for (i = 0; i < indent; ++i)
+ printf (" ");
+ }
+ printf ("%s %s ", der_get_class_name(class), der_get_type_name(type));
+ tagname = der_get_tag_name(tag);
+ if (class == ASN1_C_UNIV && tagname != NULL)
+ printf ("%s = ", tagname);
+ else
+ printf ("tag %d = ", tag);
+ ret = der_get_length (buf, len, &length, &sz);
+ if (ret)
+ errx (1, "der_get_tag: %s", error_message (ret));
+ if (sz > len)
+ errx (1, "unreasonable tag length (%u) > %u",
+ (unsigned)sz, (unsigned)len);
+ buf += sz;
+ len -= sz;
+ if (length == ASN1_INDEFINITE) {
+ if ((class == ASN1_C_UNIV && type == PRIM && tag == UT_OctetString) ||
+ (class == ASN1_C_CONTEXT && type == CONS) ||
+ (class == ASN1_C_UNIV && type == CONS && tag == UT_Sequence) ||
+ (class == ASN1_C_UNIV && type == CONS && tag == UT_Set)) {
+ printf("*INDEFINITE FORM*");
+ } else {
+ fflush(stdout);
+ errx(1, "indef form used on unsupported object");
+ }
+ end_tag = 1;
+ if (indefinite_form_loop > indefinite_form_loop_max)
+ errx(1, "indefinite form used recursively more then %lu "
+ "times, aborting", indefinite_form_loop_max);
+ indefinite_form_loop++;
+ length = len;
+ } else if (length > len) {
+ printf("\n");
+ fflush(stdout);
+ errx (1, "unreasonable inner length (%u) > %u",
+ (unsigned)length, (unsigned)len);
+ }
+ if (class == ASN1_C_CONTEXT || class == ASN1_C_APPL) {
+ printf ("%lu bytes [%u]", (unsigned long)length, tag);
+ if (type == CONS) {
+ printf("\n");
+ loop_length = loop (buf, length, indent + 2);
+ } else {
+ printf(" IMPLICIT content\n");
+ }
+ } else if (class == ASN1_C_UNIV) {
+ switch (tag) {
+ case UT_EndOfContent:
+ printf (" INDEFINITE length was %lu\n",
+ (unsigned long)(buf - start_buf));
+ break;
+ case UT_Set :
+ case UT_Sequence :
+ printf ("%lu bytes {\n", (unsigned long)length);
+ loop_length = loop (buf, length, indent + 2);
+ if (indent_flag) {
+ int i;
+ for (i = 0; i < indent; ++i)
+ printf (" ");
+ printf ("}\n");
+ } else
+ printf ("} indent = %d\n", indent / 2);
+ break;
+ case UT_Integer : {
+ int val;
+
+ if (length <= sizeof(val)) {
+ ret = der_get_integer (buf, length, &val, NULL);
+ if (ret)
+ errx (1, "der_get_integer: %s", error_message (ret));
+ printf ("integer %d\n", val);
+ } else {
+ heim_integer vali;
+ char *p;
+
+ ret = der_get_heim_integer(buf, length, &vali, NULL);
+ if (ret)
+ errx (1, "der_get_heim_integer: %s",
+ error_message (ret));
+ ret = der_print_hex_heim_integer(&vali, &p);
+ if (ret)
+ errx (1, "der_print_hex_heim_integer: %s",
+ error_message (ret));
+ printf ("BIG NUM integer: length %lu %s\n",
+ (unsigned long)length, p);
+ free(p);
+ }
+ break;
+ }
+ case UT_OctetString : {
+ heim_octet_string str;
+ size_t i;
+
+ ret = der_get_octet_string (buf, length, &str, NULL);
+ if (ret)
+ errx (1, "der_get_octet_string: %s", error_message (ret));
+ printf ("(length %lu), ", (unsigned long)length);
+
+ if (inner_flag) {
+ Der_class class;
+ Der_type type;
+ unsigned int tag;
+
+ ret = der_get_tag(str.data, str.length,
+ &class, &type, &tag, &sz);
+ if (ret || sz > str.length ||
+ type != CONS || tag != UT_Sequence)
+ goto just_an_octet_string;
+
+ printf("{\n");
+ loop (str.data, str.length, indent + 2);
+ for (i = 0; i < indent; ++i)
+ printf (" ");
+ printf ("}\n");
+
+ } else {
+ unsigned char *uc;
+
+ just_an_octet_string:
+ uc = (unsigned char *)str.data;
+ for (i = 0; i < min(16,length); ++i)
+ printf ("%02x", uc[i]);
+ printf ("\n");
+ }
+ free (str.data);
+ break;
+ }
+ case UT_IA5String :
+ case UT_PrintableString : {
+ heim_printable_string str;
+ unsigned char *s;
+ size_t n;
+
+ memset(&str, 0, sizeof(str));
+
+ ret = der_get_printable_string (buf, length, &str, NULL);
+ if (ret)
+ errx (1, "der_get_general_string: %s",
+ error_message (ret));
+ s = str.data;
+ printf("\"");
+ for (n = 0; n < str.length; n++) {
+ if (isprint((int)s[n]))
+ printf ("%c", s[n]);
+ else
+ printf ("#%02x", s[n]);
+ }
+ printf("\"\n");
+ der_free_printable_string(&str);
+ break;
+ }
+ case UT_GeneralizedTime :
+ case UT_GeneralString :
+ case UT_VisibleString :
+ case UT_UTF8String : {
+ heim_general_string str;
+
+ ret = der_get_general_string (buf, length, &str, NULL);
+ if (ret)
+ errx (1, "der_get_general_string: %s",
+ error_message (ret));
+ printf ("\"%s\"\n", str);
+ free (str);
+ break;
+ }
+ case UT_OID: {
+ heim_oid o;
+ char *p;
+
+ ret = der_get_oid(buf, length, &o, NULL);
+ if (ret)
+ errx (1, "der_get_oid: %s", error_message (ret));
+ ret = der_print_heim_oid(&o, '.', &p);
+ der_free_oid(&o);
+ if (ret)
+ errx (1, "der_print_heim_oid: %s", error_message (ret));
+ printf("%s\n", p);
+ free(p);
+
+ break;
+ }
+ case UT_Enumerated: {
+ int num;
+
+ ret = der_get_integer (buf, length, &num, NULL);
+ if (ret)
+ errx (1, "der_get_enum: %s", error_message (ret));
+
+ printf("%u\n", num);
+ break;
+ }
+ default :
+ printf ("%lu bytes\n", (unsigned long)length);
+ break;
+ }
+ }
+ if (end_tag) {
+ if (loop_length == 0)
+ errx(1, "zero length INDEFINITE data ? indent = %d\n",
+ indent / 2);
+ if (loop_length < length)
+ length = loop_length;
+ if (indefinite_form_loop == 0)
+ errx(1, "internal error in indefinite form loop detection");
+ indefinite_form_loop--;
+ } else if (loop_length)
+ errx(1, "internal error for INDEFINITE form");
+ buf += length;
+ len -= length;
+ }
+ return 0;
+}
+
+static int
+doit (const char *filename)
+{
+ int fd = open (filename, O_RDONLY);
+ struct stat sb;
+ unsigned char *buf;
+ size_t len;
+ int ret;
+
+ if(fd < 0)
+ err (1, "opening %s for read", filename);
+ if (fstat (fd, &sb) < 0)
+ err (1, "stat %s", filename);
+ len = sb.st_size;
+ buf = emalloc (len);
+ if (read (fd, buf, len) != len)
+ errx (1, "read failed");
+ close (fd);
+ ret = loop (buf, len, 0);
+ free (buf);
+ return ret;
+}
+
+
+static int version_flag;
+static int help_flag;
+struct getargs args[] = {
+ { "indent", 0, arg_negative_flag, &indent_flag },
+ { "inner", 0, arg_flag, &inner_flag, "try to parse inner structures of OCTET STRING" },
+ { "version", 0, arg_flag, &version_flag },
+ { "help", 0, arg_flag, &help_flag }
+};
+int num_args = sizeof(args) / sizeof(args[0]);
+
+static void
+usage(int code)
+{
+ arg_printusage(args, num_args, NULL, "dump-file");
+ exit(code);
+}
+
+int
+main(int argc, char **argv)
+{
+ int optidx = 0;
+
+ setprogname (argv[0]);
+ initialize_asn1_error_table ();
+ if(getarg(args, num_args, argc, argv, &optidx))
+ usage(1);
+ if(help_flag)
+ usage(0);
+ if(version_flag) {
+ print_version(NULL);
+ exit(0);
+ }
+ argv += optidx;
+ argc -= optidx;
+ if (argc != 1)
+ usage (1);
+ return doit (argv[0]);
+}
diff --git a/crypto/heimdal/lib/asn1/asn1_queue.h b/crypto/heimdal/lib/asn1/asn1_queue.h
new file mode 100644
index 000000000000..73eb50f8b825
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1_queue.h
@@ -0,0 +1,167 @@
+/* $NetBSD: queue.h,v 1.38 2004/04/18 14:12:05 lukem Exp $ */
+/* $Id$ */
+
+/*
+ * Copyright (c) 1991, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)queue.h 8.5 (Berkeley) 8/20/94
+ */
+
+#ifndef _ASN1_QUEUE_H_
+#define _ASN1_QUEUE_H_
+
+/*
+ * Tail queue definitions.
+ */
+#define ASN1_TAILQ_HEAD(name, type) \
+struct name { \
+ struct type *tqh_first; /* first element */ \
+ struct type **tqh_last; /* addr of last next element */ \
+}
+
+#define ASN1_TAILQ_HEAD_INITIALIZER(head) \
+ { NULL, &(head).tqh_first }
+#define ASN1_TAILQ_ENTRY(type) \
+struct { \
+ struct type *tqe_next; /* next element */ \
+ struct type **tqe_prev; /* address of previous next element */ \
+}
+
+/*
+ * Tail queue functions.
+ */
+#if defined(_KERNEL) && defined(QUEUEDEBUG)
+#define QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD(head, elm, field) \
+ if ((head)->tqh_first && \
+ (head)->tqh_first->field.tqe_prev != &(head)->tqh_first) \
+ panic("ASN1_TAILQ_INSERT_HEAD %p %s:%d", (head), __FILE__, __LINE__);
+#define QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL(head, elm, field) \
+ if (*(head)->tqh_last != NULL) \
+ panic("ASN1_TAILQ_INSERT_TAIL %p %s:%d", (head), __FILE__, __LINE__);
+#define QUEUEDEBUG_ASN1_TAILQ_OP(elm, field) \
+ if ((elm)->field.tqe_next && \
+ (elm)->field.tqe_next->field.tqe_prev != \
+ &(elm)->field.tqe_next) \
+ panic("ASN1_TAILQ_* forw %p %s:%d", (elm), __FILE__, __LINE__);\
+ if (*(elm)->field.tqe_prev != (elm)) \
+ panic("ASN1_TAILQ_* back %p %s:%d", (elm), __FILE__, __LINE__);
+#define QUEUEDEBUG_ASN1_TAILQ_PREREMOVE(head, elm, field) \
+ if ((elm)->field.tqe_next == NULL && \
+ (head)->tqh_last != &(elm)->field.tqe_next) \
+ panic("ASN1_TAILQ_PREREMOVE head %p elm %p %s:%d", \
+ (head), (elm), __FILE__, __LINE__);
+#define QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE(elm, field) \
+ (elm)->field.tqe_next = (void *)1L; \
+ (elm)->field.tqe_prev = (void *)1L;
+#else
+#define QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD(head, elm, field)
+#define QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL(head, elm, field)
+#define QUEUEDEBUG_ASN1_TAILQ_OP(elm, field)
+#define QUEUEDEBUG_ASN1_TAILQ_PREREMOVE(head, elm, field)
+#define QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE(elm, field)
+#endif
+
+#define ASN1_TAILQ_INIT(head) do { \
+ (head)->tqh_first = NULL; \
+ (head)->tqh_last = &(head)->tqh_first; \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_INSERT_HEAD(head, elm, field) do { \
+ QUEUEDEBUG_ASN1_TAILQ_INSERT_HEAD((head), (elm), field) \
+ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
+ (head)->tqh_first->field.tqe_prev = \
+ &(elm)->field.tqe_next; \
+ else \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+ (head)->tqh_first = (elm); \
+ (elm)->field.tqe_prev = &(head)->tqh_first; \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_INSERT_TAIL(head, elm, field) do { \
+ QUEUEDEBUG_ASN1_TAILQ_INSERT_TAIL((head), (elm), field) \
+ (elm)->field.tqe_next = NULL; \
+ (elm)->field.tqe_prev = (head)->tqh_last; \
+ *(head)->tqh_last = (elm); \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \
+ QUEUEDEBUG_ASN1_TAILQ_OP((listelm), field) \
+ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
+ (elm)->field.tqe_next->field.tqe_prev = \
+ &(elm)->field.tqe_next; \
+ else \
+ (head)->tqh_last = &(elm)->field.tqe_next; \
+ (listelm)->field.tqe_next = (elm); \
+ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_INSERT_BEFORE(listelm, elm, field) do { \
+ QUEUEDEBUG_ASN1_TAILQ_OP((listelm), field) \
+ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \
+ (elm)->field.tqe_next = (listelm); \
+ *(listelm)->field.tqe_prev = (elm); \
+ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_REMOVE(head, elm, field) do { \
+ QUEUEDEBUG_ASN1_TAILQ_PREREMOVE((head), (elm), field) \
+ QUEUEDEBUG_ASN1_TAILQ_OP((elm), field) \
+ if (((elm)->field.tqe_next) != NULL) \
+ (elm)->field.tqe_next->field.tqe_prev = \
+ (elm)->field.tqe_prev; \
+ else \
+ (head)->tqh_last = (elm)->field.tqe_prev; \
+ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \
+ QUEUEDEBUG_ASN1_TAILQ_POSTREMOVE((elm), field); \
+} while (/*CONSTCOND*/0)
+
+#define ASN1_TAILQ_FOREACH(var, head, field) \
+ for ((var) = ((head)->tqh_first); \
+ (var); \
+ (var) = ((var)->field.tqe_next))
+
+#define ASN1_TAILQ_FOREACH_REVERSE(var, head, headname, field) \
+ for ((var) = (*(((struct headname *)((head)->tqh_last))->tqh_last)); \
+ (var); \
+ (var) = (*(((struct headname *)((var)->field.tqe_prev))->tqh_last)))
+
+/*
+ * Tail queue access methods.
+ */
+#define ASN1_TAILQ_EMPTY(head) ((head)->tqh_first == NULL)
+#define ASN1_TAILQ_FIRST(head) ((head)->tqh_first)
+#define ASN1_TAILQ_NEXT(elm, field) ((elm)->field.tqe_next)
+
+#define ASN1_TAILQ_LAST(head, headname) \
+ (*(((struct headname *)((head)->tqh_last))->tqh_last))
+#define ASN1_TAILQ_PREV(elm, headname, field) \
+ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last))
+
+
+#endif /* !_ASN1_QUEUE_H_ */
diff --git a/crypto/heimdal/lib/asn1/asn1parse.c b/crypto/heimdal/lib/asn1/asn1parse.c
new file mode 100644
index 000000000000..0e04fabf6296
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1parse.c
@@ -0,0 +1,2861 @@
+/* A Bison parser, made by GNU Bison 2.3. */
+
+/* Skeleton implementation for Bison's Yacc-like parsers in C
+
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
+ Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, you may create a larger work that contains
+ part or all of the Bison parser skeleton and distribute that work
+ under terms of your choice, so long as that work isn't itself a
+ parser generator using the skeleton or a modified version thereof
+ as a parser skeleton. Alternatively, if you modify or redistribute
+ the parser skeleton itself, you may (at your option) remove this
+ special exception, which will cause the skeleton and the resulting
+ Bison output files to be licensed under the GNU General Public
+ License without this special exception.
+
+ This special exception was added by the Free Software Foundation in
+ version 2.2 of Bison. */
+
+/* C LALR(1) parser skeleton written by Richard Stallman, by
+ simplifying the original so-called "semantic" parser. */
+
+/* All symbols defined below should begin with yy or YY, to avoid
+ infringing on user name space. This should be done even for local
+ variables, as they might otherwise be expanded by user macros.
+ There are some unavoidable exceptions within include files to
+ define necessary library symbols; they are noted "INFRINGES ON
+ USER NAME SPACE" below. */
+
+/* Identify Bison output. */
+#define YYBISON 1
+
+/* Bison version. */
+#define YYBISON_VERSION "2.3"
+
+/* Skeleton name. */
+#define YYSKELETON_NAME "yacc.c"
+
+/* Pure parsers. */
+#define YYPURE 0
+
+/* Using locations. */
+#define YYLSP_NEEDED 0
+
+
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ kw_ABSENT = 258,
+ kw_ABSTRACT_SYNTAX = 259,
+ kw_ALL = 260,
+ kw_APPLICATION = 261,
+ kw_AUTOMATIC = 262,
+ kw_BEGIN = 263,
+ kw_BIT = 264,
+ kw_BMPString = 265,
+ kw_BOOLEAN = 266,
+ kw_BY = 267,
+ kw_CHARACTER = 268,
+ kw_CHOICE = 269,
+ kw_CLASS = 270,
+ kw_COMPONENT = 271,
+ kw_COMPONENTS = 272,
+ kw_CONSTRAINED = 273,
+ kw_CONTAINING = 274,
+ kw_DEFAULT = 275,
+ kw_DEFINITIONS = 276,
+ kw_EMBEDDED = 277,
+ kw_ENCODED = 278,
+ kw_END = 279,
+ kw_ENUMERATED = 280,
+ kw_EXCEPT = 281,
+ kw_EXPLICIT = 282,
+ kw_EXPORTS = 283,
+ kw_EXTENSIBILITY = 284,
+ kw_EXTERNAL = 285,
+ kw_FALSE = 286,
+ kw_FROM = 287,
+ kw_GeneralString = 288,
+ kw_GeneralizedTime = 289,
+ kw_GraphicString = 290,
+ kw_IA5String = 291,
+ kw_IDENTIFIER = 292,
+ kw_IMPLICIT = 293,
+ kw_IMPLIED = 294,
+ kw_IMPORTS = 295,
+ kw_INCLUDES = 296,
+ kw_INSTANCE = 297,
+ kw_INTEGER = 298,
+ kw_INTERSECTION = 299,
+ kw_ISO646String = 300,
+ kw_MAX = 301,
+ kw_MIN = 302,
+ kw_MINUS_INFINITY = 303,
+ kw_NULL = 304,
+ kw_NumericString = 305,
+ kw_OBJECT = 306,
+ kw_OCTET = 307,
+ kw_OF = 308,
+ kw_OPTIONAL = 309,
+ kw_ObjectDescriptor = 310,
+ kw_PATTERN = 311,
+ kw_PDV = 312,
+ kw_PLUS_INFINITY = 313,
+ kw_PRESENT = 314,
+ kw_PRIVATE = 315,
+ kw_PrintableString = 316,
+ kw_REAL = 317,
+ kw_RELATIVE_OID = 318,
+ kw_SEQUENCE = 319,
+ kw_SET = 320,
+ kw_SIZE = 321,
+ kw_STRING = 322,
+ kw_SYNTAX = 323,
+ kw_T61String = 324,
+ kw_TAGS = 325,
+ kw_TRUE = 326,
+ kw_TYPE_IDENTIFIER = 327,
+ kw_TeletexString = 328,
+ kw_UNION = 329,
+ kw_UNIQUE = 330,
+ kw_UNIVERSAL = 331,
+ kw_UTCTime = 332,
+ kw_UTF8String = 333,
+ kw_UniversalString = 334,
+ kw_VideotexString = 335,
+ kw_VisibleString = 336,
+ kw_WITH = 337,
+ RANGE = 338,
+ EEQUAL = 339,
+ ELLIPSIS = 340,
+ IDENTIFIER = 341,
+ referencename = 342,
+ STRING = 343,
+ NUMBER = 344
+ };
+#endif
+/* Tokens. */
+#define kw_ABSENT 258
+#define kw_ABSTRACT_SYNTAX 259
+#define kw_ALL 260
+#define kw_APPLICATION 261
+#define kw_AUTOMATIC 262
+#define kw_BEGIN 263
+#define kw_BIT 264
+#define kw_BMPString 265
+#define kw_BOOLEAN 266
+#define kw_BY 267
+#define kw_CHARACTER 268
+#define kw_CHOICE 269
+#define kw_CLASS 270
+#define kw_COMPONENT 271
+#define kw_COMPONENTS 272
+#define kw_CONSTRAINED 273
+#define kw_CONTAINING 274
+#define kw_DEFAULT 275
+#define kw_DEFINITIONS 276
+#define kw_EMBEDDED 277
+#define kw_ENCODED 278
+#define kw_END 279
+#define kw_ENUMERATED 280
+#define kw_EXCEPT 281
+#define kw_EXPLICIT 282
+#define kw_EXPORTS 283
+#define kw_EXTENSIBILITY 284
+#define kw_EXTERNAL 285
+#define kw_FALSE 286
+#define kw_FROM 287
+#define kw_GeneralString 288
+#define kw_GeneralizedTime 289
+#define kw_GraphicString 290
+#define kw_IA5String 291
+#define kw_IDENTIFIER 292
+#define kw_IMPLICIT 293
+#define kw_IMPLIED 294
+#define kw_IMPORTS 295
+#define kw_INCLUDES 296
+#define kw_INSTANCE 297
+#define kw_INTEGER 298
+#define kw_INTERSECTION 299
+#define kw_ISO646String 300
+#define kw_MAX 301
+#define kw_MIN 302
+#define kw_MINUS_INFINITY 303
+#define kw_NULL 304
+#define kw_NumericString 305
+#define kw_OBJECT 306
+#define kw_OCTET 307
+#define kw_OF 308
+#define kw_OPTIONAL 309
+#define kw_ObjectDescriptor 310
+#define kw_PATTERN 311
+#define kw_PDV 312
+#define kw_PLUS_INFINITY 313
+#define kw_PRESENT 314
+#define kw_PRIVATE 315
+#define kw_PrintableString 316
+#define kw_REAL 317
+#define kw_RELATIVE_OID 318
+#define kw_SEQUENCE 319
+#define kw_SET 320
+#define kw_SIZE 321
+#define kw_STRING 322
+#define kw_SYNTAX 323
+#define kw_T61String 324
+#define kw_TAGS 325
+#define kw_TRUE 326
+#define kw_TYPE_IDENTIFIER 327
+#define kw_TeletexString 328
+#define kw_UNION 329
+#define kw_UNIQUE 330
+#define kw_UNIVERSAL 331
+#define kw_UTCTime 332
+#define kw_UTF8String 333
+#define kw_UniversalString 334
+#define kw_VideotexString 335
+#define kw_VisibleString 336
+#define kw_WITH 337
+#define RANGE 338
+#define EEQUAL 339
+#define ELLIPSIS 340
+#define IDENTIFIER 341
+#define referencename 342
+#define STRING 343
+#define NUMBER 344
+
+
+
+
+/* Copy the first part of user declarations. */
+#line 38 "asn1parse.y"
+
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "symbol.h"
+#include "lex.h"
+#include "gen_locl.h"
+#include "der.h"
+
+RCSID("$Id$");
+
+static Type *new_type (Typetype t);
+static struct constraint_spec *new_constraint_spec(enum ctype);
+static Type *new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype);
+void yyerror (const char *);
+static struct objid *new_objid(const char *label, int value);
+static void add_oid_to_tail(struct objid *, struct objid *);
+static void fix_labels(Symbol *s);
+
+struct string_list {
+ char *string;
+ struct string_list *next;
+};
+
+/* Declarations for Bison */
+#define YYMALLOC malloc
+#define YYFREE free
+
+
+
+/* Enabling traces. */
+#ifndef YYDEBUG
+# define YYDEBUG 1
+#endif
+
+/* Enabling verbose error messages. */
+#ifdef YYERROR_VERBOSE
+# undef YYERROR_VERBOSE
+# define YYERROR_VERBOSE 1
+#else
+# define YYERROR_VERBOSE 0
+#endif
+
+/* Enabling the token table. */
+#ifndef YYTOKEN_TABLE
+# define YYTOKEN_TABLE 0
+#endif
+
+#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
+typedef union YYSTYPE
+#line 71 "asn1parse.y"
+{
+ int constant;
+ struct value *value;
+ struct range *range;
+ char *name;
+ Type *type;
+ Member *member;
+ struct objid *objid;
+ char *defval;
+ struct string_list *sl;
+ struct tagtype tag;
+ struct memhead *members;
+ struct constraint_spec *constraint_spec;
+}
+/* Line 193 of yacc.c. */
+#line 322 "asn1parse.c"
+ YYSTYPE;
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+
+
+/* Copy the second part of user declarations. */
+
+
+/* Line 216 of yacc.c. */
+#line 335 "asn1parse.c"
+
+#ifdef short
+# undef short
+#endif
+
+#ifdef YYTYPE_UINT8
+typedef YYTYPE_UINT8 yytype_uint8;
+#else
+typedef unsigned char yytype_uint8;
+#endif
+
+#ifdef YYTYPE_INT8
+typedef YYTYPE_INT8 yytype_int8;
+#elif (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+typedef signed char yytype_int8;
+#else
+typedef short int yytype_int8;
+#endif
+
+#ifdef YYTYPE_UINT16
+typedef YYTYPE_UINT16 yytype_uint16;
+#else
+typedef unsigned short int yytype_uint16;
+#endif
+
+#ifdef YYTYPE_INT16
+typedef YYTYPE_INT16 yytype_int16;
+#else
+typedef short int yytype_int16;
+#endif
+
+#ifndef YYSIZE_T
+# ifdef __SIZE_TYPE__
+# define YYSIZE_T __SIZE_TYPE__
+# elif defined size_t
+# define YYSIZE_T size_t
+# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+# include <stddef.h> /* INFRINGES ON USER NAME SPACE */
+# define YYSIZE_T size_t
+# else
+# define YYSIZE_T unsigned int
+# endif
+#endif
+
+#define YYSIZE_MAXIMUM ((YYSIZE_T) -1)
+
+#ifndef YY_
+# if defined YYENABLE_NLS && YYENABLE_NLS
+# if ENABLE_NLS
+# include <libintl.h> /* INFRINGES ON USER NAME SPACE */
+# define YY_(msgid) dgettext ("bison-runtime", msgid)
+# endif
+# endif
+# ifndef YY_
+# define YY_(msgid) msgid
+# endif
+#endif
+
+/* Suppress unused-variable warnings by "using" E. */
+#if ! defined lint || defined __GNUC__
+# define YYUSE(e) ((void) (e))
+#else
+# define YYUSE(e) /* empty */
+#endif
+
+/* Identity function, used to suppress warnings about constant conditions. */
+#ifndef lint
+# define YYID(n) (n)
+#else
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static int
+YYID (int i)
+#else
+static int
+YYID (i)
+ int i;
+#endif
+{
+ return i;
+}
+#endif
+
+#if ! defined yyoverflow || YYERROR_VERBOSE
+
+/* The parser invokes alloca or malloc; define the necessary symbols. */
+
+# ifdef YYSTACK_USE_ALLOCA
+# if YYSTACK_USE_ALLOCA
+# ifdef __GNUC__
+# define YYSTACK_ALLOC __builtin_alloca
+# elif defined __BUILTIN_VA_ARG_INCR
+# include <alloca.h> /* INFRINGES ON USER NAME SPACE */
+# elif defined _AIX
+# define YYSTACK_ALLOC __alloca
+# elif defined _MSC_VER
+# include <malloc.h> /* INFRINGES ON USER NAME SPACE */
+# define alloca _alloca
+# else
+# define YYSTACK_ALLOC alloca
+# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
+# ifndef _STDLIB_H
+# define _STDLIB_H 1
+# endif
+# endif
+# endif
+# endif
+# endif
+
+# ifdef YYSTACK_ALLOC
+ /* Pacify GCC's `empty if-body' warning. */
+# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0))
+# ifndef YYSTACK_ALLOC_MAXIMUM
+ /* The OS might guarantee only one guard page at the bottom of the stack,
+ and a page size can be as small as 4096 bytes. So we cannot safely
+ invoke alloca (N) if N exceeds 4096. Use a slightly smaller number
+ to allow for a few compiler-allocated temporary stack slots. */
+# define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */
+# endif
+# else
+# define YYSTACK_ALLOC YYMALLOC
+# define YYSTACK_FREE YYFREE
+# ifndef YYSTACK_ALLOC_MAXIMUM
+# define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM
+# endif
+# if (defined __cplusplus && ! defined _STDLIB_H \
+ && ! ((defined YYMALLOC || defined malloc) \
+ && (defined YYFREE || defined free)))
+# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
+# ifndef _STDLIB_H
+# define _STDLIB_H 1
+# endif
+# endif
+# ifndef YYMALLOC
+# define YYMALLOC malloc
+# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# ifndef YYFREE
+# define YYFREE free
+# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+void free (void *); /* INFRINGES ON USER NAME SPACE */
+# endif
+# endif
+# endif
+#endif /* ! defined yyoverflow || YYERROR_VERBOSE */
+
+
+#if (! defined yyoverflow \
+ && (! defined __cplusplus \
+ || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL)))
+
+/* A type that is properly aligned for any stack member. */
+union yyalloc
+{
+ yytype_int16 yyss;
+ YYSTYPE yyvs;
+ };
+
+/* The size of the maximum gap between one aligned stack and the next. */
+# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1)
+
+/* The size of an array large to enough to hold all stacks, each with
+ N elements. */
+# define YYSTACK_BYTES(N) \
+ ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \
+ + YYSTACK_GAP_MAXIMUM)
+
+/* Copy COUNT objects from FROM to TO. The source and destination do
+ not overlap. */
+# ifndef YYCOPY
+# if defined __GNUC__ && 1 < __GNUC__
+# define YYCOPY(To, From, Count) \
+ __builtin_memcpy (To, From, (Count) * sizeof (*(From)))
+# else
+# define YYCOPY(To, From, Count) \
+ do \
+ { \
+ YYSIZE_T yyi; \
+ for (yyi = 0; yyi < (Count); yyi++) \
+ (To)[yyi] = (From)[yyi]; \
+ } \
+ while (YYID (0))
+# endif
+# endif
+
+/* Relocate STACK from its old location to the new one. The
+ local variables YYSIZE and YYSTACKSIZE give the old and new number of
+ elements in the stack, and YYPTR gives the new location of the
+ stack. Advance YYPTR to a properly aligned location for the next
+ stack. */
+# define YYSTACK_RELOCATE(Stack) \
+ do \
+ { \
+ YYSIZE_T yynewbytes; \
+ YYCOPY (&yyptr->Stack, Stack, yysize); \
+ Stack = &yyptr->Stack; \
+ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
+ yyptr += yynewbytes / sizeof (*yyptr); \
+ } \
+ while (YYID (0))
+
+#endif
+
+/* YYFINAL -- State number of the termination state. */
+#define YYFINAL 6
+/* YYLAST -- Last index in YYTABLE. */
+#define YYLAST 203
+
+/* YYNTOKENS -- Number of terminals. */
+#define YYNTOKENS 98
+/* YYNNTS -- Number of nonterminals. */
+#define YYNNTS 69
+/* YYNRULES -- Number of rules. */
+#define YYNRULES 140
+/* YYNRULES -- Number of states. */
+#define YYNSTATES 220
+
+/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */
+#define YYUNDEFTOK 2
+#define YYMAXUTOK 344
+
+#define YYTRANSLATE(YYX) \
+ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
+
+/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */
+static const yytype_uint8 yytranslate[] =
+{
+ 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 92, 93, 2, 2, 91, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 90,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 96, 2, 97, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 94, 2, 95, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 1, 2, 3, 4,
+ 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
+ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
+ 25, 26, 27, 28, 29, 30, 31, 32, 33, 34,
+ 35, 36, 37, 38, 39, 40, 41, 42, 43, 44,
+ 45, 46, 47, 48, 49, 50, 51, 52, 53, 54,
+ 55, 56, 57, 58, 59, 60, 61, 62, 63, 64,
+ 65, 66, 67, 68, 69, 70, 71, 72, 73, 74,
+ 75, 76, 77, 78, 79, 80, 81, 82, 83, 84,
+ 85, 86, 87, 88, 89
+};
+
+#if YYDEBUG
+/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in
+ YYRHS. */
+static const yytype_uint16 yyprhs[] =
+{
+ 0, 0, 3, 13, 16, 19, 22, 23, 26, 27,
+ 31, 32, 36, 37, 39, 40, 42, 45, 50, 54,
+ 57, 58, 60, 63, 65, 67, 71, 73, 77, 79,
+ 81, 83, 85, 87, 89, 91, 93, 95, 97, 99,
+ 101, 103, 105, 107, 109, 111, 113, 119, 125, 131,
+ 135, 137, 140, 145, 147, 151, 155, 160, 165, 167,
+ 170, 176, 179, 183, 185, 186, 189, 194, 198, 203,
+ 208, 212, 216, 221, 223, 225, 227, 229, 231, 234,
+ 238, 240, 242, 244, 247, 251, 257, 262, 266, 271,
+ 272, 274, 276, 278, 279, 281, 283, 288, 290, 292,
+ 294, 296, 298, 300, 302, 304, 306, 308, 312, 316,
+ 319, 321, 324, 328, 330, 334, 339, 341, 342, 346,
+ 347, 350, 355, 357, 359, 361, 363, 365, 367, 369,
+ 371, 373, 375, 377, 379, 381, 383, 385, 387, 389,
+ 391
+};
+
+/* YYRHS -- A `-1'-separated list of the rules' RHS. */
+static const yytype_int16 yyrhs[] =
+{
+ 99, 0, -1, 86, 152, 21, 100, 101, 84, 8,
+ 102, 24, -1, 27, 70, -1, 38, 70, -1, 7,
+ 70, -1, -1, 29, 39, -1, -1, 107, 103, 108,
+ -1, -1, 40, 104, 90, -1, -1, 105, -1, -1,
+ 106, -1, 105, 106, -1, 110, 32, 86, 152, -1,
+ 28, 110, 90, -1, 28, 5, -1, -1, 109, -1,
+ 109, 108, -1, 111, -1, 144, -1, 86, 91, 110,
+ -1, 86, -1, 86, 84, 112, -1, 113, -1, 131,
+ -1, 134, -1, 121, -1, 114, -1, 145, -1, 130,
+ -1, 119, -1, 116, -1, 124, -1, 122, -1, 123,
+ -1, 126, -1, 127, -1, 128, -1, 129, -1, 140,
+ -1, 11, -1, 92, 156, 83, 156, 93, -1, 92,
+ 156, 83, 46, 93, -1, 92, 47, 83, 156, 93,
+ -1, 92, 156, 93, -1, 43, -1, 43, 115, -1,
+ 43, 94, 117, 95, -1, 118, -1, 117, 91, 118,
+ -1, 117, 91, 85, -1, 86, 92, 164, 93, -1,
+ 25, 94, 120, 95, -1, 117, -1, 9, 67, -1,
+ 9, 67, 94, 150, 95, -1, 51, 37, -1, 52,
+ 67, 125, -1, 49, -1, -1, 66, 115, -1, 64,
+ 94, 147, 95, -1, 64, 94, 95, -1, 64, 125,
+ 53, 112, -1, 65, 94, 147, 95, -1, 65, 94,
+ 95, -1, 65, 53, 112, -1, 14, 94, 147, 95,
+ -1, 132, -1, 133, -1, 86, -1, 34, -1, 77,
+ -1, 112, 135, -1, 92, 136, 93, -1, 137, -1,
+ 138, -1, 139, -1, 19, 112, -1, 23, 12, 156,
+ -1, 19, 112, 23, 12, 156, -1, 18, 12, 94,
+ 95, -1, 141, 143, 112, -1, 96, 142, 89, 97,
+ -1, -1, 76, -1, 6, -1, 60, -1, -1, 27,
+ -1, 38, -1, 86, 112, 84, 156, -1, 146, -1,
+ 33, -1, 73, -1, 78, -1, 61, -1, 81, -1,
+ 36, -1, 10, -1, 79, -1, 149, -1, 147, 91,
+ 149, -1, 147, 91, 85, -1, 86, 112, -1, 148,
+ -1, 148, 54, -1, 148, 20, 156, -1, 151, -1,
+ 150, 91, 151, -1, 86, 92, 89, 93, -1, 153,
+ -1, -1, 94, 154, 95, -1, -1, 155, 154, -1,
+ 86, 92, 89, 93, -1, 86, -1, 89, -1, 157,
+ -1, 158, -1, 162, -1, 161, -1, 163, -1, 166,
+ -1, 165, -1, 159, -1, 160, -1, 86, -1, 88,
+ -1, 71, -1, 31, -1, 164, -1, 89, -1, 49,
+ -1, 153, -1
+};
+
+/* YYRLINE[YYN] -- source line where rule number YYN was defined. */
+static const yytype_uint16 yyrline[] =
+{
+ 0, 239, 239, 246, 247, 249, 251, 254, 256, 259,
+ 260, 263, 264, 267, 268, 271, 272, 275, 287, 293,
+ 294, 297, 298, 301, 302, 305, 311, 319, 329, 330,
+ 331, 334, 335, 336, 337, 338, 339, 340, 341, 342,
+ 343, 344, 345, 346, 347, 350, 357, 367, 375, 383,
+ 394, 399, 405, 413, 419, 424, 428, 441, 449, 452,
+ 459, 467, 473, 482, 490, 491, 496, 502, 510, 519,
+ 525, 533, 541, 548, 549, 552, 563, 568, 575, 591,
+ 597, 600, 601, 604, 610, 618, 628, 634, 647, 656,
+ 659, 663, 667, 674, 677, 681, 688, 699, 702, 707,
+ 712, 717, 722, 727, 732, 737, 745, 751, 756, 767,
+ 778, 784, 790, 798, 804, 811, 824, 825, 828, 835,
+ 838, 849, 853, 864, 870, 871, 874, 875, 876, 877,
+ 878, 881, 884, 887, 898, 906, 912, 920, 928, 931,
+ 936
+};
+#endif
+
+#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE
+/* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM.
+ First, the terminals, then, starting at YYNTOKENS, nonterminals. */
+static const char *const yytname[] =
+{
+ "$end", "error", "$undefined", "kw_ABSENT", "kw_ABSTRACT_SYNTAX",
+ "kw_ALL", "kw_APPLICATION", "kw_AUTOMATIC", "kw_BEGIN", "kw_BIT",
+ "kw_BMPString", "kw_BOOLEAN", "kw_BY", "kw_CHARACTER", "kw_CHOICE",
+ "kw_CLASS", "kw_COMPONENT", "kw_COMPONENTS", "kw_CONSTRAINED",
+ "kw_CONTAINING", "kw_DEFAULT", "kw_DEFINITIONS", "kw_EMBEDDED",
+ "kw_ENCODED", "kw_END", "kw_ENUMERATED", "kw_EXCEPT", "kw_EXPLICIT",
+ "kw_EXPORTS", "kw_EXTENSIBILITY", "kw_EXTERNAL", "kw_FALSE", "kw_FROM",
+ "kw_GeneralString", "kw_GeneralizedTime", "kw_GraphicString",
+ "kw_IA5String", "kw_IDENTIFIER", "kw_IMPLICIT", "kw_IMPLIED",
+ "kw_IMPORTS", "kw_INCLUDES", "kw_INSTANCE", "kw_INTEGER",
+ "kw_INTERSECTION", "kw_ISO646String", "kw_MAX", "kw_MIN",
+ "kw_MINUS_INFINITY", "kw_NULL", "kw_NumericString", "kw_OBJECT",
+ "kw_OCTET", "kw_OF", "kw_OPTIONAL", "kw_ObjectDescriptor", "kw_PATTERN",
+ "kw_PDV", "kw_PLUS_INFINITY", "kw_PRESENT", "kw_PRIVATE",
+ "kw_PrintableString", "kw_REAL", "kw_RELATIVE_OID", "kw_SEQUENCE",
+ "kw_SET", "kw_SIZE", "kw_STRING", "kw_SYNTAX", "kw_T61String", "kw_TAGS",
+ "kw_TRUE", "kw_TYPE_IDENTIFIER", "kw_TeletexString", "kw_UNION",
+ "kw_UNIQUE", "kw_UNIVERSAL", "kw_UTCTime", "kw_UTF8String",
+ "kw_UniversalString", "kw_VideotexString", "kw_VisibleString", "kw_WITH",
+ "RANGE", "EEQUAL", "ELLIPSIS", "IDENTIFIER", "referencename", "STRING",
+ "NUMBER", "';'", "','", "'('", "')'", "'{'", "'}'", "'['", "']'",
+ "$accept", "ModuleDefinition", "TagDefault", "ExtensionDefault",
+ "ModuleBody", "Imports", "SymbolsImported", "SymbolsFromModuleList",
+ "SymbolsFromModule", "Exports", "AssignmentList", "Assignment",
+ "referencenames", "TypeAssignment", "Type", "BuiltinType", "BooleanType",
+ "range", "IntegerType", "NamedNumberList", "NamedNumber",
+ "EnumeratedType", "Enumerations", "BitStringType",
+ "ObjectIdentifierType", "OctetStringType", "NullType", "size",
+ "SequenceType", "SequenceOfType", "SetType", "SetOfType", "ChoiceType",
+ "ReferencedType", "DefinedType", "UsefulType", "ConstrainedType",
+ "Constraint", "ConstraintSpec", "GeneralConstraint",
+ "ContentsConstraint", "UserDefinedConstraint", "TaggedType", "Tag",
+ "Class", "tagenv", "ValueAssignment", "CharacterStringType",
+ "RestrictedCharactedStringType", "ComponentTypeList", "NamedType",
+ "ComponentType", "NamedBitList", "NamedBit", "objid_opt", "objid",
+ "objid_list", "objid_element", "Value", "BuiltinValue",
+ "ReferencedValue", "DefinedValue", "Valuereference",
+ "CharacterStringValue", "BooleanValue", "IntegerValue", "SignedNumber",
+ "NullValue", "ObjectIdentifierValue", 0
+};
+#endif
+
+# ifdef YYPRINT
+/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
+ token YYLEX-NUM. */
+static const yytype_uint16 yytoknum[] =
+{
+ 0, 256, 257, 258, 259, 260, 261, 262, 263, 264,
+ 265, 266, 267, 268, 269, 270, 271, 272, 273, 274,
+ 275, 276, 277, 278, 279, 280, 281, 282, 283, 284,
+ 285, 286, 287, 288, 289, 290, 291, 292, 293, 294,
+ 295, 296, 297, 298, 299, 300, 301, 302, 303, 304,
+ 305, 306, 307, 308, 309, 310, 311, 312, 313, 314,
+ 315, 316, 317, 318, 319, 320, 321, 322, 323, 324,
+ 325, 326, 327, 328, 329, 330, 331, 332, 333, 334,
+ 335, 336, 337, 338, 339, 340, 341, 342, 343, 344,
+ 59, 44, 40, 41, 123, 125, 91, 93
+};
+# endif
+
+/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
+static const yytype_uint8 yyr1[] =
+{
+ 0, 98, 99, 100, 100, 100, 100, 101, 101, 102,
+ 102, 103, 103, 104, 104, 105, 105, 106, 107, 107,
+ 107, 108, 108, 109, 109, 110, 110, 111, 112, 112,
+ 112, 113, 113, 113, 113, 113, 113, 113, 113, 113,
+ 113, 113, 113, 113, 113, 114, 115, 115, 115, 115,
+ 116, 116, 116, 117, 117, 117, 118, 119, 120, 121,
+ 121, 122, 123, 124, 125, 125, 126, 126, 127, 128,
+ 128, 129, 130, 131, 131, 132, 133, 133, 134, 135,
+ 136, 137, 137, 138, 138, 138, 139, 140, 141, 142,
+ 142, 142, 142, 143, 143, 143, 144, 145, 146, 146,
+ 146, 146, 146, 146, 146, 146, 147, 147, 147, 148,
+ 149, 149, 149, 150, 150, 151, 152, 152, 153, 154,
+ 154, 155, 155, 155, 156, 156, 157, 157, 157, 157,
+ 157, 158, 159, 160, 161, 162, 162, 163, 164, 165,
+ 166
+};
+
+/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */
+static const yytype_uint8 yyr2[] =
+{
+ 0, 2, 9, 2, 2, 2, 0, 2, 0, 3,
+ 0, 3, 0, 1, 0, 1, 2, 4, 3, 2,
+ 0, 1, 2, 1, 1, 3, 1, 3, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 5, 5, 5, 3,
+ 1, 2, 4, 1, 3, 3, 4, 4, 1, 2,
+ 5, 2, 3, 1, 0, 2, 4, 3, 4, 4,
+ 3, 3, 4, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 2, 3, 5, 4, 3, 4, 0,
+ 1, 1, 1, 0, 1, 1, 4, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 3, 3, 2,
+ 1, 2, 3, 1, 3, 4, 1, 0, 3, 0,
+ 2, 4, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1
+};
+
+/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state
+ STATE-NUM when YYTABLE doesn't specify something else to do. Zero
+ means the default is an error. */
+static const yytype_uint8 yydefact[] =
+{
+ 0, 117, 0, 119, 0, 116, 1, 122, 123, 0,
+ 119, 6, 0, 118, 120, 0, 0, 0, 8, 0,
+ 5, 3, 4, 0, 0, 121, 7, 0, 20, 0,
+ 0, 12, 19, 26, 0, 2, 14, 0, 0, 18,
+ 0, 13, 15, 0, 0, 9, 21, 23, 24, 25,
+ 11, 16, 0, 0, 104, 45, 0, 0, 98, 76,
+ 103, 50, 63, 0, 0, 101, 64, 0, 99, 77,
+ 100, 105, 102, 0, 75, 89, 0, 28, 32, 36,
+ 35, 31, 38, 39, 37, 40, 41, 42, 43, 34,
+ 29, 73, 74, 30, 44, 93, 33, 97, 22, 117,
+ 59, 0, 0, 0, 0, 51, 61, 64, 0, 0,
+ 0, 0, 0, 27, 91, 92, 90, 0, 0, 0,
+ 78, 94, 95, 0, 17, 0, 0, 0, 110, 106,
+ 0, 58, 53, 0, 136, 0, 139, 135, 133, 134,
+ 138, 140, 0, 124, 125, 131, 132, 127, 126, 128,
+ 137, 130, 129, 0, 62, 65, 67, 0, 0, 71,
+ 70, 0, 0, 96, 0, 0, 0, 0, 80, 81,
+ 82, 87, 0, 0, 113, 109, 0, 72, 0, 111,
+ 0, 0, 57, 0, 0, 49, 52, 66, 68, 69,
+ 88, 0, 83, 0, 79, 0, 0, 60, 108, 107,
+ 112, 0, 55, 54, 0, 0, 0, 0, 0, 84,
+ 0, 114, 56, 48, 47, 46, 86, 0, 115, 85
+};
+
+/* YYDEFGOTO[NTERM-NUM]. */
+static const yytype_int16 yydefgoto[] =
+{
+ -1, 2, 18, 24, 30, 37, 40, 41, 42, 31,
+ 45, 46, 43, 47, 76, 77, 78, 105, 79, 131,
+ 132, 80, 133, 81, 82, 83, 84, 110, 85, 86,
+ 87, 88, 89, 90, 91, 92, 93, 120, 167, 168,
+ 169, 170, 94, 95, 117, 123, 48, 96, 97, 127,
+ 128, 129, 173, 174, 4, 141, 9, 10, 142, 143,
+ 144, 145, 146, 147, 148, 149, 150, 151, 152
+};
+
+/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
+ STATE-NUM. */
+#define YYPACT_NINF -119
+static const yytype_int16 yypact[] =
+{
+ -43, -56, 47, -65, 29, -119, -119, -31, -119, -25,
+ -65, 4, -1, -119, -119, 17, 20, 26, 50, 13,
+ -119, -119, -119, 63, 24, -119, -119, 104, 8, -2,
+ 89, 74, -119, 33, 25, -119, 34, 39, 34, -119,
+ 37, 34, -119, 98, 58, -119, 39, -119, -119, -119,
+ -119, -119, 52, 66, -119, -119, 51, 53, -119, -119,
+ -119, -79, -119, 109, 81, -119, -60, -48, -119, -119,
+ -119, -119, -119, 107, -119, 2, -74, -119, -119, -119,
+ -119, -119, -119, -119, -119, -119, -119, -119, -119, -119,
+ -119, -119, -119, -119, -119, -18, -119, -119, -119, -56,
+ 55, 65, 67, -12, 67, -119, -119, 86, 68, -70,
+ 102, 107, -69, 69, -119, -119, -119, 73, 40, 10,
+ -119, -119, -119, 107, -119, 71, 107, -47, -13, -119,
+ 72, 75, -119, 70, -119, 80, -119, -119, -119, -119,
+ -119, -119, -71, -119, -119, -119, -119, -119, -119, -119,
+ -119, -119, -119, -46, -119, -119, -119, -39, 107, 69,
+ -119, -38, 76, -119, 155, 107, 157, 77, -119, -119,
+ -119, 69, 82, -10, -119, 69, -22, -119, 40, -119,
+ 87, 19, -119, 40, 9, -119, -119, -119, 69, -119,
+ -119, 83, -19, 40, -119, 90, 71, -119, -119, -119,
+ -119, 85, -119, -119, 88, 94, 96, 95, 163, -119,
+ 99, -119, -119, -119, -119, -119, -119, 40, -119, -119
+};
+
+/* YYPGOTO[NTERM-NUM]. */
+static const yytype_int16 yypgoto[] =
+{
+ -119, -119, -119, -119, -119, -119, -119, -119, 141, -119,
+ 137, -119, -15, -119, -72, -119, -119, 91, -119, 92,
+ 14, -119, -119, -119, -119, -119, -119, 84, -119, -119,
+ -119, -119, -119, -119, -119, -119, -119, -119, -119, -119,
+ -119, -119, -119, -119, -119, -119, -119, -119, -119, -82,
+ -119, 18, -119, 5, 101, 1, 187, -119, -118, -119,
+ -119, -119, -119, -119, -119, -119, 22, -119, -119
+};
+
+/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If
+ positive, shift that token. If negative, reduce the rule which
+ number is the opposite. If zero, do what YYDEFACT says.
+ If YYTABLE_NINF, syntax error. */
+#define YYTABLE_NINF -11
+static const yytype_int16 yytable[] =
+{
+ 163, 113, 5, 32, 208, 111, 108, 178, 114, 121,
+ 118, 15, 184, 103, 34, 104, 126, 126, 119, 134,
+ 122, 7, 185, 49, 8, 156, 160, 157, 164, 165,
+ 161, 16, -10, 166, 109, 135, 29, 136, 3, 159,
+ 134, 179, 17, 1, 176, 181, 112, 6, 177, 186,
+ 11, 171, 176, 176, 175, 205, 187, 189, 136, 137,
+ 200, 12, 115, 198, 126, 204, 206, 53, 54, 55,
+ 13, 134, 56, 119, 138, 209, 139, 140, 116, 23,
+ 137, 196, 3, 57, 33, 197, 188, 20, 19, 136,
+ 21, 58, 59, 192, 60, 138, 22, 139, 140, 219,
+ 5, 61, 26, 3, 202, 130, 25, 62, 27, 63,
+ 64, 137, 28, 35, 36, 39, 53, 54, 55, 65,
+ 33, 56, 66, 67, 38, 44, 138, 50, 139, 140,
+ 52, 68, 57, 100, 3, 69, 70, 71, 99, 72,
+ 58, 59, 73, 60, 74, 101, 106, 102, 107, 125,
+ 61, 126, 108, 130, 75, 158, 62, 172, 63, 64,
+ 103, 119, 162, 183, 180, 182, 181, 191, 65, 193,
+ 194, 66, 67, 190, 195, 217, 140, 207, 212, 210,
+ 68, 213, 51, 98, 69, 70, 71, 214, 72, 215,
+ 216, 154, 218, 74, 199, 203, 153, 14, 0, 155,
+ 124, 211, 201, 75
+};
+
+static const yytype_int16 yycheck[] =
+{
+ 118, 73, 1, 5, 23, 53, 66, 20, 6, 27,
+ 84, 7, 83, 92, 29, 94, 86, 86, 92, 31,
+ 38, 86, 93, 38, 89, 95, 95, 109, 18, 19,
+ 112, 27, 24, 23, 94, 47, 28, 49, 94, 111,
+ 31, 54, 38, 86, 91, 91, 94, 0, 95, 95,
+ 21, 123, 91, 91, 126, 46, 95, 95, 49, 71,
+ 178, 92, 60, 85, 86, 183, 184, 9, 10, 11,
+ 95, 31, 14, 92, 86, 193, 88, 89, 76, 29,
+ 71, 91, 94, 25, 86, 95, 158, 70, 89, 49,
+ 70, 33, 34, 165, 36, 86, 70, 88, 89, 217,
+ 99, 43, 39, 94, 85, 86, 93, 49, 84, 51,
+ 52, 71, 8, 24, 40, 90, 9, 10, 11, 61,
+ 86, 14, 64, 65, 91, 86, 86, 90, 88, 89,
+ 32, 73, 25, 67, 94, 77, 78, 79, 86, 81,
+ 33, 34, 84, 36, 86, 94, 37, 94, 67, 94,
+ 43, 86, 66, 86, 96, 53, 49, 86, 51, 52,
+ 92, 92, 89, 83, 92, 95, 91, 12, 61, 12,
+ 93, 64, 65, 97, 92, 12, 89, 94, 93, 89,
+ 73, 93, 41, 46, 77, 78, 79, 93, 81, 93,
+ 95, 107, 93, 86, 176, 181, 104, 10, -1, 108,
+ 99, 196, 180, 96
+};
+
+/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
+ symbol of state STATE-NUM. */
+static const yytype_uint8 yystos[] =
+{
+ 0, 86, 99, 94, 152, 153, 0, 86, 89, 154,
+ 155, 21, 92, 95, 154, 7, 27, 38, 100, 89,
+ 70, 70, 70, 29, 101, 93, 39, 84, 8, 28,
+ 102, 107, 5, 86, 110, 24, 40, 103, 91, 90,
+ 104, 105, 106, 110, 86, 108, 109, 111, 144, 110,
+ 90, 106, 32, 9, 10, 11, 14, 25, 33, 34,
+ 36, 43, 49, 51, 52, 61, 64, 65, 73, 77,
+ 78, 79, 81, 84, 86, 96, 112, 113, 114, 116,
+ 119, 121, 122, 123, 124, 126, 127, 128, 129, 130,
+ 131, 132, 133, 134, 140, 141, 145, 146, 108, 86,
+ 67, 94, 94, 92, 94, 115, 37, 67, 66, 94,
+ 125, 53, 94, 112, 6, 60, 76, 142, 84, 92,
+ 135, 27, 38, 143, 152, 94, 86, 147, 148, 149,
+ 86, 117, 118, 120, 31, 47, 49, 71, 86, 88,
+ 89, 153, 156, 157, 158, 159, 160, 161, 162, 163,
+ 164, 165, 166, 117, 125, 115, 95, 147, 53, 112,
+ 95, 147, 89, 156, 18, 19, 23, 136, 137, 138,
+ 139, 112, 86, 150, 151, 112, 91, 95, 20, 54,
+ 92, 91, 95, 83, 83, 93, 95, 95, 112, 95,
+ 97, 12, 112, 12, 93, 92, 91, 95, 85, 149,
+ 156, 164, 85, 118, 156, 46, 156, 94, 23, 156,
+ 89, 151, 93, 93, 93, 93, 95, 12, 93, 156
+};
+
+#define yyerrok (yyerrstatus = 0)
+#define yyclearin (yychar = YYEMPTY)
+#define YYEMPTY (-2)
+#define YYEOF 0
+
+#define YYACCEPT goto yyacceptlab
+#define YYABORT goto yyabortlab
+#define YYERROR goto yyerrorlab
+
+
+/* Like YYERROR except do call yyerror. This remains here temporarily
+ to ease the transition to the new meaning of YYERROR, for GCC.
+ Once GCC version 2 has supplanted version 1, this can go. */
+
+#define YYFAIL goto yyerrlab
+
+#define YYRECOVERING() (!!yyerrstatus)
+
+#define YYBACKUP(Token, Value) \
+do \
+ if (yychar == YYEMPTY && yylen == 1) \
+ { \
+ yychar = (Token); \
+ yylval = (Value); \
+ yytoken = YYTRANSLATE (yychar); \
+ YYPOPSTACK (1); \
+ goto yybackup; \
+ } \
+ else \
+ { \
+ yyerror (YY_("syntax error: cannot back up")); \
+ YYERROR; \
+ } \
+while (YYID (0))
+
+
+#define YYTERROR 1
+#define YYERRCODE 256
+
+
+/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N].
+ If N is 0, then set CURRENT to the empty location which ends
+ the previous symbol: RHS[0] (always defined). */
+
+#define YYRHSLOC(Rhs, K) ((Rhs)[K])
+#ifndef YYLLOC_DEFAULT
+# define YYLLOC_DEFAULT(Current, Rhs, N) \
+ do \
+ if (YYID (N)) \
+ { \
+ (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \
+ (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \
+ (Current).last_line = YYRHSLOC (Rhs, N).last_line; \
+ (Current).last_column = YYRHSLOC (Rhs, N).last_column; \
+ } \
+ else \
+ { \
+ (Current).first_line = (Current).last_line = \
+ YYRHSLOC (Rhs, 0).last_line; \
+ (Current).first_column = (Current).last_column = \
+ YYRHSLOC (Rhs, 0).last_column; \
+ } \
+ while (YYID (0))
+#endif
+
+
+/* YY_LOCATION_PRINT -- Print the location on the stream.
+ This macro was not mandated originally: define only if we know
+ we won't break user code: when these are the locations we know. */
+
+#ifndef YY_LOCATION_PRINT
+# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL
+# define YY_LOCATION_PRINT(File, Loc) \
+ fprintf (File, "%d.%d-%d.%d", \
+ (Loc).first_line, (Loc).first_column, \
+ (Loc).last_line, (Loc).last_column)
+# else
+# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
+# endif
+#endif
+
+
+/* YYLEX -- calling `yylex' with the right arguments. */
+
+#ifdef YYLEX_PARAM
+# define YYLEX yylex (YYLEX_PARAM)
+#else
+# define YYLEX yylex ()
+#endif
+
+/* Enable debugging if requested. */
+#if YYDEBUG
+
+# ifndef YYFPRINTF
+# include <stdio.h> /* INFRINGES ON USER NAME SPACE */
+# define YYFPRINTF fprintf
+# endif
+
+# define YYDPRINTF(Args) \
+do { \
+ if (yydebug) \
+ YYFPRINTF Args; \
+} while (YYID (0))
+
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \
+do { \
+ if (yydebug) \
+ { \
+ YYFPRINTF (stderr, "%s ", Title); \
+ yy_symbol_print (stderr, \
+ Type, Value); \
+ YYFPRINTF (stderr, "\n"); \
+ } \
+} while (YYID (0))
+
+
+/*--------------------------------.
+| Print this symbol on YYOUTPUT. |
+`--------------------------------*/
+
+/*ARGSUSED*/
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static void
+yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep)
+#else
+static void
+yy_symbol_value_print (yyoutput, yytype, yyvaluep)
+ FILE *yyoutput;
+ int yytype;
+ YYSTYPE const * const yyvaluep;
+#endif
+{
+ if (!yyvaluep)
+ return;
+# ifdef YYPRINT
+ if (yytype < YYNTOKENS)
+ YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
+# else
+ YYUSE (yyoutput);
+# endif
+ switch (yytype)
+ {
+ default:
+ break;
+ }
+}
+
+
+/*--------------------------------.
+| Print this symbol on YYOUTPUT. |
+`--------------------------------*/
+
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static void
+yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep)
+#else
+static void
+yy_symbol_print (yyoutput, yytype, yyvaluep)
+ FILE *yyoutput;
+ int yytype;
+ YYSTYPE const * const yyvaluep;
+#endif
+{
+ if (yytype < YYNTOKENS)
+ YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
+ else
+ YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
+
+ yy_symbol_value_print (yyoutput, yytype, yyvaluep);
+ YYFPRINTF (yyoutput, ")");
+}
+
+/*------------------------------------------------------------------.
+| yy_stack_print -- Print the state stack from its BOTTOM up to its |
+| TOP (included). |
+`------------------------------------------------------------------*/
+
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static void
+yy_stack_print (yytype_int16 *bottom, yytype_int16 *top)
+#else
+static void
+yy_stack_print (bottom, top)
+ yytype_int16 *bottom;
+ yytype_int16 *top;
+#endif
+{
+ YYFPRINTF (stderr, "Stack now");
+ for (; bottom <= top; ++bottom)
+ YYFPRINTF (stderr, " %d", *bottom);
+ YYFPRINTF (stderr, "\n");
+}
+
+# define YY_STACK_PRINT(Bottom, Top) \
+do { \
+ if (yydebug) \
+ yy_stack_print ((Bottom), (Top)); \
+} while (YYID (0))
+
+
+/*------------------------------------------------.
+| Report that the YYRULE is going to be reduced. |
+`------------------------------------------------*/
+
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static void
+yy_reduce_print (YYSTYPE *yyvsp, int yyrule)
+#else
+static void
+yy_reduce_print (yyvsp, yyrule)
+ YYSTYPE *yyvsp;
+ int yyrule;
+#endif
+{
+ int yynrhs = yyr2[yyrule];
+ int yyi;
+ unsigned long int yylno = yyrline[yyrule];
+ YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n",
+ yyrule - 1, yylno);
+ /* The symbols being reduced. */
+ for (yyi = 0; yyi < yynrhs; yyi++)
+ {
+ fprintf (stderr, " $%d = ", yyi + 1);
+ yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi],
+ &(yyvsp[(yyi + 1) - (yynrhs)])
+ );
+ fprintf (stderr, "\n");
+ }
+}
+
+# define YY_REDUCE_PRINT(Rule) \
+do { \
+ if (yydebug) \
+ yy_reduce_print (yyvsp, Rule); \
+} while (YYID (0))
+
+/* Nonzero means print parse trace. It is left uninitialized so that
+ multiple parsers can coexist. */
+int yydebug;
+#else /* !YYDEBUG */
+# define YYDPRINTF(Args)
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location)
+# define YY_STACK_PRINT(Bottom, Top)
+# define YY_REDUCE_PRINT(Rule)
+#endif /* !YYDEBUG */
+
+
+/* YYINITDEPTH -- initial size of the parser's stacks. */
+#ifndef YYINITDEPTH
+# define YYINITDEPTH 200
+#endif
+
+/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only
+ if the built-in stack extension method is used).
+
+ Do not make this value too large; the results are undefined if
+ YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH)
+ evaluated with infinite-precision integer arithmetic. */
+
+#ifndef YYMAXDEPTH
+# define YYMAXDEPTH 10000
+#endif
+
+
+
+#if YYERROR_VERBOSE
+
+# ifndef yystrlen
+# if defined __GLIBC__ && defined _STRING_H
+# define yystrlen strlen
+# else
+/* Return the length of YYSTR. */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static YYSIZE_T
+yystrlen (const char *yystr)
+#else
+static YYSIZE_T
+yystrlen (yystr)
+ const char *yystr;
+#endif
+{
+ YYSIZE_T yylen;
+ for (yylen = 0; yystr[yylen]; yylen++)
+ continue;
+ return yylen;
+}
+# endif
+# endif
+
+# ifndef yystpcpy
+# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE
+# define yystpcpy stpcpy
+# else
+/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
+ YYDEST. */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static char *
+yystpcpy (char *yydest, const char *yysrc)
+#else
+static char *
+yystpcpy (yydest, yysrc)
+ char *yydest;
+ const char *yysrc;
+#endif
+{
+ char *yyd = yydest;
+ const char *yys = yysrc;
+
+ while ((*yyd++ = *yys++) != '\0')
+ continue;
+
+ return yyd - 1;
+}
+# endif
+# endif
+
+# ifndef yytnamerr
+/* Copy to YYRES the contents of YYSTR after stripping away unnecessary
+ quotes and backslashes, so that it's suitable for yyerror. The
+ heuristic is that double-quoting is unnecessary unless the string
+ contains an apostrophe, a comma, or backslash (other than
+ backslash-backslash). YYSTR is taken from yytname. If YYRES is
+ null, do not copy; instead, return the length of what the result
+ would have been. */
+static YYSIZE_T
+yytnamerr (char *yyres, const char *yystr)
+{
+ if (*yystr == '"')
+ {
+ YYSIZE_T yyn = 0;
+ char const *yyp = yystr;
+
+ for (;;)
+ switch (*++yyp)
+ {
+ case '\'':
+ case ',':
+ goto do_not_strip_quotes;
+
+ case '\\':
+ if (*++yyp != '\\')
+ goto do_not_strip_quotes;
+ /* Fall through. */
+ default:
+ if (yyres)
+ yyres[yyn] = *yyp;
+ yyn++;
+ break;
+
+ case '"':
+ if (yyres)
+ yyres[yyn] = '\0';
+ return yyn;
+ }
+ do_not_strip_quotes: ;
+ }
+
+ if (! yyres)
+ return yystrlen (yystr);
+
+ return yystpcpy (yyres, yystr) - yyres;
+}
+# endif
+
+/* Copy into YYRESULT an error message about the unexpected token
+ YYCHAR while in state YYSTATE. Return the number of bytes copied,
+ including the terminating null byte. If YYRESULT is null, do not
+ copy anything; just return the number of bytes that would be
+ copied. As a special case, return 0 if an ordinary "syntax error"
+ message will do. Return YYSIZE_MAXIMUM if overflow occurs during
+ size calculation. */
+static YYSIZE_T
+yysyntax_error (char *yyresult, int yystate, int yychar)
+{
+ int yyn = yypact[yystate];
+
+ if (! (YYPACT_NINF < yyn && yyn <= YYLAST))
+ return 0;
+ else
+ {
+ int yytype = YYTRANSLATE (yychar);
+ YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]);
+ YYSIZE_T yysize = yysize0;
+ YYSIZE_T yysize1;
+ int yysize_overflow = 0;
+ enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 };
+ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
+ int yyx;
+
+# if 0
+ /* This is so xgettext sees the translatable formats that are
+ constructed on the fly. */
+ YY_("syntax error, unexpected %s");
+ YY_("syntax error, unexpected %s, expecting %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s");
+ YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s");
+# endif
+ char *yyfmt;
+ char const *yyf;
+ static char const yyunexpected[] = "syntax error, unexpected %s";
+ static char const yyexpecting[] = ", expecting %s";
+ static char const yyor[] = " or %s";
+ char yyformat[sizeof yyunexpected
+ + sizeof yyexpecting - 1
+ + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2)
+ * (sizeof yyor - 1))];
+ char const *yyprefix = yyexpecting;
+
+ /* Start YYX at -YYN if negative to avoid negative indexes in
+ YYCHECK. */
+ int yyxbegin = yyn < 0 ? -yyn : 0;
+
+ /* Stay within bounds of both yycheck and yytname. */
+ int yychecklim = YYLAST - yyn + 1;
+ int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS;
+ int yycount = 1;
+
+ yyarg[0] = yytname[yytype];
+ yyfmt = yystpcpy (yyformat, yyunexpected);
+
+ for (yyx = yyxbegin; yyx < yyxend; ++yyx)
+ if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR)
+ {
+ if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM)
+ {
+ yycount = 1;
+ yysize = yysize0;
+ yyformat[sizeof yyunexpected - 1] = '\0';
+ break;
+ }
+ yyarg[yycount++] = yytname[yyx];
+ yysize1 = yysize + yytnamerr (0, yytname[yyx]);
+ yysize_overflow |= (yysize1 < yysize);
+ yysize = yysize1;
+ yyfmt = yystpcpy (yyfmt, yyprefix);
+ yyprefix = yyor;
+ }
+
+ yyf = YY_(yyformat);
+ yysize1 = yysize + yystrlen (yyf);
+ yysize_overflow |= (yysize1 < yysize);
+ yysize = yysize1;
+
+ if (yysize_overflow)
+ return YYSIZE_MAXIMUM;
+
+ if (yyresult)
+ {
+ /* Avoid sprintf, as that infringes on the user's name space.
+ Don't have undefined behavior even if the translation
+ produced a string with the wrong number of "%s"s. */
+ char *yyp = yyresult;
+ int yyi = 0;
+ while ((*yyp = *yyf) != '\0')
+ {
+ if (*yyp == '%' && yyf[1] == 's' && yyi < yycount)
+ {
+ yyp += yytnamerr (yyp, yyarg[yyi++]);
+ yyf += 2;
+ }
+ else
+ {
+ yyp++;
+ yyf++;
+ }
+ }
+ }
+ return yysize;
+ }
+}
+#endif /* YYERROR_VERBOSE */
+
+
+/*-----------------------------------------------.
+| Release the memory associated to this symbol. |
+`-----------------------------------------------*/
+
+/*ARGSUSED*/
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+static void
+yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yydestruct (yymsg, yytype, yyvaluep)
+ const char *yymsg;
+ int yytype;
+ YYSTYPE *yyvaluep;
+#endif
+{
+ YYUSE (yyvaluep);
+
+ if (!yymsg)
+ yymsg = "Deleting";
+ YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp);
+
+ switch (yytype)
+ {
+
+ default:
+ break;
+ }
+}
+
+
+/* Prevent warnings from -Wmissing-prototypes. */
+
+#ifdef YYPARSE_PARAM
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void *YYPARSE_PARAM);
+#else
+int yyparse ();
+#endif
+#else /* ! YYPARSE_PARAM */
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
+
+
+
+/* The look-ahead symbol. */
+int yychar;
+
+/* The semantic value of the look-ahead symbol. */
+YYSTYPE yylval;
+
+/* Number of syntax errors so far. */
+int yynerrs;
+
+
+
+/*----------.
+| yyparse. |
+`----------*/
+
+#ifdef YYPARSE_PARAM
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+int
+yyparse (void *YYPARSE_PARAM)
+#else
+int
+yyparse (YYPARSE_PARAM)
+ void *YYPARSE_PARAM;
+#endif
+#else /* ! YYPARSE_PARAM */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+ || defined __cplusplus || defined _MSC_VER)
+int
+yyparse (void)
+#else
+int
+yyparse ()
+
+#endif
+#endif
+{
+
+ int yystate;
+ int yyn;
+ int yyresult;
+ /* Number of tokens to shift before error messages enabled. */
+ int yyerrstatus;
+ /* Look-ahead token as an internal (translated) token number. */
+ int yytoken = 0;
+#if YYERROR_VERBOSE
+ /* Buffer for error messages, and its allocated size. */
+ char yymsgbuf[128];
+ char *yymsg = yymsgbuf;
+ YYSIZE_T yymsg_alloc = sizeof yymsgbuf;
+#endif
+
+ /* Three stacks and their tools:
+ `yyss': related to states,
+ `yyvs': related to semantic values,
+ `yyls': related to locations.
+
+ Refer to the stacks thru separate pointers, to allow yyoverflow
+ to reallocate them elsewhere. */
+
+ /* The state stack. */
+ yytype_int16 yyssa[YYINITDEPTH];
+ yytype_int16 *yyss = yyssa;
+ yytype_int16 *yyssp;
+
+ /* The semantic value stack. */
+ YYSTYPE yyvsa[YYINITDEPTH];
+ YYSTYPE *yyvs = yyvsa;
+ YYSTYPE *yyvsp;
+
+
+
+#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N))
+
+ YYSIZE_T yystacksize = YYINITDEPTH;
+
+ /* The variables used to return semantic value and location from the
+ action routines. */
+ YYSTYPE yyval;
+
+
+ /* The number of symbols on the RHS of the reduced rule.
+ Keep to zero when no symbol should be popped. */
+ int yylen = 0;
+
+ YYDPRINTF ((stderr, "Starting parse\n"));
+
+ yystate = 0;
+ yyerrstatus = 0;
+ yynerrs = 0;
+ yychar = YYEMPTY; /* Cause a token to be read. */
+
+ /* Initialize stack pointers.
+ Waste one element of value and location stack
+ so that they stay on the same level as the state stack.
+ The wasted elements are never initialized. */
+
+ yyssp = yyss;
+ yyvsp = yyvs;
+
+ goto yysetstate;
+
+/*------------------------------------------------------------.
+| yynewstate -- Push a new state, which is found in yystate. |
+`------------------------------------------------------------*/
+ yynewstate:
+ /* In all cases, when you get here, the value and location stacks
+ have just been pushed. So pushing a state here evens the stacks. */
+ yyssp++;
+
+ yysetstate:
+ *yyssp = yystate;
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ {
+ /* Get the current used size of the three stacks, in elements. */
+ YYSIZE_T yysize = yyssp - yyss + 1;
+
+#ifdef yyoverflow
+ {
+ /* Give user a chance to reallocate the stack. Use copies of
+ these so that the &'s don't force the real ones into
+ memory. */
+ YYSTYPE *yyvs1 = yyvs;
+ yytype_int16 *yyss1 = yyss;
+
+
+ /* Each stack pointer address is followed by the size of the
+ data in use in that stack, in bytes. This used to be a
+ conditional around just the two extra args, but that might
+ be undefined if yyoverflow is a macro. */
+ yyoverflow (YY_("memory exhausted"),
+ &yyss1, yysize * sizeof (*yyssp),
+ &yyvs1, yysize * sizeof (*yyvsp),
+
+ &yystacksize);
+
+ yyss = yyss1;
+ yyvs = yyvs1;
+ }
+#else /* no yyoverflow */
+# ifndef YYSTACK_RELOCATE
+ goto yyexhaustedlab;
+# else
+ /* Extend the stack our own way. */
+ if (YYMAXDEPTH <= yystacksize)
+ goto yyexhaustedlab;
+ yystacksize *= 2;
+ if (YYMAXDEPTH < yystacksize)
+ yystacksize = YYMAXDEPTH;
+
+ {
+ yytype_int16 *yyss1 = yyss;
+ union yyalloc *yyptr =
+ (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
+ if (! yyptr)
+ goto yyexhaustedlab;
+ YYSTACK_RELOCATE (yyss);
+ YYSTACK_RELOCATE (yyvs);
+
+# undef YYSTACK_RELOCATE
+ if (yyss1 != yyssa)
+ YYSTACK_FREE (yyss1);
+ }
+# endif
+#endif /* no yyoverflow */
+
+ yyssp = yyss + yysize - 1;
+ yyvsp = yyvs + yysize - 1;
+
+
+ YYDPRINTF ((stderr, "Stack size increased to %lu\n",
+ (unsigned long int) yystacksize));
+
+ if (yyss + yystacksize - 1 <= yyssp)
+ YYABORT;
+ }
+
+ YYDPRINTF ((stderr, "Entering state %d\n", yystate));
+
+ goto yybackup;
+
+/*-----------.
+| yybackup. |
+`-----------*/
+yybackup:
+
+ /* Do appropriate processing given the current state. Read a
+ look-ahead token if we need one and don't already have one. */
+
+ /* First try to decide what to do without reference to look-ahead token. */
+ yyn = yypact[yystate];
+ if (yyn == YYPACT_NINF)
+ goto yydefault;
+
+ /* Not known => get a look-ahead token if don't already have one. */
+
+ /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */
+ if (yychar == YYEMPTY)
+ {
+ YYDPRINTF ((stderr, "Reading a token: "));
+ yychar = YYLEX;
+ }
+
+ if (yychar <= YYEOF)
+ {
+ yychar = yytoken = YYEOF;
+ YYDPRINTF ((stderr, "Now at end of input.\n"));
+ }
+ else
+ {
+ yytoken = YYTRANSLATE (yychar);
+ YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc);
+ }
+
+ /* If the proper action on seeing token YYTOKEN is to reduce or to
+ detect an error, take that action. */
+ yyn += yytoken;
+ if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken)
+ goto yydefault;
+ yyn = yytable[yyn];
+ if (yyn <= 0)
+ {
+ if (yyn == 0 || yyn == YYTABLE_NINF)
+ goto yyerrlab;
+ yyn = -yyn;
+ goto yyreduce;
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ /* Count tokens shifted since error; after three, turn off error
+ status. */
+ if (yyerrstatus)
+ yyerrstatus--;
+
+ /* Shift the look-ahead token. */
+ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc);
+
+ /* Discard the shifted token unless it is eof. */
+ if (yychar != YYEOF)
+ yychar = YYEMPTY;
+
+ yystate = yyn;
+ *++yyvsp = yylval;
+
+ goto yynewstate;
+
+
+/*-----------------------------------------------------------.
+| yydefault -- do the default action for the current state. |
+`-----------------------------------------------------------*/
+yydefault:
+ yyn = yydefact[yystate];
+ if (yyn == 0)
+ goto yyerrlab;
+ goto yyreduce;
+
+
+/*-----------------------------.
+| yyreduce -- Do a reduction. |
+`-----------------------------*/
+yyreduce:
+ /* yyn is the number of a rule to reduce with. */
+ yylen = yyr2[yyn];
+
+ /* If YYLEN is nonzero, implement the default value of the action:
+ `$$ = $1'.
+
+ Otherwise, the following line sets YYVAL to garbage.
+ This behavior is undocumented and Bison
+ users should not rely upon it. Assigning to YYVAL
+ unconditionally makes the parser a bit smaller, and it avoids a
+ GCC warning that YYVAL may be used uninitialized. */
+ yyval = yyvsp[1-yylen];
+
+
+ YY_REDUCE_PRINT (yyn);
+ switch (yyn)
+ {
+ case 2:
+#line 241 "asn1parse.y"
+ {
+ checkundefined();
+ }
+ break;
+
+ case 4:
+#line 248 "asn1parse.y"
+ { lex_error_message("implicit tagging is not supported"); }
+ break;
+
+ case 5:
+#line 250 "asn1parse.y"
+ { lex_error_message("automatic tagging is not supported"); }
+ break;
+
+ case 7:
+#line 255 "asn1parse.y"
+ { lex_error_message("no extensibility options supported"); }
+ break;
+
+ case 17:
+#line 276 "asn1parse.y"
+ {
+ struct string_list *sl;
+ for(sl = (yyvsp[(1) - (4)].sl); sl != NULL; sl = sl->next) {
+ Symbol *s = addsym(sl->string);
+ s->stype = Stype;
+ gen_template_import(s);
+ }
+ add_import((yyvsp[(3) - (4)].name));
+ }
+ break;
+
+ case 18:
+#line 288 "asn1parse.y"
+ {
+ struct string_list *sl;
+ for(sl = (yyvsp[(2) - (3)].sl); sl != NULL; sl = sl->next)
+ add_export(sl->string);
+ }
+ break;
+
+ case 25:
+#line 306 "asn1parse.y"
+ {
+ (yyval.sl) = emalloc(sizeof(*(yyval.sl)));
+ (yyval.sl)->string = (yyvsp[(1) - (3)].name);
+ (yyval.sl)->next = (yyvsp[(3) - (3)].sl);
+ }
+ break;
+
+ case 26:
+#line 312 "asn1parse.y"
+ {
+ (yyval.sl) = emalloc(sizeof(*(yyval.sl)));
+ (yyval.sl)->string = (yyvsp[(1) - (1)].name);
+ (yyval.sl)->next = NULL;
+ }
+ break;
+
+ case 27:
+#line 320 "asn1parse.y"
+ {
+ Symbol *s = addsym ((yyvsp[(1) - (3)].name));
+ s->stype = Stype;
+ s->type = (yyvsp[(3) - (3)].type);
+ fix_labels(s);
+ generate_type (s);
+ }
+ break;
+
+ case 45:
+#line 351 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Boolean,
+ TE_EXPLICIT, new_type(TBoolean));
+ }
+ break;
+
+ case 46:
+#line 358 "asn1parse.y"
+ {
+ if((yyvsp[(2) - (5)].value)->type != integervalue)
+ lex_error_message("Non-integer used in first part of range");
+ if((yyvsp[(2) - (5)].value)->type != integervalue)
+ lex_error_message("Non-integer in second part of range");
+ (yyval.range) = ecalloc(1, sizeof(*(yyval.range)));
+ (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue;
+ (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue;
+ }
+ break;
+
+ case 47:
+#line 368 "asn1parse.y"
+ {
+ if((yyvsp[(2) - (5)].value)->type != integervalue)
+ lex_error_message("Non-integer in first part of range");
+ (yyval.range) = ecalloc(1, sizeof(*(yyval.range)));
+ (yyval.range)->min = (yyvsp[(2) - (5)].value)->u.integervalue;
+ (yyval.range)->max = (yyvsp[(2) - (5)].value)->u.integervalue - 1;
+ }
+ break;
+
+ case 48:
+#line 376 "asn1parse.y"
+ {
+ if((yyvsp[(4) - (5)].value)->type != integervalue)
+ lex_error_message("Non-integer in second part of range");
+ (yyval.range) = ecalloc(1, sizeof(*(yyval.range)));
+ (yyval.range)->min = (yyvsp[(4) - (5)].value)->u.integervalue + 2;
+ (yyval.range)->max = (yyvsp[(4) - (5)].value)->u.integervalue;
+ }
+ break;
+
+ case 49:
+#line 384 "asn1parse.y"
+ {
+ if((yyvsp[(2) - (3)].value)->type != integervalue)
+ lex_error_message("Non-integer used in limit");
+ (yyval.range) = ecalloc(1, sizeof(*(yyval.range)));
+ (yyval.range)->min = (yyvsp[(2) - (3)].value)->u.integervalue;
+ (yyval.range)->max = (yyvsp[(2) - (3)].value)->u.integervalue;
+ }
+ break;
+
+ case 50:
+#line 395 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer,
+ TE_EXPLICIT, new_type(TInteger));
+ }
+ break;
+
+ case 51:
+#line 400 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TInteger);
+ (yyval.type)->range = (yyvsp[(2) - (2)].range);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 52:
+#line 406 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TInteger);
+ (yyval.type)->members = (yyvsp[(3) - (4)].members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 53:
+#line 414 "asn1parse.y"
+ {
+ (yyval.members) = emalloc(sizeof(*(yyval.members)));
+ ASN1_TAILQ_INIT((yyval.members));
+ ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members);
+ }
+ break;
+
+ case 54:
+#line 420 "asn1parse.y"
+ {
+ ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members);
+ (yyval.members) = (yyvsp[(1) - (3)].members);
+ }
+ break;
+
+ case 55:
+#line 425 "asn1parse.y"
+ { (yyval.members) = (yyvsp[(1) - (3)].members); }
+ break;
+
+ case 56:
+#line 429 "asn1parse.y"
+ {
+ (yyval.member) = emalloc(sizeof(*(yyval.member)));
+ (yyval.member)->name = (yyvsp[(1) - (4)].name);
+ (yyval.member)->gen_name = estrdup((yyvsp[(1) - (4)].name));
+ output_name ((yyval.member)->gen_name);
+ (yyval.member)->val = (yyvsp[(3) - (4)].constant);
+ (yyval.member)->optional = 0;
+ (yyval.member)->ellipsis = 0;
+ (yyval.member)->type = NULL;
+ }
+ break;
+
+ case 57:
+#line 442 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TInteger);
+ (yyval.type)->members = (yyvsp[(3) - (4)].members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Enumerated, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 59:
+#line 453 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TBitString);
+ (yyval.type)->members = emalloc(sizeof(*(yyval.type)->members));
+ ASN1_TAILQ_INIT((yyval.type)->members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 60:
+#line 460 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TBitString);
+ (yyval.type)->members = (yyvsp[(4) - (5)].members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 61:
+#line 468 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_OID,
+ TE_EXPLICIT, new_type(TOID));
+ }
+ break;
+
+ case 62:
+#line 474 "asn1parse.y"
+ {
+ Type *t = new_type(TOctetString);
+ t->range = (yyvsp[(3) - (3)].range);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_OctetString,
+ TE_EXPLICIT, t);
+ }
+ break;
+
+ case 63:
+#line 483 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Null,
+ TE_EXPLICIT, new_type(TNull));
+ }
+ break;
+
+ case 64:
+#line 490 "asn1parse.y"
+ { (yyval.range) = NULL; }
+ break;
+
+ case 65:
+#line 492 "asn1parse.y"
+ { (yyval.range) = (yyvsp[(2) - (2)].range); }
+ break;
+
+ case 66:
+#line 497 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSequence);
+ (yyval.type)->members = (yyvsp[(3) - (4)].members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 67:
+#line 503 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSequence);
+ (yyval.type)->members = NULL;
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 68:
+#line 511 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSequenceOf);
+ (yyval.type)->range = (yyvsp[(2) - (4)].range);
+ (yyval.type)->subtype = (yyvsp[(4) - (4)].type);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 69:
+#line 520 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSet);
+ (yyval.type)->members = (yyvsp[(3) - (4)].members);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 70:
+#line 526 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSet);
+ (yyval.type)->members = NULL;
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 71:
+#line 534 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TSetOf);
+ (yyval.type)->subtype = (yyvsp[(3) - (3)].type);
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, (yyval.type));
+ }
+ break;
+
+ case 72:
+#line 542 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TChoice);
+ (yyval.type)->members = (yyvsp[(3) - (4)].members);
+ }
+ break;
+
+ case 75:
+#line 553 "asn1parse.y"
+ {
+ Symbol *s = addsym((yyvsp[(1) - (1)].name));
+ (yyval.type) = new_type(TType);
+ if(s->stype != Stype && s->stype != SUndefined)
+ lex_error_message ("%s is not a type\n", (yyvsp[(1) - (1)].name));
+ else
+ (yyval.type)->symbol = s;
+ }
+ break;
+
+ case 76:
+#line 564 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralizedTime,
+ TE_EXPLICIT, new_type(TGeneralizedTime));
+ }
+ break;
+
+ case 77:
+#line 569 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTCTime,
+ TE_EXPLICIT, new_type(TUTCTime));
+ }
+ break;
+
+ case 78:
+#line 576 "asn1parse.y"
+ {
+ /* if (Constraint.type == contentConstrant) {
+ assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too
+ if (Constraint.u.constraint.type) {
+ assert((Constraint.u.constraint.type.length % 8) == 0);
+ }
+ }
+ if (Constraint.u.constraint.encoding) {
+ type == der-oid|ber-oid
+ }
+ */
+ }
+ break;
+
+ case 79:
+#line 592 "asn1parse.y"
+ {
+ (yyval.constraint_spec) = (yyvsp[(2) - (3)].constraint_spec);
+ }
+ break;
+
+ case 83:
+#line 605 "asn1parse.y"
+ {
+ (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS);
+ (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (2)].type);
+ (yyval.constraint_spec)->u.content.encoding = NULL;
+ }
+ break;
+
+ case 84:
+#line 611 "asn1parse.y"
+ {
+ if ((yyvsp[(3) - (3)].value)->type != objectidentifiervalue)
+ lex_error_message("Non-OID used in ENCODED BY constraint");
+ (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS);
+ (yyval.constraint_spec)->u.content.type = NULL;
+ (yyval.constraint_spec)->u.content.encoding = (yyvsp[(3) - (3)].value);
+ }
+ break;
+
+ case 85:
+#line 619 "asn1parse.y"
+ {
+ if ((yyvsp[(5) - (5)].value)->type != objectidentifiervalue)
+ lex_error_message("Non-OID used in ENCODED BY constraint");
+ (yyval.constraint_spec) = new_constraint_spec(CT_CONTENTS);
+ (yyval.constraint_spec)->u.content.type = (yyvsp[(2) - (5)].type);
+ (yyval.constraint_spec)->u.content.encoding = (yyvsp[(5) - (5)].value);
+ }
+ break;
+
+ case 86:
+#line 629 "asn1parse.y"
+ {
+ (yyval.constraint_spec) = new_constraint_spec(CT_USER);
+ }
+ break;
+
+ case 87:
+#line 635 "asn1parse.y"
+ {
+ (yyval.type) = new_type(TTag);
+ (yyval.type)->tag = (yyvsp[(1) - (3)].tag);
+ (yyval.type)->tag.tagenv = (yyvsp[(2) - (3)].constant);
+ if((yyvsp[(3) - (3)].type)->type == TTag && (yyvsp[(2) - (3)].constant) == TE_IMPLICIT) {
+ (yyval.type)->subtype = (yyvsp[(3) - (3)].type)->subtype;
+ free((yyvsp[(3) - (3)].type));
+ } else
+ (yyval.type)->subtype = (yyvsp[(3) - (3)].type);
+ }
+ break;
+
+ case 88:
+#line 648 "asn1parse.y"
+ {
+ (yyval.tag).tagclass = (yyvsp[(2) - (4)].constant);
+ (yyval.tag).tagvalue = (yyvsp[(3) - (4)].constant);
+ (yyval.tag).tagenv = TE_EXPLICIT;
+ }
+ break;
+
+ case 89:
+#line 656 "asn1parse.y"
+ {
+ (yyval.constant) = ASN1_C_CONTEXT;
+ }
+ break;
+
+ case 90:
+#line 660 "asn1parse.y"
+ {
+ (yyval.constant) = ASN1_C_UNIV;
+ }
+ break;
+
+ case 91:
+#line 664 "asn1parse.y"
+ {
+ (yyval.constant) = ASN1_C_APPL;
+ }
+ break;
+
+ case 92:
+#line 668 "asn1parse.y"
+ {
+ (yyval.constant) = ASN1_C_PRIVATE;
+ }
+ break;
+
+ case 93:
+#line 674 "asn1parse.y"
+ {
+ (yyval.constant) = TE_EXPLICIT;
+ }
+ break;
+
+ case 94:
+#line 678 "asn1parse.y"
+ {
+ (yyval.constant) = TE_EXPLICIT;
+ }
+ break;
+
+ case 95:
+#line 682 "asn1parse.y"
+ {
+ (yyval.constant) = TE_IMPLICIT;
+ }
+ break;
+
+ case 96:
+#line 689 "asn1parse.y"
+ {
+ Symbol *s;
+ s = addsym ((yyvsp[(1) - (4)].name));
+
+ s->stype = SValue;
+ s->value = (yyvsp[(4) - (4)].value);
+ generate_constant (s);
+ }
+ break;
+
+ case 98:
+#line 703 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_GeneralString,
+ TE_EXPLICIT, new_type(TGeneralString));
+ }
+ break;
+
+ case 99:
+#line 708 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_TeletexString,
+ TE_EXPLICIT, new_type(TTeletexString));
+ }
+ break;
+
+ case 100:
+#line 713 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_UTF8String,
+ TE_EXPLICIT, new_type(TUTF8String));
+ }
+ break;
+
+ case 101:
+#line 718 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_PrintableString,
+ TE_EXPLICIT, new_type(TPrintableString));
+ }
+ break;
+
+ case 102:
+#line 723 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_VisibleString,
+ TE_EXPLICIT, new_type(TVisibleString));
+ }
+ break;
+
+ case 103:
+#line 728 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_IA5String,
+ TE_EXPLICIT, new_type(TIA5String));
+ }
+ break;
+
+ case 104:
+#line 733 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_BMPString,
+ TE_EXPLICIT, new_type(TBMPString));
+ }
+ break;
+
+ case 105:
+#line 738 "asn1parse.y"
+ {
+ (yyval.type) = new_tag(ASN1_C_UNIV, UT_UniversalString,
+ TE_EXPLICIT, new_type(TUniversalString));
+ }
+ break;
+
+ case 106:
+#line 746 "asn1parse.y"
+ {
+ (yyval.members) = emalloc(sizeof(*(yyval.members)));
+ ASN1_TAILQ_INIT((yyval.members));
+ ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members);
+ }
+ break;
+
+ case 107:
+#line 752 "asn1parse.y"
+ {
+ ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members);
+ (yyval.members) = (yyvsp[(1) - (3)].members);
+ }
+ break;
+
+ case 108:
+#line 757 "asn1parse.y"
+ {
+ struct member *m = ecalloc(1, sizeof(*m));
+ m->name = estrdup("...");
+ m->gen_name = estrdup("asn1_ellipsis");
+ m->ellipsis = 1;
+ ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), m, members);
+ (yyval.members) = (yyvsp[(1) - (3)].members);
+ }
+ break;
+
+ case 109:
+#line 768 "asn1parse.y"
+ {
+ (yyval.member) = emalloc(sizeof(*(yyval.member)));
+ (yyval.member)->name = (yyvsp[(1) - (2)].name);
+ (yyval.member)->gen_name = estrdup((yyvsp[(1) - (2)].name));
+ output_name ((yyval.member)->gen_name);
+ (yyval.member)->type = (yyvsp[(2) - (2)].type);
+ (yyval.member)->ellipsis = 0;
+ }
+ break;
+
+ case 110:
+#line 779 "asn1parse.y"
+ {
+ (yyval.member) = (yyvsp[(1) - (1)].member);
+ (yyval.member)->optional = 0;
+ (yyval.member)->defval = NULL;
+ }
+ break;
+
+ case 111:
+#line 785 "asn1parse.y"
+ {
+ (yyval.member) = (yyvsp[(1) - (2)].member);
+ (yyval.member)->optional = 1;
+ (yyval.member)->defval = NULL;
+ }
+ break;
+
+ case 112:
+#line 791 "asn1parse.y"
+ {
+ (yyval.member) = (yyvsp[(1) - (3)].member);
+ (yyval.member)->optional = 0;
+ (yyval.member)->defval = (yyvsp[(3) - (3)].value);
+ }
+ break;
+
+ case 113:
+#line 799 "asn1parse.y"
+ {
+ (yyval.members) = emalloc(sizeof(*(yyval.members)));
+ ASN1_TAILQ_INIT((yyval.members));
+ ASN1_TAILQ_INSERT_HEAD((yyval.members), (yyvsp[(1) - (1)].member), members);
+ }
+ break;
+
+ case 114:
+#line 805 "asn1parse.y"
+ {
+ ASN1_TAILQ_INSERT_TAIL((yyvsp[(1) - (3)].members), (yyvsp[(3) - (3)].member), members);
+ (yyval.members) = (yyvsp[(1) - (3)].members);
+ }
+ break;
+
+ case 115:
+#line 812 "asn1parse.y"
+ {
+ (yyval.member) = emalloc(sizeof(*(yyval.member)));
+ (yyval.member)->name = (yyvsp[(1) - (4)].name);
+ (yyval.member)->gen_name = estrdup((yyvsp[(1) - (4)].name));
+ output_name ((yyval.member)->gen_name);
+ (yyval.member)->val = (yyvsp[(3) - (4)].constant);
+ (yyval.member)->optional = 0;
+ (yyval.member)->ellipsis = 0;
+ (yyval.member)->type = NULL;
+ }
+ break;
+
+ case 117:
+#line 825 "asn1parse.y"
+ { (yyval.objid) = NULL; }
+ break;
+
+ case 118:
+#line 829 "asn1parse.y"
+ {
+ (yyval.objid) = (yyvsp[(2) - (3)].objid);
+ }
+ break;
+
+ case 119:
+#line 835 "asn1parse.y"
+ {
+ (yyval.objid) = NULL;
+ }
+ break;
+
+ case 120:
+#line 839 "asn1parse.y"
+ {
+ if ((yyvsp[(2) - (2)].objid)) {
+ (yyval.objid) = (yyvsp[(2) - (2)].objid);
+ add_oid_to_tail((yyvsp[(2) - (2)].objid), (yyvsp[(1) - (2)].objid));
+ } else {
+ (yyval.objid) = (yyvsp[(1) - (2)].objid);
+ }
+ }
+ break;
+
+ case 121:
+#line 850 "asn1parse.y"
+ {
+ (yyval.objid) = new_objid((yyvsp[(1) - (4)].name), (yyvsp[(3) - (4)].constant));
+ }
+ break;
+
+ case 122:
+#line 854 "asn1parse.y"
+ {
+ Symbol *s = addsym((yyvsp[(1) - (1)].name));
+ if(s->stype != SValue ||
+ s->value->type != objectidentifiervalue) {
+ lex_error_message("%s is not an object identifier\n",
+ s->name);
+ exit(1);
+ }
+ (yyval.objid) = s->value->u.objectidentifiervalue;
+ }
+ break;
+
+ case 123:
+#line 865 "asn1parse.y"
+ {
+ (yyval.objid) = new_objid(NULL, (yyvsp[(1) - (1)].constant));
+ }
+ break;
+
+ case 133:
+#line 888 "asn1parse.y"
+ {
+ Symbol *s = addsym((yyvsp[(1) - (1)].name));
+ if(s->stype != SValue)
+ lex_error_message ("%s is not a value\n",
+ s->name);
+ else
+ (yyval.value) = s->value;
+ }
+ break;
+
+ case 134:
+#line 899 "asn1parse.y"
+ {
+ (yyval.value) = emalloc(sizeof(*(yyval.value)));
+ (yyval.value)->type = stringvalue;
+ (yyval.value)->u.stringvalue = (yyvsp[(1) - (1)].name);
+ }
+ break;
+
+ case 135:
+#line 907 "asn1parse.y"
+ {
+ (yyval.value) = emalloc(sizeof(*(yyval.value)));
+ (yyval.value)->type = booleanvalue;
+ (yyval.value)->u.booleanvalue = 0;
+ }
+ break;
+
+ case 136:
+#line 913 "asn1parse.y"
+ {
+ (yyval.value) = emalloc(sizeof(*(yyval.value)));
+ (yyval.value)->type = booleanvalue;
+ (yyval.value)->u.booleanvalue = 0;
+ }
+ break;
+
+ case 137:
+#line 921 "asn1parse.y"
+ {
+ (yyval.value) = emalloc(sizeof(*(yyval.value)));
+ (yyval.value)->type = integervalue;
+ (yyval.value)->u.integervalue = (yyvsp[(1) - (1)].constant);
+ }
+ break;
+
+ case 139:
+#line 932 "asn1parse.y"
+ {
+ }
+ break;
+
+ case 140:
+#line 937 "asn1parse.y"
+ {
+ (yyval.value) = emalloc(sizeof(*(yyval.value)));
+ (yyval.value)->type = objectidentifiervalue;
+ (yyval.value)->u.objectidentifiervalue = (yyvsp[(1) - (1)].objid);
+ }
+ break;
+
+
+/* Line 1267 of yacc.c. */
+#line 2553 "asn1parse.c"
+ default: break;
+ }
+ YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc);
+
+ YYPOPSTACK (yylen);
+ yylen = 0;
+ YY_STACK_PRINT (yyss, yyssp);
+
+ *++yyvsp = yyval;
+
+
+ /* Now `shift' the result of the reduction. Determine what state
+ that goes to, based on the state we popped back to and the rule
+ number reduced by. */
+
+ yyn = yyr1[yyn];
+
+ yystate = yypgoto[yyn - YYNTOKENS] + *yyssp;
+ if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp)
+ yystate = yytable[yystate];
+ else
+ yystate = yydefgoto[yyn - YYNTOKENS];
+
+ goto yynewstate;
+
+
+/*------------------------------------.
+| yyerrlab -- here on detecting error |
+`------------------------------------*/
+yyerrlab:
+ /* If not already recovering from an error, report this error. */
+ if (!yyerrstatus)
+ {
+ ++yynerrs;
+#if ! YYERROR_VERBOSE
+ yyerror (YY_("syntax error"));
+#else
+ {
+ YYSIZE_T yysize = yysyntax_error (0, yystate, yychar);
+ if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM)
+ {
+ YYSIZE_T yyalloc = 2 * yysize;
+ if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM))
+ yyalloc = YYSTACK_ALLOC_MAXIMUM;
+ if (yymsg != yymsgbuf)
+ YYSTACK_FREE (yymsg);
+ yymsg = (char *) YYSTACK_ALLOC (yyalloc);
+ if (yymsg)
+ yymsg_alloc = yyalloc;
+ else
+ {
+ yymsg = yymsgbuf;
+ yymsg_alloc = sizeof yymsgbuf;
+ }
+ }
+
+ if (0 < yysize && yysize <= yymsg_alloc)
+ {
+ (void) yysyntax_error (yymsg, yystate, yychar);
+ yyerror (yymsg);
+ }
+ else
+ {
+ yyerror (YY_("syntax error"));
+ if (yysize != 0)
+ goto yyexhaustedlab;
+ }
+ }
+#endif
+ }
+
+
+
+ if (yyerrstatus == 3)
+ {
+ /* If just tried and failed to reuse look-ahead token after an
+ error, discard it. */
+
+ if (yychar <= YYEOF)
+ {
+ /* Return failure if at end of input. */
+ if (yychar == YYEOF)
+ YYABORT;
+ }
+ else
+ {
+ yydestruct ("Error: discarding",
+ yytoken, &yylval);
+ yychar = YYEMPTY;
+ }
+ }
+
+ /* Else will try to reuse look-ahead token after shifting the error
+ token. */
+ goto yyerrlab1;
+
+
+/*---------------------------------------------------.
+| yyerrorlab -- error raised explicitly by YYERROR. |
+`---------------------------------------------------*/
+yyerrorlab:
+
+ /* Pacify compilers like GCC when the user code never invokes
+ YYERROR and the label yyerrorlab therefore never appears in user
+ code. */
+ if (/*CONSTCOND*/ 0)
+ goto yyerrorlab;
+
+ /* Do not reclaim the symbols of the rule which action triggered
+ this YYERROR. */
+ YYPOPSTACK (yylen);
+ yylen = 0;
+ YY_STACK_PRINT (yyss, yyssp);
+ yystate = *yyssp;
+ goto yyerrlab1;
+
+
+/*-------------------------------------------------------------.
+| yyerrlab1 -- common code for both syntax error and YYERROR. |
+`-------------------------------------------------------------*/
+yyerrlab1:
+ yyerrstatus = 3; /* Each real token shifted decrements this. */
+
+ for (;;)
+ {
+ yyn = yypact[yystate];
+ if (yyn != YYPACT_NINF)
+ {
+ yyn += YYTERROR;
+ if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
+ {
+ yyn = yytable[yyn];
+ if (0 < yyn)
+ break;
+ }
+ }
+
+ /* Pop the current state because it cannot handle the error token. */
+ if (yyssp == yyss)
+ YYABORT;
+
+
+ yydestruct ("Error: popping",
+ yystos[yystate], yyvsp);
+ YYPOPSTACK (1);
+ yystate = *yyssp;
+ YY_STACK_PRINT (yyss, yyssp);
+ }
+
+ if (yyn == YYFINAL)
+ YYACCEPT;
+
+ *++yyvsp = yylval;
+
+
+ /* Shift the error token. */
+ YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp);
+
+ yystate = yyn;
+ goto yynewstate;
+
+
+/*-------------------------------------.
+| yyacceptlab -- YYACCEPT comes here. |
+`-------------------------------------*/
+yyacceptlab:
+ yyresult = 0;
+ goto yyreturn;
+
+/*-----------------------------------.
+| yyabortlab -- YYABORT comes here. |
+`-----------------------------------*/
+yyabortlab:
+ yyresult = 1;
+ goto yyreturn;
+
+#ifndef yyoverflow
+/*-------------------------------------------------.
+| yyexhaustedlab -- memory exhaustion comes here. |
+`-------------------------------------------------*/
+yyexhaustedlab:
+ yyerror (YY_("memory exhausted"));
+ yyresult = 2;
+ /* Fall through. */
+#endif
+
+yyreturn:
+ if (yychar != YYEOF && yychar != YYEMPTY)
+ yydestruct ("Cleanup: discarding lookahead",
+ yytoken, &yylval);
+ /* Do not reclaim the symbols of the rule which action triggered
+ this YYABORT or YYACCEPT. */
+ YYPOPSTACK (yylen);
+ YY_STACK_PRINT (yyss, yyssp);
+ while (yyssp != yyss)
+ {
+ yydestruct ("Cleanup: popping",
+ yystos[*yyssp], yyvsp);
+ YYPOPSTACK (1);
+ }
+#ifndef yyoverflow
+ if (yyss != yyssa)
+ YYSTACK_FREE (yyss);
+#endif
+#if YYERROR_VERBOSE
+ if (yymsg != yymsgbuf)
+ YYSTACK_FREE (yymsg);
+#endif
+ /* Make sure YYID is used. */
+ return YYID (yyresult);
+}
+
+
+#line 944 "asn1parse.y"
+
+
+void
+yyerror (const char *s)
+{
+ lex_error_message ("%s\n", s);
+}
+
+static Type *
+new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype)
+{
+ Type *t;
+ if(oldtype->type == TTag && oldtype->tag.tagenv == TE_IMPLICIT) {
+ t = oldtype;
+ oldtype = oldtype->subtype; /* XXX */
+ } else
+ t = new_type (TTag);
+
+ t->tag.tagclass = tagclass;
+ t->tag.tagvalue = tagvalue;
+ t->tag.tagenv = tagenv;
+ t->subtype = oldtype;
+ return t;
+}
+
+static struct objid *
+new_objid(const char *label, int value)
+{
+ struct objid *s;
+ s = emalloc(sizeof(*s));
+ s->label = label;
+ s->value = value;
+ s->next = NULL;
+ return s;
+}
+
+static void
+add_oid_to_tail(struct objid *head, struct objid *tail)
+{
+ struct objid *o;
+ o = head;
+ while (o->next)
+ o = o->next;
+ o->next = tail;
+}
+
+static Type *
+new_type (Typetype tt)
+{
+ Type *t = ecalloc(1, sizeof(*t));
+ t->type = tt;
+ return t;
+}
+
+static struct constraint_spec *
+new_constraint_spec(enum ctype ct)
+{
+ struct constraint_spec *c = ecalloc(1, sizeof(*c));
+ c->ctype = ct;
+ return c;
+}
+
+static void fix_labels2(Type *t, const char *prefix);
+static void fix_labels1(struct memhead *members, const char *prefix)
+{
+ Member *m;
+
+ if(members == NULL)
+ return;
+ ASN1_TAILQ_FOREACH(m, members, members) {
+ if (asprintf(&m->label, "%s_%s", prefix, m->gen_name) < 0)
+ errx(1, "malloc");
+ if (m->label == NULL)
+ errx(1, "malloc");
+ if(m->type != NULL)
+ fix_labels2(m->type, m->label);
+ }
+}
+
+static void fix_labels2(Type *t, const char *prefix)
+{
+ for(; t; t = t->subtype)
+ fix_labels1(t->members, prefix);
+}
+
+static void
+fix_labels(Symbol *s)
+{
+ char *p = NULL;
+ if (asprintf(&p, "choice_%s", s->gen_name) < 0 || p == NULL)
+ errx(1, "malloc");
+ fix_labels2(s->type, p);
+ free(p);
+}
+
diff --git a/crypto/heimdal/lib/asn1/asn1parse.h b/crypto/heimdal/lib/asn1/asn1parse.h
new file mode 100644
index 000000000000..69b7d6dc1a4a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1parse.h
@@ -0,0 +1,249 @@
+/* A Bison parser, made by GNU Bison 2.3. */
+
+/* Skeleton interface for Bison's Yacc-like parsers in C
+
+ Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006
+ Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA. */
+
+/* As a special exception, you may create a larger work that contains
+ part or all of the Bison parser skeleton and distribute that work
+ under terms of your choice, so long as that work isn't itself a
+ parser generator using the skeleton or a modified version thereof
+ as a parser skeleton. Alternatively, if you modify or redistribute
+ the parser skeleton itself, you may (at your option) remove this
+ special exception, which will cause the skeleton and the resulting
+ Bison output files to be licensed under the GNU General Public
+ License without this special exception.
+
+ This special exception was added by the Free Software Foundation in
+ version 2.2 of Bison. */
+
+/* Tokens. */
+#ifndef YYTOKENTYPE
+# define YYTOKENTYPE
+ /* Put the tokens into the symbol table, so that GDB and other debuggers
+ know about them. */
+ enum yytokentype {
+ kw_ABSENT = 258,
+ kw_ABSTRACT_SYNTAX = 259,
+ kw_ALL = 260,
+ kw_APPLICATION = 261,
+ kw_AUTOMATIC = 262,
+ kw_BEGIN = 263,
+ kw_BIT = 264,
+ kw_BMPString = 265,
+ kw_BOOLEAN = 266,
+ kw_BY = 267,
+ kw_CHARACTER = 268,
+ kw_CHOICE = 269,
+ kw_CLASS = 270,
+ kw_COMPONENT = 271,
+ kw_COMPONENTS = 272,
+ kw_CONSTRAINED = 273,
+ kw_CONTAINING = 274,
+ kw_DEFAULT = 275,
+ kw_DEFINITIONS = 276,
+ kw_EMBEDDED = 277,
+ kw_ENCODED = 278,
+ kw_END = 279,
+ kw_ENUMERATED = 280,
+ kw_EXCEPT = 281,
+ kw_EXPLICIT = 282,
+ kw_EXPORTS = 283,
+ kw_EXTENSIBILITY = 284,
+ kw_EXTERNAL = 285,
+ kw_FALSE = 286,
+ kw_FROM = 287,
+ kw_GeneralString = 288,
+ kw_GeneralizedTime = 289,
+ kw_GraphicString = 290,
+ kw_IA5String = 291,
+ kw_IDENTIFIER = 292,
+ kw_IMPLICIT = 293,
+ kw_IMPLIED = 294,
+ kw_IMPORTS = 295,
+ kw_INCLUDES = 296,
+ kw_INSTANCE = 297,
+ kw_INTEGER = 298,
+ kw_INTERSECTION = 299,
+ kw_ISO646String = 300,
+ kw_MAX = 301,
+ kw_MIN = 302,
+ kw_MINUS_INFINITY = 303,
+ kw_NULL = 304,
+ kw_NumericString = 305,
+ kw_OBJECT = 306,
+ kw_OCTET = 307,
+ kw_OF = 308,
+ kw_OPTIONAL = 309,
+ kw_ObjectDescriptor = 310,
+ kw_PATTERN = 311,
+ kw_PDV = 312,
+ kw_PLUS_INFINITY = 313,
+ kw_PRESENT = 314,
+ kw_PRIVATE = 315,
+ kw_PrintableString = 316,
+ kw_REAL = 317,
+ kw_RELATIVE_OID = 318,
+ kw_SEQUENCE = 319,
+ kw_SET = 320,
+ kw_SIZE = 321,
+ kw_STRING = 322,
+ kw_SYNTAX = 323,
+ kw_T61String = 324,
+ kw_TAGS = 325,
+ kw_TRUE = 326,
+ kw_TYPE_IDENTIFIER = 327,
+ kw_TeletexString = 328,
+ kw_UNION = 329,
+ kw_UNIQUE = 330,
+ kw_UNIVERSAL = 331,
+ kw_UTCTime = 332,
+ kw_UTF8String = 333,
+ kw_UniversalString = 334,
+ kw_VideotexString = 335,
+ kw_VisibleString = 336,
+ kw_WITH = 337,
+ RANGE = 338,
+ EEQUAL = 339,
+ ELLIPSIS = 340,
+ IDENTIFIER = 341,
+ referencename = 342,
+ STRING = 343,
+ NUMBER = 344
+ };
+#endif
+/* Tokens. */
+#define kw_ABSENT 258
+#define kw_ABSTRACT_SYNTAX 259
+#define kw_ALL 260
+#define kw_APPLICATION 261
+#define kw_AUTOMATIC 262
+#define kw_BEGIN 263
+#define kw_BIT 264
+#define kw_BMPString 265
+#define kw_BOOLEAN 266
+#define kw_BY 267
+#define kw_CHARACTER 268
+#define kw_CHOICE 269
+#define kw_CLASS 270
+#define kw_COMPONENT 271
+#define kw_COMPONENTS 272
+#define kw_CONSTRAINED 273
+#define kw_CONTAINING 274
+#define kw_DEFAULT 275
+#define kw_DEFINITIONS 276
+#define kw_EMBEDDED 277
+#define kw_ENCODED 278
+#define kw_END 279
+#define kw_ENUMERATED 280
+#define kw_EXCEPT 281
+#define kw_EXPLICIT 282
+#define kw_EXPORTS 283
+#define kw_EXTENSIBILITY 284
+#define kw_EXTERNAL 285
+#define kw_FALSE 286
+#define kw_FROM 287
+#define kw_GeneralString 288
+#define kw_GeneralizedTime 289
+#define kw_GraphicString 290
+#define kw_IA5String 291
+#define kw_IDENTIFIER 292
+#define kw_IMPLICIT 293
+#define kw_IMPLIED 294
+#define kw_IMPORTS 295
+#define kw_INCLUDES 296
+#define kw_INSTANCE 297
+#define kw_INTEGER 298
+#define kw_INTERSECTION 299
+#define kw_ISO646String 300
+#define kw_MAX 301
+#define kw_MIN 302
+#define kw_MINUS_INFINITY 303
+#define kw_NULL 304
+#define kw_NumericString 305
+#define kw_OBJECT 306
+#define kw_OCTET 307
+#define kw_OF 308
+#define kw_OPTIONAL 309
+#define kw_ObjectDescriptor 310
+#define kw_PATTERN 311
+#define kw_PDV 312
+#define kw_PLUS_INFINITY 313
+#define kw_PRESENT 314
+#define kw_PRIVATE 315
+#define kw_PrintableString 316
+#define kw_REAL 317
+#define kw_RELATIVE_OID 318
+#define kw_SEQUENCE 319
+#define kw_SET 320
+#define kw_SIZE 321
+#define kw_STRING 322
+#define kw_SYNTAX 323
+#define kw_T61String 324
+#define kw_TAGS 325
+#define kw_TRUE 326
+#define kw_TYPE_IDENTIFIER 327
+#define kw_TeletexString 328
+#define kw_UNION 329
+#define kw_UNIQUE 330
+#define kw_UNIVERSAL 331
+#define kw_UTCTime 332
+#define kw_UTF8String 333
+#define kw_UniversalString 334
+#define kw_VideotexString 335
+#define kw_VisibleString 336
+#define kw_WITH 337
+#define RANGE 338
+#define EEQUAL 339
+#define ELLIPSIS 340
+#define IDENTIFIER 341
+#define referencename 342
+#define STRING 343
+#define NUMBER 344
+
+
+
+
+#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
+typedef union YYSTYPE
+#line 71 "asn1parse.y"
+{
+ int constant;
+ struct value *value;
+ struct range *range;
+ char *name;
+ Type *type;
+ Member *member;
+ struct objid *objid;
+ char *defval;
+ struct string_list *sl;
+ struct tagtype tag;
+ struct memhead *members;
+ struct constraint_spec *constraint_spec;
+}
+/* Line 1529 of yacc.c. */
+#line 242 "asn1parse.h"
+ YYSTYPE;
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
+# define YYSTYPE_IS_DECLARED 1
+# define YYSTYPE_IS_TRIVIAL 1
+#endif
+
+extern YYSTYPE yylval;
+
diff --git a/crypto/heimdal/lib/asn1/asn1parse.y b/crypto/heimdal/lib/asn1/asn1parse.y
new file mode 100644
index 000000000000..e3bea6ce0ac9
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1parse.y
@@ -0,0 +1,1037 @@
+/*
+ * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+%{
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "symbol.h"
+#include "lex.h"
+#include "gen_locl.h"
+#include "der.h"
+
+RCSID("$Id$");
+
+static Type *new_type (Typetype t);
+static struct constraint_spec *new_constraint_spec(enum ctype);
+static Type *new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype);
+void yyerror (const char *);
+static struct objid *new_objid(const char *label, int value);
+static void add_oid_to_tail(struct objid *, struct objid *);
+static void fix_labels(Symbol *s);
+
+struct string_list {
+ char *string;
+ struct string_list *next;
+};
+
+/* Declarations for Bison */
+#define YYMALLOC malloc
+#define YYFREE free
+
+%}
+
+%union {
+ int constant;
+ struct value *value;
+ struct range *range;
+ char *name;
+ Type *type;
+ Member *member;
+ struct objid *objid;
+ char *defval;
+ struct string_list *sl;
+ struct tagtype tag;
+ struct memhead *members;
+ struct constraint_spec *constraint_spec;
+}
+
+%token kw_ABSENT
+%token kw_ABSTRACT_SYNTAX
+%token kw_ALL
+%token kw_APPLICATION
+%token kw_AUTOMATIC
+%token kw_BEGIN
+%token kw_BIT
+%token kw_BMPString
+%token kw_BOOLEAN
+%token kw_BY
+%token kw_CHARACTER
+%token kw_CHOICE
+%token kw_CLASS
+%token kw_COMPONENT
+%token kw_COMPONENTS
+%token kw_CONSTRAINED
+%token kw_CONTAINING
+%token kw_DEFAULT
+%token kw_DEFINITIONS
+%token kw_EMBEDDED
+%token kw_ENCODED
+%token kw_END
+%token kw_ENUMERATED
+%token kw_EXCEPT
+%token kw_EXPLICIT
+%token kw_EXPORTS
+%token kw_EXTENSIBILITY
+%token kw_EXTERNAL
+%token kw_FALSE
+%token kw_FROM
+%token kw_GeneralString
+%token kw_GeneralizedTime
+%token kw_GraphicString
+%token kw_IA5String
+%token kw_IDENTIFIER
+%token kw_IMPLICIT
+%token kw_IMPLIED
+%token kw_IMPORTS
+%token kw_INCLUDES
+%token kw_INSTANCE
+%token kw_INTEGER
+%token kw_INTERSECTION
+%token kw_ISO646String
+%token kw_MAX
+%token kw_MIN
+%token kw_MINUS_INFINITY
+%token kw_NULL
+%token kw_NumericString
+%token kw_OBJECT
+%token kw_OCTET
+%token kw_OF
+%token kw_OPTIONAL
+%token kw_ObjectDescriptor
+%token kw_PATTERN
+%token kw_PDV
+%token kw_PLUS_INFINITY
+%token kw_PRESENT
+%token kw_PRIVATE
+%token kw_PrintableString
+%token kw_REAL
+%token kw_RELATIVE_OID
+%token kw_SEQUENCE
+%token kw_SET
+%token kw_SIZE
+%token kw_STRING
+%token kw_SYNTAX
+%token kw_T61String
+%token kw_TAGS
+%token kw_TRUE
+%token kw_TYPE_IDENTIFIER
+%token kw_TeletexString
+%token kw_UNION
+%token kw_UNIQUE
+%token kw_UNIVERSAL
+%token kw_UTCTime
+%token kw_UTF8String
+%token kw_UniversalString
+%token kw_VideotexString
+%token kw_VisibleString
+%token kw_WITH
+
+%token RANGE
+%token EEQUAL
+%token ELLIPSIS
+
+%token <name> IDENTIFIER referencename
+%token <name> STRING
+
+%token <constant> NUMBER
+%type <constant> SignedNumber
+%type <constant> Class tagenv
+
+%type <value> Value
+%type <value> BuiltinValue
+%type <value> IntegerValue
+%type <value> BooleanValue
+%type <value> ObjectIdentifierValue
+%type <value> CharacterStringValue
+%type <value> NullValue
+%type <value> DefinedValue
+%type <value> ReferencedValue
+%type <value> Valuereference
+
+%type <type> Type
+%type <type> BuiltinType
+%type <type> BitStringType
+%type <type> BooleanType
+%type <type> ChoiceType
+%type <type> ConstrainedType
+%type <type> EnumeratedType
+%type <type> IntegerType
+%type <type> NullType
+%type <type> OctetStringType
+%type <type> SequenceType
+%type <type> SequenceOfType
+%type <type> SetType
+%type <type> SetOfType
+%type <type> TaggedType
+%type <type> ReferencedType
+%type <type> DefinedType
+%type <type> UsefulType
+%type <type> ObjectIdentifierType
+%type <type> CharacterStringType
+%type <type> RestrictedCharactedStringType
+
+%type <tag> Tag
+
+%type <member> ComponentType
+%type <member> NamedBit
+%type <member> NamedNumber
+%type <member> NamedType
+%type <members> ComponentTypeList
+%type <members> Enumerations
+%type <members> NamedBitList
+%type <members> NamedNumberList
+
+%type <objid> objid objid_list objid_element objid_opt
+%type <range> range size
+
+%type <sl> referencenames
+
+%type <constraint_spec> Constraint
+%type <constraint_spec> ConstraintSpec
+%type <constraint_spec> GeneralConstraint
+%type <constraint_spec> ContentsConstraint
+%type <constraint_spec> UserDefinedConstraint
+
+
+
+%start ModuleDefinition
+
+%%
+
+ModuleDefinition: IDENTIFIER objid_opt kw_DEFINITIONS TagDefault ExtensionDefault
+ EEQUAL kw_BEGIN ModuleBody kw_END
+ {
+ checkundefined();
+ }
+ ;
+
+TagDefault : kw_EXPLICIT kw_TAGS
+ | kw_IMPLICIT kw_TAGS
+ { lex_error_message("implicit tagging is not supported"); }
+ | kw_AUTOMATIC kw_TAGS
+ { lex_error_message("automatic tagging is not supported"); }
+ | /* empty */
+ ;
+
+ExtensionDefault: kw_EXTENSIBILITY kw_IMPLIED
+ { lex_error_message("no extensibility options supported"); }
+ | /* empty */
+ ;
+
+ModuleBody : Exports Imports AssignmentList
+ | /* empty */
+ ;
+
+Imports : kw_IMPORTS SymbolsImported ';'
+ | /* empty */
+ ;
+
+SymbolsImported : SymbolsFromModuleList
+ | /* empty */
+ ;
+
+SymbolsFromModuleList: SymbolsFromModule
+ | SymbolsFromModuleList SymbolsFromModule
+ ;
+
+SymbolsFromModule: referencenames kw_FROM IDENTIFIER objid_opt
+ {
+ struct string_list *sl;
+ for(sl = $1; sl != NULL; sl = sl->next) {
+ Symbol *s = addsym(sl->string);
+ s->stype = Stype;
+ gen_template_import(s);
+ }
+ add_import($3);
+ }
+ ;
+
+Exports : kw_EXPORTS referencenames ';'
+ {
+ struct string_list *sl;
+ for(sl = $2; sl != NULL; sl = sl->next)
+ add_export(sl->string);
+ }
+ | kw_EXPORTS kw_ALL
+ | /* empty */
+ ;
+
+AssignmentList : Assignment
+ | Assignment AssignmentList
+ ;
+
+Assignment : TypeAssignment
+ | ValueAssignment
+ ;
+
+referencenames : IDENTIFIER ',' referencenames
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->string = $1;
+ $$->next = $3;
+ }
+ | IDENTIFIER
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->string = $1;
+ $$->next = NULL;
+ }
+ ;
+
+TypeAssignment : IDENTIFIER EEQUAL Type
+ {
+ Symbol *s = addsym ($1);
+ s->stype = Stype;
+ s->type = $3;
+ fix_labels(s);
+ generate_type (s);
+ }
+ ;
+
+Type : BuiltinType
+ | ReferencedType
+ | ConstrainedType
+ ;
+
+BuiltinType : BitStringType
+ | BooleanType
+ | CharacterStringType
+ | ChoiceType
+ | EnumeratedType
+ | IntegerType
+ | NullType
+ | ObjectIdentifierType
+ | OctetStringType
+ | SequenceType
+ | SequenceOfType
+ | SetType
+ | SetOfType
+ | TaggedType
+ ;
+
+BooleanType : kw_BOOLEAN
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_Boolean,
+ TE_EXPLICIT, new_type(TBoolean));
+ }
+ ;
+
+range : '(' Value RANGE Value ')'
+ {
+ if($2->type != integervalue)
+ lex_error_message("Non-integer used in first part of range");
+ if($2->type != integervalue)
+ lex_error_message("Non-integer in second part of range");
+ $$ = ecalloc(1, sizeof(*$$));
+ $$->min = $2->u.integervalue;
+ $$->max = $4->u.integervalue;
+ }
+ | '(' Value RANGE kw_MAX ')'
+ {
+ if($2->type != integervalue)
+ lex_error_message("Non-integer in first part of range");
+ $$ = ecalloc(1, sizeof(*$$));
+ $$->min = $2->u.integervalue;
+ $$->max = $2->u.integervalue - 1;
+ }
+ | '(' kw_MIN RANGE Value ')'
+ {
+ if($4->type != integervalue)
+ lex_error_message("Non-integer in second part of range");
+ $$ = ecalloc(1, sizeof(*$$));
+ $$->min = $4->u.integervalue + 2;
+ $$->max = $4->u.integervalue;
+ }
+ | '(' Value ')'
+ {
+ if($2->type != integervalue)
+ lex_error_message("Non-integer used in limit");
+ $$ = ecalloc(1, sizeof(*$$));
+ $$->min = $2->u.integervalue;
+ $$->max = $2->u.integervalue;
+ }
+ ;
+
+
+IntegerType : kw_INTEGER
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_Integer,
+ TE_EXPLICIT, new_type(TInteger));
+ }
+ | kw_INTEGER range
+ {
+ $$ = new_type(TInteger);
+ $$->range = $2;
+ $$ = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, $$);
+ }
+ | kw_INTEGER '{' NamedNumberList '}'
+ {
+ $$ = new_type(TInteger);
+ $$->members = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_Integer, TE_EXPLICIT, $$);
+ }
+ ;
+
+NamedNumberList : NamedNumber
+ {
+ $$ = emalloc(sizeof(*$$));
+ ASN1_TAILQ_INIT($$);
+ ASN1_TAILQ_INSERT_HEAD($$, $1, members);
+ }
+ | NamedNumberList ',' NamedNumber
+ {
+ ASN1_TAILQ_INSERT_TAIL($1, $3, members);
+ $$ = $1;
+ }
+ | NamedNumberList ',' ELLIPSIS
+ { $$ = $1; } /* XXX used for Enumerations */
+ ;
+
+NamedNumber : IDENTIFIER '(' SignedNumber ')'
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->name = $1;
+ $$->gen_name = estrdup($1);
+ output_name ($$->gen_name);
+ $$->val = $3;
+ $$->optional = 0;
+ $$->ellipsis = 0;
+ $$->type = NULL;
+ }
+ ;
+
+EnumeratedType : kw_ENUMERATED '{' Enumerations '}'
+ {
+ $$ = new_type(TInteger);
+ $$->members = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_Enumerated, TE_EXPLICIT, $$);
+ }
+ ;
+
+Enumerations : NamedNumberList /* XXX */
+ ;
+
+BitStringType : kw_BIT kw_STRING
+ {
+ $$ = new_type(TBitString);
+ $$->members = emalloc(sizeof(*$$->members));
+ ASN1_TAILQ_INIT($$->members);
+ $$ = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, $$);
+ }
+ | kw_BIT kw_STRING '{' NamedBitList '}'
+ {
+ $$ = new_type(TBitString);
+ $$->members = $4;
+ $$ = new_tag(ASN1_C_UNIV, UT_BitString, TE_EXPLICIT, $$);
+ }
+ ;
+
+ObjectIdentifierType: kw_OBJECT kw_IDENTIFIER
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_OID,
+ TE_EXPLICIT, new_type(TOID));
+ }
+ ;
+OctetStringType : kw_OCTET kw_STRING size
+ {
+ Type *t = new_type(TOctetString);
+ t->range = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_OctetString,
+ TE_EXPLICIT, t);
+ }
+ ;
+
+NullType : kw_NULL
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_Null,
+ TE_EXPLICIT, new_type(TNull));
+ }
+ ;
+
+size :
+ { $$ = NULL; }
+ | kw_SIZE range
+ { $$ = $2; }
+ ;
+
+
+SequenceType : kw_SEQUENCE '{' /* ComponentTypeLists */ ComponentTypeList '}'
+ {
+ $$ = new_type(TSequence);
+ $$->members = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$);
+ }
+ | kw_SEQUENCE '{' '}'
+ {
+ $$ = new_type(TSequence);
+ $$->members = NULL;
+ $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$);
+ }
+ ;
+
+SequenceOfType : kw_SEQUENCE size kw_OF Type
+ {
+ $$ = new_type(TSequenceOf);
+ $$->range = $2;
+ $$->subtype = $4;
+ $$ = new_tag(ASN1_C_UNIV, UT_Sequence, TE_EXPLICIT, $$);
+ }
+ ;
+
+SetType : kw_SET '{' /* ComponentTypeLists */ ComponentTypeList '}'
+ {
+ $$ = new_type(TSet);
+ $$->members = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$);
+ }
+ | kw_SET '{' '}'
+ {
+ $$ = new_type(TSet);
+ $$->members = NULL;
+ $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$);
+ }
+ ;
+
+SetOfType : kw_SET kw_OF Type
+ {
+ $$ = new_type(TSetOf);
+ $$->subtype = $3;
+ $$ = new_tag(ASN1_C_UNIV, UT_Set, TE_EXPLICIT, $$);
+ }
+ ;
+
+ChoiceType : kw_CHOICE '{' /* AlternativeTypeLists */ ComponentTypeList '}'
+ {
+ $$ = new_type(TChoice);
+ $$->members = $3;
+ }
+ ;
+
+ReferencedType : DefinedType
+ | UsefulType
+ ;
+
+DefinedType : IDENTIFIER
+ {
+ Symbol *s = addsym($1);
+ $$ = new_type(TType);
+ if(s->stype != Stype && s->stype != SUndefined)
+ lex_error_message ("%s is not a type\n", $1);
+ else
+ $$->symbol = s;
+ }
+ ;
+
+UsefulType : kw_GeneralizedTime
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_GeneralizedTime,
+ TE_EXPLICIT, new_type(TGeneralizedTime));
+ }
+ | kw_UTCTime
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_UTCTime,
+ TE_EXPLICIT, new_type(TUTCTime));
+ }
+ ;
+
+ConstrainedType : Type Constraint
+ {
+ /* if (Constraint.type == contentConstrant) {
+ assert(Constraint.u.constraint.type == octetstring|bitstring-w/o-NamedBitList); // remember to check type reference too
+ if (Constraint.u.constraint.type) {
+ assert((Constraint.u.constraint.type.length % 8) == 0);
+ }
+ }
+ if (Constraint.u.constraint.encoding) {
+ type == der-oid|ber-oid
+ }
+ */
+ }
+ ;
+
+
+Constraint : '(' ConstraintSpec ')'
+ {
+ $$ = $2;
+ }
+ ;
+
+ConstraintSpec : GeneralConstraint
+ ;
+
+GeneralConstraint: ContentsConstraint
+ | UserDefinedConstraint
+ ;
+
+ContentsConstraint: kw_CONTAINING Type
+ {
+ $$ = new_constraint_spec(CT_CONTENTS);
+ $$->u.content.type = $2;
+ $$->u.content.encoding = NULL;
+ }
+ | kw_ENCODED kw_BY Value
+ {
+ if ($3->type != objectidentifiervalue)
+ lex_error_message("Non-OID used in ENCODED BY constraint");
+ $$ = new_constraint_spec(CT_CONTENTS);
+ $$->u.content.type = NULL;
+ $$->u.content.encoding = $3;
+ }
+ | kw_CONTAINING Type kw_ENCODED kw_BY Value
+ {
+ if ($5->type != objectidentifiervalue)
+ lex_error_message("Non-OID used in ENCODED BY constraint");
+ $$ = new_constraint_spec(CT_CONTENTS);
+ $$->u.content.type = $2;
+ $$->u.content.encoding = $5;
+ }
+ ;
+
+UserDefinedConstraint: kw_CONSTRAINED kw_BY '{' '}'
+ {
+ $$ = new_constraint_spec(CT_USER);
+ }
+ ;
+
+TaggedType : Tag tagenv Type
+ {
+ $$ = new_type(TTag);
+ $$->tag = $1;
+ $$->tag.tagenv = $2;
+ if($3->type == TTag && $2 == TE_IMPLICIT) {
+ $$->subtype = $3->subtype;
+ free($3);
+ } else
+ $$->subtype = $3;
+ }
+ ;
+
+Tag : '[' Class NUMBER ']'
+ {
+ $$.tagclass = $2;
+ $$.tagvalue = $3;
+ $$.tagenv = TE_EXPLICIT;
+ }
+ ;
+
+Class : /* */
+ {
+ $$ = ASN1_C_CONTEXT;
+ }
+ | kw_UNIVERSAL
+ {
+ $$ = ASN1_C_UNIV;
+ }
+ | kw_APPLICATION
+ {
+ $$ = ASN1_C_APPL;
+ }
+ | kw_PRIVATE
+ {
+ $$ = ASN1_C_PRIVATE;
+ }
+ ;
+
+tagenv : /* */
+ {
+ $$ = TE_EXPLICIT;
+ }
+ | kw_EXPLICIT
+ {
+ $$ = TE_EXPLICIT;
+ }
+ | kw_IMPLICIT
+ {
+ $$ = TE_IMPLICIT;
+ }
+ ;
+
+
+ValueAssignment : IDENTIFIER Type EEQUAL Value
+ {
+ Symbol *s;
+ s = addsym ($1);
+
+ s->stype = SValue;
+ s->value = $4;
+ generate_constant (s);
+ }
+ ;
+
+CharacterStringType: RestrictedCharactedStringType
+ ;
+
+RestrictedCharactedStringType: kw_GeneralString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_GeneralString,
+ TE_EXPLICIT, new_type(TGeneralString));
+ }
+ | kw_TeletexString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_TeletexString,
+ TE_EXPLICIT, new_type(TTeletexString));
+ }
+ | kw_UTF8String
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_UTF8String,
+ TE_EXPLICIT, new_type(TUTF8String));
+ }
+ | kw_PrintableString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_PrintableString,
+ TE_EXPLICIT, new_type(TPrintableString));
+ }
+ | kw_VisibleString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_VisibleString,
+ TE_EXPLICIT, new_type(TVisibleString));
+ }
+ | kw_IA5String
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_IA5String,
+ TE_EXPLICIT, new_type(TIA5String));
+ }
+ | kw_BMPString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_BMPString,
+ TE_EXPLICIT, new_type(TBMPString));
+ }
+ | kw_UniversalString
+ {
+ $$ = new_tag(ASN1_C_UNIV, UT_UniversalString,
+ TE_EXPLICIT, new_type(TUniversalString));
+ }
+
+ ;
+
+ComponentTypeList: ComponentType
+ {
+ $$ = emalloc(sizeof(*$$));
+ ASN1_TAILQ_INIT($$);
+ ASN1_TAILQ_INSERT_HEAD($$, $1, members);
+ }
+ | ComponentTypeList ',' ComponentType
+ {
+ ASN1_TAILQ_INSERT_TAIL($1, $3, members);
+ $$ = $1;
+ }
+ | ComponentTypeList ',' ELLIPSIS
+ {
+ struct member *m = ecalloc(1, sizeof(*m));
+ m->name = estrdup("...");
+ m->gen_name = estrdup("asn1_ellipsis");
+ m->ellipsis = 1;
+ ASN1_TAILQ_INSERT_TAIL($1, m, members);
+ $$ = $1;
+ }
+ ;
+
+NamedType : IDENTIFIER Type
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->name = $1;
+ $$->gen_name = estrdup($1);
+ output_name ($$->gen_name);
+ $$->type = $2;
+ $$->ellipsis = 0;
+ }
+ ;
+
+ComponentType : NamedType
+ {
+ $$ = $1;
+ $$->optional = 0;
+ $$->defval = NULL;
+ }
+ | NamedType kw_OPTIONAL
+ {
+ $$ = $1;
+ $$->optional = 1;
+ $$->defval = NULL;
+ }
+ | NamedType kw_DEFAULT Value
+ {
+ $$ = $1;
+ $$->optional = 0;
+ $$->defval = $3;
+ }
+ ;
+
+NamedBitList : NamedBit
+ {
+ $$ = emalloc(sizeof(*$$));
+ ASN1_TAILQ_INIT($$);
+ ASN1_TAILQ_INSERT_HEAD($$, $1, members);
+ }
+ | NamedBitList ',' NamedBit
+ {
+ ASN1_TAILQ_INSERT_TAIL($1, $3, members);
+ $$ = $1;
+ }
+ ;
+
+NamedBit : IDENTIFIER '(' NUMBER ')'
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->name = $1;
+ $$->gen_name = estrdup($1);
+ output_name ($$->gen_name);
+ $$->val = $3;
+ $$->optional = 0;
+ $$->ellipsis = 0;
+ $$->type = NULL;
+ }
+ ;
+
+objid_opt : objid
+ | /* empty */ { $$ = NULL; }
+ ;
+
+objid : '{' objid_list '}'
+ {
+ $$ = $2;
+ }
+ ;
+
+objid_list : /* empty */
+ {
+ $$ = NULL;
+ }
+ | objid_element objid_list
+ {
+ if ($2) {
+ $$ = $2;
+ add_oid_to_tail($2, $1);
+ } else {
+ $$ = $1;
+ }
+ }
+ ;
+
+objid_element : IDENTIFIER '(' NUMBER ')'
+ {
+ $$ = new_objid($1, $3);
+ }
+ | IDENTIFIER
+ {
+ Symbol *s = addsym($1);
+ if(s->stype != SValue ||
+ s->value->type != objectidentifiervalue) {
+ lex_error_message("%s is not an object identifier\n",
+ s->name);
+ exit(1);
+ }
+ $$ = s->value->u.objectidentifiervalue;
+ }
+ | NUMBER
+ {
+ $$ = new_objid(NULL, $1);
+ }
+ ;
+
+Value : BuiltinValue
+ | ReferencedValue
+ ;
+
+BuiltinValue : BooleanValue
+ | CharacterStringValue
+ | IntegerValue
+ | ObjectIdentifierValue
+ | NullValue
+ ;
+
+ReferencedValue : DefinedValue
+ ;
+
+DefinedValue : Valuereference
+ ;
+
+Valuereference : IDENTIFIER
+ {
+ Symbol *s = addsym($1);
+ if(s->stype != SValue)
+ lex_error_message ("%s is not a value\n",
+ s->name);
+ else
+ $$ = s->value;
+ }
+ ;
+
+CharacterStringValue: STRING
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->type = stringvalue;
+ $$->u.stringvalue = $1;
+ }
+ ;
+
+BooleanValue : kw_TRUE
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->type = booleanvalue;
+ $$->u.booleanvalue = 0;
+ }
+ | kw_FALSE
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->type = booleanvalue;
+ $$->u.booleanvalue = 0;
+ }
+ ;
+
+IntegerValue : SignedNumber
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->type = integervalue;
+ $$->u.integervalue = $1;
+ }
+ ;
+
+SignedNumber : NUMBER
+ ;
+
+NullValue : kw_NULL
+ {
+ }
+ ;
+
+ObjectIdentifierValue: objid
+ {
+ $$ = emalloc(sizeof(*$$));
+ $$->type = objectidentifiervalue;
+ $$->u.objectidentifiervalue = $1;
+ }
+ ;
+
+%%
+
+void
+yyerror (const char *s)
+{
+ lex_error_message ("%s\n", s);
+}
+
+static Type *
+new_tag(int tagclass, int tagvalue, int tagenv, Type *oldtype)
+{
+ Type *t;
+ if(oldtype->type == TTag && oldtype->tag.tagenv == TE_IMPLICIT) {
+ t = oldtype;
+ oldtype = oldtype->subtype; /* XXX */
+ } else
+ t = new_type (TTag);
+
+ t->tag.tagclass = tagclass;
+ t->tag.tagvalue = tagvalue;
+ t->tag.tagenv = tagenv;
+ t->subtype = oldtype;
+ return t;
+}
+
+static struct objid *
+new_objid(const char *label, int value)
+{
+ struct objid *s;
+ s = emalloc(sizeof(*s));
+ s->label = label;
+ s->value = value;
+ s->next = NULL;
+ return s;
+}
+
+static void
+add_oid_to_tail(struct objid *head, struct objid *tail)
+{
+ struct objid *o;
+ o = head;
+ while (o->next)
+ o = o->next;
+ o->next = tail;
+}
+
+static Type *
+new_type (Typetype tt)
+{
+ Type *t = ecalloc(1, sizeof(*t));
+ t->type = tt;
+ return t;
+}
+
+static struct constraint_spec *
+new_constraint_spec(enum ctype ct)
+{
+ struct constraint_spec *c = ecalloc(1, sizeof(*c));
+ c->ctype = ct;
+ return c;
+}
+
+static void fix_labels2(Type *t, const char *prefix);
+static void fix_labels1(struct memhead *members, const char *prefix)
+{
+ Member *m;
+
+ if(members == NULL)
+ return;
+ ASN1_TAILQ_FOREACH(m, members, members) {
+ if (asprintf(&m->label, "%s_%s", prefix, m->gen_name) < 0)
+ errx(1, "malloc");
+ if (m->label == NULL)
+ errx(1, "malloc");
+ if(m->type != NULL)
+ fix_labels2(m->type, m->label);
+ }
+}
+
+static void fix_labels2(Type *t, const char *prefix)
+{
+ for(; t; t = t->subtype)
+ fix_labels1(t->members, prefix);
+}
+
+static void
+fix_labels(Symbol *s)
+{
+ char *p = NULL;
+ if (asprintf(&p, "choice_%s", s->gen_name) < 0 || p == NULL)
+ errx(1, "malloc");
+ fix_labels2(s->type, p);
+ free(p);
+}
diff --git a/crypto/heimdal/lib/asn1/canthandle.asn1 b/crypto/heimdal/lib/asn1/canthandle.asn1
new file mode 100644
index 000000000000..a335ee89e348
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/canthandle.asn1
@@ -0,0 +1,34 @@
+-- $Id$ --
+
+CANTHANDLE DEFINITIONS ::= BEGIN
+
+-- Code the tag [1] but not the [ CONTEXT CONS UT_Sequence ] for Kaka2
+-- Workaround: use inline the structure directly
+-- Code the tag [2] but it should be primitive since KAKA3 is
+-- Workaround: use the INTEGER type directly
+
+Kaka2 ::= SEQUENCE {
+ kaka2-1 [0] INTEGER
+}
+
+Kaka3 ::= INTEGER
+
+Foo ::= SEQUENCE {
+ kaka1 [0] IMPLICIT INTEGER OPTIONAL,
+ kaka2 [1] IMPLICIT Kaka2 OPTIONAL,
+ kaka3 [2] IMPLICIT Kaka3 OPTIONAL
+}
+
+-- Don't code kaka if it's 1
+-- Workaround is to use OPTIONAL and check for in the encoder stubs
+
+Bar ::= SEQUENCE {
+ kaka [0] INTEGER DEFAULT 1
+}
+
+-- Can't handle primitives in SET OF
+-- Workaround is to define a type that is only an integer and use that
+
+Baz ::= SET OF INTEGER
+
+END
diff --git a/crypto/heimdal/lib/asn1/check-common.c b/crypto/heimdal/lib/asn1/check-common.c
new file mode 100644
index 000000000000..ac96b91b18ea
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/check-common.c
@@ -0,0 +1,422 @@
+/*
+ * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+#include <stdio.h>
+#include <string.h>
+#include <err.h>
+#include <roken.h>
+
+#include "asn1-common.h"
+#include "check-common.h"
+
+RCSID("$Id$");
+
+struct map_page {
+ void *start;
+ size_t size;
+ void *data_start;
+ size_t data_size;
+ enum map_type type;
+};
+
+/* #undef HAVE_MMAP */
+
+void *
+map_alloc(enum map_type type, const void *buf,
+ size_t size, struct map_page **map)
+{
+#ifndef HAVE_MMAP
+ unsigned char *p;
+ size_t len = size + sizeof(long) * 2;
+ int i;
+
+ *map = ecalloc(1, sizeof(**map));
+
+ p = emalloc(len);
+ (*map)->type = type;
+ (*map)->start = p;
+ (*map)->size = len;
+ (*map)->data_start = p + sizeof(long);
+ for (i = sizeof(long); i > 0; i--)
+ p[sizeof(long) - i] = 0xff - i;
+ for (i = sizeof(long); i > 0; i--)
+ p[len - i] = 0xff - i;
+#else
+ unsigned char *p;
+ int flags, ret, fd;
+ size_t pagesize = getpagesize();
+
+ *map = ecalloc(1, sizeof(**map));
+
+ (*map)->type = type;
+
+#ifdef MAP_ANON
+ flags = MAP_ANON;
+ fd = -1;
+#else
+ flags = 0;
+ fd = open ("/dev/zero", O_RDONLY);
+ if(fd < 0)
+ err (1, "open /dev/zero");
+#endif
+ flags |= MAP_PRIVATE;
+
+ (*map)->size = size + pagesize - (size % pagesize) + pagesize * 2;
+
+ p = (unsigned char *)mmap(0, (*map)->size, PROT_READ | PROT_WRITE,
+ flags, fd, 0);
+ if (p == (unsigned char *)MAP_FAILED)
+ err (1, "mmap");
+
+ (*map)->start = p;
+
+ ret = mprotect (p, pagesize, 0);
+ if (ret < 0)
+ err (1, "mprotect");
+
+ ret = mprotect (p + (*map)->size - pagesize, pagesize, 0);
+ if (ret < 0)
+ err (1, "mprotect");
+
+ switch (type) {
+ case OVERRUN:
+ (*map)->data_start = p + (*map)->size - pagesize - size;
+ break;
+ case UNDERRUN:
+ (*map)->data_start = p + pagesize;
+ break;
+ default:
+ abort();
+ }
+#endif
+ (*map)->data_size = size;
+ if (buf)
+ memcpy((*map)->data_start, buf, size);
+ return (*map)->data_start;
+}
+
+void
+map_free(struct map_page *map, const char *test_name, const char *map_name)
+{
+#ifndef HAVE_MMAP
+ unsigned char *p = map->start;
+ int i;
+
+ for (i = sizeof(long); i > 0; i--)
+ if (p[sizeof(long) - i] != 0xff - i)
+ errx(1, "%s: %s underrun %d\n", test_name, map_name, i);
+ for (i = sizeof(long); i > 0; i--)
+ if (p[map->size - i] != 0xff - i)
+ errx(1, "%s: %s overrun %lu\n", test_name, map_name,
+ (unsigned long)map->size - i);
+ free(map->start);
+#else
+ int ret;
+
+ ret = munmap (map->start, map->size);
+ if (ret < 0)
+ err (1, "munmap");
+#endif
+ free(map);
+}
+
+static void
+print_bytes (unsigned const char *buf, size_t len)
+{
+ int i;
+
+ for (i = 0; i < len; ++i)
+ printf ("%02x ", buf[i]);
+}
+
+#ifndef MAP_FAILED
+#define MAP_FAILED (-1)
+#endif
+
+static char *current_test = "<uninit>";
+static char *current_state = "<uninit>";
+
+static RETSIGTYPE
+segv_handler(int sig)
+{
+ int fd;
+ char msg[] = "SIGSEGV i current test: ";
+
+ fd = open("/dev/stdout", O_WRONLY, 0600);
+ if (fd >= 0) {
+ write(fd, msg, sizeof(msg));
+ write(fd, current_test, strlen(current_test));
+ write(fd, " ", 1);
+ write(fd, current_state, strlen(current_state));
+ write(fd, "\n", 1);
+ close(fd);
+ }
+ _exit(1);
+}
+
+int
+generic_test (const struct test_case *tests,
+ unsigned ntests,
+ size_t data_size,
+ int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *),
+ int (ASN1CALL *length)(void *),
+ int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *),
+ int (ASN1CALL *free_data)(void *),
+ int (*cmp)(void *a, void *b),
+ int (ASN1CALL *copy)(const void *from, void *to))
+{
+ unsigned char *buf, *buf2;
+ int i;
+ int failures = 0;
+ void *data;
+ struct map_page *data_map, *buf_map, *buf2_map;
+
+#ifdef HAVE_SIGACTION
+ struct sigaction sa, osa;
+#endif
+
+ for (i = 0; i < ntests; ++i) {
+ int ret;
+ size_t sz, consumed_sz, length_sz, buf_sz;
+ void *to = NULL;
+
+ current_test = tests[i].name;
+
+ current_state = "init";
+
+#ifdef HAVE_SIGACTION
+ sigemptyset (&sa.sa_mask);
+ sa.sa_flags = 0;
+#ifdef SA_RESETHAND
+ sa.sa_flags |= SA_RESETHAND;
+#endif
+ sa.sa_handler = segv_handler;
+ sigaction (SIGSEGV, &sa, &osa);
+#endif
+
+ data = map_alloc(OVERRUN, NULL, data_size, &data_map);
+
+ buf_sz = tests[i].byte_len;
+ buf = map_alloc(UNDERRUN, NULL, buf_sz, &buf_map);
+
+ current_state = "encode";
+ ret = (*encode) (buf + buf_sz - 1, buf_sz,
+ tests[i].val, &sz);
+ if (ret != 0) {
+ printf ("encoding of %s failed %d\n", tests[i].name, ret);
+ ++failures;
+ continue;
+ }
+ if (sz != tests[i].byte_len) {
+ printf ("encoding of %s has wrong len (%lu != %lu)\n",
+ tests[i].name,
+ (unsigned long)sz, (unsigned long)tests[i].byte_len);
+ ++failures;
+ continue;
+ }
+
+ current_state = "length";
+ length_sz = (*length) (tests[i].val);
+ if (sz != length_sz) {
+ printf ("length for %s is bad (%lu != %lu)\n",
+ tests[i].name, (unsigned long)length_sz, (unsigned long)sz);
+ ++failures;
+ continue;
+ }
+
+ current_state = "memcmp";
+ if (memcmp (buf, tests[i].bytes, tests[i].byte_len) != 0) {
+ printf ("encoding of %s has bad bytes:\n"
+ "correct: ", tests[i].name);
+ print_bytes ((unsigned char *)tests[i].bytes, tests[i].byte_len);
+ printf ("\nactual: ");
+ print_bytes (buf, sz);
+ printf ("\n");
+#if 0
+ rk_dumpdata("correct", tests[i].bytes, tests[i].byte_len);
+ rk_dumpdata("actual", buf, sz);
+ exit (1);
+#endif
+ ++failures;
+ continue;
+ }
+
+ buf2 = map_alloc(OVERRUN, buf, sz, &buf2_map);
+
+ current_state = "decode";
+ ret = (*decode) (buf2, sz, data, &consumed_sz);
+ if (ret != 0) {
+ printf ("decoding of %s failed %d\n", tests[i].name, ret);
+ ++failures;
+ continue;
+ }
+ if (sz != consumed_sz) {
+ printf ("different length decoding %s (%ld != %ld)\n",
+ tests[i].name,
+ (unsigned long)sz, (unsigned long)consumed_sz);
+ ++failures;
+ continue;
+ }
+ current_state = "cmp";
+ if ((*cmp)(data, tests[i].val) != 0) {
+ printf ("%s: comparison failed\n", tests[i].name);
+ ++failures;
+ continue;
+ }
+
+ current_state = "copy";
+ if (copy) {
+ to = emalloc(data_size);
+ ret = (*copy)(data, to);
+ if (ret != 0) {
+ printf ("copy of %s failed %d\n", tests[i].name, ret);
+ ++failures;
+ continue;
+ }
+
+ current_state = "cmp-copy";
+ if ((*cmp)(data, to) != 0) {
+ printf ("%s: copy comparison failed\n", tests[i].name);
+ ++failures;
+ continue;
+ }
+ }
+
+ current_state = "free";
+ if (free_data) {
+ (*free_data)(data);
+ if (to) {
+ (*free_data)(to);
+ free(to);
+ }
+ }
+
+ current_state = "free";
+ map_free(buf_map, tests[i].name, "encode");
+ map_free(buf2_map, tests[i].name, "decode");
+ map_free(data_map, tests[i].name, "data");
+
+#ifdef HAVE_SIGACTION
+ sigaction (SIGSEGV, &osa, NULL);
+#endif
+ }
+ current_state = "done";
+ return failures;
+}
+
+/*
+ * check for failures
+ *
+ * a test size (byte_len) of -1 means that the test tries to trigger a
+ * integer overflow (and later a malloc of to little memory), just
+ * allocate some memory and hope that is enough for that test.
+ */
+
+int
+generic_decode_fail (const struct test_case *tests,
+ unsigned ntests,
+ size_t data_size,
+ int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *))
+{
+ unsigned char *buf;
+ int i;
+ int failures = 0;
+ void *data;
+ struct map_page *data_map, *buf_map;
+
+#ifdef HAVE_SIGACTION
+ struct sigaction sa, osa;
+#endif
+
+ for (i = 0; i < ntests; ++i) {
+ int ret;
+ size_t sz;
+ const void *bytes;
+
+ current_test = tests[i].name;
+
+ current_state = "init";
+
+#ifdef HAVE_SIGACTION
+ sigemptyset (&sa.sa_mask);
+ sa.sa_flags = 0;
+#ifdef SA_RESETHAND
+ sa.sa_flags |= SA_RESETHAND;
+#endif
+ sa.sa_handler = segv_handler;
+ sigaction (SIGSEGV, &sa, &osa);
+#endif
+
+ data = map_alloc(OVERRUN, NULL, data_size, &data_map);
+
+ if (tests[i].byte_len < 0xffffff && tests[i].byte_len >= 0) {
+ sz = tests[i].byte_len;
+ bytes = tests[i].bytes;
+ } else {
+ sz = 4096;
+ bytes = NULL;
+ }
+
+ buf = map_alloc(OVERRUN, bytes, sz, &buf_map);
+
+ if (tests[i].byte_len == -1)
+ memset(buf, 0, sz);
+
+ current_state = "decode";
+ ret = (*decode) (buf, tests[i].byte_len, data, &sz);
+ if (ret == 0) {
+ printf ("sucessfully decoded %s\n", tests[i].name);
+ ++failures;
+ continue;
+ }
+
+ current_state = "free";
+ if (buf)
+ map_free(buf_map, tests[i].name, "encode");
+ map_free(data_map, tests[i].name, "data");
+
+#ifdef HAVE_SIGACTION
+ sigaction (SIGSEGV, &osa, NULL);
+#endif
+ }
+ current_state = "done";
+ return failures;
+}
diff --git a/crypto/heimdal/lib/asn1/check-common.h b/crypto/heimdal/lib/asn1/check-common.h
new file mode 100644
index 000000000000..9ecbdbc35ded
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/check-common.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+struct test_case {
+ void *val;
+ int byte_len;
+ const char *bytes;
+ char *name;
+};
+
+typedef int (ASN1CALL *generic_encode)(unsigned char *, size_t, void *, size_t *);
+typedef int (ASN1CALL *generic_length)(void *);
+typedef int (ASN1CALL *generic_decode)(unsigned char *, size_t, void *, size_t *);
+typedef int (ASN1CALL *generic_free)(void *);
+typedef int (ASN1CALL *generic_copy)(const void *, void *);
+
+int
+generic_test (const struct test_case *tests,
+ unsigned ntests,
+ size_t data_size,
+ int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *),
+ int (ASN1CALL *length)(void *),
+ int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *),
+ int (ASN1CALL *free_data)(void *),
+ int (*cmp)(void *a, void *b),
+ int (ASN1CALL *copy)(const void *a, void *b));
+
+int
+generic_decode_fail(const struct test_case *tests,
+ unsigned ntests,
+ size_t data_size,
+ int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *));
+
+
+struct map_page;
+
+enum map_type { OVERRUN, UNDERRUN };
+
+struct map_page;
+
+void * map_alloc(enum map_type, const void *, size_t, struct map_page **);
+void map_free(struct map_page *, const char *, const char *);
diff --git a/crypto/heimdal/lib/asn1/check-der.c b/crypto/heimdal/lib/asn1/check-der.c
new file mode 100644
index 000000000000..fa80a425410f
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/check-der.c
@@ -0,0 +1,1115 @@
+/*
+ * Copyright (c) 1999 - 2007 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <err.h>
+#include <roken.h>
+
+#include <asn1-common.h>
+#include <asn1_err.h>
+#include <der.h>
+
+#include "check-common.h"
+
+RCSID("$Id$");
+
+static int
+cmp_integer (void *a, void *b)
+{
+ int *ia = (int *)a;
+ int *ib = (int *)b;
+
+ return *ib - *ia;
+}
+
+static int
+test_integer (void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00"},
+ {NULL, 1, "\x7f"},
+ {NULL, 2, "\x00\x80"},
+ {NULL, 2, "\x01\x00"},
+ {NULL, 1, "\x80"},
+ {NULL, 2, "\xff\x7f"},
+ {NULL, 1, "\xff"},
+ {NULL, 2, "\xff\x01"},
+ {NULL, 2, "\x00\xff"},
+ {NULL, 4, "\x7f\xff\xff\xff"}
+ };
+
+ int values[] = {0, 127, 128, 256, -128, -129, -1, -255, 255,
+ 0x7fffffff};
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "integer %d", values[i]) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(int),
+ (generic_encode)der_put_integer,
+ (generic_length) der_length_integer,
+ (generic_decode)der_get_integer,
+ (generic_free)NULL,
+ cmp_integer,
+ NULL);
+
+ for (i = 0; i < ntests; ++i)
+ free (tests[i].name);
+ return ret;
+}
+
+static int
+test_one_int(int val)
+{
+ int ret, dval;
+ unsigned char *buf;
+ size_t len_len, len;
+
+ len = _heim_len_int(val);
+
+ buf = emalloc(len + 2);
+
+ buf[0] = '\xff';
+ buf[len + 1] = '\xff';
+ memset(buf + 1, 0, len);
+
+ ret = der_put_integer(buf + 1 + len - 1, len, &val, &len_len);
+ if (ret) {
+ printf("integer %d encode failed %d\n", val, ret);
+ return 1;
+ }
+ if (len != len_len) {
+ printf("integer %d encode fail with %d len %lu, result len %lu\n",
+ val, ret, (unsigned long)len, (unsigned long)len_len);
+ return 1;
+ }
+
+ ret = der_get_integer(buf + 1, len, &dval, &len_len);
+ if (ret) {
+ printf("integer %d decode failed %d\n", val, ret);
+ return 1;
+ }
+ if (len != len_len) {
+ printf("integer %d decoded diffrent len %lu != %lu",
+ val, (unsigned long)len, (unsigned long)len_len);
+ return 1;
+ }
+ if (val != dval) {
+ printf("decode decoded to diffrent value %d != %d",
+ val, dval);
+ return 1;
+ }
+
+ if (buf[0] != (unsigned char)'\xff') {
+ printf("precanary dead %d\n", val);
+ return 1;
+ }
+ if (buf[len + 1] != (unsigned char)'\xff') {
+ printf("postecanary dead %d\n", val);
+ return 1;
+ }
+ free(buf);
+ return 0;
+}
+
+static int
+test_integer_more (void)
+{
+ int i, n1, n2, n3, n4, n5, n6;
+
+ n2 = 0;
+ for (i = 0; i < (sizeof(int) * 8); i++) {
+ n1 = 0x01 << i;
+ n2 = n2 | n1;
+ n3 = ~n1;
+ n4 = ~n2;
+ n5 = (-1) & ~(0x3f << i);
+ n6 = (-1) & ~(0x7f << i);
+
+ test_one_int(n1);
+ test_one_int(n2);
+ test_one_int(n3);
+ test_one_int(n4);
+ test_one_int(n5);
+ test_one_int(n6);
+ }
+ return 0;
+}
+
+static int
+cmp_unsigned (void *a, void *b)
+{
+ return *(unsigned int*)b - *(unsigned int*)a;
+}
+
+static int
+test_unsigned (void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00"},
+ {NULL, 1, "\x7f"},
+ {NULL, 2, "\x00\x80"},
+ {NULL, 2, "\x01\x00"},
+ {NULL, 2, "\x02\x00"},
+ {NULL, 3, "\x00\x80\x00"},
+ {NULL, 5, "\x00\x80\x00\x00\x00"},
+ {NULL, 4, "\x7f\xff\xff\xff"}
+ };
+
+ unsigned int values[] = {0, 127, 128, 256, 512, 32768,
+ 0x80000000, 0x7fffffff};
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "unsigned %u", values[i]) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(int),
+ (generic_encode)der_put_unsigned,
+ (generic_length)der_length_unsigned,
+ (generic_decode)der_get_unsigned,
+ (generic_free)NULL,
+ cmp_unsigned,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free (tests[i].name);
+ return ret;
+}
+
+static int
+cmp_octet_string (void *a, void *b)
+{
+ heim_octet_string *oa = (heim_octet_string *)a;
+ heim_octet_string *ob = (heim_octet_string *)b;
+
+ if (oa->length != ob->length)
+ return ob->length - oa->length;
+
+ return (memcmp (oa->data, ob->data, oa->length));
+}
+
+static int
+test_octet_string (void)
+{
+ heim_octet_string s1 = {8, "\x01\x23\x45\x67\x89\xab\xcd\xef"};
+
+ struct test_case tests[] = {
+ {NULL, 8, "\x01\x23\x45\x67\x89\xab\xcd\xef"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+ int ret;
+
+ tests[0].val = &s1;
+ if (asprintf (&tests[0].name, "a octet string") < 0)
+ errx(1, "malloc");
+ if (tests[0].name == NULL)
+ errx(1, "malloc");
+
+ ret = generic_test (tests, ntests, sizeof(heim_octet_string),
+ (generic_encode)der_put_octet_string,
+ (generic_length)der_length_octet_string,
+ (generic_decode)der_get_octet_string,
+ (generic_free)der_free_octet_string,
+ cmp_octet_string,
+ NULL);
+ free(tests[0].name);
+ return ret;
+}
+
+static int
+cmp_bmp_string (void *a, void *b)
+{
+ heim_bmp_string *oa = (heim_bmp_string *)a;
+ heim_bmp_string *ob = (heim_bmp_string *)b;
+
+ return der_heim_bmp_string_cmp(oa, ob);
+}
+
+static uint16_t bmp_d1[] = { 32 };
+static uint16_t bmp_d2[] = { 32, 32 };
+
+static int
+test_bmp_string (void)
+{
+ heim_bmp_string s1 = { 1, bmp_d1 };
+ heim_bmp_string s2 = { 2, bmp_d2 };
+
+ struct test_case tests[] = {
+ {NULL, 2, "\x00\x20"},
+ {NULL, 4, "\x00\x20\x00\x20"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+ int ret;
+
+ tests[0].val = &s1;
+ if (asprintf (&tests[0].name, "a bmp string") < 0)
+ errx(1, "malloc");
+ if (tests[0].name == NULL)
+ errx(1, "malloc");
+ tests[1].val = &s2;
+ if (asprintf (&tests[1].name, "second bmp string") < 0)
+ errx(1, "malloc");
+ if (tests[1].name == NULL)
+ errx(1, "malloc");
+
+ ret = generic_test (tests, ntests, sizeof(heim_bmp_string),
+ (generic_encode)der_put_bmp_string,
+ (generic_length)der_length_bmp_string,
+ (generic_decode)der_get_bmp_string,
+ (generic_free)der_free_bmp_string,
+ cmp_bmp_string,
+ NULL);
+ free(tests[0].name);
+ free(tests[1].name);
+ return ret;
+}
+
+static int
+cmp_universal_string (void *a, void *b)
+{
+ heim_universal_string *oa = (heim_universal_string *)a;
+ heim_universal_string *ob = (heim_universal_string *)b;
+
+ return der_heim_universal_string_cmp(oa, ob);
+}
+
+static uint32_t universal_d1[] = { 32 };
+static uint32_t universal_d2[] = { 32, 32 };
+
+static int
+test_universal_string (void)
+{
+ heim_universal_string s1 = { 1, universal_d1 };
+ heim_universal_string s2 = { 2, universal_d2 };
+
+ struct test_case tests[] = {
+ {NULL, 4, "\x00\x00\x00\x20"},
+ {NULL, 8, "\x00\x00\x00\x20\x00\x00\x00\x20"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+ int ret;
+
+ tests[0].val = &s1;
+ if (asprintf (&tests[0].name, "a universal string") < 0)
+ errx(1, "malloc");
+ if (tests[0].name == NULL)
+ errx(1, "malloc");
+ tests[1].val = &s2;
+ if (asprintf (&tests[1].name, "second universal string") < 0)
+ errx(1, "malloc");
+ if (tests[1].name == NULL)
+ errx(1, "malloc");
+
+ ret = generic_test (tests, ntests, sizeof(heim_universal_string),
+ (generic_encode)der_put_universal_string,
+ (generic_length)der_length_universal_string,
+ (generic_decode)der_get_universal_string,
+ (generic_free)der_free_universal_string,
+ cmp_universal_string,
+ NULL);
+ free(tests[0].name);
+ free(tests[1].name);
+ return ret;
+}
+
+static int
+cmp_general_string (void *a, void *b)
+{
+ char **sa = (char **)a;
+ char **sb = (char **)b;
+
+ return strcmp (*sa, *sb);
+}
+
+static int
+test_general_string (void)
+{
+ char *s1 = "Test User 1";
+
+ struct test_case tests[] = {
+ {NULL, 11, "\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31"}
+ };
+ int ret, ntests = sizeof(tests) / sizeof(*tests);
+
+ tests[0].val = &s1;
+ if (asprintf (&tests[0].name, "the string \"%s\"", s1) < 0)
+ errx(1, "malloc");
+ if (tests[0].name == NULL)
+ errx(1, "malloc");
+
+ ret = generic_test (tests, ntests, sizeof(unsigned char *),
+ (generic_encode)der_put_general_string,
+ (generic_length)der_length_general_string,
+ (generic_decode)der_get_general_string,
+ (generic_free)der_free_general_string,
+ cmp_general_string,
+ NULL);
+ free(tests[0].name);
+ return ret;
+}
+
+static int
+cmp_generalized_time (void *a, void *b)
+{
+ time_t *ta = (time_t *)a;
+ time_t *tb = (time_t *)b;
+
+ return *tb - *ta;
+}
+
+static int
+test_generalized_time (void)
+{
+ struct test_case tests[] = {
+ {NULL, 15, "19700101000000Z"},
+ {NULL, 15, "19851106210627Z"}
+ };
+ time_t values[] = {0, 500159187};
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "time %d", (int)values[i]) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(time_t),
+ (generic_encode)der_put_generalized_time,
+ (generic_length)der_length_generalized_time,
+ (generic_decode)der_get_generalized_time,
+ (generic_free)NULL,
+ cmp_generalized_time,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free(tests[i].name);
+ return ret;
+}
+
+static int
+test_cmp_oid (void *a, void *b)
+{
+ return der_heim_oid_cmp((heim_oid *)a, (heim_oid *)b);
+}
+
+static unsigned oid_comp1[] = { 1, 1, 1 };
+static unsigned oid_comp2[] = { 1, 1 };
+static unsigned oid_comp3[] = { 6, 15, 1 };
+static unsigned oid_comp4[] = { 6, 15 };
+
+static int
+test_oid (void)
+{
+ struct test_case tests[] = {
+ {NULL, 2, "\x29\x01"},
+ {NULL, 1, "\x29"},
+ {NULL, 2, "\xff\x01"},
+ {NULL, 1, "\xff"}
+ };
+ heim_oid values[] = {
+ { 3, oid_comp1 },
+ { 2, oid_comp2 },
+ { 3, oid_comp3 },
+ { 2, oid_comp4 }
+ };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "oid %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(heim_oid),
+ (generic_encode)der_put_oid,
+ (generic_length)der_length_oid,
+ (generic_decode)der_get_oid,
+ (generic_free)der_free_oid,
+ test_cmp_oid,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free(tests[i].name);
+ return ret;
+}
+
+static int
+test_cmp_bit_string (void *a, void *b)
+{
+ return der_heim_bit_string_cmp((heim_bit_string *)a, (heim_bit_string *)b);
+}
+
+static int
+test_bit_string (void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00"}
+ };
+ heim_bit_string values[] = {
+ { 0, "" }
+ };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "bit_string %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(heim_bit_string),
+ (generic_encode)der_put_bit_string,
+ (generic_length)der_length_bit_string,
+ (generic_decode)der_get_bit_string,
+ (generic_free)der_free_bit_string,
+ test_cmp_bit_string,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free(tests[i].name);
+ return ret;
+}
+
+static int
+test_cmp_heim_integer (void *a, void *b)
+{
+ return der_heim_integer_cmp((heim_integer *)a, (heim_integer *)b);
+}
+
+static int
+test_heim_integer (void)
+{
+ struct test_case tests[] = {
+ {NULL, 2, "\xfe\x01"},
+ {NULL, 2, "\xef\x01"},
+ {NULL, 3, "\xff\x00\xff"},
+ {NULL, 3, "\xff\x01\x00"},
+ {NULL, 1, "\x00"},
+ {NULL, 1, "\x01"},
+ {NULL, 2, "\x00\x80"}
+ };
+
+ heim_integer values[] = {
+ { 2, "\x01\xff", 1 },
+ { 2, "\x10\xff", 1 },
+ { 2, "\xff\x01", 1 },
+ { 2, "\xff\x00", 1 },
+ { 0, "", 0 },
+ { 1, "\x01", 0 },
+ { 1, "\x80", 0 }
+ };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(tests[0]);
+ size_t size;
+ heim_integer i2;
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "heim_integer %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(heim_integer),
+ (generic_encode)der_put_heim_integer,
+ (generic_length)der_length_heim_integer,
+ (generic_decode)der_get_heim_integer,
+ (generic_free)der_free_heim_integer,
+ test_cmp_heim_integer,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free (tests[i].name);
+ if (ret)
+ return ret;
+
+ /* test zero length integer (BER format) */
+ ret = der_get_heim_integer(NULL, 0, &i2, &size);
+ if (ret)
+ errx(1, "der_get_heim_integer");
+ if (i2.length != 0)
+ errx(1, "der_get_heim_integer wrong length");
+ der_free_heim_integer(&i2);
+
+ return 0;
+}
+
+static int
+test_cmp_boolean (void *a, void *b)
+{
+ return !!*(int *)a != !!*(int *)b;
+}
+
+static int
+test_boolean (void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\xff"},
+ {NULL, 1, "\x00"}
+ };
+
+ int values[] = { 1, 0 };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(tests[0]);
+ size_t size;
+ heim_integer i2;
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "heim_boolean %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(int),
+ (generic_encode)der_put_boolean,
+ (generic_length)der_length_boolean,
+ (generic_decode)der_get_boolean,
+ (generic_free)NULL,
+ test_cmp_boolean,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free (tests[i].name);
+ if (ret)
+ return ret;
+
+ /* test zero length integer (BER format) */
+ ret = der_get_heim_integer(NULL, 0, &i2, &size);
+ if (ret)
+ errx(1, "der_get_heim_integer");
+ if (i2.length != 0)
+ errx(1, "der_get_heim_integer wrong length");
+ der_free_heim_integer(&i2);
+
+ return 0;
+}
+
+static int
+check_fail_unsigned(void)
+{
+ struct test_case tests[] = {
+ {NULL, sizeof(unsigned) + 1,
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01", "data overrun" }
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(unsigned),
+ (generic_decode)der_get_unsigned);
+}
+
+static int
+check_fail_integer(void)
+{
+ struct test_case tests[] = {
+ {NULL, sizeof(int) + 1,
+ "\x01\x01\x01\x01\x01\x01\x01\x01\x01", "data overrun" }
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(int),
+ (generic_decode)der_get_integer);
+}
+
+static int
+check_fail_length(void)
+{
+ struct test_case tests[] = {
+ {NULL, 0, "", "empty input data"},
+ {NULL, 1, "\x82", "internal length overrun" }
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(size_t),
+ (generic_decode)der_get_length);
+}
+
+static int
+check_fail_boolean(void)
+{
+ struct test_case tests[] = {
+ {NULL, 0, "", "empty input data"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(int),
+ (generic_decode)der_get_boolean);
+}
+
+static int
+check_fail_general_string(void)
+{
+ struct test_case tests[] = {
+ { NULL, 3, "A\x00i", "NUL char in string"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_general_string),
+ (generic_decode)der_get_general_string);
+}
+
+static int
+check_fail_bmp_string(void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00", "odd (1) length bmpstring"},
+ {NULL, 3, "\x00\x00\x00", "odd (3) length bmpstring"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_bmp_string),
+ (generic_decode)der_get_bmp_string);
+}
+
+static int
+check_fail_universal_string(void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00", "x & 3 == 1 universal string"},
+ {NULL, 2, "\x00\x00", "x & 3 == 2 universal string"},
+ {NULL, 3, "\x00\x00\x00", "x & 3 == 3 universal string"},
+ {NULL, 5, "\x00\x00\x00\x00\x00", "x & 3 == 1 universal string"},
+ {NULL, 6, "\x00\x00\x00\x00\x00\x00", "x & 3 == 2 universal string"},
+ {NULL, 7, "\x00\x00\x00\x00\x00\x00\x00", "x & 3 == 3 universal string"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_universal_string),
+ (generic_decode)der_get_universal_string);
+}
+
+static int
+check_fail_heim_integer(void)
+{
+#if 0
+ struct test_case tests[] = {
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_integer),
+ (generic_decode)der_get_heim_integer);
+#else
+ return 0;
+#endif
+}
+
+static int
+check_fail_generalized_time(void)
+{
+ struct test_case tests[] = {
+ {NULL, 1, "\x00", "no time"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(time_t),
+ (generic_decode)der_get_generalized_time);
+}
+
+static int
+check_fail_oid(void)
+{
+ struct test_case tests[] = {
+ {NULL, 0, "", "empty input data"},
+ {NULL, 2, "\x00\x80", "last byte continuation" },
+ {NULL, 11, "\x00\x81\x80\x80\x80\x80\x80\x80\x80\x80\x00",
+ "oid element overflow" }
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_oid),
+ (generic_decode)der_get_oid);
+}
+
+static int
+check_fail_bitstring(void)
+{
+ struct test_case tests[] = {
+ {NULL, 0, "", "empty input data"},
+ {NULL, 1, "\x08", "larger then 8 bits trailer"},
+ {NULL, 1, "\x01", "to few bytes for bits"},
+ {NULL, -2, "\x00", "length overrun"},
+ {NULL, -1, "", "length to short"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(heim_bit_string),
+ (generic_decode)der_get_bit_string);
+}
+
+static int
+check_heim_integer_same(const char *p, const char *norm_p, heim_integer *i)
+{
+ heim_integer i2;
+ char *str;
+ int ret;
+
+ ret = der_print_hex_heim_integer(i, &str);
+ if (ret)
+ errx(1, "der_print_hex_heim_integer: %d", ret);
+
+ if (strcmp(str, norm_p) != 0)
+ errx(1, "der_print_hex_heim_integer: %s != %s", str, p);
+
+ ret = der_parse_hex_heim_integer(str, &i2);
+ if (ret)
+ errx(1, "der_parse_hex_heim_integer: %d", ret);
+
+ if (der_heim_integer_cmp(i, &i2) != 0)
+ errx(1, "der_heim_integer_cmp: p %s", p);
+
+ der_free_heim_integer(&i2);
+ free(str);
+
+ ret = der_parse_hex_heim_integer(p, &i2);
+ if (ret)
+ errx(1, "der_parse_hex_heim_integer: %d", ret);
+
+ if (der_heim_integer_cmp(i, &i2) != 0)
+ errx(1, "der_heim_integer_cmp: norm");
+
+ der_free_heim_integer(&i2);
+
+ return 0;
+}
+
+static int
+test_heim_int_format(void)
+{
+ heim_integer i = { 1, "\x10", 0 };
+ heim_integer i2 = { 1, "\x10", 1 };
+ heim_integer i3 = { 1, "\01", 0 };
+ char *p =
+ "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
+ "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
+ "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
+ "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
+ "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
+ "FFFFFFFF" "FFFFFFFF";
+ heim_integer bni = {
+ 128,
+ "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xC9\x0F\xDA\xA2"
+ "\x21\x68\xC2\x34\xC4\xC6\x62\x8B\x80\xDC\x1C\xD1"
+ "\x29\x02\x4E\x08\x8A\x67\xCC\x74\x02\x0B\xBE\xA6"
+ "\x3B\x13\x9B\x22\x51\x4A\x08\x79\x8E\x34\x04\xDD"
+ "\xEF\x95\x19\xB3\xCD\x3A\x43\x1B\x30\x2B\x0A\x6D"
+ "\xF2\x5F\x14\x37\x4F\xE1\x35\x6D\x6D\x51\xC2\x45"
+ "\xE4\x85\xB5\x76\x62\x5E\x7E\xC6\xF4\x4C\x42\xE9"
+ "\xA6\x37\xED\x6B\x0B\xFF\x5C\xB6\xF4\x06\xB7\xED"
+ "\xEE\x38\x6B\xFB\x5A\x89\x9F\xA5\xAE\x9F\x24\x11"
+ "\x7C\x4B\x1F\xE6\x49\x28\x66\x51\xEC\xE6\x53\x81"
+ "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF",
+ 0
+ };
+ heim_integer f;
+ int ret = 0;
+
+ ret += check_heim_integer_same(p, p, &bni);
+ ret += check_heim_integer_same("10", "10", &i);
+ ret += check_heim_integer_same("00000010", "10", &i);
+ ret += check_heim_integer_same("-10", "-10", &i2);
+ ret += check_heim_integer_same("-00000010", "-10", &i2);
+ ret += check_heim_integer_same("01", "01", &i3);
+ ret += check_heim_integer_same("1", "01", &i3);
+
+ {
+ int r;
+ r = der_parse_hex_heim_integer("-", &f);
+ if (r == 0) {
+ der_free_heim_integer(&f);
+ ret++;
+ }
+ /* used to cause UMR */
+ r = der_parse_hex_heim_integer("00", &f);
+ if (r == 0)
+ der_free_heim_integer(&f);
+ else
+ ret++;
+ }
+
+ return ret;
+}
+
+static int
+test_heim_oid_format_same(const char *str, const heim_oid *oid)
+{
+ int ret;
+ char *p;
+ heim_oid o2;
+
+ ret = der_print_heim_oid(oid, ' ', &p);
+ if (ret) {
+ printf("fail to print oid: %s\n", str);
+ return 1;
+ }
+ ret = strcmp(p, str);
+ if (ret) {
+ printf("oid %s != formated oid %s\n", str, p);
+ free(p);
+ return ret;
+ }
+
+ ret = der_parse_heim_oid(p, " ", &o2);
+ if (ret) {
+ printf("failed to parse %s\n", p);
+ free(p);
+ return ret;
+ }
+ free(p);
+ ret = der_heim_oid_cmp(&o2, oid);
+ der_free_oid(&o2);
+
+ return ret;
+}
+
+static unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 };
+
+static int
+test_heim_oid_format(void)
+{
+ heim_oid sha1 = { 6, sha1_oid_tree };
+ int ret = 0;
+
+ ret += test_heim_oid_format_same("1 3 14 3 2 26", &sha1);
+
+ return ret;
+}
+
+static int
+check_trailing_nul(void)
+{
+ int i, ret;
+ struct {
+ int fail;
+ const unsigned char *p;
+ size_t len;
+ const char *s;
+ size_t size;
+ } foo[] = {
+ { 1, (const unsigned char *)"foo\x00o", 5, NULL, 0 },
+ { 1, (const unsigned char *)"\x00o", 2, NULL, 0 },
+ { 0, (const unsigned char *)"\x00\x00\x00\x00\x00", 5, "", 5 },
+ { 0, (const unsigned char *)"\x00", 1, "", 1 },
+ { 0, (const unsigned char *)"", 0, "", 0 },
+ { 0, (const unsigned char *)"foo\x00\x00", 5, "foo", 5 },
+ { 0, (const unsigned char *)"foo\0", 4, "foo", 4 },
+ { 0, (const unsigned char *)"foo", 3, "foo", 3 }
+ };
+
+ for (i = 0; i < sizeof(foo)/sizeof(foo[0]); i++) {
+ char *s;
+ size_t size;
+ ret = der_get_general_string(foo[i].p, foo[i].len, &s, &size);
+ if (foo[i].fail) {
+ if (ret == 0)
+ errx(1, "check %d NULL didn't fail", i);
+ continue;
+ }
+ if (ret)
+ errx(1, "NULL check %d der_get_general_string failed", i);
+ if (foo[i].size != size)
+ errx(1, "NUL check i = %d size failed", i);
+ if (strcmp(foo[i].s, s) != 0)
+ errx(1, "NUL check i = %d content failed", i);
+ free(s);
+ }
+ return 0;
+}
+
+static int
+test_misc_cmp(void)
+{
+ int ret;
+
+ /* diffrent lengths are diffrent */
+ {
+ const heim_octet_string os1 = { 1, "a" } , os2 = { 0, NULL };
+ ret = der_heim_octet_string_cmp(&os1, &os2);
+ if (ret == 0)
+ return 1;
+ }
+ /* diffrent data are diffrent */
+ {
+ const heim_octet_string os1 = { 1, "a" } , os2 = { 1, "b" };
+ ret = der_heim_octet_string_cmp(&os1, &os2);
+ if (ret == 0)
+ return 1;
+ }
+ /* diffrent lengths are diffrent */
+ {
+ const heim_bit_string bs1 = { 8, "a" } , bs2 = { 7, "a" };
+ ret = der_heim_bit_string_cmp(&bs1, &bs2);
+ if (ret == 0)
+ return 1;
+ }
+ /* diffrent data are diffrent */
+ {
+ const heim_bit_string bs1 = { 7, "\x0f" } , bs2 = { 7, "\x02" };
+ ret = der_heim_bit_string_cmp(&bs1, &bs2);
+ if (ret == 0)
+ return 1;
+ }
+ /* diffrent lengths are diffrent */
+ {
+ uint16_t data = 1;
+ heim_bmp_string bs1 = { 1, NULL } , bs2 = { 0, NULL };
+ bs1.data = &data;
+ ret = der_heim_bmp_string_cmp(&bs1, &bs2);
+ if (ret == 0)
+ return 1;
+ }
+ /* diffrent lengths are diffrent */
+ {
+ uint32_t data;
+ heim_universal_string us1 = { 1, NULL } , us2 = { 0, NULL };
+ us1.data = &data;
+ ret = der_heim_universal_string_cmp(&us1, &us2);
+ if (ret == 0)
+ return 1;
+ }
+ /* same */
+ {
+ uint32_t data = (uint32_t)'a';
+ heim_universal_string us1 = { 1, NULL } , us2 = { 1, NULL };
+ us1.data = &data;
+ us2.data = &data;
+ ret = der_heim_universal_string_cmp(&us1, &us2);
+ if (ret != 0)
+ return 1;
+ }
+
+ return 0;
+}
+
+static int
+corner_generalized_time(void)
+{
+ const char *str = "760520140000Z";
+ size_t size;
+ time_t t;
+ int ret;
+
+ ret = der_get_generalized_time((const unsigned char*)str, strlen(str),
+ &t, &size);
+ if (ret)
+ return 1;
+ return 0;
+}
+
+static int
+corner_tag(void)
+{
+ struct {
+ int ok;
+ const char *ptr;
+ size_t len;
+ } tests[] = {
+ { 1, "\x00", 1 },
+ { 0, "\xff", 1 },
+ { 0, "\xff\xff\xff\xff\xff\xff\xff\xff", 8 }
+ };
+ int i, ret;
+ Der_class cl;
+ Der_type ty;
+ unsigned int tag;
+ size_t size;
+
+ for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
+ ret = der_get_tag((const unsigned char*)tests[i].ptr,
+ tests[i].len, &cl, &ty, &tag, &size);
+ if (ret) {
+ if (tests[i].ok)
+ errx(1, "failed while shouldn't");
+ } else {
+ if (!tests[i].ok)
+ errx(1, "passed while shouldn't");
+ }
+ }
+ return 0;
+}
+
+int
+main(int argc, char **argv)
+{
+ int ret = 0;
+
+ ret += test_integer ();
+ ret += test_integer_more();
+ ret += test_unsigned ();
+ ret += test_octet_string ();
+ ret += test_bmp_string ();
+ ret += test_universal_string ();
+ ret += test_general_string ();
+ ret += test_generalized_time ();
+ ret += test_oid ();
+ ret += test_bit_string();
+ ret += test_heim_integer();
+ ret += test_boolean();
+
+ ret += check_fail_unsigned();
+ ret += check_fail_integer();
+ ret += check_fail_length();
+ ret += check_fail_boolean();
+ ret += check_fail_general_string();
+ ret += check_fail_bmp_string();
+ ret += check_fail_universal_string();
+ ret += check_fail_heim_integer();
+ ret += check_fail_generalized_time();
+ ret += check_fail_oid();
+ ret += check_fail_bitstring();
+ ret += test_heim_int_format();
+ ret += test_heim_oid_format();
+ ret += check_trailing_nul();
+ ret += test_misc_cmp();
+ ret += corner_generalized_time();
+ ret += corner_tag();
+
+ return ret;
+}
diff --git a/crypto/heimdal/lib/asn1/check-gen.c b/crypto/heimdal/lib/asn1/check-gen.c
new file mode 100644
index 000000000000..e686f166cfa0
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/check-gen.c
@@ -0,0 +1,1311 @@
+/*
+ * Copyright (c) 1999 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <string.h>
+#include <err.h>
+#include <roken.h>
+
+#include <asn1-common.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <krb5_asn1.h>
+#include <heim_asn1.h>
+#include <rfc2459_asn1.h>
+#include <test_asn1.h>
+
+#include "check-common.h"
+
+RCSID("$Id$");
+
+static char *lha_principal[] = { "lha" };
+static char *lharoot_princ[] = { "lha", "root" };
+static char *datan_princ[] = { "host", "nutcracker.e.kth.se" };
+static char *nada_tgt_principal[] = { "krbtgt", "NADA.KTH.SE" };
+
+
+#define IF_OPT_COMPARE(ac,bc,e) \
+ if (((ac)->e == NULL && (bc)->e != NULL) || (((ac)->e != NULL && (bc)->e == NULL))) return 1; if ((ab)->e)
+#define COMPARE_OPT_STRING(ac,bc,e) \
+ do { if (strcmp(*(ac)->e, *(bc)->e) != 0) return 1; } while(0)
+#define COMPARE_OPT_OCTECT_STRING(ac,bc,e) \
+ do { if ((ac)->e->length != (bc)->e->length || memcmp((ac)->e->data, (bc)->e->data, (ac)->e->length) != 0) return 1; } while(0)
+#define COMPARE_STRING(ac,bc,e) \
+ do { if (strcmp((ac)->e, (bc)->e) != 0) return 1; } while(0)
+#define COMPARE_INTEGER(ac,bc,e) \
+ do { if ((ac)->e != (bc)->e) return 1; } while(0)
+#define COMPARE_OPT_INTEGER(ac,bc,e) \
+ do { if (*(ac)->e != *(bc)->e) return 1; } while(0)
+#define COMPARE_MEM(ac,bc,e,len) \
+ do { if (memcmp((ac)->e, (bc)->e,len) != 0) return 1; } while(0)
+
+static int
+cmp_principal (void *a, void *b)
+{
+ Principal *pa = a;
+ Principal *pb = b;
+ int i;
+
+ COMPARE_STRING(pa,pb,realm);
+ COMPARE_INTEGER(pa,pb,name.name_type);
+ COMPARE_INTEGER(pa,pb,name.name_string.len);
+
+ for (i = 0; i < pa->name.name_string.len; i++)
+ COMPARE_STRING(pa,pb,name.name_string.val[i]);
+
+ return 0;
+}
+
+static int
+test_principal (void)
+{
+
+ struct test_case tests[] = {
+ { NULL, 29,
+ "\x30\x1b\xa0\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b"
+ "\x03\x6c\x68\x61\xa1\x07\x1b\x05\x53\x55\x2e\x53\x45"
+ },
+ { NULL, 35,
+ "\x30\x21\xa0\x16\x30\x14\xa0\x03\x02\x01\x01\xa1\x0d\x30\x0b\x1b"
+ "\x03\x6c\x68\x61\x1b\x04\x72\x6f\x6f\x74\xa1\x07\x1b\x05\x53\x55"
+ "\x2e\x53\x45"
+ },
+ { NULL, 54,
+ "\x30\x34\xa0\x26\x30\x24\xa0\x03\x02\x01\x03\xa1\x1d\x30\x1b\x1b"
+ "\x04\x68\x6f\x73\x74\x1b\x13\x6e\x75\x74\x63\x72\x61\x63\x6b\x65"
+ "\x72\x2e\x65\x2e\x6b\x74\x68\x2e\x73\x65\xa1\x0a\x1b\x08\x45\x2e"
+ "\x4b\x54\x48\x2e\x53\x45"
+ }
+ };
+
+
+ Principal values[] = {
+ { { KRB5_NT_PRINCIPAL, { 1, lha_principal } }, "SU.SE" },
+ { { KRB5_NT_PRINCIPAL, { 2, lharoot_princ } }, "SU.SE" },
+ { { KRB5_NT_SRV_HST, { 2, datan_princ } }, "E.KTH.SE" }
+ };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "Principal %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(Principal),
+ (generic_encode)encode_Principal,
+ (generic_length)length_Principal,
+ (generic_decode)decode_Principal,
+ (generic_free)free_Principal,
+ cmp_principal,
+ NULL);
+ for (i = 0; i < ntests; ++i)
+ free (tests[i].name);
+
+ return ret;
+}
+
+static int
+cmp_authenticator (void *a, void *b)
+{
+ Authenticator *aa = a;
+ Authenticator *ab = b;
+ int i;
+
+ COMPARE_INTEGER(aa,ab,authenticator_vno);
+ COMPARE_STRING(aa,ab,crealm);
+
+ COMPARE_INTEGER(aa,ab,cname.name_type);
+ COMPARE_INTEGER(aa,ab,cname.name_string.len);
+
+ for (i = 0; i < aa->cname.name_string.len; i++)
+ COMPARE_STRING(aa,ab,cname.name_string.val[i]);
+
+ return 0;
+}
+
+static int
+test_authenticator (void)
+{
+ struct test_case tests[] = {
+ { NULL, 63,
+ "\x62\x3d\x30\x3b\xa0\x03\x02\x01\x05\xa1\x0a\x1b\x08"
+ "\x45\x2e\x4b\x54\x48\x2e\x53\x45\xa2\x10\x30\x0e\xa0"
+ "\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61"
+ "\xa4\x03\x02\x01\x0a\xa5\x11\x18\x0f\x31\x39\x37\x30"
+ "\x30\x31\x30\x31\x30\x30\x30\x31\x33\x39\x5a"
+ },
+ { NULL, 67,
+ "\x62\x41\x30\x3f\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05"
+ "\x53\x55\x2e\x53\x45\xa2\x16\x30\x14\xa0\x03\x02\x01"
+ "\x01\xa1\x0d\x30\x0b\x1b\x03\x6c\x68\x61\x1b\x04\x72"
+ "\x6f\x6f\x74\xa4\x04\x02\x02\x01\x24\xa5\x11\x18\x0f"
+ "\x31\x39\x37\x30\x30\x31\x30\x31\x30\x30\x31\x36\x33"
+ "\x39\x5a"
+ }
+ };
+
+ Authenticator values[] = {
+ { 5, "E.KTH.SE", { KRB5_NT_PRINCIPAL, { 1, lha_principal } },
+ NULL, 10, 99, NULL, NULL, NULL },
+ { 5, "SU.SE", { KRB5_NT_PRINCIPAL, { 2, lharoot_princ } },
+ NULL, 292, 999, NULL, NULL, NULL }
+ };
+ int i, ret;
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ for (i = 0; i < ntests; ++i) {
+ tests[i].val = &values[i];
+ if (asprintf (&tests[i].name, "Authenticator %d", i) < 0)
+ errx(1, "malloc");
+ if (tests[i].name == NULL)
+ errx(1, "malloc");
+ }
+
+ ret = generic_test (tests, ntests, sizeof(Authenticator),
+ (generic_encode)encode_Authenticator,
+ (generic_length)length_Authenticator,
+ (generic_decode)decode_Authenticator,
+ (generic_free)free_Authenticator,
+ cmp_authenticator,
+ (generic_copy)copy_Authenticator);
+ for (i = 0; i < ntests; ++i)
+ free(tests[i].name);
+
+ return ret;
+}
+
+static int
+cmp_KRB_ERROR (void *a, void *b)
+{
+ KRB_ERROR *aa = a;
+ KRB_ERROR *ab = b;
+ int i;
+
+ COMPARE_INTEGER(aa,ab,pvno);
+ COMPARE_INTEGER(aa,ab,msg_type);
+
+ IF_OPT_COMPARE(aa,ab,ctime) {
+ COMPARE_INTEGER(aa,ab,ctime);
+ }
+ IF_OPT_COMPARE(aa,ab,cusec) {
+ COMPARE_INTEGER(aa,ab,cusec);
+ }
+ COMPARE_INTEGER(aa,ab,stime);
+ COMPARE_INTEGER(aa,ab,susec);
+ COMPARE_INTEGER(aa,ab,error_code);
+
+ IF_OPT_COMPARE(aa,ab,crealm) {
+ COMPARE_OPT_STRING(aa,ab,crealm);
+ }
+#if 0
+ IF_OPT_COMPARE(aa,ab,cname) {
+ COMPARE_OPT_STRING(aa,ab,cname);
+ }
+#endif
+ COMPARE_STRING(aa,ab,realm);
+
+ COMPARE_INTEGER(aa,ab,sname.name_string.len);
+ for (i = 0; i < aa->sname.name_string.len; i++)
+ COMPARE_STRING(aa,ab,sname.name_string.val[i]);
+
+ IF_OPT_COMPARE(aa,ab,e_text) {
+ COMPARE_OPT_STRING(aa,ab,e_text);
+ }
+ IF_OPT_COMPARE(aa,ab,e_data) {
+ /* COMPARE_OPT_OCTECT_STRING(aa,ab,e_data); */
+ }
+
+ return 0;
+}
+
+static int
+test_krb_error (void)
+{
+ struct test_case tests[] = {
+ { NULL, 127,
+ "\x7e\x7d\x30\x7b\xa0\x03\x02\x01\x05\xa1\x03\x02\x01\x1e\xa4\x11"
+ "\x18\x0f\x32\x30\x30\x33\x31\x31\x32\x34\x30\x30\x31\x31\x31\x39"
+ "\x5a\xa5\x05\x02\x03\x04\xed\xa5\xa6\x03\x02\x01\x1f\xa7\x0d\x1b"
+ "\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45\xa8\x10\x30\x0e"
+ "\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b\x03\x6c\x68\x61\xa9\x0d"
+ "\x1b\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45\xaa\x20\x30"
+ "\x1e\xa0\x03\x02\x01\x01\xa1\x17\x30\x15\x1b\x06\x6b\x72\x62\x74"
+ "\x67\x74\x1b\x0b\x4e\x41\x44\x41\x2e\x4b\x54\x48\x2e\x53\x45",
+ "KRB-ERROR Test 1"
+ }
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+ KRB_ERROR e1;
+ PrincipalName lhaprincipalname = { 1, { 1, lha_principal } };
+ PrincipalName tgtprincipalname = { 1, { 2, nada_tgt_principal } };
+ char *realm = "NADA.KTH.SE";
+
+ e1.pvno = 5;
+ e1.msg_type = 30;
+ e1.ctime = NULL;
+ e1.cusec = NULL;
+ e1.stime = 1069632679;
+ e1.susec = 322981;
+ e1.error_code = 31;
+ e1.crealm = &realm;
+ e1.cname = &lhaprincipalname;
+ e1.realm = "NADA.KTH.SE";
+ e1.sname = tgtprincipalname;
+ e1.e_text = NULL;
+ e1.e_data = NULL;
+
+ tests[0].val = &e1;
+
+ return generic_test (tests, ntests, sizeof(KRB_ERROR),
+ (generic_encode)encode_KRB_ERROR,
+ (generic_length)length_KRB_ERROR,
+ (generic_decode)decode_KRB_ERROR,
+ (generic_free)free_KRB_ERROR,
+ cmp_KRB_ERROR,
+ (generic_copy)copy_KRB_ERROR);
+}
+
+static int
+cmp_Name (void *a, void *b)
+{
+ Name *aa = a;
+ Name *ab = b;
+
+ COMPARE_INTEGER(aa,ab,element);
+
+ return 0;
+}
+
+static int
+test_Name (void)
+{
+ struct test_case tests[] = {
+ { NULL, 35,
+ "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76"
+ "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48"
+ "\x4f\x4c\x4d",
+ "Name CN=Love+L=STOCKHOLM"
+ },
+ { NULL, 35,
+ "\x30\x21\x31\x1f\x30\x0b\x06\x03\x55\x04\x03\x13\x04\x4c\x6f\x76"
+ "\x65\x30\x10\x06\x03\x55\x04\x07\x13\x09\x53\x54\x4f\x43\x4b\x48"
+ "\x4f\x4c\x4d",
+ "Name L=STOCKHOLM+CN=Love"
+ }
+ };
+
+ int ntests = sizeof(tests) / sizeof(*tests);
+ Name n1, n2;
+ RelativeDistinguishedName rdn1[1];
+ RelativeDistinguishedName rdn2[1];
+ AttributeTypeAndValue atv1[2];
+ AttributeTypeAndValue atv2[2];
+ unsigned cmp_CN[] = { 2, 5, 4, 3 };
+ unsigned cmp_L[] = { 2, 5, 4, 7 };
+
+ /* n1 */
+ n1.element = choice_Name_rdnSequence;
+ n1.u.rdnSequence.val = rdn1;
+ n1.u.rdnSequence.len = sizeof(rdn1)/sizeof(rdn1[0]);
+ rdn1[0].val = atv1;
+ rdn1[0].len = sizeof(atv1)/sizeof(atv1[0]);
+
+ atv1[0].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]);
+ atv1[0].type.components = cmp_CN;
+ atv1[0].value.element = choice_DirectoryString_printableString;
+ atv1[0].value.u.printableString.data = "Love";
+ atv1[0].value.u.printableString.length = 4;
+
+ atv1[1].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]);
+ atv1[1].type.components = cmp_L;
+ atv1[1].value.element = choice_DirectoryString_printableString;
+ atv1[1].value.u.printableString.data = "STOCKHOLM";
+ atv1[1].value.u.printableString.length = 9;
+
+ /* n2 */
+ n2.element = choice_Name_rdnSequence;
+ n2.u.rdnSequence.val = rdn2;
+ n2.u.rdnSequence.len = sizeof(rdn2)/sizeof(rdn2[0]);
+ rdn2[0].val = atv2;
+ rdn2[0].len = sizeof(atv2)/sizeof(atv2[0]);
+
+ atv2[0].type.length = sizeof(cmp_L)/sizeof(cmp_L[0]);
+ atv2[0].type.components = cmp_L;
+ atv2[0].value.element = choice_DirectoryString_printableString;
+ atv2[0].value.u.printableString.data = "STOCKHOLM";
+ atv2[0].value.u.printableString.length = 9;
+
+ atv2[1].type.length = sizeof(cmp_CN)/sizeof(cmp_CN[0]);
+ atv2[1].type.components = cmp_CN;
+ atv2[1].value.element = choice_DirectoryString_printableString;
+ atv2[1].value.u.printableString.data = "Love";
+ atv2[1].value.u.printableString.length = 4;
+
+ /* */
+ tests[0].val = &n1;
+ tests[1].val = &n2;
+
+ return generic_test (tests, ntests, sizeof(Name),
+ (generic_encode)encode_Name,
+ (generic_length)length_Name,
+ (generic_decode)decode_Name,
+ (generic_free)free_Name,
+ cmp_Name,
+ (generic_copy)copy_Name);
+}
+
+static int
+cmp_KeyUsage (void *a, void *b)
+{
+ KeyUsage *aa = a;
+ KeyUsage *ab = b;
+
+ return KeyUsage2int(*aa) != KeyUsage2int(*ab);
+}
+
+static int
+test_bit_string (void)
+{
+ struct test_case tests[] = {
+ { NULL, 4,
+ "\x03\x02\x07\x80",
+ "bitstring 1"
+ },
+ { NULL, 4,
+ "\x03\x02\x05\xa0",
+ "bitstring 2"
+ },
+ { NULL, 5,
+ "\x03\x03\x07\x00\x80",
+ "bitstring 3"
+ },
+ { NULL, 3,
+ "\x03\x01\x00",
+ "bitstring 4"
+ }
+ };
+
+ int ntests = sizeof(tests) / sizeof(*tests);
+ KeyUsage ku1, ku2, ku3, ku4;
+
+ memset(&ku1, 0, sizeof(ku1));
+ ku1.digitalSignature = 1;
+ tests[0].val = &ku1;
+
+ memset(&ku2, 0, sizeof(ku2));
+ ku2.digitalSignature = 1;
+ ku2.keyEncipherment = 1;
+ tests[1].val = &ku2;
+
+ memset(&ku3, 0, sizeof(ku3));
+ ku3.decipherOnly = 1;
+ tests[2].val = &ku3;
+
+ memset(&ku4, 0, sizeof(ku4));
+ tests[3].val = &ku4;
+
+
+ return generic_test (tests, ntests, sizeof(KeyUsage),
+ (generic_encode)encode_KeyUsage,
+ (generic_length)length_KeyUsage,
+ (generic_decode)decode_KeyUsage,
+ (generic_free)free_KeyUsage,
+ cmp_KeyUsage,
+ (generic_copy)copy_KeyUsage);
+}
+
+static int
+cmp_TicketFlags (void *a, void *b)
+{
+ TicketFlags *aa = a;
+ TicketFlags *ab = b;
+
+ return TicketFlags2int(*aa) != TicketFlags2int(*ab);
+}
+
+static int
+test_bit_string_rfc1510 (void)
+{
+ struct test_case tests[] = {
+ { NULL, 7,
+ "\x03\x05\x00\x80\x00\x00\x00",
+ "TF bitstring 1"
+ },
+ { NULL, 7,
+ "\x03\x05\x00\x40\x20\x00\x00",
+ "TF bitstring 2"
+ },
+ { NULL, 7,
+ "\x03\x05\x00\x00\x20\x00\x00",
+ "TF bitstring 3"
+ },
+ { NULL, 7,
+ "\x03\x05\x00\x00\x00\x00\x00",
+ "TF bitstring 4"
+ }
+ };
+
+ int ntests = sizeof(tests) / sizeof(*tests);
+ TicketFlags tf1, tf2, tf3, tf4;
+
+ memset(&tf1, 0, sizeof(tf1));
+ tf1.reserved = 1;
+ tests[0].val = &tf1;
+
+ memset(&tf2, 0, sizeof(tf2));
+ tf2.forwardable = 1;
+ tf2.pre_authent = 1;
+ tests[1].val = &tf2;
+
+ memset(&tf3, 0, sizeof(tf3));
+ tf3.pre_authent = 1;
+ tests[2].val = &tf3;
+
+ memset(&tf4, 0, sizeof(tf4));
+ tests[3].val = &tf4;
+
+
+ return generic_test (tests, ntests, sizeof(TicketFlags),
+ (generic_encode)encode_TicketFlags,
+ (generic_length)length_TicketFlags,
+ (generic_decode)decode_TicketFlags,
+ (generic_free)free_TicketFlags,
+ cmp_TicketFlags,
+ (generic_copy)copy_TicketFlags);
+}
+
+static int
+cmp_KerberosTime (void *a, void *b)
+{
+ KerberosTime *aa = a;
+ KerberosTime *ab = b;
+
+ return *aa != *ab;
+}
+
+static int
+test_time (void)
+{
+ struct test_case tests[] = {
+ { NULL, 17,
+ "\x18\x0f\x31\x39\x37\x30\x30\x31\x30\x31\x30\x31\x31\x38\x33\x31"
+ "\x5a",
+ "time 1" },
+ { NULL, 17,
+ "\x18\x0f\x32\x30\x30\x39\x30\x35\x32\x34\x30\x32\x30\x32\x34\x30"
+ "\x5a"
+ "time 2" }
+ };
+
+ int ntests = sizeof(tests) / sizeof(*tests);
+ KerberosTime times[] = {
+ 4711,
+ 1243130560
+ };
+
+ tests[0].val = &times[0];
+ tests[1].val = &times[1];
+
+ return generic_test (tests, ntests, sizeof(KerberosTime),
+ (generic_encode)encode_KerberosTime,
+ (generic_length)length_KerberosTime,
+ (generic_decode)decode_KerberosTime,
+ (generic_free)free_KerberosTime,
+ cmp_KerberosTime,
+ (generic_copy)copy_KerberosTime);
+}
+
+struct {
+ const char *cert;
+ size_t len;
+} certs[] = {
+ {
+ "\x30\x82\x02\x6c\x30\x82\x01\xd5\xa0\x03\x02\x01\x02\x02\x09\x00"
+ "\x99\x32\xde\x61\x0e\x40\x19\x8a\x30\x0d\x06\x09\x2a\x86\x48\x86"
+ "\xf7\x0d\x01\x01\x05\x05\x00\x30\x2a\x31\x1b\x30\x19\x06\x03\x55"
+ "\x04\x03\x0c\x12\x68\x78\x35\x30\x39\x20\x54\x65\x73\x74\x20\x52"
+ "\x6f\x6f\x74\x20\x43\x41\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13"
+ "\x02\x53\x45\x30\x1e\x17\x0d\x30\x39\x30\x34\x32\x36\x32\x30\x32"
+ "\x39\x34\x30\x5a\x17\x0d\x31\x39\x30\x34\x32\x34\x32\x30\x32\x39"
+ "\x34\x30\x5a\x30\x2a\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x0c\x12"
+ "\x68\x78\x35\x30\x39\x20\x54\x65\x73\x74\x20\x52\x6f\x6f\x74\x20"
+ "\x43\x41\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x30"
+ "\x81\x9f\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05"
+ "\x00\x03\x81\x8d\x00\x30\x81\x89\x02\x81\x81\x00\xb9\xd3\x1b\x67"
+ "\x1c\xf7\x5e\x26\x81\x3b\x82\xff\x03\xa4\x43\xb5\xb2\x63\x0b\x89"
+ "\x58\x43\xfe\x3d\xe0\x38\x7d\x93\x74\xbb\xad\x21\xa4\x29\xd9\x34"
+ "\x79\xf3\x1c\x8c\x5a\xd6\xb0\xd7\x19\xea\xcc\xaf\xe0\xa8\x40\x02"
+ "\x1d\x91\xf1\xac\x36\xb0\xfb\x08\xbd\xcc\x9a\xe1\xb7\x6e\xee\x0a"
+ "\x69\xbf\x6d\x2b\xee\x20\x82\x61\x06\xf2\x18\xcc\x89\x11\x64\x7e"
+ "\xb2\xff\x47\xd1\x3b\x52\x73\xeb\x5a\xc0\x03\xa6\x4b\xc7\x40\x7e"
+ "\xbc\xe1\x0e\x65\x44\x3f\x40\x8b\x02\x82\x54\x04\xd9\xcc\x2c\x67"
+ "\x01\xb6\x16\x82\xd8\x33\x53\x17\xd7\xde\x8d\x5d\x02\x03\x01\x00"
+ "\x01\xa3\x81\x99\x30\x81\x96\x30\x1d\x06\x03\x55\x1d\x0e\x04\x16"
+ "\x04\x14\x6e\x48\x13\xdc\xbf\x8b\x95\x4c\x13\xf3\x1f\x97\x30\xdd"
+ "\x27\x96\x59\x9b\x0e\x68\x30\x5a\x06\x03\x55\x1d\x23\x04\x53\x30"
+ "\x51\x80\x14\x6e\x48\x13\xdc\xbf\x8b\x95\x4c\x13\xf3\x1f\x97\x30"
+ "\xdd\x27\x96\x59\x9b\x0e\x68\xa1\x2e\xa4\x2c\x30\x2a\x31\x1b\x30"
+ "\x19\x06\x03\x55\x04\x03\x0c\x12\x68\x78\x35\x30\x39\x20\x54\x65"
+ "\x73\x74\x20\x52\x6f\x6f\x74\x20\x43\x41\x31\x0b\x30\x09\x06\x03"
+ "\x55\x04\x06\x13\x02\x53\x45\x82\x09\x00\x99\x32\xde\x61\x0e\x40"
+ "\x19\x8a\x30\x0c\x06\x03\x55\x1d\x13\x04\x05\x30\x03\x01\x01\xff"
+ "\x30\x0b\x06\x03\x55\x1d\x0f\x04\x04\x03\x02\x01\xe6\x30\x0d\x06"
+ "\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x81\x81\x00"
+ "\x52\x9b\xe4\x0e\xee\xc2\x5d\xb7\xf1\xba\x47\xe3\xfe\xaf\x3d\x51"
+ "\x10\xfd\xe8\x0d\x14\x58\x05\x36\xa7\xeb\xd8\x05\xe5\x27\x6f\x51"
+ "\xb8\xec\x90\xd9\x03\xe1\xbc\x9c\x93\x38\x21\x5c\xaf\x4e\x6c\x7b"
+ "\x6c\x65\xa9\x92\xcd\x94\xef\xa8\xae\x90\x12\x14\x78\x2d\xa3\x15"
+ "\xaa\x42\xf1\xd9\x44\x64\x2c\x3c\xc0\xbd\x3a\x48\xd8\x80\x45\x8b"
+ "\xd1\x79\x82\xe0\x0f\xdf\x08\x3c\x60\x21\x6f\x31\x47\x98\xae\x2f"
+ "\xcb\xb1\xa1\xb9\xc1\xa3\x71\x5e\x4a\xc2\x67\xdf\x66\x0a\x51\xb5"
+ "\xad\x60\x05\xdb\x02\xd4\x1a\xd2\xb9\x4e\x01\x08\x2b\xc3\x57\xaf",
+ 624 },
+ {
+ "\x30\x82\x02\x54\x30\x82\x01\xbd\xa0\x03\x02\x01\x02\x02\x01\x08"
+ "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30"
+ "\x2a\x31\x1b\x30\x19\x06\x03\x55\x04\x03\x0c\x12\x68\x78\x35\x30"
+ "\x39\x20\x54\x65\x73\x74\x20\x52\x6f\x6f\x74\x20\x43\x41\x31\x0b"
+ "\x30\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x30\x1e\x17\x0d\x30"
+ "\x39\x30\x34\x32\x36\x32\x30\x32\x39\x34\x30\x5a\x17\x0d\x31\x39"
+ "\x30\x34\x32\x34\x32\x30\x32\x39\x34\x30\x5a\x30\x1b\x31\x0b\x30"
+ "\x09\x06\x03\x55\x04\x06\x13\x02\x53\x45\x31\x0c\x30\x0a\x06\x03"
+ "\x55\x04\x03\x0c\x03\x6b\x64\x63\x30\x81\x9f\x30\x0d\x06\x09\x2a"
+ "\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x81\x8d\x00\x30\x81"
+ "\x89\x02\x81\x81\x00\xd2\x41\x7a\xf8\x4b\x55\xb2\xaf\x11\xf9\x43"
+ "\x9b\x43\x81\x09\x3b\x9a\x94\xcf\x00\xf4\x85\x75\x92\xd7\x2a\xa5"
+ "\x11\xf1\xa8\x50\x6e\xc6\x84\x74\x24\x17\xda\x84\xc8\x03\x37\xb2"
+ "\x20\xf3\xba\xb5\x59\x36\x21\x4d\xab\x70\xe2\xc3\x09\x93\x68\x14"
+ "\x12\x79\xc5\xbb\x9e\x1b\x4a\xf0\xc6\x24\x59\x25\xc3\x1c\xa8\x70"
+ "\x66\x5b\x3e\x41\x8e\xe3\x25\x71\x9a\x94\xa0\x5b\x46\x91\x6f\xdd"
+ "\x58\x14\xec\x89\xe5\x8c\x96\xc5\x38\x60\xe4\xab\xf2\x75\xee\x6e"
+ "\x62\xfc\xe1\xbd\x03\x47\xff\xc4\xbe\x0f\xca\x70\x73\xe3\x74\x58"
+ "\x3a\x2f\x04\x2d\x39\x02\x03\x01\x00\x01\xa3\x81\x98\x30\x81\x95"
+ "\x30\x09\x06\x03\x55\x1d\x13\x04\x02\x30\x00\x30\x0b\x06\x03\x55"
+ "\x1d\x0f\x04\x04\x03\x02\x05\xe0\x30\x12\x06\x03\x55\x1d\x25\x04"
+ "\x0b\x30\x09\x06\x07\x2b\x06\x01\x05\x02\x03\x05\x30\x1d\x06\x03"
+ "\x55\x1d\x0e\x04\x16\x04\x14\x3a\xd3\x73\xff\xab\xdb\x7d\x8d\xc6"
+ "\x3a\xa2\x26\x3e\xae\x78\x95\x80\xc9\xe6\x31\x30\x48\x06\x03\x55"
+ "\x1d\x11\x04\x41\x30\x3f\xa0\x3d\x06\x06\x2b\x06\x01\x05\x02\x02"
+ "\xa0\x33\x30\x31\xa0\x0d\x1b\x0b\x54\x45\x53\x54\x2e\x48\x35\x4c"
+ "\x2e\x53\x45\xa1\x20\x30\x1e\xa0\x03\x02\x01\x01\xa1\x17\x30\x15"
+ "\x1b\x06\x6b\x72\x62\x74\x67\x74\x1b\x0b\x54\x45\x53\x54\x2e\x48"
+ "\x35\x4c\x2e\x53\x45\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01"
+ "\x01\x05\x05\x00\x03\x81\x81\x00\x83\xf4\x14\xa7\x6e\x59\xff\x80"
+ "\x64\xe7\xfa\xcf\x13\x80\x86\xe1\xed\x02\x38\xad\x96\x72\x25\xe5"
+ "\x06\x7a\x9a\xbc\x24\x74\xa9\x75\x55\xb2\x49\x80\x69\x45\x95\x4a"
+ "\x4c\x76\xa9\xe3\x4e\x49\xd3\xc2\x69\x5a\x95\x03\xeb\xba\x72\x23"
+ "\x9c\xfd\x3d\x8b\xc6\x07\x82\x3b\xf4\xf3\xef\x6c\x2e\x9e\x0b\xac"
+ "\x9e\x6c\xbb\x37\x4a\xa1\x9e\x73\xd1\xdc\x97\x61\xba\xfc\xd3\x49"
+ "\xa6\xc2\x4c\x55\x2e\x06\x37\x76\xb5\xef\x57\xe7\x57\x58\x8a\x71"
+ "\x63\xf3\xeb\xe7\x55\x68\x0d\xf6\x46\x4c\xfb\xf9\x43\xbb\x0c\x92"
+ "\x4f\x4e\x22\x7b\x63\xe8\x4f\x9c",
+ 600
+ }
+};
+
+static int
+test_cert(void)
+{
+ Certificate c, c2;
+ size_t size;
+ size_t i;
+ int ret;
+
+ for (i = 0; i < sizeof(certs)/sizeof(certs[0]); i++) {
+
+ ret = decode_Certificate((unsigned char *)certs[i].cert,
+ certs[i].len, &c, &size);
+ if (ret)
+ return ret;
+
+ ret = copy_Certificate(&c, &c2);
+ free_Certificate(&c);
+ if (ret)
+ return ret;
+
+ free_Certificate(&c2);
+ }
+
+ return 0;
+}
+
+
+static int
+cmp_TESTLargeTag (void *a, void *b)
+{
+ TESTLargeTag *aa = a;
+ TESTLargeTag *ab = b;
+
+ COMPARE_INTEGER(aa,ab,foo);
+ COMPARE_INTEGER(aa,ab,bar);
+ return 0;
+}
+
+static int
+test_large_tag (void)
+{
+ struct test_case tests[] = {
+ { NULL, 15, "\x30\x0d\xbf\x7f\x03\x02\x01\x01\xbf\x81\x00\x03\x02\x01\x02", "large tag 1" }
+ };
+
+ int ntests = sizeof(tests) / sizeof(*tests);
+ TESTLargeTag lt1;
+
+ memset(&lt1, 0, sizeof(lt1));
+ lt1.foo = 1;
+ lt1.bar = 2;
+
+ tests[0].val = &lt1;
+
+ return generic_test (tests, ntests, sizeof(TESTLargeTag),
+ (generic_encode)encode_TESTLargeTag,
+ (generic_length)length_TESTLargeTag,
+ (generic_decode)decode_TESTLargeTag,
+ (generic_free)free_TESTLargeTag,
+ cmp_TESTLargeTag,
+ (generic_copy)copy_TESTLargeTag);
+}
+
+struct test_data {
+ int ok;
+ size_t len;
+ size_t expected_len;
+ void *data;
+};
+
+static int
+check_tag_length(void)
+{
+ struct test_data td[] = {
+ { 1, 3, 3, "\x02\x01\x00"},
+ { 1, 3, 3, "\x02\x01\x7f"},
+ { 1, 4, 4, "\x02\x02\x00\x80"},
+ { 1, 4, 4, "\x02\x02\x01\x00"},
+ { 1, 4, 4, "\x02\x02\x02\x00"},
+ { 0, 3, 0, "\x02\x02\x00"},
+ { 0, 3, 0, "\x02\x7f\x7f"},
+ { 0, 4, 0, "\x02\x03\x00\x80"},
+ { 0, 4, 0, "\x02\x7f\x01\x00"},
+ { 0, 5, 0, "\x02\xff\x7f\x02\x00"}
+ };
+ size_t sz;
+ TESTuint32 values[] = {0, 127, 128, 256, 512,
+ 0, 127, 128, 256, 512 };
+ TESTuint32 u;
+ int i, ret, failed = 0;
+ void *buf;
+
+ for (i = 0; i < sizeof(td)/sizeof(td[0]); i++) {
+ struct map_page *page;
+
+ buf = map_alloc(OVERRUN, td[i].data, td[i].len, &page);
+
+ ret = decode_TESTuint32(buf, td[i].len, &u, &sz);
+ if (ret) {
+ if (td[i].ok) {
+ printf("failed with tag len test %d\n", i);
+ failed = 1;
+ }
+ } else {
+ if (td[i].ok == 0) {
+ printf("failed with success for tag len test %d\n", i);
+ failed = 1;
+ }
+ if (td[i].expected_len != sz) {
+ printf("wrong expected size for tag test %d\n", i);
+ failed = 1;
+ }
+ if (values[i] != u) {
+ printf("wrong value for tag test %d\n", i);
+ failed = 1;
+ }
+ }
+ map_free(page, "test", "decode");
+ }
+ return failed;
+}
+
+static int
+cmp_TESTChoice (void *a, void *b)
+{
+ return 0;
+}
+
+static int
+test_choice (void)
+{
+ struct test_case tests[] = {
+ { NULL, 5, "\xa1\x03\x02\x01\x01", "large choice 1" },
+ { NULL, 5, "\xa2\x03\x02\x01\x02", "large choice 2" }
+ };
+
+ int ret = 0, ntests = sizeof(tests) / sizeof(*tests);
+ TESTChoice1 c1;
+ TESTChoice1 c2_1;
+ TESTChoice2 c2_2;
+
+ memset(&c1, 0, sizeof(c1));
+ c1.element = choice_TESTChoice1_i1;
+ c1.u.i1 = 1;
+ tests[0].val = &c1;
+
+ memset(&c2_1, 0, sizeof(c2_1));
+ c2_1.element = choice_TESTChoice1_i2;
+ c2_1.u.i2 = 2;
+ tests[1].val = &c2_1;
+
+ ret += generic_test (tests, ntests, sizeof(TESTChoice1),
+ (generic_encode)encode_TESTChoice1,
+ (generic_length)length_TESTChoice1,
+ (generic_decode)decode_TESTChoice1,
+ (generic_free)free_TESTChoice1,
+ cmp_TESTChoice,
+ (generic_copy)copy_TESTChoice1);
+
+ memset(&c2_2, 0, sizeof(c2_2));
+ c2_2.element = choice_TESTChoice2_asn1_ellipsis;
+ c2_2.u.asn1_ellipsis.data = "\xa2\x03\x02\x01\x02";
+ c2_2.u.asn1_ellipsis.length = 5;
+ tests[1].val = &c2_2;
+
+ ret += generic_test (tests, ntests, sizeof(TESTChoice2),
+ (generic_encode)encode_TESTChoice2,
+ (generic_length)length_TESTChoice2,
+ (generic_decode)decode_TESTChoice2,
+ (generic_free)free_TESTChoice2,
+ cmp_TESTChoice,
+ (generic_copy)copy_TESTChoice2);
+
+ return ret;
+}
+
+static int
+cmp_TESTImplicit (void *a, void *b)
+{
+ TESTImplicit *aa = a;
+ TESTImplicit *ab = b;
+
+ COMPARE_INTEGER(aa,ab,ti1);
+ COMPARE_INTEGER(aa,ab,ti2.foo);
+ COMPARE_INTEGER(aa,ab,ti3);
+ return 0;
+}
+
+/*
+UNIV CONS Sequence 14
+ CONTEXT PRIM 0 1 00
+ CONTEXT CONS 1 6
+ CONTEXT CONS 127 3
+ UNIV PRIM Integer 1 02
+ CONTEXT PRIM 2 1 03
+*/
+
+static int
+test_implicit (void)
+{
+ struct test_case tests[] = {
+ { NULL, 16,
+ "\x30\x0e\x80\x01\x00\xa1\x06\xbf"
+ "\x7f\x03\x02\x01\x02\x82\x01\x03",
+ "implicit 1" }
+ };
+
+ int ret = 0, ntests = sizeof(tests) / sizeof(*tests);
+ TESTImplicit c0;
+
+ memset(&c0, 0, sizeof(c0));
+ c0.ti1 = 0;
+ c0.ti2.foo = 2;
+ c0.ti3 = 3;
+ tests[0].val = &c0;
+
+ ret += generic_test (tests, ntests, sizeof(TESTImplicit),
+ (generic_encode)encode_TESTImplicit,
+ (generic_length)length_TESTImplicit,
+ (generic_decode)decode_TESTImplicit,
+ (generic_free)free_TESTImplicit,
+ cmp_TESTImplicit,
+ (generic_copy)copy_TESTImplicit);
+
+#ifdef IMPLICIT_TAGGING_WORKS
+ ret += generic_test (tests, ntests, sizeof(TESTImplicit2),
+ (generic_encode)encode_TESTImplicit2,
+ (generic_length)length_TESTImplicit2,
+ (generic_decode)decode_TESTImplicit2,
+ (generic_free)free_TESTImplicit2,
+ cmp_TESTImplicit,
+ NULL);
+
+#endif /* IMPLICIT_TAGGING_WORKS */
+ return ret;
+}
+
+static int
+cmp_TESTAlloc (void *a, void *b)
+{
+ TESTAlloc *aa = a;
+ TESTAlloc *ab = b;
+
+ IF_OPT_COMPARE(aa,ab,tagless) {
+ COMPARE_INTEGER(aa,ab,tagless->ai);
+ }
+
+ COMPARE_INTEGER(aa,ab,three);
+
+ IF_OPT_COMPARE(aa,ab,tagless2) {
+ COMPARE_OPT_OCTECT_STRING(aa, ab, tagless2);
+ }
+
+ return 0;
+}
+
+/*
+UNIV CONS Sequence 12
+ UNIV CONS Sequence 5
+ CONTEXT CONS 0 3
+ UNIV PRIM Integer 1 01
+ CONTEXT CONS 1 3
+ UNIV PRIM Integer 1 03
+
+UNIV CONS Sequence 5
+ CONTEXT CONS 1 3
+ UNIV PRIM Integer 1 03
+
+UNIV CONS Sequence 8
+ CONTEXT CONS 1 3
+ UNIV PRIM Integer 1 04
+ UNIV PRIM Integer 1 05
+
+*/
+
+static int
+test_taglessalloc (void)
+{
+ struct test_case tests[] = {
+ { NULL, 14,
+ "\x30\x0c\x30\x05\xa0\x03\x02\x01\x01\xa1\x03\x02\x01\x03",
+ "alloc 1" },
+ { NULL, 7,
+ "\x30\x05\xa1\x03\x02\x01\x03",
+ "alloc 2" },
+ { NULL, 10,
+ "\x30\x08\xa1\x03\x02\x01\x04\x02\x01\x05",
+ "alloc 3" }
+ };
+
+ int ret = 0, ntests = sizeof(tests) / sizeof(*tests);
+ TESTAlloc c1, c2, c3;
+ heim_any any3;
+
+ memset(&c1, 0, sizeof(c1));
+ c1.tagless = ecalloc(1, sizeof(*c1.tagless));
+ c1.tagless->ai = 1;
+ c1.three = 3;
+ tests[0].val = &c1;
+
+ memset(&c2, 0, sizeof(c2));
+ c2.tagless = NULL;
+ c2.three = 3;
+ tests[1].val = &c2;
+
+ memset(&c3, 0, sizeof(c3));
+ c3.tagless = NULL;
+ c3.three = 4;
+ c3.tagless2 = &any3;
+ any3.data = "\x02\x01\x05";
+ any3.length = 3;
+ tests[2].val = &c3;
+
+ ret += generic_test (tests, ntests, sizeof(TESTAlloc),
+ (generic_encode)encode_TESTAlloc,
+ (generic_length)length_TESTAlloc,
+ (generic_decode)decode_TESTAlloc,
+ (generic_free)free_TESTAlloc,
+ cmp_TESTAlloc,
+ (generic_copy)copy_TESTAlloc);
+
+ free(c1.tagless);
+
+ return ret;
+}
+
+static int
+cmp_TESTOptional (void *a, void *b)
+{
+ TESTOptional *aa = a;
+ TESTOptional *ab = b;
+
+ IF_OPT_COMPARE(aa,ab,zero) {
+ COMPARE_OPT_INTEGER(aa,ab,zero);
+ }
+ IF_OPT_COMPARE(aa,ab,one) {
+ COMPARE_OPT_INTEGER(aa,ab,one);
+ }
+ return 0;
+}
+
+/*
+UNIV CONS Sequence 5
+ CONTEXT CONS 0 3
+ UNIV PRIM Integer 1 00
+
+UNIV CONS Sequence 5
+ CONTEXT CONS 1 3
+ UNIV PRIM Integer 1 03
+
+UNIV CONS Sequence 10
+ CONTEXT CONS 0 3
+ UNIV PRIM Integer 1 00
+ CONTEXT CONS 1 3
+ UNIV PRIM Integer 1 01
+
+*/
+
+static int
+test_optional (void)
+{
+ struct test_case tests[] = {
+ { NULL, 2,
+ "\x30\x00",
+ "optional 0" },
+ { NULL, 7,
+ "\x30\x05\xa0\x03\x02\x01\x00",
+ "optional 1" },
+ { NULL, 7,
+ "\x30\x05\xa1\x03\x02\x01\x01",
+ "optional 2" },
+ { NULL, 12,
+ "\x30\x0a\xa0\x03\x02\x01\x00\xa1\x03\x02\x01\x01",
+ "optional 3" }
+ };
+
+ int ret = 0, ntests = sizeof(tests) / sizeof(*tests);
+ TESTOptional c0, c1, c2, c3;
+ int zero = 0;
+ int one = 1;
+
+ c0.zero = NULL;
+ c0.one = NULL;
+ tests[0].val = &c0;
+
+ c1.zero = &zero;
+ c1.one = NULL;
+ tests[1].val = &c1;
+
+ c2.zero = NULL;
+ c2.one = &one;
+ tests[2].val = &c2;
+
+ c3.zero = &zero;
+ c3.one = &one;
+ tests[3].val = &c3;
+
+ ret += generic_test (tests, ntests, sizeof(TESTOptional),
+ (generic_encode)encode_TESTOptional,
+ (generic_length)length_TESTOptional,
+ (generic_decode)decode_TESTOptional,
+ (generic_free)free_TESTOptional,
+ cmp_TESTOptional,
+ (generic_copy)copy_TESTOptional);
+
+ return ret;
+}
+
+static int
+check_fail_largetag(void)
+{
+ struct test_case tests[] = {
+ {NULL, 14, "\x30\x0c\xbf\x87\xff\xff\xff\xff\xff\x7f\x03\x02\x01\x01",
+ "tag overflow"},
+ {NULL, 0, "", "empty buffer"},
+ {NULL, 7, "\x30\x05\xa1\x03\x02\x02\x01",
+ "one too short" },
+ {NULL, 7, "\x30\x04\xa1\x03\x02\x02\x01"
+ "two too short" },
+ {NULL, 7, "\x30\x03\xa1\x03\x02\x02\x01",
+ "three too short" },
+ {NULL, 7, "\x30\x02\xa1\x03\x02\x02\x01",
+ "four too short" },
+ {NULL, 7, "\x30\x01\xa1\x03\x02\x02\x01",
+ "five too short" },
+ {NULL, 7, "\x30\x00\xa1\x03\x02\x02\x01",
+ "six too short" },
+ {NULL, 7, "\x30\x05\xa1\x04\x02\x02\x01",
+ "inner one too long" },
+ {NULL, 7, "\x30\x00\xa1\x02\x02\x02\x01",
+ "inner one too short" },
+ {NULL, 8, "\x30\x05\xbf\x7f\x03\x02\x02\x01",
+ "inner one too short"},
+ {NULL, 8, "\x30\x06\xbf\x64\x03\x02\x01\x01",
+ "wrong tag"},
+ {NULL, 10, "\x30\x08\xbf\x9a\x9b\x38\x03\x02\x01\x01",
+ "still wrong tag"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(TESTLargeTag),
+ (generic_decode)decode_TESTLargeTag);
+}
+
+
+static int
+check_fail_sequence(void)
+{
+ struct test_case tests[] = {
+ {NULL, 0, "", "empty buffer"},
+ {NULL, 24,
+ "\x30\x16\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01"
+ "\x02\x01\x01\xa2\x03\x02\x01\x01"
+ "missing one byte from the end, internal length ok"},
+ {NULL, 25,
+ "\x30\x18\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01\x01"
+ "\x02\x01\x01\xa2\x03\x02\x01\x01",
+ "inner length one byte too long"},
+ {NULL, 24,
+ "\x30\x17\xa0\x03\x02\x01\x01\xa1\x08\x30\x06\xbf\x7f\x03\x02\x01"
+ "\x01\x02\x01\x01\xa2\x03\x02\x01\x01",
+ "correct buffer but missing one too short"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(TESTSeq),
+ (generic_decode)decode_TESTSeq);
+}
+
+static int
+check_fail_choice(void)
+{
+ struct test_case tests[] = {
+ {NULL, 6,
+ "\xa1\x02\x02\x01\x01",
+ "choice one too short"},
+ {NULL, 6,
+ "\xa1\x03\x02\x02\x01",
+ "choice one too short inner"}
+ };
+ int ntests = sizeof(tests) / sizeof(*tests);
+
+ return generic_decode_fail(tests, ntests, sizeof(TESTChoice1),
+ (generic_decode)decode_TESTChoice1);
+}
+
+static int
+check_seq(void)
+{
+ TESTSeqOf seq;
+ TESTInteger i;
+ int ret;
+
+ seq.val = NULL;
+ seq.len = 0;
+
+ ret = add_TESTSeqOf(&seq, &i);
+ if (ret) { printf("failed adding\n"); goto out; }
+ ret = add_TESTSeqOf(&seq, &i);
+ if (ret) { printf("failed adding\n"); goto out; }
+ ret = add_TESTSeqOf(&seq, &i);
+ if (ret) { printf("failed adding\n"); goto out; }
+ ret = add_TESTSeqOf(&seq, &i);
+ if (ret) { printf("failed adding\n"); goto out; }
+
+ ret = remove_TESTSeqOf(&seq, seq.len - 1);
+ if (ret) { printf("failed removing\n"); goto out; }
+ ret = remove_TESTSeqOf(&seq, 2);
+ if (ret) { printf("failed removing\n"); goto out; }
+ ret = remove_TESTSeqOf(&seq, 0);
+ if (ret) { printf("failed removing\n"); goto out; }
+ ret = remove_TESTSeqOf(&seq, 0);
+ if (ret) { printf("failed removing\n"); goto out; }
+ ret = remove_TESTSeqOf(&seq, 0);
+ if (ret == 0) {
+ printf("can remove from empty list");
+ return 1;
+ }
+
+ if (seq.len != 0) {
+ printf("seq not empty!");
+ return 1;
+ }
+ free_TESTSeqOf(&seq);
+ ret = 0;
+
+out:
+
+ return ret;
+}
+
+#define test_seq_of(type, ok, ptr) \
+{ \
+ heim_octet_string os; \
+ size_t size; \
+ type decode; \
+ ASN1_MALLOC_ENCODE(type, os.data, os.length, ptr, &size, ret); \
+ if (ret) \
+ return ret; \
+ if (os.length != size) \
+ abort(); \
+ ret = decode_##type(os.data, os.length, &decode, &size); \
+ free(os.data); \
+ if (ret) { \
+ if (ok) \
+ return 1; \
+ } else { \
+ free_##type(&decode); \
+ if (!ok) \
+ return 1; \
+ if (size != 0) \
+ return 1; \
+ } \
+ return 0; \
+}
+
+static int
+check_seq_of_size(void)
+{
+#if 0 /* template */
+ TESTInteger integers[4] = { 1, 2, 3, 4 };
+ int ret;
+
+ {
+ TESTSeqSizeOf1 ssof1f1 = { 1, integers };
+ TESTSeqSizeOf1 ssof1ok1 = { 2, integers };
+ TESTSeqSizeOf1 ssof1f2 = { 3, integers };
+
+ test_seq_of(TESTSeqSizeOf1, 0, &ssof1f1);
+ test_seq_of(TESTSeqSizeOf1, 1, &ssof1ok1);
+ test_seq_of(TESTSeqSizeOf1, 0, &ssof1f2);
+ }
+ {
+ TESTSeqSizeOf2 ssof2f1 = { 0, NULL };
+ TESTSeqSizeOf2 ssof2ok1 = { 1, integers };
+ TESTSeqSizeOf2 ssof2ok2 = { 2, integers };
+ TESTSeqSizeOf2 ssof2f2 = { 3, integers };
+
+ test_seq_of(TESTSeqSizeOf2, 0, &ssof2f1);
+ test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok1);
+ test_seq_of(TESTSeqSizeOf2, 1, &ssof2ok2);
+ test_seq_of(TESTSeqSizeOf2, 0, &ssof2f2);
+ }
+ {
+ TESTSeqSizeOf3 ssof3f1 = { 0, NULL };
+ TESTSeqSizeOf3 ssof3ok1 = { 1, integers };
+ TESTSeqSizeOf3 ssof3ok2 = { 2, integers };
+
+ test_seq_of(TESTSeqSizeOf3, 0, &ssof3f1);
+ test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok1);
+ test_seq_of(TESTSeqSizeOf3, 1, &ssof3ok2);
+ }
+ {
+ TESTSeqSizeOf4 ssof4ok1 = { 0, NULL };
+ TESTSeqSizeOf4 ssof4ok2 = { 1, integers };
+ TESTSeqSizeOf4 ssof4ok3 = { 2, integers };
+ TESTSeqSizeOf4 ssof4f1 = { 3, integers };
+
+ test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok1);
+ test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok2);
+ test_seq_of(TESTSeqSizeOf4, 1, &ssof4ok3);
+ test_seq_of(TESTSeqSizeOf4, 0, &ssof4f1);
+ }
+#endif
+ return 0;
+}
+
+static int
+check_TESTMechTypeList(void)
+{
+ TESTMechTypeList tl;
+ unsigned oid1[] = { 1, 2, 840, 48018, 1, 2, 2};
+ unsigned oid2[] = { 1, 2, 840, 113554, 1, 2, 2};
+ unsigned oid3[] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 30};
+ unsigned oid4[] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10};
+ TESTMechType array[] = {{ 7, oid1 },
+ { 7, oid2 },
+ { 10, oid3 },
+ { 10, oid4 }};
+ size_t size, len;
+ void *ptr;
+ int ret;
+
+ tl.len = 4;
+ tl.val = array;
+
+ ASN1_MALLOC_ENCODE(TESTMechTypeList, ptr, len, &tl, &size, ret);
+ if (ret)
+ errx(1, "TESTMechTypeList: %d", ret);
+ if (len != size)
+ abort();
+ return 0;
+}
+
+int
+main(int argc, char **argv)
+{
+ int ret = 0;
+
+ ret += test_principal ();
+ ret += test_authenticator();
+ ret += test_krb_error();
+ ret += test_Name();
+ ret += test_bit_string();
+ ret += test_bit_string_rfc1510();
+ ret += test_time();
+ ret += test_cert();
+
+ ret += check_tag_length();
+ ret += test_large_tag();
+ ret += test_choice();
+
+ ret += test_implicit();
+ ret += test_taglessalloc();
+ ret += test_optional();
+
+ ret += check_fail_largetag();
+ ret += check_fail_sequence();
+ ret += check_fail_choice();
+
+ ret += check_seq();
+ ret += check_seq_of_size();
+
+ ret += check_TESTMechTypeList();
+
+ return ret;
+}
diff --git a/crypto/heimdal/lib/asn1/check-timegm.c b/crypto/heimdal/lib/asn1/check-timegm.c
new file mode 100644
index 000000000000..13d3abcf1fa5
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/check-timegm.c
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <der_locl.h>
+
+RCSID("$Id$");
+
+static int
+test_timegm(void)
+{
+ int ret = 0;
+ struct tm tm;
+ time_t t;
+
+ memset(&tm, 0, sizeof(tm));
+ tm.tm_year = 106;
+ tm.tm_mon = 9;
+ tm.tm_mday = 1;
+ tm.tm_hour = 10;
+ tm.tm_min = 3;
+
+ t = _der_timegm(&tm);
+ if (t != 1159696980)
+ ret += 1;
+
+ tm.tm_mday = 0;
+ t = _der_timegm(&tm);
+ if (t != -1)
+ ret += 1;
+
+ _der_gmtime(1159696980, &tm);
+ if (tm.tm_year != 106 ||
+ tm.tm_mon != 9 ||
+ tm.tm_mday != 1 ||
+ tm.tm_hour != 10 ||
+ tm.tm_min != 3 ||
+ tm.tm_sec != 0)
+ errx(1, "tmtime failes");
+
+ return ret;
+}
+
+int
+main(int argc, char **argv)
+{
+ int ret = 0;
+
+ ret += test_timegm();
+
+ return ret;
+}
diff --git a/crypto/heimdal/lib/asn1/cms.asn1 b/crypto/heimdal/lib/asn1/cms.asn1
new file mode 100644
index 000000000000..ccbe68383825
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/cms.asn1
@@ -0,0 +1,157 @@
+-- From RFC 3369 --
+-- $Id$ --
+
+CMS DEFINITIONS ::= BEGIN
+
+IMPORTS CertificateSerialNumber, AlgorithmIdentifier, Name,
+ Attribute, Certificate, SubjectKeyIdentifier FROM rfc2459
+ heim_any, heim_any_set FROM heim;
+
+id-pkcs7 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+ us(840) rsadsi(113549) pkcs(1) pkcs7(7) }
+
+id-pkcs7-data OBJECT IDENTIFIER ::= { id-pkcs7 1 }
+id-pkcs7-signedData OBJECT IDENTIFIER ::= { id-pkcs7 2 }
+id-pkcs7-envelopedData OBJECT IDENTIFIER ::= { id-pkcs7 3 }
+id-pkcs7-signedAndEnvelopedData OBJECT IDENTIFIER ::= { id-pkcs7 4 }
+id-pkcs7-digestedData OBJECT IDENTIFIER ::= { id-pkcs7 5 }
+id-pkcs7-encryptedData OBJECT IDENTIFIER ::= { id-pkcs7 6 }
+
+CMSVersion ::= INTEGER {
+ CMSVersion_v0(0),
+ CMSVersion_v1(1),
+ CMSVersion_v2(2),
+ CMSVersion_v3(3),
+ CMSVersion_v4(4)
+}
+
+DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
+SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
+
+ContentType ::= OBJECT IDENTIFIER
+MessageDigest ::= OCTET STRING
+
+ContentInfo ::= SEQUENCE {
+ contentType ContentType,
+ content [0] EXPLICIT heim_any OPTIONAL -- DEFINED BY contentType
+}
+
+EncapsulatedContentInfo ::= SEQUENCE {
+ eContentType ContentType,
+ eContent [0] EXPLICIT OCTET STRING OPTIONAL
+}
+
+CertificateSet ::= SET OF heim_any
+
+CertificateList ::= Certificate
+
+CertificateRevocationLists ::= SET OF CertificateList
+
+IssuerAndSerialNumber ::= SEQUENCE {
+ issuer Name,
+ serialNumber CertificateSerialNumber
+}
+
+-- RecipientIdentifier is same as SignerIdentifier,
+-- lets glue them togheter and save some bytes and share code for them
+
+CMSIdentifier ::= CHOICE {
+ issuerAndSerialNumber IssuerAndSerialNumber,
+ subjectKeyIdentifier [0] SubjectKeyIdentifier
+}
+
+SignerIdentifier ::= CMSIdentifier
+RecipientIdentifier ::= CMSIdentifier
+
+--- CMSAttributes are the combined UnsignedAttributes and SignedAttributes
+--- to store space and share code
+
+CMSAttributes ::= SET OF Attribute -- SIZE (1..MAX)
+
+SignatureValue ::= OCTET STRING
+
+SignerInfo ::= SEQUENCE {
+ version CMSVersion,
+ sid SignerIdentifier,
+ digestAlgorithm DigestAlgorithmIdentifier,
+ signedAttrs [0] IMPLICIT -- CMSAttributes --
+ SET OF Attribute OPTIONAL,
+ signatureAlgorithm SignatureAlgorithmIdentifier,
+ signature SignatureValue,
+ unsignedAttrs [1] IMPLICIT -- CMSAttributes --
+ SET OF Attribute OPTIONAL
+}
+
+SignerInfos ::= SET OF SignerInfo
+
+SignedData ::= SEQUENCE {
+ version CMSVersion,
+ digestAlgorithms DigestAlgorithmIdentifiers,
+ encapContentInfo EncapsulatedContentInfo,
+ certificates [0] IMPLICIT -- CertificateSet --
+ SET OF heim_any OPTIONAL,
+ crls [1] IMPLICIT -- CertificateRevocationLists --
+ heim_any OPTIONAL,
+ signerInfos SignerInfos
+}
+
+OriginatorInfo ::= SEQUENCE {
+ certs [0] IMPLICIT -- CertificateSet --
+ SET OF heim_any OPTIONAL,
+ crls [1] IMPLICIT --CertificateRevocationLists --
+ heim_any OPTIONAL
+}
+
+KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+EncryptedKey ::= OCTET STRING
+
+KeyTransRecipientInfo ::= SEQUENCE {
+ version CMSVersion, -- always set to 0 or 2
+ rid RecipientIdentifier,
+ keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+ encryptedKey EncryptedKey
+}
+
+RecipientInfo ::= KeyTransRecipientInfo
+
+RecipientInfos ::= SET OF RecipientInfo
+
+EncryptedContent ::= OCTET STRING
+
+EncryptedContentInfo ::= SEQUENCE {
+ contentType ContentType,
+ contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+ encryptedContent [0] IMPLICIT OCTET STRING OPTIONAL
+}
+
+UnprotectedAttributes ::= SET OF Attribute -- SIZE (1..MAX)
+
+CMSEncryptedData ::= SEQUENCE {
+ version CMSVersion,
+ encryptedContentInfo EncryptedContentInfo,
+ unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
+ heim_any OPTIONAL
+}
+
+EnvelopedData ::= SEQUENCE {
+ version CMSVersion,
+ originatorInfo [0] IMPLICIT -- OriginatorInfo -- heim_any OPTIONAL,
+ recipientInfos RecipientInfos,
+ encryptedContentInfo EncryptedContentInfo,
+ unprotectedAttrs [1] IMPLICIT -- UnprotectedAttributes --
+ heim_any OPTIONAL
+}
+
+-- Data ::= OCTET STRING
+
+CMSRC2CBCParameter ::= SEQUENCE {
+ rc2ParameterVersion INTEGER (0..4294967295),
+ iv OCTET STRING -- exactly 8 octets
+}
+
+CMSCBCParameter ::= OCTET STRING
+
+END
diff --git a/crypto/heimdal/lib/asn1/cms.opt b/crypto/heimdal/lib/asn1/cms.opt
new file mode 100644
index 000000000000..49333e53a758
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/cms.opt
@@ -0,0 +1,2 @@
+--decode-dce-ber
+--sequence=DigestAlgorithmIdentifiers
diff --git a/crypto/heimdal/lib/asn1/der-private.h b/crypto/heimdal/lib/asn1/der-private.h
new file mode 100644
index 000000000000..555f71bd004d
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der-private.h
@@ -0,0 +1,82 @@
+/* This is a generated file */
+#ifndef __der_private_h__
+#define __der_private_h__
+
+#include <stdarg.h>
+
+int
+_asn1_copy (
+ const struct asn1_template */*t*/,
+ const void */*from*/,
+ void */*to*/);
+
+int
+_asn1_copy_top (
+ const struct asn1_template */*t*/,
+ const void */*from*/,
+ void */*to*/);
+
+int
+_asn1_decode (
+ const struct asn1_template */*t*/,
+ unsigned /*flags*/,
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ void */*data*/,
+ size_t */*size*/);
+
+int
+_asn1_decode_top (
+ const struct asn1_template */*t*/,
+ unsigned /*flags*/,
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ void */*data*/,
+ size_t */*size*/);
+
+int
+_asn1_encode (
+ const struct asn1_template */*t*/,
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const void */*data*/,
+ size_t */*size*/);
+
+void
+_asn1_free (
+ const struct asn1_template */*t*/,
+ void */*data*/);
+
+size_t
+_asn1_length (
+ const struct asn1_template */*t*/,
+ const void */*data*/);
+
+struct tm *
+_der_gmtime (
+ time_t /*t*/,
+ struct tm */*tm*/);
+
+int
+_heim_der_set_sort (
+ const void */*a1*/,
+ const void */*a2*/);
+
+int
+_heim_fix_dce (
+ size_t /*reallen*/,
+ size_t */*len*/);
+
+size_t
+_heim_len_int (int /*val*/);
+
+size_t
+_heim_len_unsigned (unsigned /*val*/);
+
+int
+_heim_time2generalizedtime (
+ time_t /*t*/,
+ heim_octet_string */*s*/,
+ int /*gtimep*/);
+
+#endif /* __der_private_h__ */
diff --git a/crypto/heimdal/lib/asn1/der-protos.h b/crypto/heimdal/lib/asn1/der-protos.h
new file mode 100644
index 000000000000..3b3d81d175fb
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der-protos.h
@@ -0,0 +1,628 @@
+/* This is a generated file */
+#ifndef __der_protos_h__
+#define __der_protos_h__
+
+#include <stdarg.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int
+copy_heim_any (
+ const heim_any */*from*/,
+ heim_any */*to*/);
+
+int
+copy_heim_any_set (
+ const heim_any_set */*from*/,
+ heim_any_set */*to*/);
+
+int
+decode_heim_any (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_any */*data*/,
+ size_t */*size*/);
+
+int
+decode_heim_any_set (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_any_set */*data*/,
+ size_t */*size*/);
+
+int
+der_copy_bit_string (
+ const heim_bit_string */*from*/,
+ heim_bit_string */*to*/);
+
+int
+der_copy_bmp_string (
+ const heim_bmp_string */*from*/,
+ heim_bmp_string */*to*/);
+
+int
+der_copy_general_string (
+ const heim_general_string */*from*/,
+ heim_general_string */*to*/);
+
+int
+der_copy_generalized_time (
+ const time_t */*from*/,
+ time_t */*to*/);
+
+int
+der_copy_heim_integer (
+ const heim_integer */*from*/,
+ heim_integer */*to*/);
+
+int
+der_copy_ia5_string (
+ const heim_ia5_string */*from*/,
+ heim_ia5_string */*to*/);
+
+int
+der_copy_integer (
+ const int */*from*/,
+ int */*to*/);
+
+int
+der_copy_octet_string (
+ const heim_octet_string */*from*/,
+ heim_octet_string */*to*/);
+
+int
+der_copy_oid (
+ const heim_oid */*from*/,
+ heim_oid */*to*/);
+
+int
+der_copy_printable_string (
+ const heim_printable_string */*from*/,
+ heim_printable_string */*to*/);
+
+int
+der_copy_universal_string (
+ const heim_universal_string */*from*/,
+ heim_universal_string */*to*/);
+
+int
+der_copy_unsigned (
+ const unsigned */*from*/,
+ unsigned */*to*/);
+
+int
+der_copy_utctime (
+ const time_t */*from*/,
+ time_t */*to*/);
+
+int
+der_copy_utf8string (
+ const heim_utf8_string */*from*/,
+ heim_utf8_string */*to*/);
+
+int
+der_copy_visible_string (
+ const heim_visible_string */*from*/,
+ heim_visible_string */*to*/);
+
+void
+der_free_bit_string (heim_bit_string */*k*/);
+
+void
+der_free_bmp_string (heim_bmp_string */*k*/);
+
+void
+der_free_general_string (heim_general_string */*str*/);
+
+void
+der_free_generalized_time (time_t */*t*/);
+
+void
+der_free_heim_integer (heim_integer */*k*/);
+
+void
+der_free_ia5_string (heim_ia5_string */*str*/);
+
+void
+der_free_integer (int */*i*/);
+
+void
+der_free_octet_string (heim_octet_string */*k*/);
+
+void
+der_free_oid (heim_oid */*k*/);
+
+void
+der_free_printable_string (heim_printable_string */*str*/);
+
+void
+der_free_universal_string (heim_universal_string */*k*/);
+
+void
+der_free_unsigned (unsigned */*u*/);
+
+void
+der_free_utctime (time_t */*t*/);
+
+void
+der_free_utf8string (heim_utf8_string */*str*/);
+
+void
+der_free_visible_string (heim_visible_string */*str*/);
+
+int
+der_get_bit_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_bit_string */*data*/,
+ size_t */*size*/);
+
+int
+der_get_bmp_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_bmp_string */*data*/,
+ size_t */*size*/);
+
+int
+der_get_boolean (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ int */*data*/,
+ size_t */*size*/);
+
+const char *
+der_get_class_name (unsigned /*num*/);
+
+int
+der_get_class_num (const char */*name*/);
+
+int
+der_get_general_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_general_string */*str*/,
+ size_t */*size*/);
+
+int
+der_get_generalized_time (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ time_t */*data*/,
+ size_t */*size*/);
+
+int
+der_get_heim_integer (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_integer */*data*/,
+ size_t */*size*/);
+
+int
+der_get_ia5_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_ia5_string */*str*/,
+ size_t */*size*/);
+
+int
+der_get_integer (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ int */*ret*/,
+ size_t */*size*/);
+
+int
+der_get_length (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ size_t */*val*/,
+ size_t */*size*/);
+
+int
+der_get_octet_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_octet_string */*data*/,
+ size_t */*size*/);
+
+int
+der_get_octet_string_ber (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_octet_string */*data*/,
+ size_t */*size*/);
+
+int
+der_get_oid (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_oid */*data*/,
+ size_t */*size*/);
+
+int
+der_get_printable_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_printable_string */*str*/,
+ size_t */*size*/);
+
+int
+der_get_tag (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ Der_class */*class*/,
+ Der_type */*type*/,
+ unsigned int */*tag*/,
+ size_t */*size*/);
+
+const char *
+der_get_tag_name (unsigned /*num*/);
+
+int
+der_get_tag_num (const char */*name*/);
+
+const char *
+der_get_type_name (unsigned /*num*/);
+
+int
+der_get_type_num (const char */*name*/);
+
+int
+der_get_universal_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_universal_string */*data*/,
+ size_t */*size*/);
+
+int
+der_get_unsigned (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ unsigned */*ret*/,
+ size_t */*size*/);
+
+int
+der_get_utctime (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ time_t */*data*/,
+ size_t */*size*/);
+
+int
+der_get_utf8string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_utf8_string */*str*/,
+ size_t */*size*/);
+
+int
+der_get_visible_string (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ heim_visible_string */*str*/,
+ size_t */*size*/);
+
+int
+der_heim_bit_string_cmp (
+ const heim_bit_string */*p*/,
+ const heim_bit_string */*q*/);
+
+int
+der_heim_bmp_string_cmp (
+ const heim_bmp_string */*p*/,
+ const heim_bmp_string */*q*/);
+
+int
+der_heim_integer_cmp (
+ const heim_integer */*p*/,
+ const heim_integer */*q*/);
+
+int
+der_heim_octet_string_cmp (
+ const heim_octet_string */*p*/,
+ const heim_octet_string */*q*/);
+
+int
+der_heim_oid_cmp (
+ const heim_oid */*p*/,
+ const heim_oid */*q*/);
+
+int
+der_heim_universal_string_cmp (
+ const heim_universal_string */*p*/,
+ const heim_universal_string */*q*/);
+
+int
+der_ia5_string_cmp (
+ const heim_ia5_string */*p*/,
+ const heim_ia5_string */*q*/);
+
+size_t
+der_length_bit_string (const heim_bit_string */*k*/);
+
+size_t
+der_length_bmp_string (const heim_bmp_string */*data*/);
+
+size_t
+der_length_boolean (const int */*k*/);
+
+size_t
+der_length_enumerated (const unsigned */*data*/);
+
+size_t
+der_length_general_string (const heim_general_string */*data*/);
+
+size_t
+der_length_generalized_time (const time_t */*t*/);
+
+size_t
+der_length_heim_integer (const heim_integer */*k*/);
+
+size_t
+der_length_ia5_string (const heim_ia5_string */*data*/);
+
+size_t
+der_length_integer (const int */*data*/);
+
+size_t
+der_length_len (size_t /*len*/);
+
+size_t
+der_length_octet_string (const heim_octet_string */*k*/);
+
+size_t
+der_length_oid (const heim_oid */*k*/);
+
+size_t
+der_length_printable_string (const heim_printable_string */*data*/);
+
+size_t
+der_length_tag (unsigned int /*tag*/);
+
+size_t
+der_length_universal_string (const heim_universal_string */*data*/);
+
+size_t
+der_length_unsigned (const unsigned */*data*/);
+
+size_t
+der_length_utctime (const time_t */*t*/);
+
+size_t
+der_length_utf8string (const heim_utf8_string */*data*/);
+
+size_t
+der_length_visible_string (const heim_visible_string */*data*/);
+
+int
+der_match_tag (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ Der_class /*class*/,
+ Der_type /*type*/,
+ unsigned int /*tag*/,
+ size_t */*size*/);
+
+int
+der_match_tag2 (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ Der_class /*class*/,
+ Der_type */*type*/,
+ unsigned int /*tag*/,
+ size_t */*size*/);
+
+int
+der_match_tag_and_length (
+ const unsigned char */*p*/,
+ size_t /*len*/,
+ Der_class /*class*/,
+ Der_type */*type*/,
+ unsigned int /*tag*/,
+ size_t */*length_ret*/,
+ size_t */*size*/);
+
+int
+der_parse_heim_oid (
+ const char */*str*/,
+ const char */*sep*/,
+ heim_oid */*data*/);
+
+int
+der_parse_hex_heim_integer (
+ const char */*p*/,
+ heim_integer */*data*/);
+
+int
+der_print_heim_oid (
+ const heim_oid */*oid*/,
+ char /*delim*/,
+ char **/*str*/);
+
+int
+der_print_hex_heim_integer (
+ const heim_integer */*data*/,
+ char **/*p*/);
+
+int
+der_printable_string_cmp (
+ const heim_printable_string */*p*/,
+ const heim_printable_string */*q*/);
+
+int
+der_put_bit_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_bit_string */*data*/,
+ size_t */*size*/);
+
+int
+der_put_bmp_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_bmp_string */*data*/,
+ size_t */*size*/);
+
+int
+der_put_boolean (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const int */*data*/,
+ size_t */*size*/);
+
+int
+der_put_general_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_general_string */*str*/,
+ size_t */*size*/);
+
+int
+der_put_generalized_time (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const time_t */*data*/,
+ size_t */*size*/);
+
+int
+der_put_heim_integer (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_integer */*data*/,
+ size_t */*size*/);
+
+int
+der_put_ia5_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_ia5_string */*str*/,
+ size_t */*size*/);
+
+int
+der_put_integer (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const int */*v*/,
+ size_t */*size*/);
+
+int
+der_put_length (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ size_t /*val*/,
+ size_t */*size*/);
+
+int
+der_put_length_and_tag (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ size_t /*len_val*/,
+ Der_class /*class*/,
+ Der_type /*type*/,
+ unsigned int /*tag*/,
+ size_t */*size*/);
+
+int
+der_put_octet_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_octet_string */*data*/,
+ size_t */*size*/);
+
+int
+der_put_oid (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_oid */*data*/,
+ size_t */*size*/);
+
+int
+der_put_printable_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_printable_string */*str*/,
+ size_t */*size*/);
+
+int
+der_put_tag (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ Der_class /*class*/,
+ Der_type /*type*/,
+ unsigned int /*tag*/,
+ size_t */*size*/);
+
+int
+der_put_universal_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_universal_string */*data*/,
+ size_t */*size*/);
+
+int
+der_put_unsigned (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const unsigned */*v*/,
+ size_t */*size*/);
+
+int
+der_put_utctime (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const time_t */*data*/,
+ size_t */*size*/);
+
+int
+der_put_utf8string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_utf8_string */*str*/,
+ size_t */*size*/);
+
+int
+der_put_visible_string (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_visible_string */*str*/,
+ size_t */*size*/);
+
+int
+encode_heim_any (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_any */*data*/,
+ size_t */*size*/);
+
+int
+encode_heim_any_set (
+ unsigned char */*p*/,
+ size_t /*len*/,
+ const heim_any_set */*data*/,
+ size_t */*size*/);
+
+void
+free_heim_any (heim_any */*data*/);
+
+void
+free_heim_any_set (heim_any_set */*data*/);
+
+int
+heim_any_cmp (
+ const heim_any_set */*p*/,
+ const heim_any_set */*q*/);
+
+size_t
+length_heim_any (const heim_any */*data*/);
+
+size_t
+length_heim_any_set (const heim_any */*data*/);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __der_protos_h__ */
diff --git a/crypto/heimdal/lib/asn1/der.c b/crypto/heimdal/lib/asn1/der.c
new file mode 100644
index 000000000000..0c59e6f6409b
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <com_err.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <getarg.h>
+#include <err.h>
+
+RCSID("$Id$");
+
+
+static const char *class_names[] = {
+ "UNIV", /* 0 */
+ "APPL", /* 1 */
+ "CONTEXT", /* 2 */
+ "PRIVATE" /* 3 */
+};
+
+static const char *type_names[] = {
+ "PRIM", /* 0 */
+ "CONS" /* 1 */
+};
+
+static const char *tag_names[] = {
+ "EndOfContent", /* 0 */
+ "Boolean", /* 1 */
+ "Integer", /* 2 */
+ "BitString", /* 3 */
+ "OctetString", /* 4 */
+ "Null", /* 5 */
+ "ObjectID", /* 6 */
+ NULL, /* 7 */
+ NULL, /* 8 */
+ NULL, /* 9 */
+ "Enumerated", /* 10 */
+ NULL, /* 11 */
+ NULL, /* 12 */
+ NULL, /* 13 */
+ NULL, /* 14 */
+ NULL, /* 15 */
+ "Sequence", /* 16 */
+ "Set", /* 17 */
+ NULL, /* 18 */
+ "PrintableString", /* 19 */
+ NULL, /* 20 */
+ NULL, /* 21 */
+ "IA5String", /* 22 */
+ "UTCTime", /* 23 */
+ "GeneralizedTime", /* 24 */
+ NULL, /* 25 */
+ "VisibleString", /* 26 */
+ "GeneralString", /* 27 */
+ NULL, /* 28 */
+ NULL, /* 29 */
+ "BMPString" /* 30 */
+};
+
+static int
+get_type(const char *name, const char *list[], unsigned len)
+{
+ unsigned i;
+ for (i = 0; i < len; i++)
+ if (list[i] && strcasecmp(list[i], name) == 0)
+ return i;
+ return -1;
+}
+
+#define SIZEOF_ARRAY(a) (sizeof((a))/sizeof((a)[0]))
+
+const char *
+der_get_class_name(unsigned num)
+{
+ if (num >= SIZEOF_ARRAY(class_names))
+ return NULL;
+ return class_names[num];
+}
+
+int
+der_get_class_num(const char *name)
+{
+ return get_type(name, class_names, SIZEOF_ARRAY(class_names));
+}
+
+const char *
+der_get_type_name(unsigned num)
+{
+ if (num >= SIZEOF_ARRAY(type_names))
+ return NULL;
+ return type_names[num];
+}
+
+int
+der_get_type_num(const char *name)
+{
+ return get_type(name, type_names, SIZEOF_ARRAY(type_names));
+}
+
+const char *
+der_get_tag_name(unsigned num)
+{
+ if (num >= SIZEOF_ARRAY(tag_names))
+ return NULL;
+ return tag_names[num];
+}
+
+int
+der_get_tag_num(const char *name)
+{
+ return get_type(name, tag_names, SIZEOF_ARRAY(tag_names));
+}
diff --git a/crypto/heimdal/lib/asn1/der.h b/crypto/heimdal/lib/asn1/der.h
new file mode 100644
index 000000000000..f20cdb83ca51
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der.h
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef __DER_H__
+#define __DER_H__
+
+typedef enum {
+ ASN1_C_UNIV = 0,
+ ASN1_C_APPL = 1,
+ ASN1_C_CONTEXT = 2,
+ ASN1_C_PRIVATE = 3
+} Der_class;
+
+typedef enum {PRIM = 0, CONS = 1} Der_type;
+
+#define MAKE_TAG(CLASS, TYPE, TAG) (((CLASS) << 6) | ((TYPE) << 5) | (TAG))
+
+/* Universal tags */
+
+enum {
+ UT_EndOfContent = 0,
+ UT_Boolean = 1,
+ UT_Integer = 2,
+ UT_BitString = 3,
+ UT_OctetString = 4,
+ UT_Null = 5,
+ UT_OID = 6,
+ UT_Enumerated = 10,
+ UT_UTF8String = 12,
+ UT_Sequence = 16,
+ UT_Set = 17,
+ UT_PrintableString = 19,
+ UT_IA5String = 22,
+ UT_UTCTime = 23,
+ UT_GeneralizedTime = 24,
+ UT_UniversalString = 25,
+ UT_VisibleString = 26,
+ UT_GeneralString = 27,
+ UT_BMPString = 30,
+ /* unsupported types */
+ UT_ObjectDescriptor = 7,
+ UT_External = 8,
+ UT_Real = 9,
+ UT_EmbeddedPDV = 11,
+ UT_RelativeOID = 13,
+ UT_NumericString = 18,
+ UT_TeletexString = 20,
+ UT_VideotexString = 21,
+ UT_GraphicString = 25
+};
+
+#define ASN1_INDEFINITE 0xdce0deed
+
+typedef struct heim_der_time_t {
+ time_t dt_sec;
+ unsigned long dt_nsec;
+} heim_der_time_t;
+
+typedef struct heim_ber_time_t {
+ time_t bt_sec;
+ unsigned bt_nsec;
+ int bt_zone;
+} heim_ber_time_t;
+
+struct asn1_template;
+
+#include <der-protos.h>
+
+int _heim_fix_dce(size_t reallen, size_t *len);
+int _heim_der_set_sort(const void *, const void *);
+int _heim_time2generalizedtime (time_t, heim_octet_string *, int);
+
+#endif /* __DER_H__ */
diff --git a/crypto/heimdal/lib/asn1/der_cmp.c b/crypto/heimdal/lib/asn1/der_cmp.c
new file mode 100644
index 000000000000..468ccb2d040c
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_cmp.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+int
+der_heim_oid_cmp(const heim_oid *p, const heim_oid *q)
+{
+ if (p->length != q->length)
+ return p->length - q->length;
+ return memcmp(p->components,
+ q->components,
+ p->length * sizeof(*p->components));
+}
+
+int
+der_heim_octet_string_cmp(const heim_octet_string *p,
+ const heim_octet_string *q)
+{
+ if (p->length != q->length)
+ return p->length - q->length;
+ return memcmp(p->data, q->data, p->length);
+}
+
+int
+der_printable_string_cmp(const heim_printable_string *p,
+ const heim_printable_string *q)
+{
+ return der_heim_octet_string_cmp(p, q);
+}
+
+int
+der_ia5_string_cmp(const heim_ia5_string *p,
+ const heim_ia5_string *q)
+{
+ return der_heim_octet_string_cmp(p, q);
+}
+
+int
+der_heim_bit_string_cmp(const heim_bit_string *p,
+ const heim_bit_string *q)
+{
+ int i, r1, r2;
+ if (p->length != q->length)
+ return p->length - q->length;
+ i = memcmp(p->data, q->data, p->length / 8);
+ if (i)
+ return i;
+ if ((p->length % 8) == 0)
+ return 0;
+ i = (p->length / 8);
+ r1 = ((unsigned char *)p->data)[i];
+ r2 = ((unsigned char *)q->data)[i];
+ i = 8 - (p->length % 8);
+ r1 = r1 >> i;
+ r2 = r2 >> i;
+ return r1 - r2;
+}
+
+int
+der_heim_integer_cmp(const heim_integer *p,
+ const heim_integer *q)
+{
+ if (p->negative != q->negative)
+ return q->negative - p->negative;
+ if (p->length != q->length)
+ return p->length - q->length;
+ return memcmp(p->data, q->data, p->length);
+}
+
+int
+der_heim_bmp_string_cmp(const heim_bmp_string *p, const heim_bmp_string *q)
+{
+ if (p->length != q->length)
+ return p->length - q->length;
+ return memcmp(p->data, q->data, q->length * sizeof(q->data[0]));
+}
+
+int
+der_heim_universal_string_cmp(const heim_universal_string *p,
+ const heim_universal_string *q)
+{
+ if (p->length != q->length)
+ return p->length - q->length;
+ return memcmp(p->data, q->data, q->length * sizeof(q->data[0]));
+}
diff --git a/crypto/heimdal/lib/asn1/der_copy.c b/crypto/heimdal/lib/asn1/der_copy.c
new file mode 100644
index 000000000000..3a0a8c5ffa6a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_copy.c
@@ -0,0 +1,181 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+RCSID("$Id$");
+
+int
+der_copy_general_string (const heim_general_string *from,
+ heim_general_string *to)
+{
+ *to = strdup(*from);
+ if(*to == NULL)
+ return ENOMEM;
+ return 0;
+}
+
+int
+der_copy_integer (const int *from, int *to)
+{
+ *to = *from;
+ return 0;
+}
+
+int
+der_copy_unsigned (const unsigned *from, unsigned *to)
+{
+ *to = *from;
+ return 0;
+}
+
+int
+der_copy_generalized_time (const time_t *from, time_t *to)
+{
+ *to = *from;
+ return 0;
+}
+
+int
+der_copy_utctime (const time_t *from, time_t *to)
+{
+ *to = *from;
+ return 0;
+}
+
+int
+der_copy_utf8string (const heim_utf8_string *from, heim_utf8_string *to)
+{
+ return der_copy_general_string(from, to);
+}
+
+int
+der_copy_printable_string (const heim_printable_string *from,
+ heim_printable_string *to)
+{
+ to->length = from->length;
+ to->data = malloc(to->length + 1);
+ if(to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, to->length);
+ ((char *)to->data)[to->length] = '\0';
+ return 0;
+}
+
+int
+der_copy_ia5_string (const heim_ia5_string *from,
+ heim_ia5_string *to)
+{
+ return der_copy_printable_string(from, to);
+}
+
+int
+der_copy_bmp_string (const heim_bmp_string *from, heim_bmp_string *to)
+{
+ to->length = from->length;
+ to->data = malloc(to->length * sizeof(to->data[0]));
+ if(to->length != 0 && to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, to->length * sizeof(to->data[0]));
+ return 0;
+}
+
+int
+der_copy_universal_string (const heim_universal_string *from,
+ heim_universal_string *to)
+{
+ to->length = from->length;
+ to->data = malloc(to->length * sizeof(to->data[0]));
+ if(to->length != 0 && to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, to->length * sizeof(to->data[0]));
+ return 0;
+}
+
+int
+der_copy_visible_string (const heim_visible_string *from,
+ heim_visible_string *to)
+{
+ return der_copy_general_string(from, to);
+}
+
+int
+der_copy_octet_string (const heim_octet_string *from, heim_octet_string *to)
+{
+ to->length = from->length;
+ to->data = malloc(to->length);
+ if(to->length != 0 && to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, to->length);
+ return 0;
+}
+
+int
+der_copy_heim_integer (const heim_integer *from, heim_integer *to)
+{
+ to->length = from->length;
+ to->data = malloc(to->length);
+ if(to->length != 0 && to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, to->length);
+ to->negative = from->negative;
+ return 0;
+}
+
+int
+der_copy_oid (const heim_oid *from, heim_oid *to)
+{
+ to->length = from->length;
+ to->components = malloc(to->length * sizeof(*to->components));
+ if (to->length != 0 && to->components == NULL)
+ return ENOMEM;
+ memcpy(to->components, from->components,
+ to->length * sizeof(*to->components));
+ return 0;
+}
+
+int
+der_copy_bit_string (const heim_bit_string *from, heim_bit_string *to)
+{
+ size_t len;
+
+ len = (from->length + 7) / 8;
+ to->length = from->length;
+ to->data = malloc(len);
+ if(len != 0 && to->data == NULL)
+ return ENOMEM;
+ memcpy(to->data, from->data, len);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/asn1/der_format.c b/crypto/heimdal/lib/asn1/der_format.c
new file mode 100644
index 000000000000..4f06c1b01fd9
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_format.c
@@ -0,0 +1,170 @@
+/*
+ * Copyright (c) 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <hex.h>
+
+RCSID("$Id$");
+
+int
+der_parse_hex_heim_integer (const char *p, heim_integer *data)
+{
+ ssize_t len;
+
+ data->length = 0;
+ data->negative = 0;
+ data->data = NULL;
+
+ if (*p == '-') {
+ p++;
+ data->negative = 1;
+ }
+
+ len = strlen(p);
+ if (len <= 0) {
+ data->data = NULL;
+ data->length = 0;
+ return EINVAL;
+ }
+
+ data->length = (len / 2) + 1;
+ data->data = malloc(data->length);
+ if (data->data == NULL) {
+ data->length = 0;
+ return ENOMEM;
+ }
+
+ len = hex_decode(p, data->data, data->length);
+ if (len < 0) {
+ free(data->data);
+ data->data = NULL;
+ data->length = 0;
+ return EINVAL;
+ }
+
+ {
+ unsigned char *q = data->data;
+ while(len > 0 && *q == 0) {
+ q++;
+ len--;
+ }
+ data->length = len;
+ memmove(data->data, q, len);
+ }
+ return 0;
+}
+
+int
+der_print_hex_heim_integer (const heim_integer *data, char **p)
+{
+ ssize_t len;
+ char *q;
+
+ len = hex_encode(data->data, data->length, p);
+ if (len < 0)
+ return ENOMEM;
+
+ if (data->negative) {
+ len = asprintf(&q, "-%s", *p);
+ free(*p);
+ if (len < 0)
+ return ENOMEM;
+ *p = q;
+ }
+ return 0;
+}
+
+int
+der_print_heim_oid (const heim_oid *oid, char delim, char **str)
+{
+ struct rk_strpool *p = NULL;
+ size_t i;
+
+ if (oid->length == 0)
+ return EINVAL;
+
+ for (i = 0; i < oid->length ; i++) {
+ p = rk_strpoolprintf(p, "%d", oid->components[i]);
+ if (p && i < oid->length - 1)
+ p = rk_strpoolprintf(p, "%c", delim);
+ if (p == NULL) {
+ *str = NULL;
+ return ENOMEM;
+ }
+ }
+
+ *str = rk_strpoolcollect(p);
+ if (*str == NULL)
+ return ENOMEM;
+ return 0;
+}
+
+int
+der_parse_heim_oid (const char *str, const char *sep, heim_oid *data)
+{
+ char *s, *w, *brkt, *endptr;
+ unsigned int *c;
+ long l;
+
+ data->length = 0;
+ data->components = NULL;
+
+ if (sep == NULL)
+ sep = ".";
+
+ s = strdup(str);
+
+ for (w = strtok_r(s, sep, &brkt);
+ w != NULL;
+ w = strtok_r(NULL, sep, &brkt)) {
+
+ c = realloc(data->components,
+ (data->length + 1) * sizeof(data->components[0]));
+ if (c == NULL) {
+ der_free_oid(data);
+ free(s);
+ return ENOMEM;
+ }
+ data->components = c;
+
+ l = strtol(w, &endptr, 10);
+ if (*endptr != '\0' || l < 0 || l > INT_MAX) {
+ der_free_oid(data);
+ free(s);
+ return EINVAL;
+ }
+ data->components[data->length++] = l;
+ }
+ free(s);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/asn1/der_free.c b/crypto/heimdal/lib/asn1/der_free.c
new file mode 100644
index 000000000000..4bae5fc2338f
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_free.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+RCSID("$Id$");
+
+void
+der_free_general_string (heim_general_string *str)
+{
+ free(*str);
+ *str = NULL;
+}
+
+void
+der_free_integer (int *i)
+{
+ *i = 0;
+}
+
+void
+der_free_unsigned (unsigned *u)
+{
+ *u = 0;
+}
+
+void
+der_free_generalized_time(time_t *t)
+{
+ *t = 0;
+}
+
+void
+der_free_utctime(time_t *t)
+{
+ *t = 0;
+}
+
+
+void
+der_free_utf8string (heim_utf8_string *str)
+{
+ free(*str);
+ *str = NULL;
+}
+
+void
+der_free_printable_string (heim_printable_string *str)
+{
+ der_free_octet_string(str);
+}
+
+void
+der_free_ia5_string (heim_ia5_string *str)
+{
+ der_free_octet_string(str);
+}
+
+void
+der_free_bmp_string (heim_bmp_string *k)
+{
+ free(k->data);
+ k->data = NULL;
+ k->length = 0;
+}
+
+void
+der_free_universal_string (heim_universal_string *k)
+{
+ free(k->data);
+ k->data = NULL;
+ k->length = 0;
+}
+
+void
+der_free_visible_string (heim_visible_string *str)
+{
+ free(*str);
+ *str = NULL;
+}
+
+void
+der_free_octet_string (heim_octet_string *k)
+{
+ free(k->data);
+ k->data = NULL;
+ k->length = 0;
+}
+
+void
+der_free_heim_integer (heim_integer *k)
+{
+ free(k->data);
+ k->data = NULL;
+ k->length = 0;
+}
+
+void
+der_free_oid (heim_oid *k)
+{
+ free(k->components);
+ k->components = NULL;
+ k->length = 0;
+}
+
+void
+der_free_bit_string (heim_bit_string *k)
+{
+ free(k->data);
+ k->data = NULL;
+ k->length = 0;
+}
diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c
new file mode 100644
index 000000000000..3112da86f93b
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_get.c
@@ -0,0 +1,647 @@
+/*
+ * Copyright (c) 1997 - 2007 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+/*
+ * All decoding functions take a pointer `p' to first position in
+ * which to read, from the left, `len' which means the maximum number
+ * of characters we are able to read, `ret' were the value will be
+ * returned and `size' where the number of used bytes is stored.
+ * Either 0 or an error code is returned.
+ */
+
+int
+der_get_unsigned (const unsigned char *p, size_t len,
+ unsigned *ret, size_t *size)
+{
+ unsigned val = 0;
+ size_t oldlen = len;
+
+ if (len == sizeof(unsigned) + 1 && p[0] == 0)
+ ;
+ else if (len > sizeof(unsigned))
+ return ASN1_OVERRUN;
+
+ while (len--)
+ val = val * 256 + *p++;
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+int
+der_get_integer (const unsigned char *p, size_t len,
+ int *ret, size_t *size)
+{
+ int val = 0;
+ size_t oldlen = len;
+
+ if (len > sizeof(int))
+ return ASN1_OVERRUN;
+
+ if (len > 0) {
+ val = (signed char)*p++;
+ while (--len)
+ val = val * 256 + *p++;
+ }
+ *ret = val;
+ if(size) *size = oldlen;
+ return 0;
+}
+
+int
+der_get_length (const unsigned char *p, size_t len,
+ size_t *val, size_t *size)
+{
+ size_t v;
+
+ if (len <= 0)
+ return ASN1_OVERRUN;
+ --len;
+ v = *p++;
+ if (v < 128) {
+ *val = v;
+ if(size) *size = 1;
+ } else {
+ int e;
+ size_t l;
+ unsigned tmp;
+
+ if(v == 0x80){
+ *val = ASN1_INDEFINITE;
+ if(size) *size = 1;
+ return 0;
+ }
+ v &= 0x7F;
+ if (len < v)
+ return ASN1_OVERRUN;
+ e = der_get_unsigned (p, v, &tmp, &l);
+ if(e) return e;
+ *val = tmp;
+ if(size) *size = l + 1;
+ }
+ return 0;
+}
+
+int
+der_get_boolean(const unsigned char *p, size_t len, int *data, size_t *size)
+{
+ if(len < 1)
+ return ASN1_OVERRUN;
+ if(*p != 0)
+ *data = 1;
+ else
+ *data = 0;
+ *size = 1;
+ return 0;
+}
+
+int
+der_get_general_string (const unsigned char *p, size_t len,
+ heim_general_string *str, size_t *size)
+{
+ const unsigned char *p1;
+ char *s;
+
+ p1 = memchr(p, 0, len);
+ if (p1 != NULL) {
+ /*
+ * Allow trailing NULs. We allow this since MIT Kerberos sends
+ * an strings in the NEED_PREAUTH case that includes a
+ * trailing NUL.
+ */
+ while ((size_t)(p1 - p) < len && *p1 == '\0')
+ p1++;
+ if ((size_t)(p1 - p) != len)
+ return ASN1_BAD_CHARACTER;
+ }
+ if (len > len + 1)
+ return ASN1_BAD_LENGTH;
+
+ s = malloc (len + 1);
+ if (s == NULL)
+ return ENOMEM;
+ memcpy (s, p, len);
+ s[len] = '\0';
+ *str = s;
+ if(size) *size = len;
+ return 0;
+}
+
+int
+der_get_utf8string (const unsigned char *p, size_t len,
+ heim_utf8_string *str, size_t *size)
+{
+ return der_get_general_string(p, len, str, size);
+}
+
+int
+der_get_printable_string(const unsigned char *p, size_t len,
+ heim_printable_string *str, size_t *size)
+{
+ str->length = len;
+ str->data = malloc(len + 1);
+ if (str->data == NULL)
+ return ENOMEM;
+ memcpy(str->data, p, len);
+ ((char *)str->data)[len] = '\0';
+ if(size) *size = len;
+ return 0;
+}
+
+int
+der_get_ia5_string(const unsigned char *p, size_t len,
+ heim_ia5_string *str, size_t *size)
+{
+ return der_get_printable_string(p, len, str, size);
+}
+
+int
+der_get_bmp_string (const unsigned char *p, size_t len,
+ heim_bmp_string *data, size_t *size)
+{
+ size_t i;
+
+ if (len & 1)
+ return ASN1_BAD_FORMAT;
+ data->length = len / 2;
+ if (data->length > UINT_MAX/sizeof(data->data[0]))
+ return ERANGE;
+ data->data = malloc(data->length * sizeof(data->data[0]));
+ if (data->data == NULL && data->length != 0)
+ return ENOMEM;
+
+ for (i = 0; i < data->length; i++) {
+ data->data[i] = (p[0] << 8) | p[1];
+ p += 2;
+ /* check for NUL in the middle of the string */
+ if (data->data[i] == 0 && i != (data->length - 1)) {
+ free(data->data);
+ data->data = NULL;
+ data->length = 0;
+ return ASN1_BAD_CHARACTER;
+ }
+ }
+ if (size) *size = len;
+
+ return 0;
+}
+
+int
+der_get_universal_string (const unsigned char *p, size_t len,
+ heim_universal_string *data, size_t *size)
+{
+ size_t i;
+
+ if (len & 3)
+ return ASN1_BAD_FORMAT;
+ data->length = len / 4;
+ if (data->length > UINT_MAX/sizeof(data->data[0]))
+ return ERANGE;
+ data->data = malloc(data->length * sizeof(data->data[0]));
+ if (data->data == NULL && data->length != 0)
+ return ENOMEM;
+
+ for (i = 0; i < data->length; i++) {
+ data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+ p += 4;
+ /* check for NUL in the middle of the string */
+ if (data->data[i] == 0 && i != (data->length - 1)) {
+ free(data->data);
+ data->data = NULL;
+ data->length = 0;
+ return ASN1_BAD_CHARACTER;
+ }
+ }
+ if (size) *size = len;
+ return 0;
+}
+
+int
+der_get_visible_string (const unsigned char *p, size_t len,
+ heim_visible_string *str, size_t *size)
+{
+ return der_get_general_string(p, len, str, size);
+}
+
+int
+der_get_octet_string (const unsigned char *p, size_t len,
+ heim_octet_string *data, size_t *size)
+{
+ data->length = len;
+ data->data = malloc(len);
+ if (data->data == NULL && data->length != 0)
+ return ENOMEM;
+ memcpy (data->data, p, len);
+ if(size) *size = len;
+ return 0;
+}
+
+int
+der_get_octet_string_ber (const unsigned char *p, size_t len,
+ heim_octet_string *data, size_t *size)
+{
+ int e;
+ Der_type type;
+ Der_class class;
+ unsigned int tag, depth = 0;
+ size_t l, datalen, oldlen = len;
+
+ data->length = 0;
+ data->data = NULL;
+
+ while (len) {
+ e = der_get_tag (p, len, &class, &type, &tag, &l);
+ if (e) goto out;
+ if (class != ASN1_C_UNIV) {
+ e = ASN1_BAD_ID;
+ goto out;
+ }
+ if (type == PRIM && tag == UT_EndOfContent) {
+ if (depth == 0)
+ break;
+ depth--;
+ }
+ if (tag != UT_OctetString) {
+ e = ASN1_BAD_ID;
+ goto out;
+ }
+
+ p += l;
+ len -= l;
+ e = der_get_length (p, len, &datalen, &l);
+ if (e) goto out;
+ p += l;
+ len -= l;
+
+ if (datalen > len)
+ return ASN1_OVERRUN;
+
+ if (type == PRIM) {
+ void *ptr;
+
+ ptr = realloc(data->data, data->length + datalen);
+ if (ptr == NULL) {
+ e = ENOMEM;
+ goto out;
+ }
+ data->data = ptr;
+ memcpy(((unsigned char *)data->data) + data->length, p, datalen);
+ data->length += datalen;
+ } else
+ depth++;
+
+ p += datalen;
+ len -= datalen;
+ }
+ if (depth != 0)
+ return ASN1_INDEF_OVERRUN;
+ if(size) *size = oldlen - len;
+ return 0;
+ out:
+ free(data->data);
+ data->data = NULL;
+ data->length = 0;
+ return e;
+}
+
+
+int
+der_get_heim_integer (const unsigned char *p, size_t len,
+ heim_integer *data, size_t *size)
+{
+ data->length = 0;
+ data->negative = 0;
+ data->data = NULL;
+
+ if (len == 0) {
+ if (size)
+ *size = 0;
+ return 0;
+ }
+ if (p[0] & 0x80) {
+ unsigned char *q;
+ int carry = 1;
+ data->negative = 1;
+
+ data->length = len;
+
+ if (p[0] == 0xff) {
+ p++;
+ data->length--;
+ }
+ data->data = malloc(data->length);
+ if (data->data == NULL) {
+ data->length = 0;
+ if (size)
+ *size = 0;
+ return ENOMEM;
+ }
+ q = &((unsigned char*)data->data)[data->length - 1];
+ p += data->length - 1;
+ while (q >= (unsigned char*)data->data) {
+ *q = *p ^ 0xff;
+ if (carry)
+ carry = !++*q;
+ p--;
+ q--;
+ }
+ } else {
+ data->negative = 0;
+ data->length = len;
+
+ if (p[0] == 0) {
+ p++;
+ data->length--;
+ }
+ data->data = malloc(data->length);
+ if (data->data == NULL && data->length != 0) {
+ data->length = 0;
+ if (size)
+ *size = 0;
+ return ENOMEM;
+ }
+ memcpy(data->data, p, data->length);
+ }
+ if (size)
+ *size = len;
+ return 0;
+}
+
+static int
+generalizedtime2time (const char *s, time_t *t)
+{
+ struct tm tm;
+
+ memset(&tm, 0, sizeof(tm));
+ if (sscanf (s, "%04d%02d%02d%02d%02d%02dZ",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
+ &tm.tm_min, &tm.tm_sec) != 6) {
+ if (sscanf (s, "%02d%02d%02d%02d%02d%02dZ",
+ &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour,
+ &tm.tm_min, &tm.tm_sec) != 6)
+ return ASN1_BAD_TIMEFORMAT;
+ if (tm.tm_year < 50)
+ tm.tm_year += 2000;
+ else
+ tm.tm_year += 1900;
+ }
+ tm.tm_year -= 1900;
+ tm.tm_mon -= 1;
+ *t = _der_timegm (&tm);
+ return 0;
+}
+
+static int
+der_get_time (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ char *times;
+ int e;
+
+ if (len > len + 1 || len == 0)
+ return ASN1_BAD_LENGTH;
+
+ times = malloc(len + 1);
+ if (times == NULL)
+ return ENOMEM;
+ memcpy(times, p, len);
+ times[len] = '\0';
+ e = generalizedtime2time(times, data);
+ free (times);
+ if(size) *size = len;
+ return e;
+}
+
+int
+der_get_generalized_time (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ return der_get_time(p, len, data, size);
+}
+
+int
+der_get_utctime (const unsigned char *p, size_t len,
+ time_t *data, size_t *size)
+{
+ return der_get_time(p, len, data, size);
+}
+
+int
+der_get_oid (const unsigned char *p, size_t len,
+ heim_oid *data, size_t *size)
+{
+ size_t n;
+ size_t oldlen = len;
+
+ if (len < 1)
+ return ASN1_OVERRUN;
+
+ if (len > len + 1)
+ return ASN1_BAD_LENGTH;
+
+ if (len + 1 > UINT_MAX/sizeof(data->components[0]))
+ return ERANGE;
+
+ data->components = malloc((len + 1) * sizeof(data->components[0]));
+ if (data->components == NULL)
+ return ENOMEM;
+ data->components[0] = (*p) / 40;
+ data->components[1] = (*p) % 40;
+ --len;
+ ++p;
+ for (n = 2; len > 0; ++n) {
+ unsigned u = 0, u1;
+
+ do {
+ --len;
+ u1 = u * 128 + (*p++ % 128);
+ /* check that we don't overflow the element */
+ if (u1 < u) {
+ der_free_oid(data);
+ return ASN1_OVERRUN;
+ }
+ u = u1;
+ } while (len > 0 && p[-1] & 0x80);
+ data->components[n] = u;
+ }
+ if (n > 2 && p[-1] & 0x80) {
+ der_free_oid (data);
+ return ASN1_OVERRUN;
+ }
+ data->length = n;
+ if (size)
+ *size = oldlen;
+ return 0;
+}
+
+int
+der_get_tag (const unsigned char *p, size_t len,
+ Der_class *class, Der_type *type,
+ unsigned int *tag, size_t *size)
+{
+ size_t ret = 0;
+ if (len < 1)
+ return ASN1_OVERRUN;
+ *class = (Der_class)(((*p) >> 6) & 0x03);
+ *type = (Der_type)(((*p) >> 5) & 0x01);
+ *tag = (*p) & 0x1f;
+ p++; len--; ret++;
+ if(*tag == 0x1f) {
+ unsigned int continuation;
+ unsigned int tag1;
+ *tag = 0;
+ do {
+ if(len < 1)
+ return ASN1_OVERRUN;
+ continuation = *p & 128;
+ tag1 = *tag * 128 + (*p % 128);
+ /* check that we don't overflow the tag */
+ if (tag1 < *tag)
+ return ASN1_OVERFLOW;
+ *tag = tag1;
+ p++; len--; ret++;
+ } while(continuation);
+ }
+ if(size) *size = ret;
+ return 0;
+}
+
+int
+der_match_tag (const unsigned char *p, size_t len,
+ Der_class class, Der_type type,
+ unsigned int tag, size_t *size)
+{
+ Der_type thistype;
+ int e;
+
+ e = der_match_tag2(p, len, class, &thistype, tag, size);
+ if (e) return e;
+ if (thistype != type) return ASN1_BAD_ID;
+ return 0;
+}
+
+int
+der_match_tag2 (const unsigned char *p, size_t len,
+ Der_class class, Der_type *type,
+ unsigned int tag, size_t *size)
+{
+ size_t l;
+ Der_class thisclass;
+ unsigned int thistag;
+ int e;
+
+ e = der_get_tag (p, len, &thisclass, type, &thistag, &l);
+ if (e) return e;
+ if (class != thisclass)
+ return ASN1_BAD_ID;
+ if(tag > thistag)
+ return ASN1_MISPLACED_FIELD;
+ if(tag < thistag)
+ return ASN1_MISSING_FIELD;
+ if(size) *size = l;
+ return 0;
+}
+
+int
+der_match_tag_and_length (const unsigned char *p, size_t len,
+ Der_class class, Der_type *type, unsigned int tag,
+ size_t *length_ret, size_t *size)
+{
+ size_t l, ret = 0;
+ int e;
+
+ e = der_match_tag2 (p, len, class, type, tag, &l);
+ if (e) return e;
+ p += l;
+ len -= l;
+ ret += l;
+ e = der_get_length (p, len, length_ret, &l);
+ if (e) return e;
+ if(size) *size = ret + l;
+ return 0;
+}
+
+
+
+/*
+ * Old versions of DCE was based on a very early beta of the MIT code,
+ * which used MAVROS for ASN.1 encoding. MAVROS had the interesting
+ * feature that it encoded data in the forward direction, which has
+ * it's problems, since you have no idea how long the data will be
+ * until after you're done. MAVROS solved this by reserving one byte
+ * for length, and later, if the actual length was longer, it reverted
+ * to indefinite, BER style, lengths. The version of MAVROS used by
+ * the DCE people could apparently generate correct X.509 DER encodings, and
+ * did this by making space for the length after encoding, but
+ * unfortunately this feature wasn't used with Kerberos.
+ */
+
+int
+_heim_fix_dce(size_t reallen, size_t *len)
+{
+ if(reallen == ASN1_INDEFINITE)
+ return 1;
+ if(*len < reallen)
+ return -1;
+ *len = reallen;
+ return 0;
+}
+
+int
+der_get_bit_string (const unsigned char *p, size_t len,
+ heim_bit_string *data, size_t *size)
+{
+ if (len < 1)
+ return ASN1_OVERRUN;
+ if (p[0] > 7)
+ return ASN1_BAD_FORMAT;
+ if (len - 1 == 0 && p[0] != 0)
+ return ASN1_BAD_FORMAT;
+ /* check if any of the three upper bits are set
+ * any of them will cause a interger overrun */
+ if ((len - 1) >> (sizeof(len) * 8 - 3))
+ return ASN1_OVERRUN;
+ data->length = (len - 1) * 8;
+ data->data = malloc(len - 1);
+ if (data->data == NULL && (len - 1) != 0)
+ return ENOMEM;
+ /* copy data is there is data to copy */
+ if (len - 1 != 0) {
+ memcpy (data->data, p + 1, len - 1);
+ data->length -= p[0];
+ }
+ if(size) *size = len;
+ return 0;
+}
diff --git a/crypto/heimdal/lib/asn1/der_length.c b/crypto/heimdal/lib/asn1/der_length.c
new file mode 100644
index 000000000000..db82025861ea
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_length.c
@@ -0,0 +1,248 @@
+/*
+ * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+RCSID("$Id$");
+
+size_t
+_heim_len_unsigned (unsigned val)
+{
+ size_t ret = 0;
+ int last_val_gt_128;
+
+ do {
+ ++ret;
+ last_val_gt_128 = (val >= 128);
+ val /= 256;
+ } while (val);
+
+ if(last_val_gt_128)
+ ret++;
+
+ return ret;
+}
+
+size_t
+_heim_len_int (int val)
+{
+ unsigned char q;
+ size_t ret = 0;
+
+ if (val >= 0) {
+ do {
+ q = val % 256;
+ ret++;
+ val /= 256;
+ } while(val);
+ if(q >= 128)
+ ret++;
+ } else {
+ val = ~val;
+ do {
+ q = ~(val % 256);
+ ret++;
+ val /= 256;
+ } while(val);
+ if(q < 128)
+ ret++;
+ }
+ return ret;
+}
+
+static size_t
+len_oid (const heim_oid *oid)
+{
+ size_t ret = 1;
+ size_t n;
+
+ for (n = 2; n < oid->length; ++n) {
+ unsigned u = oid->components[n];
+
+ do {
+ ++ret;
+ u /= 128;
+ } while(u > 0);
+ }
+ return ret;
+}
+
+size_t
+der_length_len (size_t len)
+{
+ if (len < 128)
+ return 1;
+ else {
+ int ret = 0;
+ do {
+ ++ret;
+ len /= 256;
+ } while (len);
+ return ret + 1;
+ }
+}
+
+size_t
+der_length_tag(unsigned int tag)
+{
+ size_t len = 0;
+
+ if(tag <= 30)
+ return 1;
+ while(tag) {
+ tag /= 128;
+ len++;
+ }
+ return len + 1;
+}
+
+size_t
+der_length_integer (const int *data)
+{
+ return _heim_len_int (*data);
+}
+
+size_t
+der_length_unsigned (const unsigned *data)
+{
+ return _heim_len_unsigned(*data);
+}
+
+size_t
+der_length_enumerated (const unsigned *data)
+{
+ return _heim_len_int (*data);
+}
+
+size_t
+der_length_general_string (const heim_general_string *data)
+{
+ return strlen(*data);
+}
+
+size_t
+der_length_utf8string (const heim_utf8_string *data)
+{
+ return strlen(*data);
+}
+
+size_t
+der_length_printable_string (const heim_printable_string *data)
+{
+ return data->length;
+}
+
+size_t
+der_length_ia5_string (const heim_ia5_string *data)
+{
+ return data->length;
+}
+
+size_t
+der_length_bmp_string (const heim_bmp_string *data)
+{
+ return data->length * 2;
+}
+
+size_t
+der_length_universal_string (const heim_universal_string *data)
+{
+ return data->length * 4;
+}
+
+size_t
+der_length_visible_string (const heim_visible_string *data)
+{
+ return strlen(*data);
+}
+
+size_t
+der_length_octet_string (const heim_octet_string *k)
+{
+ return k->length;
+}
+
+size_t
+der_length_heim_integer (const heim_integer *k)
+{
+ if (k->length == 0)
+ return 1;
+ if (k->negative)
+ return k->length + (((~(((unsigned char *)k->data)[0])) & 0x80) ? 0 : 1);
+ else
+ return k->length + ((((unsigned char *)k->data)[0] & 0x80) ? 1 : 0);
+}
+
+size_t
+der_length_oid (const heim_oid *k)
+{
+ return len_oid (k);
+}
+
+size_t
+der_length_generalized_time (const time_t *t)
+{
+ heim_octet_string k;
+ size_t ret;
+
+ _heim_time2generalizedtime (*t, &k, 1);
+ ret = k.length;
+ free(k.data);
+ return ret;
+}
+
+size_t
+der_length_utctime (const time_t *t)
+{
+ heim_octet_string k;
+ size_t ret;
+
+ _heim_time2generalizedtime (*t, &k, 0);
+ ret = k.length;
+ free(k.data);
+ return ret;
+}
+
+size_t
+der_length_boolean (const int *k)
+{
+ return 1;
+}
+
+size_t
+der_length_bit_string (const heim_bit_string *k)
+{
+ return (k->length + 7) / 8 + 1;
+}
diff --git a/crypto/heimdal/lib/asn1/der_locl.h b/crypto/heimdal/lib/asn1/der_locl.h
new file mode 100644
index 000000000000..a086e18fa4a4
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_locl.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 1997 - 2002, 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef __DER_LOCL_H__
+#define __DER_LOCL_H__
+
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <ctype.h>
+#include <time.h>
+#include <errno.h>
+#include <roken.h>
+
+#include <asn1-common.h>
+#include <asn1_err.h>
+#include <der.h>
+#include <der-private.h>
+#include "asn1-template.h"
+
+time_t _der_timegm (struct tm *);
+struct tm * _der_gmtime(time_t t, struct tm *);
+size_t _heim_len_unsigned (unsigned);
+size_t _heim_len_int (int);
+
+#endif /* __DER_LOCL_H__ */
diff --git a/crypto/heimdal/lib/asn1/der_put.c b/crypto/heimdal/lib/asn1/der_put.c
new file mode 100644
index 000000000000..0b276d1ebdce
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/der_put.c
@@ -0,0 +1,479 @@
+/*
+ * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+RCSID("$Id$");
+
+/*
+ * All encoding functions take a pointer `p' to first position in
+ * which to write, from the right, `len' which means the maximum
+ * number of characters we are able to write. The function returns
+ * the number of characters written in `size' (if non-NULL).
+ * The return value is 0 or an error.
+ */
+
+int
+der_put_unsigned (unsigned char *p, size_t len, const unsigned *v, size_t *size)
+{
+ unsigned char *base = p;
+ unsigned val = *v;
+
+ if (val) {
+ while (len > 0 && val) {
+ *p-- = val % 256;
+ val /= 256;
+ --len;
+ }
+ if (val != 0)
+ return ASN1_OVERFLOW;
+ else {
+ if(p[1] >= 128) {
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 0;
+ }
+ *size = base - p;
+ return 0;
+ }
+ } else if (len < 1)
+ return ASN1_OVERFLOW;
+ else {
+ *p = 0;
+ *size = 1;
+ return 0;
+ }
+}
+
+int
+der_put_integer (unsigned char *p, size_t len, const int *v, size_t *size)
+{
+ unsigned char *base = p;
+ int val = *v;
+
+ if(val >= 0) {
+ do {
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = val % 256;
+ len--;
+ val /= 256;
+ } while(val);
+ if(p[1] >= 128) {
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 0;
+ len--;
+ }
+ } else {
+ val = ~val;
+ do {
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = ~(val % 256);
+ len--;
+ val /= 256;
+ } while(val);
+ if(p[1] < 128) {
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 0xff;
+ len--;
+ }
+ }
+ *size = base - p;
+ return 0;
+}
+
+
+int
+der_put_length (unsigned char *p, size_t len, size_t val, size_t *size)
+{
+ if (len < 1)
+ return ASN1_OVERFLOW;
+
+ if (val < 128) {
+ *p = val;
+ *size = 1;
+ } else {
+ size_t l = 0;
+
+ while(val > 0) {
+ if(len < 2)
+ return ASN1_OVERFLOW;
+ *p-- = val % 256;
+ val /= 256;
+ len--;
+ l++;
+ }
+ *p = 0x80 | l;
+ if(size)
+ *size = l + 1;
+ }
+ return 0;
+}
+
+int
+der_put_boolean(unsigned char *p, size_t len, const int *data, size_t *size)
+{
+ if(len < 1)
+ return ASN1_OVERFLOW;
+ if(*data != 0)
+ *p = 0xff;
+ else
+ *p = 0;
+ *size = 1;
+ return 0;
+}
+
+int
+der_put_general_string (unsigned char *p, size_t len,
+ const heim_general_string *str, size_t *size)
+{
+ size_t slen = strlen(*str);
+
+ if (len < slen)
+ return ASN1_OVERFLOW;
+ p -= slen;
+ memcpy (p+1, *str, slen);
+ *size = slen;
+ return 0;
+}
+
+int
+der_put_utf8string (unsigned char *p, size_t len,
+ const heim_utf8_string *str, size_t *size)
+{
+ return der_put_general_string(p, len, str, size);
+}
+
+int
+der_put_printable_string (unsigned char *p, size_t len,
+ const heim_printable_string *str, size_t *size)
+{
+ return der_put_octet_string(p, len, str, size);
+}
+
+int
+der_put_ia5_string (unsigned char *p, size_t len,
+ const heim_ia5_string *str, size_t *size)
+{
+ return der_put_octet_string(p, len, str, size);
+}
+
+int
+der_put_bmp_string (unsigned char *p, size_t len,
+ const heim_bmp_string *data, size_t *size)
+{
+ size_t i;
+ if (len / 2 < data->length)
+ return ASN1_OVERFLOW;
+ p -= data->length * 2;
+ for (i = 0; i < data->length; i++) {
+ p[1] = (data->data[i] >> 8) & 0xff;
+ p[2] = data->data[i] & 0xff;
+ p += 2;
+ }
+ if (size) *size = data->length * 2;
+ return 0;
+}
+
+int
+der_put_universal_string (unsigned char *p, size_t len,
+ const heim_universal_string *data, size_t *size)
+{
+ size_t i;
+ if (len / 4 < data->length)
+ return ASN1_OVERFLOW;
+ p -= data->length * 4;
+ for (i = 0; i < data->length; i++) {
+ p[1] = (data->data[i] >> 24) & 0xff;
+ p[2] = (data->data[i] >> 16) & 0xff;
+ p[3] = (data->data[i] >> 8) & 0xff;
+ p[4] = data->data[i] & 0xff;
+ p += 4;
+ }
+ if (size) *size = data->length * 4;
+ return 0;
+}
+
+int
+der_put_visible_string (unsigned char *p, size_t len,
+ const heim_visible_string *str, size_t *size)
+{
+ return der_put_general_string(p, len, str, size);
+}
+
+int
+der_put_octet_string (unsigned char *p, size_t len,
+ const heim_octet_string *data, size_t *size)
+{
+ if (len < data->length)
+ return ASN1_OVERFLOW;
+ p -= data->length;
+ memcpy (p+1, data->data, data->length);
+ *size = data->length;
+ return 0;
+}
+
+int
+der_put_heim_integer (unsigned char *p, size_t len,
+ const heim_integer *data, size_t *size)
+{
+ unsigned char *buf = data->data;
+ int hibitset = 0;
+
+ if (data->length == 0) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 0;
+ if (size)
+ *size = 1;
+ return 0;
+ }
+ if (len < data->length)
+ return ASN1_OVERFLOW;
+
+ len -= data->length;
+
+ if (data->negative) {
+ int i, carry;
+ for (i = data->length - 1, carry = 1; i >= 0; i--) {
+ *p = buf[i] ^ 0xff;
+ if (carry)
+ carry = !++*p;
+ p--;
+ }
+ if (p[1] < 128) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 0xff;
+ len--;
+ hibitset = 1;
+ }
+ } else {
+ p -= data->length;
+ memcpy(p + 1, buf, data->length);
+
+ if (p[1] >= 128) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ p[0] = 0;
+ len--;
+ hibitset = 1;
+ }
+ }
+ if (size)
+ *size = data->length + hibitset;
+ return 0;
+}
+
+int
+der_put_generalized_time (unsigned char *p, size_t len,
+ const time_t *data, size_t *size)
+{
+ heim_octet_string k;
+ size_t l;
+ int e;
+
+ e = _heim_time2generalizedtime (*data, &k, 1);
+ if (e)
+ return e;
+ e = der_put_octet_string(p, len, &k, &l);
+ free(k.data);
+ if(e)
+ return e;
+ if(size)
+ *size = l;
+ return 0;
+}
+
+int
+der_put_utctime (unsigned char *p, size_t len,
+ const time_t *data, size_t *size)
+{
+ heim_octet_string k;
+ size_t l;
+ int e;
+
+ e = _heim_time2generalizedtime (*data, &k, 0);
+ if (e)
+ return e;
+ e = der_put_octet_string(p, len, &k, &l);
+ free(k.data);
+ if(e)
+ return e;
+ if(size)
+ *size = l;
+ return 0;
+}
+
+int
+der_put_oid (unsigned char *p, size_t len,
+ const heim_oid *data, size_t *size)
+{
+ unsigned char *base = p;
+ int n;
+
+ for (n = data->length - 1; n >= 2; --n) {
+ unsigned u = data->components[n];
+
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = u % 128;
+ u /= 128;
+ --len;
+ while (u > 0) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 128 + u % 128;
+ u /= 128;
+ --len;
+ }
+ }
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = 40 * data->components[0] + data->components[1];
+ *size = base - p;
+ return 0;
+}
+
+int
+der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type,
+ unsigned int tag, size_t *size)
+{
+ if (tag <= 30) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p = MAKE_TAG(class, type, tag);
+ *size = 1;
+ } else {
+ size_t ret = 0;
+ unsigned int continuation = 0;
+
+ do {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = tag % 128 | continuation;
+ len--;
+ ret++;
+ tag /= 128;
+ continuation = 0x80;
+ } while(tag > 0);
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = MAKE_TAG(class, type, 0x1f);
+ ret++;
+ *size = ret;
+ }
+ return 0;
+}
+
+int
+der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val,
+ Der_class class, Der_type type,
+ unsigned int tag, size_t *size)
+{
+ size_t ret = 0;
+ size_t l;
+ int e;
+
+ e = der_put_length (p, len, len_val, &l);
+ if(e)
+ return e;
+ p -= l;
+ len -= l;
+ ret += l;
+ e = der_put_tag (p, len, class, type, tag, &l);
+ if(e)
+ return e;
+
+ ret += l;
+ *size = ret;
+ return 0;
+}
+
+int
+_heim_time2generalizedtime (time_t t, heim_octet_string *s, int gtimep)
+{
+ struct tm tm;
+ const size_t len = gtimep ? 15 : 13;
+
+ s->data = malloc(len + 1);
+ if (s->data == NULL)
+ return ENOMEM;
+ s->length = len;
+ if (_der_gmtime(t, &tm) == NULL)
+ return ASN1_BAD_TIMEFORMAT;
+ if (gtimep)
+ snprintf (s->data, len + 1, "%04d%02d%02d%02d%02d%02dZ",
+ tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
+ tm.tm_hour, tm.tm_min, tm.tm_sec);
+ else
+ snprintf (s->data, len + 1, "%02d%02d%02d%02d%02d%02dZ",
+ tm.tm_year % 100, tm.tm_mon + 1, tm.tm_mday,
+ tm.tm_hour, tm.tm_min, tm.tm_sec);
+
+ return 0;
+}
+
+int
+der_put_bit_string (unsigned char *p, size_t len,
+ const heim_bit_string *data, size_t *size)
+{
+ size_t data_size = (data->length + 7) / 8;
+ if (len < data_size + 1)
+ return ASN1_OVERFLOW;
+ p -= data_size + 1;
+
+ memcpy (p+2, data->data, data_size);
+ if (data->length && (data->length % 8) != 0)
+ p[1] = 8 - (data->length % 8);
+ else
+ p[1] = 0;
+ *size = data_size + 1;
+ return 0;
+}
+
+int
+_heim_der_set_sort(const void *a1, const void *a2)
+{
+ const struct heim_octet_string *s1 = a1, *s2 = a2;
+ int ret;
+
+ ret = memcmp(s1->data, s2->data,
+ s1->length < s2->length ? s1->length : s2->length);
+ if(ret)
+ return ret;
+ return s1->length - s2->length;
+}
diff --git a/crypto/heimdal/lib/asn1/digest.asn1 b/crypto/heimdal/lib/asn1/digest.asn1
new file mode 100644
index 000000000000..027402f1efe2
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/digest.asn1
@@ -0,0 +1,179 @@
+-- $Id$
+
+DIGEST DEFINITIONS ::=
+BEGIN
+
+IMPORTS EncryptedData, Principal FROM krb5;
+
+DigestTypes ::= BIT STRING {
+ ntlm-v1(0),
+ ntlm-v1-session(1),
+ ntlm-v2(2),
+ digest-md5(3),
+ chap-md5(4),
+ ms-chap-v2(5)
+}
+
+DigestInit ::= SEQUENCE {
+ type UTF8String, -- http, sasl, chap, cram-md5 --
+ channel [0] SEQUENCE {
+ cb-type UTF8String,
+ cb-binding UTF8String
+ } OPTIONAL,
+ hostname [1] UTF8String OPTIONAL -- for chap/cram-md5
+}
+
+DigestInitReply ::= SEQUENCE {
+ nonce UTF8String, -- service nonce/challange
+ opaque UTF8String, -- server state
+ identifier [0] UTF8String OPTIONAL
+}
+
+
+DigestRequest ::= SEQUENCE {
+ type UTF8String, -- http, sasl-md5, chap, cram-md5 --
+ digest UTF8String, -- http:md5/md5-sess sasl:clear/int/conf --
+ username UTF8String, -- username user used
+ responseData UTF8String, -- client response
+ authid [0] UTF8String OPTIONAL,
+ authentication-user [1] Principal OPTIONAL, -- principal to get key from
+ realm [2] UTF8String OPTIONAL,
+ method [3] UTF8String OPTIONAL,
+ uri [4] UTF8String OPTIONAL,
+ serverNonce UTF8String, -- same as "DigestInitReply.nonce"
+ clientNonce [5] UTF8String OPTIONAL,
+ nonceCount [6] UTF8String OPTIONAL,
+ qop [7] UTF8String OPTIONAL,
+ identifier [8] UTF8String OPTIONAL,
+ hostname [9] UTF8String OPTIONAL,
+ opaque UTF8String -- same as "DigestInitReply.opaque"
+}
+-- opaque = hex(cksum(type|serverNonce|identifier|hostname,digest-key))
+-- serverNonce = hex(time[4bytes]random[12bytes])(-cbType:cbBinding)
+
+
+DigestError ::= SEQUENCE {
+ reason UTF8String,
+ code INTEGER (-2147483648..2147483647)
+}
+
+DigestResponse ::= SEQUENCE {
+ success BOOLEAN,
+ rsp [0] UTF8String OPTIONAL,
+ tickets [1] SEQUENCE OF OCTET STRING OPTIONAL,
+ channel [2] SEQUENCE {
+ cb-type UTF8String,
+ cb-binding UTF8String
+ } OPTIONAL,
+ session-key [3] OCTET STRING OPTIONAL
+}
+
+NTLMInit ::= SEQUENCE {
+ flags [0] INTEGER (0..4294967295),
+ hostname [1] UTF8String OPTIONAL,
+ domain [1] UTF8String OPTIONAL
+}
+
+NTLMInitReply ::= SEQUENCE {
+ flags [0] INTEGER (0..4294967295),
+ opaque [1] OCTET STRING,
+ targetname [2] UTF8String,
+ challange [3] OCTET STRING,
+ targetinfo [4] OCTET STRING OPTIONAL
+}
+
+NTLMRequest ::= SEQUENCE {
+ flags [0] INTEGER (0..4294967295),
+ opaque [1] OCTET STRING,
+ username [2] UTF8String,
+ targetname [3] UTF8String,
+ targetinfo [4] OCTET STRING OPTIONAL,
+ lm [5] OCTET STRING,
+ ntlm [6] OCTET STRING,
+ sessionkey [7] OCTET STRING OPTIONAL
+}
+
+NTLMResponse ::= SEQUENCE {
+ success [0] BOOLEAN,
+ flags [1] INTEGER (0..4294967295),
+ sessionkey [2] OCTET STRING OPTIONAL,
+ tickets [3] SEQUENCE OF OCTET STRING OPTIONAL
+}
+
+NTLMRequest2 ::= SEQUENCE {
+ loginUserName [0] UTF8String,
+ loginDomainName [1] UTF8String,
+ flags [2] INTEGER (0..4294967295),
+ lmchallenge [3] OCTET STRING SIZE (8),
+ ntChallengeResponce [4] OCTET STRING,
+ lmChallengeResponce [5] OCTET STRING
+}
+
+NTLMReply ::= SEQUENCE {
+ success [0] BOOLEAN,
+ flags [1] INTEGER (0..4294967295),
+ sessionkey [2] OCTET STRING OPTIONAL
+}
+
+DigestReqInner ::= CHOICE {
+ init [0] DigestInit,
+ digestRequest [1] DigestRequest,
+ ntlmInit [2] NTLMInit,
+ ntlmRequest [3] NTLMRequest,
+ supportedMechs [4] NULL
+}
+
+DigestREQ ::= [APPLICATION 128] SEQUENCE {
+ apReq [0] OCTET STRING,
+ innerReq [1] EncryptedData
+}
+
+DigestRepInner ::= CHOICE {
+ error [0] DigestError,
+ initReply [1] DigestInitReply,
+ response [2] DigestResponse,
+ ntlmInitReply [3] NTLMInitReply,
+ ntlmResponse [4] NTLMResponse,
+ supportedMechs [5] DigestTypes,
+ ...
+}
+
+DigestREP ::= [APPLICATION 129] SEQUENCE {
+ apRep [0] OCTET STRING,
+ innerRep [1] EncryptedData
+}
+
+
+-- HTTP
+
+-- md5
+-- A1 = unq(username-value) ":" unq(realm-value) ":" passwd
+-- md5-sess
+-- A1 = HEX(H(unq(username-value) ":" unq(realm-value) ":" passwd ) ":" unq(nonce-value) ":" unq(cnonce-value))
+
+-- qop == auth
+-- A2 = Method ":" digest-uri-value
+-- qop == auth-int
+-- A2 = Method ":" digest-uri-value ":" H(entity-body)
+
+-- request-digest = HEX(KD(HEX(H(A1)),
+-- unq(nonce-value) ":" nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":" HEX(H(A2))))
+-- no "qop"
+-- request-digest = HEX(KD(HEX(H(A1)), unq(nonce-value) ":" HEX(H(A2))))
+
+
+-- SASL:
+-- SS = H( { unq(username-value), ":", unq(realm-value), ":", password } )
+-- A1 = { SS, ":", unq(nonce-value), ":", unq(cnonce-value) }
+-- A1 = { SS, ":", unq(nonce-value), ":", unq(cnonce-value), ":", unq(authzid-value) }
+
+-- A2 = "AUTHENTICATE:", ":", digest-uri-value
+-- qop == auth-int,auth-conf
+-- A2 = "AUTHENTICATE:", ":", digest-uri-value, ":00000000000000000000000000000000"
+
+-- response-value = HEX( KD ( HEX(H(A1)),
+-- { unq(nonce-value), ":" nc-value, ":",
+-- unq(cnonce-value), ":", qop-value, ":",
+-- HEX(H(A2)) }))
+
+END
diff --git a/crypto/heimdal/lib/asn1/extra.c b/crypto/heimdal/lib/asn1/extra.c
new file mode 100644
index 000000000000..a18797ec2594
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/extra.c
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include "heim_asn1.h"
+
+RCSID("$Id$");
+
+int
+encode_heim_any(unsigned char *p, size_t len,
+ const heim_any *data, size_t *size)
+{
+ return der_put_octet_string (p, len, data, size);
+}
+
+int
+decode_heim_any(const unsigned char *p, size_t len,
+ heim_any *data, size_t *size)
+{
+ size_t len_len, length, l;
+ Der_class thisclass;
+ Der_type thistype;
+ unsigned int thistag;
+ int e;
+
+ memset(data, 0, sizeof(*data));
+
+ e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l);
+ if (e) return e;
+ if (l > len)
+ return ASN1_OVERFLOW;
+ e = der_get_length(p + l, len - l, &length, &len_len);
+ if (e) return e;
+ if (length == ASN1_INDEFINITE) {
+ if (len < len_len + l)
+ return ASN1_OVERFLOW;
+ length = len - (len_len + l);
+ } else {
+ if (len < length + len_len + l)
+ return ASN1_OVERFLOW;
+ }
+
+ data->data = malloc(length + len_len + l);
+ if (data->data == NULL)
+ return ENOMEM;
+ data->length = length + len_len + l;
+ memcpy(data->data, p, length + len_len + l);
+
+ if (size)
+ *size = length + len_len + l;
+
+ return 0;
+}
+
+void
+free_heim_any(heim_any *data)
+{
+ der_free_octet_string(data);
+}
+
+size_t
+length_heim_any(const heim_any *data)
+{
+ return data->length;
+}
+
+int
+copy_heim_any(const heim_any *from, heim_any *to)
+{
+ return der_copy_octet_string(from, to);
+}
+
+int
+encode_heim_any_set(unsigned char *p, size_t len,
+ const heim_any_set *data, size_t *size)
+{
+ return der_put_octet_string (p, len, data, size);
+}
+
+int
+decode_heim_any_set(const unsigned char *p, size_t len,
+ heim_any_set *data, size_t *size)
+{
+ return der_get_octet_string(p, len, data, size);
+}
+
+void
+free_heim_any_set(heim_any_set *data)
+{
+ der_free_octet_string(data);
+}
+
+size_t
+length_heim_any_set(const heim_any *data)
+{
+ return data->length;
+}
+
+int
+copy_heim_any_set(const heim_any_set *from, heim_any_set *to)
+{
+ return der_copy_octet_string(from, to);
+}
+
+int
+heim_any_cmp(const heim_any_set *p, const heim_any_set *q)
+{
+ return der_heim_octet_string_cmp(p, q);
+}
diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c
new file mode 100644
index 000000000000..2194b329ce1d
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen.c
@@ -0,0 +1,1054 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+FILE *privheaderfile, *headerfile, *codefile, *logfile, *templatefile;
+
+#define STEM "asn1"
+
+static const char *orig_filename;
+static char *privheader, *header, *template;
+static const char *headerbase = STEM;
+
+/*
+ * list of all IMPORTs
+ */
+
+struct import {
+ const char *module;
+ struct import *next;
+};
+
+static struct import *imports = NULL;
+
+void
+add_import (const char *module)
+{
+ struct import *tmp = emalloc (sizeof(*tmp));
+
+ tmp->module = module;
+ tmp->next = imports;
+ imports = tmp;
+
+ fprintf (headerfile, "#include <%s_asn1.h>\n", module);
+}
+
+/*
+ * List of all exported symbols
+ */
+
+struct sexport {
+ const char *name;
+ int defined;
+ struct sexport *next;
+};
+
+static struct sexport *exports = NULL;
+
+void
+add_export (const char *name)
+{
+ struct sexport *tmp = emalloc (sizeof(*tmp));
+
+ tmp->name = name;
+ tmp->next = exports;
+ exports = tmp;
+}
+
+int
+is_export(const char *name)
+{
+ struct sexport *tmp;
+
+ if (exports == NULL) /* no export list, all exported */
+ return 1;
+
+ for (tmp = exports; tmp != NULL; tmp = tmp->next) {
+ if (strcmp(tmp->name, name) == 0) {
+ tmp->defined = 1;
+ return 1;
+ }
+ }
+ return 0;
+}
+
+const char *
+get_filename (void)
+{
+ return orig_filename;
+}
+
+void
+init_generate (const char *filename, const char *base)
+{
+ char *fn = NULL;
+
+ orig_filename = filename;
+ if (base != NULL) {
+ headerbase = strdup(base);
+ if (headerbase == NULL)
+ errx(1, "strdup");
+ }
+
+ /* public header file */
+ if (asprintf(&header, "%s.h", headerbase) < 0 || header == NULL)
+ errx(1, "malloc");
+ if (asprintf(&fn, "%s.hx", headerbase) < 0 || fn == NULL)
+ errx(1, "malloc");
+ headerfile = fopen (fn, "w");
+ if (headerfile == NULL)
+ err (1, "open %s", fn);
+ free(fn);
+ fn = NULL;
+
+ /* private header file */
+ if (asprintf(&privheader, "%s-priv.h", headerbase) < 0 || privheader == NULL)
+ errx(1, "malloc");
+ if (asprintf(&fn, "%s-priv.hx", headerbase) < 0 || fn == NULL)
+ errx(1, "malloc");
+ privheaderfile = fopen (fn, "w");
+ if (privheaderfile == NULL)
+ err (1, "open %s", fn);
+ free(fn);
+ fn = NULL;
+
+ /* template file */
+ if (asprintf(&template, "%s-template.c", headerbase) < 0 || template == NULL)
+ errx(1, "malloc");
+ fprintf (headerfile,
+ "/* Generated from %s */\n"
+ "/* Do not edit */\n\n",
+ filename);
+ fprintf (headerfile,
+ "#ifndef __%s_h__\n"
+ "#define __%s_h__\n\n", headerbase, headerbase);
+ fprintf (headerfile,
+ "#include <stddef.h>\n"
+ "#include <time.h>\n\n");
+ fprintf (headerfile,
+ "#ifndef __asn1_common_definitions__\n"
+ "#define __asn1_common_definitions__\n\n");
+ fprintf (headerfile,
+ "typedef struct heim_integer {\n"
+ " size_t length;\n"
+ " void *data;\n"
+ " int negative;\n"
+ "} heim_integer;\n\n");
+ fprintf (headerfile,
+ "typedef struct heim_octet_string {\n"
+ " size_t length;\n"
+ " void *data;\n"
+ "} heim_octet_string;\n\n");
+ fprintf (headerfile,
+ "typedef char *heim_general_string;\n\n"
+ );
+ fprintf (headerfile,
+ "typedef char *heim_utf8_string;\n\n"
+ );
+ fprintf (headerfile,
+ "typedef struct heim_octet_string heim_printable_string;\n\n"
+ );
+ fprintf (headerfile,
+ "typedef struct heim_octet_string heim_ia5_string;\n\n"
+ );
+ fprintf (headerfile,
+ "typedef struct heim_bmp_string {\n"
+ " size_t length;\n"
+ " uint16_t *data;\n"
+ "} heim_bmp_string;\n\n");
+ fprintf (headerfile,
+ "typedef struct heim_universal_string {\n"
+ " size_t length;\n"
+ " uint32_t *data;\n"
+ "} heim_universal_string;\n\n");
+ fprintf (headerfile,
+ "typedef char *heim_visible_string;\n\n"
+ );
+ fprintf (headerfile,
+ "typedef struct heim_oid {\n"
+ " size_t length;\n"
+ " unsigned *components;\n"
+ "} heim_oid;\n\n");
+ fprintf (headerfile,
+ "typedef struct heim_bit_string {\n"
+ " size_t length;\n"
+ " void *data;\n"
+ "} heim_bit_string;\n\n");
+ fprintf (headerfile,
+ "typedef struct heim_octet_string heim_any;\n"
+ "typedef struct heim_octet_string heim_any_set;\n\n");
+ fputs("#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \\\n"
+ " do { \\\n"
+ " (BL) = length_##T((S)); \\\n"
+ " (B) = malloc((BL)); \\\n"
+ " if((B) == NULL) { \\\n"
+ " (R) = ENOMEM; \\\n"
+ " } else { \\\n"
+ " (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \\\n"
+ " (S), (L)); \\\n"
+ " if((R) != 0) { \\\n"
+ " free((B)); \\\n"
+ " (B) = NULL; \\\n"
+ " } \\\n"
+ " } \\\n"
+ " } while (0)\n\n",
+ headerfile);
+ fputs("#ifdef _WIN32\n"
+ "#ifndef ASN1_LIB\n"
+ "#define ASN1EXP __declspec(dllimport)\n"
+ "#else\n"
+ "#define ASN1EXP\n"
+ "#endif\n"
+ "#define ASN1CALL __stdcall\n"
+ "#else\n"
+ "#define ASN1EXP\n"
+ "#define ASN1CALL\n"
+ "#endif\n",
+ headerfile);
+ fprintf (headerfile, "struct units;\n\n");
+ fprintf (headerfile, "#endif\n\n");
+ if (asprintf(&fn, "%s_files", base) < 0 || fn == NULL)
+ errx(1, "malloc");
+ logfile = fopen(fn, "w");
+ if (logfile == NULL)
+ err (1, "open %s", fn);
+
+ /* if one code file, write into the one codefile */
+ if (one_code_file)
+ return;
+
+ templatefile = fopen (template, "w");
+ if (templatefile == NULL)
+ err (1, "open %s", template);
+
+ fprintf (templatefile,
+ "/* Generated from %s */\n"
+ "/* Do not edit */\n\n"
+ "#include <stdio.h>\n"
+ "#include <stdlib.h>\n"
+ "#include <time.h>\n"
+ "#include <string.h>\n"
+ "#include <errno.h>\n"
+ "#include <limits.h>\n"
+ "#include <krb5-types.h>\n",
+ filename);
+
+ fprintf (templatefile,
+ "#include <%s>\n"
+ "#include <%s>\n"
+ "#include <der.h>\n"
+ "#include <der-private.h>\n"
+ "#include <asn1-template.h>\n",
+ header, privheader);
+
+
+}
+
+void
+close_generate (void)
+{
+ fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase);
+
+ if (headerfile)
+ fclose (headerfile);
+ if (privheaderfile)
+ fclose (privheaderfile);
+ if (templatefile)
+ fclose (templatefile);
+ if (logfile)
+ fprintf (logfile, "\n");
+ fclose (logfile);
+}
+
+void
+gen_assign_defval(const char *var, struct value *val)
+{
+ switch(val->type) {
+ case stringvalue:
+ fprintf(codefile, "if((%s = strdup(\"%s\")) == NULL)\nreturn ENOMEM;\n", var, val->u.stringvalue);
+ break;
+ case integervalue:
+ fprintf(codefile, "%s = %d;\n", var, val->u.integervalue);
+ break;
+ case booleanvalue:
+ if(val->u.booleanvalue)
+ fprintf(codefile, "%s = TRUE;\n", var);
+ else
+ fprintf(codefile, "%s = FALSE;\n", var);
+ break;
+ default:
+ abort();
+ }
+}
+
+void
+gen_compare_defval(const char *var, struct value *val)
+{
+ switch(val->type) {
+ case stringvalue:
+ fprintf(codefile, "if(strcmp(%s, \"%s\") != 0)\n", var, val->u.stringvalue);
+ break;
+ case integervalue:
+ fprintf(codefile, "if(%s != %d)\n", var, val->u.integervalue);
+ break;
+ case booleanvalue:
+ if(val->u.booleanvalue)
+ fprintf(codefile, "if(!%s)\n", var);
+ else
+ fprintf(codefile, "if(%s)\n", var);
+ break;
+ default:
+ abort();
+ }
+}
+
+void
+generate_header_of_codefile(const char *name)
+{
+ char *filename = NULL;
+
+ if (codefile != NULL)
+ abort();
+
+ if (asprintf (&filename, "%s_%s.x", STEM, name) < 0 || filename == NULL)
+ errx(1, "malloc");
+ codefile = fopen (filename, "w");
+ if (codefile == NULL)
+ err (1, "fopen %s", filename);
+ fprintf(logfile, "%s ", filename);
+ free(filename);
+ filename = NULL;
+ fprintf (codefile,
+ "/* Generated from %s */\n"
+ "/* Do not edit */\n\n"
+ "#define ASN1_LIB\n\n"
+ "#include <stdio.h>\n"
+ "#include <stdlib.h>\n"
+ "#include <time.h>\n"
+ "#include <string.h>\n"
+ "#include <errno.h>\n"
+ "#include <limits.h>\n"
+ "#include <krb5-types.h>\n",
+ orig_filename);
+
+ fprintf (codefile,
+ "#include <%s>\n"
+ "#include <%s>\n",
+ header, privheader);
+ fprintf (codefile,
+ "#include <asn1_err.h>\n"
+ "#include <der.h>\n"
+ "#include <der-private.h>\n"
+ "#include <asn1-template.h>\n"
+ "#include <parse_units.h>\n\n");
+
+}
+
+void
+close_codefile(void)
+{
+ if (codefile == NULL)
+ abort();
+
+ fclose(codefile);
+ codefile = NULL;
+}
+
+
+void
+generate_constant (const Symbol *s)
+{
+ switch(s->value->type) {
+ case booleanvalue:
+ break;
+ case integervalue:
+ fprintf (headerfile, "enum { %s = %d };\n\n",
+ s->gen_name, s->value->u.integervalue);
+ break;
+ case nullvalue:
+ break;
+ case stringvalue:
+ break;
+ case objectidentifiervalue: {
+ struct objid *o, **list;
+ unsigned int i, len;
+ char *gen_upper;
+
+ if (!one_code_file)
+ generate_header_of_codefile(s->gen_name);
+
+ len = 0;
+ for (o = s->value->u.objectidentifiervalue; o != NULL; o = o->next)
+ len++;
+ if (len == 0) {
+ printf("s->gen_name: %s",s->gen_name);
+ fflush(stdout);
+ break;
+ }
+ list = emalloc(sizeof(*list) * len);
+
+ i = 0;
+ for (o = s->value->u.objectidentifiervalue; o != NULL; o = o->next)
+ list[i++] = o;
+
+ fprintf (headerfile, "/* OBJECT IDENTIFIER %s ::= { ", s->name);
+ for (i = len ; i > 0; i--) {
+ o = list[i - 1];
+ fprintf(headerfile, "%s(%d) ",
+ o->label ? o->label : "label-less", o->value);
+ }
+
+ fprintf (codefile, "static unsigned oid_%s_variable_num[%d] = {",
+ s->gen_name, len);
+ for (i = len ; i > 0; i--) {
+ fprintf(codefile, "%d%s ", list[i - 1]->value, i > 1 ? "," : "");
+ }
+ fprintf(codefile, "};\n");
+
+ fprintf (codefile, "const heim_oid asn1_oid_%s = "
+ "{ %d, oid_%s_variable_num };\n\n",
+ s->gen_name, len, s->gen_name);
+
+ free(list);
+
+ /* header file */
+
+ gen_upper = strdup(s->gen_name);
+ len = strlen(gen_upper);
+ for (i = 0; i < len; i++)
+ gen_upper[i] = toupper((int)s->gen_name[i]);
+
+ fprintf (headerfile, "} */\n");
+ fprintf (headerfile,
+ "extern ASN1EXP const heim_oid asn1_oid_%s;\n"
+ "#define ASN1_OID_%s (&asn1_oid_%s)\n\n",
+ s->gen_name,
+ gen_upper,
+ s->gen_name);
+
+ free(gen_upper);
+
+ if (!one_code_file)
+ close_codefile();
+
+ break;
+ }
+ default:
+ abort();
+ }
+}
+
+int
+is_primitive_type(int type)
+{
+ switch(type) {
+ case TInteger:
+ case TBoolean:
+ case TOctetString:
+ case TBitString:
+ case TEnumerated:
+ case TGeneralizedTime:
+ case TGeneralString:
+ case TTeletexString:
+ case TOID:
+ case TUTCTime:
+ case TUTF8String:
+ case TPrintableString:
+ case TIA5String:
+ case TBMPString:
+ case TUniversalString:
+ case TVisibleString:
+ case TNull:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
+static void
+space(int level)
+{
+ while(level-- > 0)
+ fprintf(headerfile, " ");
+}
+
+static const char *
+last_member_p(struct member *m)
+{
+ struct member *n = ASN1_TAILQ_NEXT(m, members);
+ if (n == NULL)
+ return "";
+ if (n->ellipsis && ASN1_TAILQ_NEXT(n, members) == NULL)
+ return "";
+ return ",";
+}
+
+static struct member *
+have_ellipsis(Type *t)
+{
+ struct member *m;
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ if (m->ellipsis)
+ return m;
+ }
+ return NULL;
+}
+
+static void
+define_asn1 (int level, Type *t)
+{
+ switch (t->type) {
+ case TType:
+ fprintf (headerfile, "%s", t->symbol->name);
+ break;
+ case TInteger:
+ if(t->members == NULL) {
+ fprintf (headerfile, "INTEGER");
+ if (t->range)
+ fprintf (headerfile, " (%d..%d)",
+ t->range->min, t->range->max);
+ } else {
+ Member *m;
+ fprintf (headerfile, "INTEGER {\n");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ space (level + 1);
+ fprintf(headerfile, "%s(%d)%s\n", m->gen_name, m->val,
+ last_member_p(m));
+ }
+ space(level);
+ fprintf (headerfile, "}");
+ }
+ break;
+ case TBoolean:
+ fprintf (headerfile, "BOOLEAN");
+ break;
+ case TOctetString:
+ fprintf (headerfile, "OCTET STRING");
+ break;
+ case TEnumerated :
+ case TBitString: {
+ Member *m;
+
+ space(level);
+ if(t->type == TBitString)
+ fprintf (headerfile, "BIT STRING {\n");
+ else
+ fprintf (headerfile, "ENUMERATED {\n");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ space(level + 1);
+ fprintf (headerfile, "%s(%d)%s\n", m->name, m->val,
+ last_member_p(m));
+ }
+ space(level);
+ fprintf (headerfile, "}");
+ break;
+ }
+ case TChoice:
+ case TSet:
+ case TSequence: {
+ Member *m;
+ int max_width = 0;
+
+ if(t->type == TChoice)
+ fprintf(headerfile, "CHOICE {\n");
+ else if(t->type == TSet)
+ fprintf(headerfile, "SET {\n");
+ else
+ fprintf(headerfile, "SEQUENCE {\n");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ if(strlen(m->name) > max_width)
+ max_width = strlen(m->name);
+ }
+ max_width += 3;
+ if(max_width < 16) max_width = 16;
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ int width = max_width;
+ space(level + 1);
+ if (m->ellipsis) {
+ fprintf (headerfile, "...");
+ } else {
+ width -= fprintf(headerfile, "%s", m->name);
+ fprintf(headerfile, "%*s", width, "");
+ define_asn1(level + 1, m->type);
+ if(m->optional)
+ fprintf(headerfile, " OPTIONAL");
+ }
+ if(last_member_p(m))
+ fprintf (headerfile, ",");
+ fprintf (headerfile, "\n");
+ }
+ space(level);
+ fprintf (headerfile, "}");
+ break;
+ }
+ case TSequenceOf:
+ fprintf (headerfile, "SEQUENCE OF ");
+ define_asn1 (0, t->subtype);
+ break;
+ case TSetOf:
+ fprintf (headerfile, "SET OF ");
+ define_asn1 (0, t->subtype);
+ break;
+ case TGeneralizedTime:
+ fprintf (headerfile, "GeneralizedTime");
+ break;
+ case TGeneralString:
+ fprintf (headerfile, "GeneralString");
+ break;
+ case TTeletexString:
+ fprintf (headerfile, "TeletexString");
+ break;
+ case TTag: {
+ const char *classnames[] = { "UNIVERSAL ", "APPLICATION ",
+ "" /* CONTEXT */, "PRIVATE " };
+ if(t->tag.tagclass != ASN1_C_UNIV)
+ fprintf (headerfile, "[%s%d] ",
+ classnames[t->tag.tagclass],
+ t->tag.tagvalue);
+ if(t->tag.tagenv == TE_IMPLICIT)
+ fprintf (headerfile, "IMPLICIT ");
+ define_asn1 (level, t->subtype);
+ break;
+ }
+ case TUTCTime:
+ fprintf (headerfile, "UTCTime");
+ break;
+ case TUTF8String:
+ space(level);
+ fprintf (headerfile, "UTF8String");
+ break;
+ case TPrintableString:
+ space(level);
+ fprintf (headerfile, "PrintableString");
+ break;
+ case TIA5String:
+ space(level);
+ fprintf (headerfile, "IA5String");
+ break;
+ case TBMPString:
+ space(level);
+ fprintf (headerfile, "BMPString");
+ break;
+ case TUniversalString:
+ space(level);
+ fprintf (headerfile, "UniversalString");
+ break;
+ case TVisibleString:
+ space(level);
+ fprintf (headerfile, "VisibleString");
+ break;
+ case TOID :
+ space(level);
+ fprintf(headerfile, "OBJECT IDENTIFIER");
+ break;
+ case TNull:
+ space(level);
+ fprintf (headerfile, "NULL");
+ break;
+ default:
+ abort ();
+ }
+}
+
+static void
+getnewbasename(char **newbasename, int typedefp, const char *basename, const char *name)
+{
+ if (typedefp)
+ *newbasename = strdup(name);
+ else {
+ if (name[0] == '*')
+ name++;
+ if (asprintf(newbasename, "%s_%s", basename, name) < 0)
+ errx(1, "malloc");
+ }
+ if (*newbasename == NULL)
+ err(1, "malloc");
+}
+
+static void
+define_type (int level, const char *name, const char *basename, Type *t, int typedefp, int preservep)
+{
+ char *newbasename = NULL;
+
+ switch (t->type) {
+ case TType:
+ space(level);
+ fprintf (headerfile, "%s %s;\n", t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ space(level);
+ if(t->members) {
+ Member *m;
+ fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ space (level + 1);
+ fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val,
+ last_member_p(m));
+ }
+ fprintf (headerfile, "} %s;\n", name);
+ } else if (t->range == NULL) {
+ fprintf (headerfile, "heim_integer %s;\n", name);
+ } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) {
+ fprintf (headerfile, "int %s;\n", name);
+ } else if (t->range->min == 0 && t->range->max == UINT_MAX) {
+ fprintf (headerfile, "unsigned int %s;\n", name);
+ } else if (t->range->min == 0 && t->range->max == INT_MAX) {
+ fprintf (headerfile, "unsigned int %s;\n", name);
+ } else
+ errx(1, "%s: unsupported range %d -> %d",
+ name, t->range->min, t->range->max);
+ break;
+ case TBoolean:
+ space(level);
+ fprintf (headerfile, "int %s;\n", name);
+ break;
+ case TOctetString:
+ space(level);
+ fprintf (headerfile, "heim_octet_string %s;\n", name);
+ break;
+ case TBitString: {
+ Member *m;
+ Type i;
+ struct range range = { 0, INT_MAX };
+
+ i.type = TInteger;
+ i.range = &range;
+ i.members = NULL;
+ i.constraint = NULL;
+
+ space(level);
+ if(ASN1_TAILQ_EMPTY(t->members))
+ fprintf (headerfile, "heim_bit_string %s;\n", name);
+ else {
+ int pos = 0;
+ getnewbasename(&newbasename, typedefp, basename, name);
+
+ fprintf (headerfile, "struct %s {\n", newbasename);
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *n = NULL;
+
+ /* pad unused */
+ while (pos < m->val) {
+ if (asprintf (&n, "_unused%d:1", pos) < 0 || n == NULL)
+ errx(1, "malloc");
+ define_type (level + 1, n, newbasename, &i, FALSE, FALSE);
+ free(n);
+ pos++;
+ }
+
+ n = NULL;
+ if (asprintf (&n, "%s:1", m->gen_name) < 0 || n == NULL)
+ errx(1, "malloc");
+ define_type (level + 1, n, newbasename, &i, FALSE, FALSE);
+ free (n);
+ n = NULL;
+ pos++;
+ }
+ /* pad to 32 elements */
+ while (pos < 32) {
+ char *n = NULL;
+ if (asprintf (&n, "_unused%d:1", pos) < 0 || n == NULL)
+ errx(1, "malloc");
+ define_type (level + 1, n, newbasename, &i, FALSE, FALSE);
+ free(n);
+ pos++;
+ }
+
+ space(level);
+ fprintf (headerfile, "} %s;\n\n", name);
+ }
+ break;
+ }
+ case TEnumerated: {
+ Member *m;
+
+ space(level);
+ fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ space(level + 1);
+ if (m->ellipsis)
+ fprintf (headerfile, "/* ... */\n");
+ else
+ fprintf (headerfile, "%s = %d%s\n", m->gen_name, m->val,
+ last_member_p(m));
+ }
+ space(level);
+ fprintf (headerfile, "} %s;\n\n", name);
+ break;
+ }
+ case TSet:
+ case TSequence: {
+ Member *m;
+
+ getnewbasename(&newbasename, typedefp, basename, name);
+
+ space(level);
+ fprintf (headerfile, "struct %s {\n", newbasename);
+ if (t->type == TSequence && preservep) {
+ space(level + 1);
+ fprintf(headerfile, "heim_octet_string _save;\n");
+ }
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ if (m->ellipsis) {
+ ;
+ } else if (m->optional) {
+ char *n = NULL;
+
+ if (asprintf (&n, "*%s", m->gen_name) < 0 || n == NULL)
+ errx(1, "malloc");
+ define_type (level + 1, n, newbasename, m->type, FALSE, FALSE);
+ free (n);
+ } else
+ define_type (level + 1, m->gen_name, newbasename, m->type, FALSE, FALSE);
+ }
+ space(level);
+ fprintf (headerfile, "} %s;\n", name);
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ Type i;
+ struct range range = { 0, INT_MAX };
+
+ getnewbasename(&newbasename, typedefp, basename, name);
+
+ i.type = TInteger;
+ i.range = &range;
+ i.members = NULL;
+ i.constraint = NULL;
+
+ space(level);
+ fprintf (headerfile, "struct %s {\n", newbasename);
+ define_type (level + 1, "len", newbasename, &i, FALSE, FALSE);
+ define_type (level + 1, "*val", newbasename, t->subtype, FALSE, FALSE);
+ space(level);
+ fprintf (headerfile, "} %s;\n", name);
+ break;
+ }
+ case TGeneralizedTime:
+ space(level);
+ fprintf (headerfile, "time_t %s;\n", name);
+ break;
+ case TGeneralString:
+ space(level);
+ fprintf (headerfile, "heim_general_string %s;\n", name);
+ break;
+ case TTeletexString:
+ space(level);
+ fprintf (headerfile, "heim_general_string %s;\n", name);
+ break;
+ case TTag:
+ define_type (level, name, basename, t->subtype, typedefp, preservep);
+ break;
+ case TChoice: {
+ int first = 1;
+ Member *m;
+
+ getnewbasename(&newbasename, typedefp, basename, name);
+
+ space(level);
+ fprintf (headerfile, "struct %s {\n", newbasename);
+ if (preservep) {
+ space(level + 1);
+ fprintf(headerfile, "heim_octet_string _save;\n");
+ }
+ space(level + 1);
+ fprintf (headerfile, "enum {\n");
+ m = have_ellipsis(t);
+ if (m) {
+ space(level + 2);
+ fprintf (headerfile, "%s = 0,\n", m->label);
+ first = 0;
+ }
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ space(level + 2);
+ if (m->ellipsis)
+ fprintf (headerfile, "/* ... */\n");
+ else
+ fprintf (headerfile, "%s%s%s\n", m->label,
+ first ? " = 1" : "",
+ last_member_p(m));
+ first = 0;
+ }
+ space(level + 1);
+ fprintf (headerfile, "} element;\n");
+ space(level + 1);
+ fprintf (headerfile, "union {\n");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ if (m->ellipsis) {
+ space(level + 2);
+ fprintf(headerfile, "heim_octet_string asn1_ellipsis;\n");
+ } else if (m->optional) {
+ char *n = NULL;
+
+ if (asprintf (&n, "*%s", m->gen_name) < 0 || n == NULL)
+ errx(1, "malloc");
+ define_type (level + 2, n, newbasename, m->type, FALSE, FALSE);
+ free (n);
+ } else
+ define_type (level + 2, m->gen_name, newbasename, m->type, FALSE, FALSE);
+ }
+ space(level + 1);
+ fprintf (headerfile, "} u;\n");
+ space(level);
+ fprintf (headerfile, "} %s;\n", name);
+ break;
+ }
+ case TUTCTime:
+ space(level);
+ fprintf (headerfile, "time_t %s;\n", name);
+ break;
+ case TUTF8String:
+ space(level);
+ fprintf (headerfile, "heim_utf8_string %s;\n", name);
+ break;
+ case TPrintableString:
+ space(level);
+ fprintf (headerfile, "heim_printable_string %s;\n", name);
+ break;
+ case TIA5String:
+ space(level);
+ fprintf (headerfile, "heim_ia5_string %s;\n", name);
+ break;
+ case TBMPString:
+ space(level);
+ fprintf (headerfile, "heim_bmp_string %s;\n", name);
+ break;
+ case TUniversalString:
+ space(level);
+ fprintf (headerfile, "heim_universal_string %s;\n", name);
+ break;
+ case TVisibleString:
+ space(level);
+ fprintf (headerfile, "heim_visible_string %s;\n", name);
+ break;
+ case TOID :
+ space(level);
+ fprintf (headerfile, "heim_oid %s;\n", name);
+ break;
+ case TNull:
+ space(level);
+ fprintf (headerfile, "int %s;\n", name);
+ break;
+ default:
+ abort ();
+ }
+ if (newbasename)
+ free(newbasename);
+}
+
+static void
+generate_type_header (const Symbol *s)
+{
+ int preservep = preserve_type(s->name) ? TRUE : FALSE;
+
+ fprintf (headerfile, "/*\n");
+ fprintf (headerfile, "%s ::= ", s->name);
+ define_asn1 (0, s->type);
+ fprintf (headerfile, "\n*/\n\n");
+
+ fprintf (headerfile, "typedef ");
+ define_type (0, s->gen_name, s->gen_name, s->type, TRUE, preservep);
+
+ fprintf (headerfile, "\n");
+}
+
+void
+generate_type (const Symbol *s)
+{
+ FILE *h;
+ const char * exp;
+
+ if (!one_code_file)
+ generate_header_of_codefile(s->gen_name);
+
+ generate_type_header (s);
+
+ if (template_flag)
+ generate_template(s);
+
+ if (template_flag == 0 || is_template_compat(s) == 0) {
+ generate_type_encode (s);
+ generate_type_decode (s);
+ generate_type_free (s);
+ generate_type_length (s);
+ generate_type_copy (s);
+ }
+ generate_type_seq (s);
+ generate_glue (s->type, s->gen_name);
+
+ /* generate prototypes */
+
+ if (is_export(s->name)) {
+ h = headerfile;
+ exp = "ASN1EXP ";
+ } else {
+ h = privheaderfile;
+ exp = "";
+ }
+
+ fprintf (h,
+ "%sint ASN1CALL "
+ "decode_%s(const unsigned char *, size_t, %s *, size_t *);\n",
+ exp,
+ s->gen_name, s->gen_name);
+ fprintf (h,
+ "%sint ASN1CALL "
+ "encode_%s(unsigned char *, size_t, const %s *, size_t *);\n",
+ exp,
+ s->gen_name, s->gen_name);
+ fprintf (h,
+ "%ssize_t ASN1CALL length_%s(const %s *);\n",
+ exp,
+ s->gen_name, s->gen_name);
+ fprintf (h,
+ "%sint ASN1CALL copy_%s (const %s *, %s *);\n",
+ exp,
+ s->gen_name, s->gen_name, s->gen_name);
+ fprintf (h,
+ "%svoid ASN1CALL free_%s (%s *);\n",
+ exp,
+ s->gen_name, s->gen_name);
+
+ fprintf(h, "\n\n");
+
+ if (!one_code_file) {
+ fprintf(codefile, "\n\n");
+ close_codefile();
+ }
+}
diff --git a/crypto/heimdal/lib/asn1/gen_copy.c b/crypto/heimdal/lib/asn1/gen_copy.c
new file mode 100644
index 000000000000..36f68ee5d99c
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_copy.c
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static int used_fail;
+
+static void
+copy_primitive (const char *typename, const char *from, const char *to)
+{
+ fprintf (codefile, "if(der_copy_%s(%s, %s)) goto fail;\n",
+ typename, from, to);
+ used_fail++;
+}
+
+static void
+copy_type (const char *from, const char *to, const Type *t, int preserve)
+{
+ switch (t->type) {
+ case TType:
+#if 0
+ copy_type (from, to, t->symbol->type, preserve);
+#endif
+ fprintf (codefile, "if(copy_%s(%s, %s)) goto fail;\n",
+ t->symbol->gen_name, from, to);
+ used_fail++;
+ break;
+ case TInteger:
+ if (t->range == NULL && t->members == NULL) {
+ copy_primitive ("heim_integer", from, to);
+ break;
+ }
+ case TBoolean:
+ case TEnumerated :
+ fprintf(codefile, "*(%s) = *(%s);\n", to, from);
+ break;
+ case TOctetString:
+ copy_primitive ("octet_string", from, to);
+ break;
+ case TBitString:
+ if (ASN1_TAILQ_EMPTY(t->members))
+ copy_primitive ("bit_string", from, to);
+ else
+ fprintf(codefile, "*(%s) = *(%s);\n", to, from);
+ break;
+ case TSet:
+ case TSequence:
+ case TChoice: {
+ Member *m, *have_ellipsis = NULL;
+
+ if(t->members == NULL)
+ break;
+
+ if ((t->type == TSequence || t->type == TChoice) && preserve) {
+ fprintf(codefile,
+ "{ int ret;\n"
+ "ret = der_copy_octet_string(&(%s)->_save, &(%s)->_save);\n"
+ "if (ret) goto fail;\n"
+ "}\n",
+ from, to);
+ used_fail++;
+ }
+
+ if(t->type == TChoice) {
+ fprintf(codefile, "(%s)->element = (%s)->element;\n", to, from);
+ fprintf(codefile, "switch((%s)->element) {\n", from);
+ }
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *fs;
+ char *ts;
+
+ if (m->ellipsis) {
+ have_ellipsis = m;
+ continue;
+ }
+
+ if(t->type == TChoice)
+ fprintf(codefile, "case %s:\n", m->label);
+
+ if (asprintf (&fs, "%s(%s)->%s%s",
+ m->optional ? "" : "&", from,
+ t->type == TChoice ? "u." : "", m->gen_name) < 0)
+ errx(1, "malloc");
+ if (fs == NULL)
+ errx(1, "malloc");
+ if (asprintf (&ts, "%s(%s)->%s%s",
+ m->optional ? "" : "&", to,
+ t->type == TChoice ? "u." : "", m->gen_name) < 0)
+ errx(1, "malloc");
+ if (ts == NULL)
+ errx(1, "malloc");
+ if(m->optional){
+ fprintf(codefile, "if(%s) {\n", fs);
+ fprintf(codefile, "%s = malloc(sizeof(*%s));\n", ts, ts);
+ fprintf(codefile, "if(%s == NULL) goto fail;\n", ts);
+ used_fail++;
+ }
+ copy_type (fs, ts, m->type, FALSE);
+ if(m->optional){
+ fprintf(codefile, "}else\n");
+ fprintf(codefile, "%s = NULL;\n", ts);
+ }
+ free (fs);
+ free (ts);
+ if(t->type == TChoice)
+ fprintf(codefile, "break;\n");
+ }
+ if(t->type == TChoice) {
+ if (have_ellipsis) {
+ fprintf(codefile, "case %s: {\n"
+ "int ret;\n"
+ "ret=der_copy_octet_string(&(%s)->u.%s, &(%s)->u.%s);\n"
+ "if (ret) goto fail;\n"
+ "break;\n"
+ "}\n",
+ have_ellipsis->label,
+ from, have_ellipsis->gen_name,
+ to, have_ellipsis->gen_name);
+ used_fail++;
+ }
+ fprintf(codefile, "}\n");
+ }
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ char *f = NULL, *T = NULL;
+
+ fprintf (codefile, "if(((%s)->val = "
+ "malloc((%s)->len * sizeof(*(%s)->val))) == NULL && (%s)->len != 0)\n",
+ to, from, to, from);
+ fprintf (codefile, "goto fail;\n");
+ used_fail++;
+ fprintf(codefile,
+ "for((%s)->len = 0; (%s)->len < (%s)->len; (%s)->len++){\n",
+ to, to, from, to);
+ if (asprintf(&f, "&(%s)->val[(%s)->len]", from, to) < 0)
+ errx(1, "malloc");
+ if (f == NULL)
+ errx(1, "malloc");
+ if (asprintf(&T, "&(%s)->val[(%s)->len]", to, to) < 0)
+ errx(1, "malloc");
+ if (T == NULL)
+ errx(1, "malloc");
+ copy_type(f, T, t->subtype, FALSE);
+ fprintf(codefile, "}\n");
+ free(f);
+ free(T);
+ break;
+ }
+ case TGeneralizedTime:
+ fprintf(codefile, "*(%s) = *(%s);\n", to, from);
+ break;
+ case TGeneralString:
+ copy_primitive ("general_string", from, to);
+ break;
+ case TTeletexString:
+ copy_primitive ("general_string", from, to);
+ break;
+ case TUTCTime:
+ fprintf(codefile, "*(%s) = *(%s);\n", to, from);
+ break;
+ case TUTF8String:
+ copy_primitive ("utf8string", from, to);
+ break;
+ case TPrintableString:
+ copy_primitive ("printable_string", from, to);
+ break;
+ case TIA5String:
+ copy_primitive ("ia5_string", from, to);
+ break;
+ case TBMPString:
+ copy_primitive ("bmp_string", from, to);
+ break;
+ case TUniversalString:
+ copy_primitive ("universal_string", from, to);
+ break;
+ case TVisibleString:
+ copy_primitive ("visible_string", from, to);
+ break;
+ case TTag:
+ copy_type (from, to, t->subtype, preserve);
+ break;
+ case TOID:
+ copy_primitive ("oid", from, to);
+ break;
+ case TNull:
+ break;
+ default :
+ abort ();
+ }
+}
+
+void
+generate_type_copy (const Symbol *s)
+{
+ int preserve = preserve_type(s->name) ? TRUE : FALSE;
+
+ used_fail = 0;
+
+ fprintf (codefile, "int ASN1CALL\n"
+ "copy_%s(const %s *from, %s *to)\n"
+ "{\n"
+ "memset(to, 0, sizeof(*to));\n",
+ s->gen_name, s->gen_name, s->gen_name);
+ copy_type ("from", "to", s->type, preserve);
+ fprintf (codefile, "return 0;\n");
+
+ if (used_fail)
+ fprintf (codefile, "fail:\n"
+ "free_%s(to);\n"
+ "return ENOMEM;\n",
+ s->gen_name);
+
+ fprintf(codefile,
+ "}\n\n");
+}
+
diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c
new file mode 100644
index 000000000000..9d816d5400d7
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_decode.c
@@ -0,0 +1,731 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+#include "lex.h"
+
+RCSID("$Id$");
+
+static void
+decode_primitive (const char *typename, const char *name, const char *forwstr)
+{
+#if 0
+ fprintf (codefile,
+ "e = decode_%s(p, len, %s, &l);\n"
+ "%s;\n",
+ typename,
+ name,
+ forwstr);
+#else
+ fprintf (codefile,
+ "e = der_get_%s(p, len, %s, &l);\n"
+ "if(e) %s;\np += l; len -= l; ret += l;\n",
+ typename,
+ name,
+ forwstr);
+#endif
+}
+
+static void
+find_tag (const Type *t,
+ Der_class *cl, Der_type *ty, unsigned *tag)
+{
+ switch (t->type) {
+ case TBitString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_BitString;
+ break;
+ case TBoolean:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_Boolean;
+ break;
+ case TChoice:
+ errx(1, "Cannot have recursive CHOICE");
+ case TEnumerated:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_Enumerated;
+ break;
+ case TGeneralString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_GeneralString;
+ break;
+ case TTeletexString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_TeletexString;
+ break;
+ case TGeneralizedTime:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_GeneralizedTime;
+ break;
+ case TIA5String:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_IA5String;
+ break;
+ case TInteger:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_Integer;
+ break;
+ case TNull:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_Null;
+ break;
+ case TOID:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_OID;
+ break;
+ case TOctetString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_OctetString;
+ break;
+ case TPrintableString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_PrintableString;
+ break;
+ case TSequence:
+ case TSequenceOf:
+ *cl = ASN1_C_UNIV;
+ *ty = CONS;
+ *tag = UT_Sequence;
+ break;
+ case TSet:
+ case TSetOf:
+ *cl = ASN1_C_UNIV;
+ *ty = CONS;
+ *tag = UT_Set;
+ break;
+ case TTag:
+ *cl = t->tag.tagclass;
+ *ty = is_primitive_type(t->subtype->type) ? PRIM : CONS;
+ *tag = t->tag.tagvalue;
+ break;
+ case TType:
+ if ((t->symbol->stype == Stype && t->symbol->type == NULL)
+ || t->symbol->stype == SUndefined) {
+ lex_error_message("%s is imported or still undefined, "
+ " can't generate tag checking data in CHOICE "
+ "without this information",
+ t->symbol->name);
+ exit(1);
+ }
+ find_tag(t->symbol->type, cl, ty, tag);
+ return;
+ case TUTCTime:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_UTCTime;
+ break;
+ case TUTF8String:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_UTF8String;
+ break;
+ case TBMPString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_BMPString;
+ break;
+ case TUniversalString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_UniversalString;
+ break;
+ case TVisibleString:
+ *cl = ASN1_C_UNIV;
+ *ty = PRIM;
+ *tag = UT_VisibleString;
+ break;
+ default:
+ abort();
+ }
+}
+
+static void
+range_check(const char *name,
+ const char *length,
+ const char *forwstr,
+ struct range *r)
+{
+ if (r->min == r->max + 2 || r->min < r->max)
+ fprintf (codefile,
+ "if ((%s)->%s > %d) {\n"
+ "e = ASN1_MAX_CONSTRAINT; %s;\n"
+ "}\n",
+ name, length, r->max, forwstr);
+ if (r->min - 1 == r->max || r->min < r->max)
+ fprintf (codefile,
+ "if ((%s)->%s < %d) {\n"
+ "e = ASN1_MIN_CONSTRAINT; %s;\n"
+ "}\n",
+ name, length, r->min, forwstr);
+ if (r->max == r->min)
+ fprintf (codefile,
+ "if ((%s)->%s != %d) {\n"
+ "e = ASN1_EXACT_CONSTRAINT; %s;\n"
+ "}\n",
+ name, length, r->min, forwstr);
+}
+
+static int
+decode_type (const char *name, const Type *t, int optional,
+ const char *forwstr, const char *tmpstr, const char *dertype,
+ unsigned int depth)
+{
+ switch (t->type) {
+ case TType: {
+ if (optional)
+ fprintf(codefile,
+ "%s = calloc(1, sizeof(*%s));\n"
+ "if (%s == NULL) %s;\n",
+ name, name, name, forwstr);
+ fprintf (codefile,
+ "e = decode_%s(p, len, %s, &l);\n",
+ t->symbol->gen_name, name);
+ if (optional) {
+ fprintf (codefile,
+ "if(e) {\n"
+ "free(%s);\n"
+ "%s = NULL;\n"
+ "} else {\n"
+ "p += l; len -= l; ret += l;\n"
+ "}\n",
+ name, name);
+ } else {
+ fprintf (codefile,
+ "if(e) %s;\n",
+ forwstr);
+ fprintf (codefile,
+ "p += l; len -= l; ret += l;\n");
+ }
+ break;
+ }
+ case TInteger:
+ if(t->members) {
+ fprintf(codefile,
+ "{\n"
+ "int enumint;\n");
+ decode_primitive ("integer", "&enumint", forwstr);
+ fprintf(codefile,
+ "*%s = enumint;\n"
+ "}\n",
+ name);
+ } else if (t->range == NULL) {
+ decode_primitive ("heim_integer", name, forwstr);
+ } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) {
+ decode_primitive ("integer", name, forwstr);
+ } else if (t->range->min == 0 && t->range->max == UINT_MAX) {
+ decode_primitive ("unsigned", name, forwstr);
+ } else if (t->range->min == 0 && t->range->max == INT_MAX) {
+ decode_primitive ("unsigned", name, forwstr);
+ } else
+ errx(1, "%s: unsupported range %d -> %d",
+ name, t->range->min, t->range->max);
+ break;
+ case TBoolean:
+ decode_primitive ("boolean", name, forwstr);
+ break;
+ case TEnumerated:
+ decode_primitive ("enumerated", name, forwstr);
+ break;
+ case TOctetString:
+ if (dertype) {
+ fprintf(codefile,
+ "if (%s == CONS) {\n",
+ dertype);
+ decode_primitive("octet_string_ber", name, forwstr);
+ fprintf(codefile,
+ "} else {\n");
+ }
+ decode_primitive ("octet_string", name, forwstr);
+ if (dertype)
+ fprintf(codefile, "}\n");
+ if (t->range)
+ range_check(name, "length", forwstr, t->range);
+ break;
+ case TBitString: {
+ Member *m;
+ int pos = 0;
+
+ if (ASN1_TAILQ_EMPTY(t->members)) {
+ decode_primitive ("bit_string", name, forwstr);
+ break;
+ }
+ fprintf(codefile,
+ "if (len < 1) return ASN1_OVERRUN;\n"
+ "p++; len--; ret++;\n");
+ fprintf(codefile,
+ "do {\n"
+ "if (len < 1) break;\n");
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ while (m->val / 8 > pos / 8) {
+ fprintf (codefile,
+ "p++; len--; ret++;\n"
+ "if (len < 1) break;\n");
+ pos += 8;
+ }
+ fprintf (codefile,
+ "(%s)->%s = (*p >> %d) & 1;\n",
+ name, m->gen_name, 7 - m->val % 8);
+ }
+ fprintf(codefile,
+ "} while(0);\n");
+ fprintf (codefile,
+ "p += len; ret += len;\n");
+ break;
+ }
+ case TSequence: {
+ Member *m;
+
+ if (t->members == NULL)
+ break;
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *s = NULL;
+
+ if (m->ellipsis)
+ continue;
+
+ if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&",
+ name, m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ decode_type (s, m->type, m->optional, forwstr, m->gen_name, NULL,
+ depth + 1);
+ free (s);
+ }
+
+ break;
+ }
+ case TSet: {
+ Member *m;
+ unsigned int memno;
+
+ if(t->members == NULL)
+ break;
+
+ fprintf(codefile, "{\n");
+ fprintf(codefile, "unsigned int members = 0;\n");
+ fprintf(codefile, "while(len > 0) {\n");
+ fprintf(codefile,
+ "Der_class class;\n"
+ "Der_type type;\n"
+ "int tag;\n"
+ "e = der_get_tag (p, len, &class, &type, &tag, NULL);\n"
+ "if(e) %s;\n", forwstr);
+ fprintf(codefile, "switch (MAKE_TAG(class, type, tag)) {\n");
+ memno = 0;
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *s;
+
+ assert(m->type->type == TTag);
+
+ fprintf(codefile, "case MAKE_TAG(%s, %s, %s):\n",
+ classname(m->type->tag.tagclass),
+ is_primitive_type(m->type->subtype->type) ? "PRIM" : "CONS",
+ valuename(m->type->tag.tagclass, m->type->tag.tagvalue));
+
+ if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ if(m->optional)
+ fprintf(codefile,
+ "%s = calloc(1, sizeof(*%s));\n"
+ "if (%s == NULL) { e = ENOMEM; %s; }\n",
+ s, s, s, forwstr);
+ decode_type (s, m->type, 0, forwstr, m->gen_name, NULL, depth + 1);
+ free (s);
+
+ fprintf(codefile, "members |= (1 << %d);\n", memno);
+ memno++;
+ fprintf(codefile, "break;\n");
+ }
+ fprintf(codefile,
+ "default:\n"
+ "return ASN1_MISPLACED_FIELD;\n"
+ "break;\n");
+ fprintf(codefile, "}\n");
+ fprintf(codefile, "}\n");
+ memno = 0;
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *s;
+
+ if (asprintf (&s, "%s->%s", name, m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ fprintf(codefile, "if((members & (1 << %d)) == 0)\n", memno);
+ if(m->optional)
+ fprintf(codefile, "%s = NULL;\n", s);
+ else if(m->defval)
+ gen_assign_defval(s, m->defval);
+ else
+ fprintf(codefile, "return ASN1_MISSING_FIELD;\n");
+ free(s);
+ memno++;
+ }
+ fprintf(codefile, "}\n");
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ char *n = NULL;
+ char *sname = NULL;
+
+ fprintf (codefile,
+ "{\n"
+ "size_t %s_origlen = len;\n"
+ "size_t %s_oldret = ret;\n"
+ "size_t %s_olen = 0;\n"
+ "void *%s_tmp;\n"
+ "ret = 0;\n"
+ "(%s)->len = 0;\n"
+ "(%s)->val = NULL;\n",
+ tmpstr,
+ tmpstr,
+ tmpstr,
+ tmpstr,
+ name,
+ name);
+
+ fprintf (codefile,
+ "while(ret < %s_origlen) {\n"
+ "size_t %s_nlen = %s_olen + sizeof(*((%s)->val));\n"
+ "if (%s_olen > %s_nlen) { e = ASN1_OVERFLOW; %s; }\n"
+ "%s_olen = %s_nlen;\n"
+ "%s_tmp = realloc((%s)->val, %s_olen);\n"
+ "if (%s_tmp == NULL) { e = ENOMEM; %s; }\n"
+ "(%s)->val = %s_tmp;\n",
+ tmpstr,
+ tmpstr, tmpstr, name,
+ tmpstr, tmpstr, forwstr,
+ tmpstr, tmpstr,
+ tmpstr, name, tmpstr,
+ tmpstr, forwstr,
+ name, tmpstr);
+
+ if (asprintf (&n, "&(%s)->val[(%s)->len]", name, name) < 0 || n == NULL)
+ errx(1, "malloc");
+ if (asprintf (&sname, "%s_s_of", tmpstr) < 0 || sname == NULL)
+ errx(1, "malloc");
+ decode_type (n, t->subtype, 0, forwstr, sname, NULL, depth + 1);
+ fprintf (codefile,
+ "(%s)->len++;\n"
+ "len = %s_origlen - ret;\n"
+ "}\n"
+ "ret += %s_oldret;\n"
+ "}\n",
+ name,
+ tmpstr, tmpstr);
+ if (t->range)
+ range_check(name, "len", forwstr, t->range);
+ free (n);
+ free (sname);
+ break;
+ }
+ case TGeneralizedTime:
+ decode_primitive ("generalized_time", name, forwstr);
+ break;
+ case TGeneralString:
+ decode_primitive ("general_string", name, forwstr);
+ break;
+ case TTeletexString:
+ decode_primitive ("general_string", name, forwstr);
+ break;
+ case TTag:{
+ char *tname = NULL, *typestring = NULL;
+ char *ide = NULL;
+
+ if (asprintf(&typestring, "%s_type", tmpstr) < 0 || typestring == NULL)
+ errx(1, "malloc");
+
+ fprintf(codefile,
+ "{\n"
+ "size_t %s_datalen, %s_oldlen;\n"
+ "Der_type %s;\n",
+ tmpstr, tmpstr, typestring);
+ if(support_ber)
+ fprintf(codefile,
+ "int is_indefinite%u;\n", depth);
+
+ fprintf(codefile, "e = der_match_tag_and_length(p, len, %s, &%s, %s, "
+ "&%s_datalen, &l);\n",
+ classname(t->tag.tagclass),
+ typestring,
+ valuename(t->tag.tagclass, t->tag.tagvalue),
+ tmpstr);
+
+ /* XXX hardcode for now */
+ if (support_ber && t->subtype->type == TOctetString) {
+ ide = typestring;
+ } else {
+ fprintf(codefile,
+ "if (e == 0 && %s != %s) { e = ASN1_BAD_ID; }\n",
+ typestring,
+ is_primitive_type(t->subtype->type) ? "PRIM" : "CONS");
+ }
+
+ if(optional) {
+ fprintf(codefile,
+ "if(e) {\n"
+ "%s = NULL;\n"
+ "} else {\n"
+ "%s = calloc(1, sizeof(*%s));\n"
+ "if (%s == NULL) { e = ENOMEM; %s; }\n",
+ name, name, name, name, forwstr);
+ } else {
+ fprintf(codefile, "if(e) %s;\n", forwstr);
+ }
+ fprintf (codefile,
+ "p += l; len -= l; ret += l;\n"
+ "%s_oldlen = len;\n",
+ tmpstr);
+ if(support_ber)
+ fprintf (codefile,
+ "if((is_indefinite%u = _heim_fix_dce(%s_datalen, &len)) < 0)\n"
+ "{ e = ASN1_BAD_FORMAT; %s; }\n"
+ "if (is_indefinite%u) { if (len < 2) { e = ASN1_OVERRUN; %s; } len -= 2; }",
+ depth, tmpstr, forwstr, depth, forwstr);
+ else
+ fprintf(codefile,
+ "if (%s_datalen > len) { e = ASN1_OVERRUN; %s; }\n"
+ "len = %s_datalen;\n", tmpstr, forwstr, tmpstr);
+ if (asprintf (&tname, "%s_Tag", tmpstr) < 0 || tname == NULL)
+ errx(1, "malloc");
+ decode_type (name, t->subtype, 0, forwstr, tname, ide, depth + 1);
+ if(support_ber)
+ fprintf(codefile,
+ "if(is_indefinite%u){\n"
+ "len += 2;\n"
+ "e = der_match_tag_and_length(p, len, "
+ "(Der_class)0, &%s, UT_EndOfContent, "
+ "&%s_datalen, &l);\n"
+ "if(e) %s;\n"
+ "p += l; len -= l; ret += l;\n"
+ "if (%s != (Der_type)0) { e = ASN1_BAD_ID; %s; }\n"
+ "} else \n",
+ depth,
+ typestring,
+ tmpstr,
+ forwstr,
+ typestring, forwstr);
+ fprintf(codefile,
+ "len = %s_oldlen - %s_datalen;\n",
+ tmpstr, tmpstr);
+ if(optional)
+ fprintf(codefile,
+ "}\n");
+ fprintf(codefile,
+ "}\n");
+ free(tname);
+ free(typestring);
+ break;
+ }
+ case TChoice: {
+ Member *m, *have_ellipsis = NULL;
+ const char *els = "";
+
+ if (t->members == NULL)
+ break;
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ const Type *tt = m->type;
+ char *s = NULL;
+ Der_class cl;
+ Der_type ty;
+ unsigned tag;
+
+ if (m->ellipsis) {
+ have_ellipsis = m;
+ continue;
+ }
+
+ find_tag(tt, &cl, &ty, &tag);
+
+ fprintf(codefile,
+ "%sif (der_match_tag(p, len, %s, %s, %s, NULL) == 0) {\n",
+ els,
+ classname(cl),
+ ty ? "CONS" : "PRIM",
+ valuename(cl, tag));
+ if (asprintf (&s, "%s(%s)->u.%s", m->optional ? "" : "&",
+ name, m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ decode_type (s, m->type, m->optional, forwstr, m->gen_name, NULL,
+ depth + 1);
+ fprintf(codefile,
+ "(%s)->element = %s;\n",
+ name, m->label);
+ free(s);
+ fprintf(codefile,
+ "}\n");
+ els = "else ";
+ }
+ if (have_ellipsis) {
+ fprintf(codefile,
+ "else {\n"
+ "(%s)->u.%s.data = calloc(1, len);\n"
+ "if ((%s)->u.%s.data == NULL) {\n"
+ "e = ENOMEM; %s;\n"
+ "}\n"
+ "(%s)->u.%s.length = len;\n"
+ "memcpy((%s)->u.%s.data, p, len);\n"
+ "(%s)->element = %s;\n"
+ "p += len;\n"
+ "ret += len;\n"
+ "len = 0;\n"
+ "}\n",
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name,
+ forwstr,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->label);
+ } else {
+ fprintf(codefile,
+ "else {\n"
+ "e = ASN1_PARSE_ERROR;\n"
+ "%s;\n"
+ "}\n",
+ forwstr);
+ }
+ break;
+ }
+ case TUTCTime:
+ decode_primitive ("utctime", name, forwstr);
+ break;
+ case TUTF8String:
+ decode_primitive ("utf8string", name, forwstr);
+ break;
+ case TPrintableString:
+ decode_primitive ("printable_string", name, forwstr);
+ break;
+ case TIA5String:
+ decode_primitive ("ia5_string", name, forwstr);
+ break;
+ case TBMPString:
+ decode_primitive ("bmp_string", name, forwstr);
+ break;
+ case TUniversalString:
+ decode_primitive ("universal_string", name, forwstr);
+ break;
+ case TVisibleString:
+ decode_primitive ("visible_string", name, forwstr);
+ break;
+ case TNull:
+ fprintf (codefile, "/* NULL */\n");
+ break;
+ case TOID:
+ decode_primitive ("oid", name, forwstr);
+ break;
+ default :
+ abort ();
+ }
+ return 0;
+}
+
+void
+generate_type_decode (const Symbol *s)
+{
+ int preserve = preserve_type(s->name) ? TRUE : FALSE;
+
+ fprintf (codefile, "int ASN1CALL\n"
+ "decode_%s(const unsigned char *p HEIMDAL_UNUSED_ATTRIBUTE,"
+ " size_t len HEIMDAL_UNUSED_ATTRIBUTE, %s *data, size_t *size)\n"
+ "{\n",
+ s->gen_name, s->gen_name);
+
+ switch (s->type->type) {
+ case TInteger:
+ case TBoolean:
+ case TOctetString:
+ case TOID:
+ case TGeneralizedTime:
+ case TGeneralString:
+ case TTeletexString:
+ case TUTF8String:
+ case TPrintableString:
+ case TIA5String:
+ case TBMPString:
+ case TUniversalString:
+ case TVisibleString:
+ case TUTCTime:
+ case TNull:
+ case TEnumerated:
+ case TBitString:
+ case TSequence:
+ case TSequenceOf:
+ case TSet:
+ case TSetOf:
+ case TTag:
+ case TType:
+ case TChoice:
+ fprintf (codefile,
+ "size_t ret = 0;\n"
+ "size_t l HEIMDAL_UNUSED_ATTRIBUTE;\n"
+ "int e HEIMDAL_UNUSED_ATTRIBUTE;\n");
+ if (preserve)
+ fprintf (codefile, "const unsigned char *begin = p;\n");
+
+ fprintf (codefile, "\n");
+ fprintf (codefile, "memset(data, 0, sizeof(*data));\n"); /* hack to avoid `unused variable' */
+
+ decode_type ("data", s->type, 0, "goto fail", "Top", NULL, 1);
+ if (preserve)
+ fprintf (codefile,
+ "data->_save.data = calloc(1, ret);\n"
+ "if (data->_save.data == NULL) { \n"
+ "e = ENOMEM; goto fail; \n"
+ "}\n"
+ "data->_save.length = ret;\n"
+ "memcpy(data->_save.data, begin, ret);\n");
+ fprintf (codefile,
+ "if(size) *size = ret;\n"
+ "return 0;\n");
+ fprintf (codefile,
+ "fail:\n"
+ "free_%s(data);\n"
+ "return e;\n",
+ s->gen_name);
+ break;
+ default:
+ abort ();
+ }
+ fprintf (codefile, "}\n\n");
+}
diff --git a/crypto/heimdal/lib/asn1/gen_encode.c b/crypto/heimdal/lib/asn1/gen_encode.c
new file mode 100644
index 000000000000..1bd47484d83a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_encode.c
@@ -0,0 +1,550 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static void
+encode_primitive (const char *typename, const char *name)
+{
+ fprintf (codefile,
+ "e = der_put_%s(p, len, %s, &l);\n"
+ "if (e) return e;\np -= l; len -= l; ret += l;\n\n",
+ typename,
+ name);
+}
+
+const char *
+classname(Der_class class)
+{
+ const char *cn[] = { "ASN1_C_UNIV", "ASN1_C_APPL",
+ "ASN1_C_CONTEXT", "ASN1_C_PRIV" };
+ if(class < ASN1_C_UNIV || class > ASN1_C_PRIVATE)
+ return "???";
+ return cn[class];
+}
+
+
+const char *
+valuename(Der_class class, int value)
+{
+ static char s[32];
+ struct {
+ int value;
+ const char *s;
+ } *p, values[] = {
+#define X(Y) { Y, #Y }
+ X(UT_BMPString),
+ X(UT_BitString),
+ X(UT_Boolean),
+ X(UT_EmbeddedPDV),
+ X(UT_Enumerated),
+ X(UT_External),
+ X(UT_GeneralString),
+ X(UT_GeneralizedTime),
+ X(UT_GraphicString),
+ X(UT_IA5String),
+ X(UT_Integer),
+ X(UT_Null),
+ X(UT_NumericString),
+ X(UT_OID),
+ X(UT_ObjectDescriptor),
+ X(UT_OctetString),
+ X(UT_PrintableString),
+ X(UT_Real),
+ X(UT_RelativeOID),
+ X(UT_Sequence),
+ X(UT_Set),
+ X(UT_TeletexString),
+ X(UT_UTCTime),
+ X(UT_UTF8String),
+ X(UT_UniversalString),
+ X(UT_VideotexString),
+ X(UT_VisibleString),
+#undef X
+ { -1, NULL }
+ };
+ if(class == ASN1_C_UNIV) {
+ for(p = values; p->value != -1; p++)
+ if(p->value == value)
+ return p->s;
+ }
+ snprintf(s, sizeof(s), "%d", value);
+ return s;
+}
+
+static int
+encode_type (const char *name, const Type *t, const char *tmpstr)
+{
+ int constructed = 1;
+
+ switch (t->type) {
+ case TType:
+#if 0
+ encode_type (name, t->symbol->type);
+#endif
+ fprintf (codefile,
+ "e = encode_%s(p, len, %s, &l);\n"
+ "if (e) return e;\np -= l; len -= l; ret += l;\n\n",
+ t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if(t->members) {
+ fprintf(codefile,
+ "{\n"
+ "int enumint = (int)*%s;\n",
+ name);
+ encode_primitive ("integer", "&enumint");
+ fprintf(codefile, "}\n;");
+ } else if (t->range == NULL) {
+ encode_primitive ("heim_integer", name);
+ } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) {
+ encode_primitive ("integer", name);
+ } else if (t->range->min == 0 && t->range->max == UINT_MAX) {
+ encode_primitive ("unsigned", name);
+ } else if (t->range->min == 0 && t->range->max == INT_MAX) {
+ encode_primitive ("unsigned", name);
+ } else
+ errx(1, "%s: unsupported range %d -> %d",
+ name, t->range->min, t->range->max);
+ constructed = 0;
+ break;
+ case TBoolean:
+ encode_primitive ("boolean", name);
+ constructed = 0;
+ break;
+ case TOctetString:
+ encode_primitive ("octet_string", name);
+ constructed = 0;
+ break;
+ case TBitString: {
+ Member *m;
+ int pos;
+
+ if (ASN1_TAILQ_EMPTY(t->members)) {
+ encode_primitive("bit_string", name);
+ constructed = 0;
+ break;
+ }
+
+ fprintf (codefile, "{\n"
+ "unsigned char c = 0;\n");
+ if (!rfc1510_bitstring)
+ fprintf (codefile,
+ "int rest = 0;\n"
+ "int bit_set = 0;\n");
+#if 0
+ pos = t->members->prev->val;
+ /* fix for buggy MIT (and OSF?) code */
+ if (pos > 31)
+ abort ();
+#endif
+ /*
+ * It seems that if we do not always set pos to 31 here, the MIT
+ * code will do the wrong thing.
+ *
+ * I hate ASN.1 (and DER), but I hate it even more when everybody
+ * has to screw it up differently.
+ */
+ pos = ASN1_TAILQ_LAST(t->members, memhead)->val;
+ if (rfc1510_bitstring) {
+ if (pos < 31)
+ pos = 31;
+ }
+
+ ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) {
+ while (m->val / 8 < pos / 8) {
+ if (!rfc1510_bitstring)
+ fprintf (codefile,
+ "if (c != 0 || bit_set) {\n");
+ fprintf (codefile,
+ "if (len < 1) return ASN1_OVERFLOW;\n"
+ "*p-- = c; len--; ret++;\n");
+ if (!rfc1510_bitstring)
+ fprintf (codefile,
+ "if (!bit_set) {\n"
+ "rest = 0;\n"
+ "while(c) { \n"
+ "if (c & 1) break;\n"
+ "c = c >> 1;\n"
+ "rest++;\n"
+ "}\n"
+ "bit_set = 1;\n"
+ "}\n"
+ "}\n");
+ fprintf (codefile,
+ "c = 0;\n");
+ pos -= 8;
+ }
+ fprintf (codefile,
+ "if((%s)->%s) {\n"
+ "c |= 1<<%d;\n",
+ name, m->gen_name, 7 - m->val % 8);
+ fprintf (codefile,
+ "}\n");
+ }
+
+ if (!rfc1510_bitstring)
+ fprintf (codefile,
+ "if (c != 0 || bit_set) {\n");
+ fprintf (codefile,
+ "if (len < 1) return ASN1_OVERFLOW;\n"
+ "*p-- = c; len--; ret++;\n");
+ if (!rfc1510_bitstring)
+ fprintf (codefile,
+ "if (!bit_set) {\n"
+ "rest = 0;\n"
+ "if(c) { \n"
+ "while(c) { \n"
+ "if (c & 1) break;\n"
+ "c = c >> 1;\n"
+ "rest++;\n"
+ "}\n"
+ "}\n"
+ "}\n"
+ "}\n");
+
+ fprintf (codefile,
+ "if (len < 1) return ASN1_OVERFLOW;\n"
+ "*p-- = %s;\n"
+ "len -= 1;\n"
+ "ret += 1;\n"
+ "}\n\n",
+ rfc1510_bitstring ? "0" : "rest");
+ constructed = 0;
+ break;
+ }
+ case TEnumerated : {
+ encode_primitive ("enumerated", name);
+ constructed = 0;
+ break;
+ }
+
+ case TSet:
+ case TSequence: {
+ Member *m;
+
+ if (t->members == NULL)
+ break;
+
+ ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) {
+ char *s = NULL;
+
+ if (m->ellipsis)
+ continue;
+
+ if (asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ fprintf(codefile, "/* %s */\n", m->name);
+ if (m->optional)
+ fprintf (codefile,
+ "if(%s) ",
+ s);
+ else if(m->defval)
+ gen_compare_defval(s + 1, m->defval);
+ fprintf (codefile, "{\n");
+ fprintf (codefile, "size_t %s_oldret HEIMDAL_UNUSED_ATTRIBUTE = ret;\n", tmpstr);
+ fprintf (codefile, "ret = 0;\n");
+ encode_type (s, m->type, m->gen_name);
+ fprintf (codefile, "ret += %s_oldret;\n", tmpstr);
+ fprintf (codefile, "}\n");
+ free (s);
+ }
+ break;
+ }
+ case TSetOf: {
+
+ fprintf(codefile,
+ "{\n"
+ "struct heim_octet_string *val;\n"
+ "size_t elen = 0, totallen = 0;\n"
+ "int eret = 0;\n");
+
+ fprintf(codefile,
+ "if ((%s)->len > UINT_MAX/sizeof(val[0]))\n"
+ "return ERANGE;\n",
+ name);
+
+ fprintf(codefile,
+ "val = malloc(sizeof(val[0]) * (%s)->len);\n"
+ "if (val == NULL && (%s)->len != 0) return ENOMEM;\n",
+ name, name);
+
+ fprintf(codefile,
+ "for(i = 0; i < (int)(%s)->len; i++) {\n",
+ name);
+
+ fprintf(codefile,
+ "ASN1_MALLOC_ENCODE(%s, val[i].data, "
+ "val[i].length, &(%s)->val[i], &elen, eret);\n",
+ t->subtype->symbol->gen_name,
+ name);
+
+ fprintf(codefile,
+ "if(eret) {\n"
+ "i--;\n"
+ "while (i >= 0) {\n"
+ "free(val[i].data);\n"
+ "i--;\n"
+ "}\n"
+ "free(val);\n"
+ "return eret;\n"
+ "}\n"
+ "totallen += elen;\n"
+ "}\n");
+
+ fprintf(codefile,
+ "if (totallen > len) {\n"
+ "for (i = 0; i < (int)(%s)->len; i++) {\n"
+ "free(val[i].data);\n"
+ "}\n"
+ "free(val);\n"
+ "return ASN1_OVERFLOW;\n"
+ "}\n",
+ name);
+
+ fprintf(codefile,
+ "qsort(val, (%s)->len, sizeof(val[0]), _heim_der_set_sort);\n",
+ name);
+
+ fprintf (codefile,
+ "for(i = (int)(%s)->len - 1; i >= 0; --i) {\n"
+ "p -= val[i].length;\n"
+ "ret += val[i].length;\n"
+ "memcpy(p + 1, val[i].data, val[i].length);\n"
+ "free(val[i].data);\n"
+ "}\n"
+ "free(val);\n"
+ "}\n",
+ name);
+ break;
+ }
+ case TSequenceOf: {
+ char *sname = NULL;
+ char *n = NULL;
+
+ fprintf (codefile,
+ "for(i = (int)(%s)->len - 1; i >= 0; --i) {\n"
+ "size_t %s_for_oldret = ret;\n"
+ "ret = 0;\n",
+ name, tmpstr);
+ if (asprintf (&n, "&(%s)->val[i]", name) < 0 || n == NULL)
+ errx(1, "malloc");
+ if (asprintf (&sname, "%s_S_Of", tmpstr) < 0 || sname == NULL)
+ errx(1, "malloc");
+ encode_type (n, t->subtype, sname);
+ fprintf (codefile,
+ "ret += %s_for_oldret;\n"
+ "}\n",
+ tmpstr);
+ free (n);
+ free (sname);
+ break;
+ }
+ case TGeneralizedTime:
+ encode_primitive ("generalized_time", name);
+ constructed = 0;
+ break;
+ case TGeneralString:
+ encode_primitive ("general_string", name);
+ constructed = 0;
+ break;
+ case TTeletexString:
+ encode_primitive ("general_string", name);
+ constructed = 0;
+ break;
+ case TTag: {
+ char *tname = NULL;
+ int c;
+ if (asprintf (&tname, "%s_tag", tmpstr) < 0 || tname == NULL)
+ errx(1, "malloc");
+ c = encode_type (name, t->subtype, tname);
+ fprintf (codefile,
+ "e = der_put_length_and_tag (p, len, ret, %s, %s, %s, &l);\n"
+ "if (e) return e;\np -= l; len -= l; ret += l;\n\n",
+ classname(t->tag.tagclass),
+ c ? "CONS" : "PRIM",
+ valuename(t->tag.tagclass, t->tag.tagvalue));
+ free (tname);
+ break;
+ }
+ case TChoice:{
+ Member *m, *have_ellipsis = NULL;
+ char *s = NULL;
+
+ if (t->members == NULL)
+ break;
+
+ fprintf(codefile, "\n");
+
+ if (asprintf (&s, "(%s)", name) < 0 || s == NULL)
+ errx(1, "malloc");
+ fprintf(codefile, "switch(%s->element) {\n", s);
+
+ ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) {
+ char *s2 = NULL;
+
+ if (m->ellipsis) {
+ have_ellipsis = m;
+ continue;
+ }
+
+ fprintf (codefile, "case %s: {", m->label);
+ if (asprintf(&s2, "%s(%s)->u.%s", m->optional ? "" : "&",
+ s, m->gen_name) < 0 || s2 == NULL)
+ errx(1, "malloc");
+ if (m->optional)
+ fprintf (codefile, "if(%s) {\n", s2);
+ fprintf (codefile, "size_t %s_oldret = ret;\n", tmpstr);
+ fprintf (codefile, "ret = 0;\n");
+ constructed = encode_type (s2, m->type, m->gen_name);
+ fprintf (codefile, "ret += %s_oldret;\n", tmpstr);
+ if(m->optional)
+ fprintf (codefile, "}\n");
+ fprintf(codefile, "break;\n");
+ fprintf(codefile, "}\n");
+ free (s2);
+ }
+ free (s);
+ if (have_ellipsis) {
+ fprintf(codefile,
+ "case %s: {\n"
+ "if (len < (%s)->u.%s.length)\n"
+ "return ASN1_OVERFLOW;\n"
+ "p -= (%s)->u.%s.length;\n"
+ "ret += (%s)->u.%s.length;\n"
+ "memcpy(p + 1, (%s)->u.%s.data, (%s)->u.%s.length);\n"
+ "break;\n"
+ "}\n",
+ have_ellipsis->label,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name,
+ name, have_ellipsis->gen_name);
+ }
+ fprintf(codefile, "};\n");
+ break;
+ }
+ case TOID:
+ encode_primitive ("oid", name);
+ constructed = 0;
+ break;
+ case TUTCTime:
+ encode_primitive ("utctime", name);
+ constructed = 0;
+ break;
+ case TUTF8String:
+ encode_primitive ("utf8string", name);
+ constructed = 0;
+ break;
+ case TPrintableString:
+ encode_primitive ("printable_string", name);
+ constructed = 0;
+ break;
+ case TIA5String:
+ encode_primitive ("ia5_string", name);
+ constructed = 0;
+ break;
+ case TBMPString:
+ encode_primitive ("bmp_string", name);
+ constructed = 0;
+ break;
+ case TUniversalString:
+ encode_primitive ("universal_string", name);
+ constructed = 0;
+ break;
+ case TVisibleString:
+ encode_primitive ("visible_string", name);
+ constructed = 0;
+ break;
+ case TNull:
+ fprintf (codefile, "/* NULL */\n");
+ constructed = 0;
+ break;
+ default:
+ abort ();
+ }
+ return constructed;
+}
+
+void
+generate_type_encode (const Symbol *s)
+{
+ fprintf (codefile, "int ASN1CALL\n"
+ "encode_%s(unsigned char *p HEIMDAL_UNUSED_ATTRIBUTE, size_t len HEIMDAL_UNUSED_ATTRIBUTE,"
+ " const %s *data, size_t *size)\n"
+ "{\n",
+ s->gen_name, s->gen_name);
+
+ switch (s->type->type) {
+ case TInteger:
+ case TBoolean:
+ case TOctetString:
+ case TGeneralizedTime:
+ case TGeneralString:
+ case TTeletexString:
+ case TUTCTime:
+ case TUTF8String:
+ case TPrintableString:
+ case TIA5String:
+ case TBMPString:
+ case TUniversalString:
+ case TVisibleString:
+ case TNull:
+ case TBitString:
+ case TEnumerated:
+ case TOID:
+ case TSequence:
+ case TSequenceOf:
+ case TSet:
+ case TSetOf:
+ case TTag:
+ case TType:
+ case TChoice:
+ fprintf (codefile,
+ "size_t ret HEIMDAL_UNUSED_ATTRIBUTE = 0;\n"
+ "size_t l HEIMDAL_UNUSED_ATTRIBUTE;\n"
+ "int i HEIMDAL_UNUSED_ATTRIBUTE, e HEIMDAL_UNUSED_ATTRIBUTE;\n\n");
+
+ encode_type("data", s->type, "Top");
+
+ fprintf (codefile, "*size = ret;\n"
+ "return 0;\n");
+ break;
+ default:
+ abort ();
+ }
+ fprintf (codefile, "}\n\n");
+}
diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c
new file mode 100644
index 000000000000..b9cae7533b17
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_free.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static void
+free_primitive (const char *typename, const char *name)
+{
+ fprintf (codefile, "der_free_%s(%s);\n", typename, name);
+}
+
+static void
+free_type (const char *name, const Type *t, int preserve)
+{
+ switch (t->type) {
+ case TType:
+#if 0
+ free_type (name, t->symbol->type, preserve);
+#endif
+ fprintf (codefile, "free_%s(%s);\n", t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if (t->range == NULL && t->members == NULL) {
+ free_primitive ("heim_integer", name);
+ break;
+ }
+ case TBoolean:
+ case TEnumerated :
+ case TNull:
+ case TGeneralizedTime:
+ case TUTCTime:
+ break;
+ case TBitString:
+ if (ASN1_TAILQ_EMPTY(t->members))
+ free_primitive("bit_string", name);
+ break;
+ case TOctetString:
+ free_primitive ("octet_string", name);
+ break;
+ case TChoice:
+ case TSet:
+ case TSequence: {
+ Member *m, *have_ellipsis = NULL;
+
+ if (t->members == NULL)
+ break;
+
+ if ((t->type == TSequence || t->type == TChoice) && preserve)
+ fprintf(codefile, "der_free_octet_string(&data->_save);\n");
+
+ if(t->type == TChoice)
+ fprintf(codefile, "switch((%s)->element) {\n", name);
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *s;
+
+ if (m->ellipsis){
+ have_ellipsis = m;
+ continue;
+ }
+
+ if(t->type == TChoice)
+ fprintf(codefile, "case %s:\n", m->label);
+ if (asprintf (&s, "%s(%s)->%s%s",
+ m->optional ? "" : "&", name,
+ t->type == TChoice ? "u." : "", m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ if(m->optional)
+ fprintf(codefile, "if(%s) {\n", s);
+ free_type (s, m->type, FALSE);
+ if(m->optional)
+ fprintf(codefile,
+ "free(%s);\n"
+ "%s = NULL;\n"
+ "}\n",s, s);
+ free (s);
+ if(t->type == TChoice)
+ fprintf(codefile, "break;\n");
+ }
+
+ if(t->type == TChoice) {
+ if (have_ellipsis)
+ fprintf(codefile,
+ "case %s:\n"
+ "der_free_octet_string(&(%s)->u.%s);\n"
+ "break;",
+ have_ellipsis->label,
+ name, have_ellipsis->gen_name);
+ fprintf(codefile, "}\n");
+ }
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ char *n;
+
+ fprintf (codefile, "while((%s)->len){\n", name);
+ if (asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name) < 0 || n == NULL)
+ errx(1, "malloc");
+ free_type(n, t->subtype, FALSE);
+ fprintf(codefile,
+ "(%s)->len--;\n"
+ "}\n",
+ name);
+ fprintf(codefile,
+ "free((%s)->val);\n"
+ "(%s)->val = NULL;\n", name, name);
+ free(n);
+ break;
+ }
+ case TGeneralString:
+ free_primitive ("general_string", name);
+ break;
+ case TTeletexString:
+ free_primitive ("general_string", name);
+ break;
+ case TUTF8String:
+ free_primitive ("utf8string", name);
+ break;
+ case TPrintableString:
+ free_primitive ("printable_string", name);
+ break;
+ case TIA5String:
+ free_primitive ("ia5_string", name);
+ break;
+ case TBMPString:
+ free_primitive ("bmp_string", name);
+ break;
+ case TUniversalString:
+ free_primitive ("universal_string", name);
+ break;
+ case TVisibleString:
+ free_primitive ("visible_string", name);
+ break;
+ case TTag:
+ free_type (name, t->subtype, preserve);
+ break;
+ case TOID :
+ free_primitive ("oid", name);
+ break;
+ default :
+ abort ();
+ }
+}
+
+void
+generate_type_free (const Symbol *s)
+{
+ int preserve = preserve_type(s->name) ? TRUE : FALSE;
+
+ fprintf (codefile, "void ASN1CALL\n"
+ "free_%s(%s *data)\n"
+ "{\n",
+ s->gen_name, s->gen_name);
+
+ free_type ("data", s->type, preserve);
+ fprintf (codefile, "}\n\n");
+}
+
diff --git a/crypto/heimdal/lib/asn1/gen_glue.c b/crypto/heimdal/lib/asn1/gen_glue.c
new file mode 100644
index 000000000000..5ab93305a24e
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_glue.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 1997, 1999, 2000, 2003 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static void
+generate_2int (const Type *t, const char *gen_name)
+{
+ Member *m;
+
+ fprintf (headerfile,
+ "unsigned %s2int(%s);\n",
+ gen_name, gen_name);
+
+ fprintf (codefile,
+ "unsigned %s2int(%s f)\n"
+ "{\n"
+ "unsigned r = 0;\n",
+ gen_name, gen_name);
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ fprintf (codefile, "if(f.%s) r |= (1U << %d);\n",
+ m->gen_name, m->val);
+ }
+ fprintf (codefile, "return r;\n"
+ "}\n\n");
+}
+
+static void
+generate_int2 (const Type *t, const char *gen_name)
+{
+ Member *m;
+
+ fprintf (headerfile,
+ "%s int2%s(unsigned);\n",
+ gen_name, gen_name);
+
+ fprintf (codefile,
+ "%s int2%s(unsigned n)\n"
+ "{\n"
+ "\t%s flags;\n\n"
+ "\tmemset(&flags, 0, sizeof(flags));\n\n",
+ gen_name, gen_name, gen_name);
+
+ if(t->members) {
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ fprintf (codefile, "\tflags.%s = (n >> %d) & 1;\n",
+ m->gen_name, m->val);
+ }
+ }
+ fprintf (codefile, "\treturn flags;\n"
+ "}\n\n");
+}
+
+/*
+ * This depends on the bit string being declared in increasing order
+ */
+
+static void
+generate_units (const Type *t, const char *gen_name)
+{
+ Member *m;
+
+ if (template_flag) {
+ fprintf (headerfile,
+ "extern const struct units *asn1_%s_table_units;\n",
+ gen_name);
+ fprintf (headerfile, "#define asn1_%s_units() (asn1_%s_table_units)\n",
+ gen_name, gen_name);
+ } else {
+ fprintf (headerfile,
+ "const struct units * asn1_%s_units(void);\n",
+ gen_name);
+ }
+
+ fprintf (codefile,
+ "static struct units %s_units[] = {\n",
+ gen_name);
+
+ if(t->members) {
+ ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) {
+ fprintf (codefile,
+ "\t{\"%s\",\t1U << %d},\n", m->name, m->val);
+ }
+ }
+
+ fprintf (codefile,
+ "\t{NULL,\t0}\n"
+ "};\n\n");
+
+ if (template_flag)
+ fprintf (codefile,
+ "const struct units * asn1_%s_table_units = %s_units;\n",
+ gen_name, gen_name);
+ else
+ fprintf (codefile,
+ "const struct units * asn1_%s_units(void){\n"
+ "return %s_units;\n"
+ "}\n\n",
+ gen_name, gen_name);
+
+
+}
+
+void
+generate_glue (const Type *t, const char *gen_name)
+{
+ switch(t->type) {
+ case TTag:
+ generate_glue(t->subtype, gen_name);
+ break;
+ case TBitString :
+ if (!ASN1_TAILQ_EMPTY(t->members)) {
+ generate_2int (t, gen_name);
+ generate_int2 (t, gen_name);
+ generate_units (t, gen_name);
+ }
+ break;
+ default :
+ break;
+ }
+}
diff --git a/crypto/heimdal/lib/asn1/gen_length.c b/crypto/heimdal/lib/asn1/gen_length.c
new file mode 100644
index 000000000000..20b5adfe5d02
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_length.c
@@ -0,0 +1,279 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static void
+length_primitive (const char *typename,
+ const char *name,
+ const char *variable)
+{
+ fprintf (codefile, "%s += der_length_%s(%s);\n", variable, typename, name);
+}
+
+/* XXX same as der_length_tag */
+static size_t
+length_tag(unsigned int tag)
+{
+ size_t len = 0;
+
+ if(tag <= 30)
+ return 1;
+ while(tag) {
+ tag /= 128;
+ len++;
+ }
+ return len + 1;
+}
+
+
+static int
+length_type (const char *name, const Type *t,
+ const char *variable, const char *tmpstr)
+{
+ switch (t->type) {
+ case TType:
+#if 0
+ length_type (name, t->symbol->type);
+#endif
+ fprintf (codefile, "%s += length_%s(%s);\n",
+ variable, t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if(t->members) {
+ fprintf(codefile,
+ "{\n"
+ "int enumint = *%s;\n", name);
+ length_primitive ("integer", "&enumint", variable);
+ fprintf(codefile, "}\n");
+ } else if (t->range == NULL) {
+ length_primitive ("heim_integer", name, variable);
+ } else if (t->range->min == INT_MIN && t->range->max == INT_MAX) {
+ length_primitive ("integer", name, variable);
+ } else if (t->range->min == 0 && t->range->max == UINT_MAX) {
+ length_primitive ("unsigned", name, variable);
+ } else if (t->range->min == 0 && t->range->max == INT_MAX) {
+ length_primitive ("unsigned", name, variable);
+ } else
+ errx(1, "%s: unsupported range %d -> %d",
+ name, t->range->min, t->range->max);
+
+ break;
+ case TBoolean:
+ fprintf (codefile, "%s += 1;\n", variable);
+ break;
+ case TEnumerated :
+ length_primitive ("enumerated", name, variable);
+ break;
+ case TOctetString:
+ length_primitive ("octet_string", name, variable);
+ break;
+ case TBitString: {
+ if (ASN1_TAILQ_EMPTY(t->members))
+ length_primitive("bit_string", name, variable);
+ else {
+ if (!rfc1510_bitstring) {
+ Member *m;
+ int pos = ASN1_TAILQ_LAST(t->members, memhead)->val;
+
+ fprintf(codefile,
+ "do {\n");
+ ASN1_TAILQ_FOREACH_REVERSE(m, t->members, memhead, members) {
+ while (m->val / 8 < pos / 8) {
+ pos -= 8;
+ }
+ fprintf (codefile,
+ "if((%s)->%s) { %s += %d; break; }\n",
+ name, m->gen_name, variable, (pos + 8) / 8);
+ }
+ fprintf(codefile,
+ "} while(0);\n");
+ fprintf (codefile, "%s += 1;\n", variable);
+ } else {
+ fprintf (codefile, "%s += 5;\n", variable);
+ }
+ }
+ break;
+ }
+ case TSet:
+ case TSequence:
+ case TChoice: {
+ Member *m, *have_ellipsis = NULL;
+
+ if (t->members == NULL)
+ break;
+
+ if(t->type == TChoice)
+ fprintf (codefile, "switch((%s)->element) {\n", name);
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *s;
+
+ if (m->ellipsis) {
+ have_ellipsis = m;
+ continue;
+ }
+
+ if(t->type == TChoice)
+ fprintf(codefile, "case %s:\n", m->label);
+
+ if (asprintf (&s, "%s(%s)->%s%s",
+ m->optional ? "" : "&", name,
+ t->type == TChoice ? "u." : "", m->gen_name) < 0 || s == NULL)
+ errx(1, "malloc");
+ if (m->optional)
+ fprintf (codefile, "if(%s)", s);
+ else if(m->defval)
+ gen_compare_defval(s + 1, m->defval);
+ fprintf (codefile, "{\n"
+ "size_t %s_oldret = %s;\n"
+ "%s = 0;\n", tmpstr, variable, variable);
+ length_type (s, m->type, "ret", m->gen_name);
+ fprintf (codefile, "ret += %s_oldret;\n", tmpstr);
+ fprintf (codefile, "}\n");
+ free (s);
+ if(t->type == TChoice)
+ fprintf(codefile, "break;\n");
+ }
+ if(t->type == TChoice) {
+ if (have_ellipsis)
+ fprintf(codefile,
+ "case %s:\n"
+ "ret += (%s)->u.%s.length;\n"
+ "break;\n",
+ have_ellipsis->label,
+ name,
+ have_ellipsis->gen_name);
+ fprintf (codefile, "}\n"); /* switch */
+ }
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ char *n = NULL;
+ char *sname = NULL;
+
+ fprintf (codefile,
+ "{\n"
+ "size_t %s_oldret = %s;\n"
+ "int i;\n"
+ "%s = 0;\n",
+ tmpstr, variable, variable);
+
+ fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name);
+ fprintf (codefile, "size_t %s_for_oldret = %s;\n"
+ "%s = 0;\n", tmpstr, variable, variable);
+ if (asprintf (&n, "&(%s)->val[i]", name) < 0 || n == NULL)
+ errx(1, "malloc");
+ if (asprintf (&sname, "%s_S_Of", tmpstr) < 0 || sname == NULL)
+ errx(1, "malloc");
+ length_type(n, t->subtype, variable, sname);
+ fprintf (codefile, "%s += %s_for_oldret;\n",
+ variable, tmpstr);
+ fprintf (codefile, "}\n");
+
+ fprintf (codefile,
+ "%s += %s_oldret;\n"
+ "}\n", variable, tmpstr);
+ free(n);
+ free(sname);
+ break;
+ }
+ case TGeneralizedTime:
+ length_primitive ("generalized_time", name, variable);
+ break;
+ case TGeneralString:
+ length_primitive ("general_string", name, variable);
+ break;
+ case TTeletexString:
+ length_primitive ("general_string", name, variable);
+ break;
+ case TUTCTime:
+ length_primitive ("utctime", name, variable);
+ break;
+ case TUTF8String:
+ length_primitive ("utf8string", name, variable);
+ break;
+ case TPrintableString:
+ length_primitive ("printable_string", name, variable);
+ break;
+ case TIA5String:
+ length_primitive ("ia5_string", name, variable);
+ break;
+ case TBMPString:
+ length_primitive ("bmp_string", name, variable);
+ break;
+ case TUniversalString:
+ length_primitive ("universal_string", name, variable);
+ break;
+ case TVisibleString:
+ length_primitive ("visible_string", name, variable);
+ break;
+ case TNull:
+ fprintf (codefile, "/* NULL */\n");
+ break;
+ case TTag:{
+ char *tname = NULL;
+ if (asprintf(&tname, "%s_tag", tmpstr) < 0 || tname == NULL)
+ errx(1, "malloc");
+ length_type (name, t->subtype, variable, tname);
+ fprintf (codefile, "ret += %lu + der_length_len (ret);\n",
+ (unsigned long)length_tag(t->tag.tagvalue));
+ free(tname);
+ break;
+ }
+ case TOID:
+ length_primitive ("oid", name, variable);
+ break;
+ default :
+ abort ();
+ }
+ return 0;
+}
+
+void
+generate_type_length (const Symbol *s)
+{
+ fprintf (codefile,
+ "size_t ASN1CALL\n"
+ "length_%s(const %s *data)\n"
+ "{\n"
+ "size_t ret = 0;\n",
+ s->gen_name, s->gen_name);
+
+ length_type ("data", s->type, "ret", "Top");
+ fprintf (codefile, "return ret;\n}\n\n");
+}
+
diff --git a/crypto/heimdal/lib/asn1/gen_locl.h b/crypto/heimdal/lib/asn1/gen_locl.h
new file mode 100644
index 000000000000..9e87b0c578c7
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_locl.h
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef __GEN_LOCL_H__
+#define __GEN_LOCL_H__
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <ctype.h>
+#include <time.h>
+#include <errno.h>
+#include <err.h>
+#include <roken.h>
+#include "hash.h"
+#include "symbol.h"
+#include "asn1-common.h"
+#include "der.h"
+#include "der-private.h"
+
+void generate_type (const Symbol *);
+void generate_constant (const Symbol *);
+void generate_type_encode (const Symbol *);
+void generate_type_decode (const Symbol *);
+void generate_type_free (const Symbol *);
+void generate_type_length (const Symbol *);
+void generate_type_copy (const Symbol *);
+void generate_type_seq (const Symbol *);
+void generate_glue (const Type *, const char*);
+
+const char *classname(Der_class);
+const char *valuename(Der_class, int);
+
+void gen_compare_defval(const char *, struct value *);
+void gen_assign_defval(const char *, struct value *);
+
+
+void init_generate (const char *, const char *);
+const char *get_filename (void);
+void close_generate(void);
+void add_import(const char *);
+void add_export(const char *);
+int is_export(const char *);
+int yyparse(void);
+int is_primitive_type(int);
+
+int preserve_type(const char *);
+int seq_type(const char *);
+
+void generate_header_of_codefile(const char *);
+void close_codefile(void);
+
+int is_template_compat (const Symbol *);
+void generate_template(const Symbol *);
+void gen_template_import(const Symbol *);
+
+
+extern FILE *privheaderfile, *headerfile, *codefile, *logfile, *templatefile;
+extern int support_ber;
+extern int template_flag;
+extern int rfc1510_bitstring;
+extern int one_code_file;
+
+extern int error_flag;
+
+#endif /* __GEN_LOCL_H__ */
diff --git a/crypto/heimdal/lib/asn1/gen_seq.c b/crypto/heimdal/lib/asn1/gen_seq.c
new file mode 100644
index 000000000000..3487e98b0a77
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_seq.c
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+void
+generate_type_seq (const Symbol *s)
+{
+ char *subname;
+ Type *type;
+
+ if (!seq_type(s->name))
+ return;
+ type = s->type;
+ while(type->type == TTag)
+ type = type->subtype;
+
+ if (type->type != TSequenceOf && type->type != TSetOf) {
+ fprintf(stderr, "%s not seq of %d\n", s->name, (int)type->type);
+ return;
+ }
+
+ /*
+ * Require the subtype to be a type so we can name it and use
+ * copy_/free_
+ */
+
+ if (type->subtype->type != TType) {
+ fprintf(stderr, "%s subtype is not a type, can't generate "
+ "sequence code for this case: %d\n",
+ s->name, (int)type->subtype->type);
+ exit(1);
+ }
+
+ subname = type->subtype->symbol->gen_name;
+
+ fprintf (headerfile,
+ "ASN1EXP int ASN1CALL add_%s (%s *, const %s *);\n"
+ "ASN1EXP int ASN1CALL remove_%s (%s *, unsigned int);\n",
+ s->gen_name, s->gen_name, subname,
+ s->gen_name, s->gen_name);
+
+ fprintf (codefile, "int ASN1CALL\n"
+ "add_%s(%s *data, const %s *element)\n"
+ "{\n",
+ s->gen_name, s->gen_name, subname);
+
+ fprintf (codefile,
+ "int ret;\n"
+ "void *ptr;\n"
+ "\n"
+ "ptr = realloc(data->val, \n"
+ "\t(data->len + 1) * sizeof(data->val[0]));\n"
+ "if (ptr == NULL) return ENOMEM;\n"
+ "data->val = ptr;\n\n"
+ "ret = copy_%s(element, &data->val[data->len]);\n"
+ "if (ret) return ret;\n"
+ "data->len++;\n"
+ "return 0;\n",
+ subname);
+
+ fprintf (codefile, "}\n\n");
+
+ fprintf (codefile, "int ASN1CALL\n"
+ "remove_%s(%s *data, unsigned int element)\n"
+ "{\n",
+ s->gen_name, s->gen_name);
+
+ fprintf (codefile,
+ "void *ptr;\n"
+ "\n"
+ "if (data->len == 0 || element >= data->len)\n"
+ "\treturn ASN1_OVERRUN;\n"
+ "free_%s(&data->val[element]);\n"
+ "data->len--;\n"
+ /* don't move if its the last element */
+ "if (element < data->len)\n"
+ "\tmemmove(&data->val[element], &data->val[element + 1], \n"
+ "\t\tsizeof(data->val[0]) * (data->len - element));\n"
+ /* resize but don't care about failures since it doesn't matter */
+ "ptr = realloc(data->val, data->len * sizeof(data->val[0]));\n"
+ "if (ptr != NULL || data->len == 0) data->val = ptr;\n"
+ "return 0;\n",
+ subname);
+
+ fprintf (codefile, "}\n\n");
+}
diff --git a/crypto/heimdal/lib/asn1/gen_template.c b/crypto/heimdal/lib/asn1/gen_template.c
new file mode 100644
index 000000000000..edd68e122380
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/gen_template.c
@@ -0,0 +1,918 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+
+static const char *symbol_name(const char *, const Type *);
+static void generate_template_type(const char *, const char **, const char *, const char *, const char *,
+ Type *, int, int, int);
+
+static const char *
+ttype_symbol(const char *basename, const Type *t)
+{
+ return t->symbol->gen_name;
+}
+
+static const char *
+integer_symbol(const char *basename, const Type *t)
+{
+ if (t->members)
+ return "int"; /* XXX enum foo */
+ else if (t->range == NULL)
+ return "heim_integer";
+ else if (t->range->min == INT_MIN && t->range->max == INT_MAX)
+ return "int";
+ else if (t->range->min == 0 && t->range->max == UINT_MAX)
+ return "unsigned";
+ else if (t->range->min == 0 && t->range->max == INT_MAX)
+ return "unsigned";
+ else {
+ abort();
+ UNREACHABLE(return NULL);
+ }
+}
+
+static const char *
+boolean_symbol(const char *basename, const Type *t)
+{
+ return "int";
+}
+
+
+static const char *
+octetstring_symbol(const char *basename, const Type *t)
+{
+ return "heim_octet_string";
+}
+
+static const char *
+sequence_symbol(const char *basename, const Type *t)
+{
+ return basename;
+}
+
+static const char *
+time_symbol(const char *basename, const Type *t)
+{
+ return "time_t";
+}
+
+static const char *
+tag_symbol(const char *basename, const Type *t)
+{
+ return symbol_name(basename, t->subtype);
+}
+
+static const char *
+generalstring_symbol(const char *basename, const Type *t)
+{
+ return "heim_general_string";
+}
+
+static const char *
+printablestring_symbol(const char *basename, const Type *t)
+{
+ return "heim_printable_string";
+}
+
+static const char *
+ia5string_symbol(const char *basename, const Type *t)
+{
+ return "heim_ia5_string";
+}
+
+static const char *
+visiblestring_symbol(const char *basename, const Type *t)
+{
+ return "heim_visible_string";
+}
+
+static const char *
+utf8string_symbol(const char *basename, const Type *t)
+{
+ return "heim_utf8_string";
+}
+
+static const char *
+bmpstring_symbol(const char *basename, const Type *t)
+{
+ return "heim_bmp_string";
+}
+
+static const char *
+universalstring_symbol(const char *basename, const Type *t)
+{
+ return "heim_universal_string";
+}
+
+static const char *
+oid_symbol(const char *basename, const Type *t)
+{
+ return "heim_oid";
+}
+
+static const char *
+bitstring_symbol(const char *basename, const Type *t)
+{
+ if (t->members)
+ return basename;
+ return "heim_bit_string";
+}
+
+
+
+struct {
+ enum typetype type;
+ const char *(*symbol_name)(const char *, const Type *);
+ int is_struct;
+} types[] = {
+ { TBMPString, bmpstring_symbol, 0 },
+ { TBitString, bitstring_symbol, 0 },
+ { TBoolean, boolean_symbol, 0 },
+ { TGeneralString, generalstring_symbol, 0 },
+ { TGeneralizedTime, time_symbol, 0 },
+ { TIA5String, ia5string_symbol, 0 },
+ { TInteger, integer_symbol, 0 },
+ { TOID, oid_symbol, 0 },
+ { TOctetString, octetstring_symbol, 0 },
+ { TPrintableString, printablestring_symbol, 0 },
+ { TSequence, sequence_symbol, 1 },
+ { TSequenceOf, tag_symbol, 1 },
+ { TSetOf, tag_symbol, 1 },
+ { TTag, tag_symbol, 1 },
+ { TType, ttype_symbol, 1 },
+ { TUTCTime, time_symbol, 0 },
+ { TUniversalString, universalstring_symbol, 0 },
+ { TVisibleString, visiblestring_symbol, 0 },
+ { TUTF8String, utf8string_symbol, 0 },
+ { TChoice, sequence_symbol, 1 },
+ { TNull, integer_symbol, 1 }
+};
+
+static FILE *
+get_code_file(void)
+{
+ if (!one_code_file)
+ return templatefile;
+ return codefile;
+}
+
+
+static int
+is_supported_type_p(const Type *t)
+{
+ size_t i;
+
+ for (i = 0; i < sizeof(types)/sizeof(types[0]); i++)
+ if (t->type == types[i].type)
+ return 1;
+ return 0;
+}
+
+int
+is_template_compat (const Symbol *s)
+{
+ return is_supported_type_p(s->type);
+}
+
+static const char *
+symbol_name(const char *basename, const Type *t)
+{
+ size_t i;
+
+ for (i = 0; i < sizeof(types)/sizeof(types[0]); i++)
+ if (t->type == types[i].type)
+ return (types[i].symbol_name)(basename, t);
+ printf("unknown der type: %d\n", t->type);
+ exit(1);
+}
+
+
+static char *
+partial_offset(const char *basetype, const char *name, int need_offset)
+{
+ char *str;
+ if (name == NULL || need_offset == 0)
+ return strdup("0");
+ if (asprintf(&str, "offsetof(struct %s, %s)", basetype, name) < 0 || str == NULL)
+ errx(1, "malloc");
+ return str;
+}
+
+struct template {
+ char *line;
+ char *tt;
+ char *offset;
+ char *ptr;
+ ASN1_TAILQ_ENTRY(template) members;
+};
+
+ASN1_TAILQ_HEAD(templatehead, template);
+
+struct tlist {
+ char *name;
+ char *header;
+ struct templatehead template;
+ ASN1_TAILQ_ENTRY(tlist) tmembers;
+};
+
+ASN1_TAILQ_HEAD(tlisthead, tlist);
+
+static void tlist_header(struct tlist *, const char *, ...) __attribute__((__format__(__printf__, 2, 3)));
+static struct template *
+ add_line(struct templatehead *, const char *, ...) __attribute__((__format__(__printf__, 2, 3)));
+static int tlist_cmp(const struct tlist *, const struct tlist *);
+
+static void add_line_pointer(struct templatehead *, const char *, const char *, const char *, ...)
+ __attribute__((__format__(__printf__, 4, 5)));
+
+
+static struct tlisthead tlistmaster = ASN1_TAILQ_HEAD_INITIALIZER(tlistmaster);
+static unsigned long numdups = 0;
+
+static struct tlist *
+tlist_new(const char *name)
+{
+ struct tlist *tl = calloc(1, sizeof(*tl));
+ tl->name = strdup(name);
+ ASN1_TAILQ_INIT(&tl->template);
+ return tl;
+}
+
+static void
+tlist_header(struct tlist *t, const char *fmt, ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ if (vasprintf(&t->header, fmt, ap) < 0 || t->header == NULL)
+ errx(1, "malloc");
+ va_end(ap);
+}
+
+static unsigned long
+tlist_count(struct tlist *tl)
+{
+ unsigned int count = 0;
+ struct template *q;
+
+ ASN1_TAILQ_FOREACH(q, &tl->template, members) {
+ count++;
+ }
+ return count;
+}
+
+static void
+tlist_add(struct tlist *tl)
+{
+ ASN1_TAILQ_INSERT_TAIL(&tlistmaster, tl, tmembers);
+}
+
+static void
+tlist_print(struct tlist *tl)
+{
+ struct template *q;
+ unsigned int i = 1;
+ FILE *f = get_code_file();
+
+ fprintf(f, "static const struct asn1_template asn1_%s[] = {\n", tl->name);
+ fprintf(f, "/* 0 */ %s,\n", tl->header);
+ ASN1_TAILQ_FOREACH(q, &tl->template, members) {
+ int last = (ASN1_TAILQ_LAST(&tl->template, templatehead) == q);
+ fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ",");
+ }
+ fprintf(f, "};\n");
+}
+
+static struct tlist *
+tlist_find_by_name(const char *name)
+{
+ struct tlist *ql;
+ ASN1_TAILQ_FOREACH(ql, &tlistmaster, tmembers) {
+ if (strcmp(ql->name, name) == 0)
+ return ql;
+ }
+ return NULL;
+}
+
+static int
+tlist_cmp_name(const char *tname, const char *qname)
+{
+ struct tlist *tl = tlist_find_by_name(tname);
+ struct tlist *ql = tlist_find_by_name(qname);
+ return tlist_cmp(tl, ql);
+}
+
+static int
+tlist_cmp(const struct tlist *tl, const struct tlist *ql)
+{
+ int ret;
+ struct template *t, *q;
+
+ ret = strcmp(tl->header, ql->header);
+ if (ret) return ret;
+
+ q = ASN1_TAILQ_FIRST(&ql->template);
+ ASN1_TAILQ_FOREACH(t, &tl->template, members) {
+ if (q == NULL) return 1;
+
+ if (t->ptr == NULL || q->ptr == NULL) {
+ ret = strcmp(t->line, q->line);
+ if (ret) return ret;
+ } else {
+ ret = strcmp(t->tt, q->tt);
+ if (ret) return ret;
+
+ ret = strcmp(t->offset, q->offset);
+ if (ret) return ret;
+
+ if ((ret = strcmp(t->ptr, q->ptr)) != 0 ||
+ (ret = tlist_cmp_name(t->ptr, q->ptr)) != 0)
+ return ret;
+ }
+ q = ASN1_TAILQ_NEXT(q, members);
+ }
+ if (q != NULL) return -1;
+ return 0;
+}
+
+
+static const char *
+tlist_find_dup(const struct tlist *tl)
+{
+ struct tlist *ql;
+
+ ASN1_TAILQ_FOREACH(ql, &tlistmaster, tmembers) {
+ if (tlist_cmp(ql, tl) == 0) {
+ numdups++;
+ return ql->name;
+ }
+ }
+ return NULL;
+}
+
+
+/*
+ *
+ */
+
+static struct template *
+add_line(struct templatehead *t, const char *fmt, ...)
+{
+ struct template *q = calloc(1, sizeof(*q));
+ va_list ap;
+ va_start(ap, fmt);
+ if (vasprintf(&q->line, fmt, ap) < 0 || q->line == NULL)
+ errx(1, "malloc");
+ va_end(ap);
+ ASN1_TAILQ_INSERT_TAIL(t, q, members);
+ return q;
+}
+
+static void
+add_line_pointer(struct templatehead *t,
+ const char *ptr,
+ const char *offset,
+ const char *ttfmt,
+ ...)
+{
+ struct template *q;
+ va_list ap;
+ char *tt = NULL;
+
+ va_start(ap, ttfmt);
+ if (vasprintf(&tt, ttfmt, ap) < 0 || tt == NULL)
+ errx(1, "malloc");
+ va_end(ap);
+
+ q = add_line(t, "{ %s, %s, asn1_%s }", tt, offset, ptr);
+ q->tt = tt;
+ q->offset = strdup(offset);
+ q->ptr = strdup(ptr);
+}
+
+static int
+use_extern(const Symbol *s)
+{
+ if (s->type == NULL)
+ return 1;
+ return 0;
+}
+
+static int
+is_struct(Type *t, int isstruct)
+{
+ size_t i;
+
+ if (t->type == TType)
+ return 0;
+ if (t->type == TSequence || t->type == TSet || t->type == TChoice)
+ return 1;
+ if (t->type == TTag)
+ return is_struct(t->subtype, isstruct);
+
+ for (i = 0; i < sizeof(types)/sizeof(types[0]); i++) {
+ if (t->type == types[i].type) {
+ if (types[i].is_struct == 0)
+ return 0;
+ else
+ break;
+ }
+ }
+
+ return isstruct;
+}
+
+static const Type *
+compact_tag(const Type *t)
+{
+ while (t->type == TTag)
+ t = t->subtype;
+ return t;
+}
+
+static void
+template_members(struct templatehead *temp, const char *basetype, const char *name, const Type *t, int optional, int isstruct, int need_offset)
+{
+ char *poffset = NULL;
+
+ if (optional && t->type != TTag && t->type != TType)
+ errx(1, "%s...%s is optional and not a (TTag or TType)", basetype, name);
+
+ poffset = partial_offset(basetype, name, need_offset);
+
+ switch (t->type) {
+ case TType:
+ if (use_extern(t->symbol)) {
+ add_line(temp, "{ A1_OP_TYPE_EXTERN %s, %s, &asn1_extern_%s}",
+ optional ? "|A1_FLAG_OPTIONAL" : "",
+ poffset, t->symbol->gen_name);
+ } else {
+ add_line_pointer(temp, t->symbol->gen_name, poffset,
+ "A1_OP_TYPE %s", optional ? "|A1_FLAG_OPTIONAL" : "");
+ }
+ break;
+ case TInteger: {
+ char *itype = NULL;
+
+ if (t->members)
+ itype = "IMEMBER";
+ else if (t->range == NULL)
+ itype = "HEIM_INTEGER";
+ else if (t->range->min == INT_MIN && t->range->max == INT_MAX)
+ itype = "INTEGER";
+ else if (t->range->min == 0 && t->range->max == UINT_MAX)
+ itype = "UNSIGNED";
+ else if (t->range->min == 0 && t->range->max == INT_MAX)
+ itype = "UNSIGNED";
+ else
+ errx(1, "%s: unsupported range %d -> %d",
+ name, t->range->min, t->range->max);
+
+ add_line(temp, "{ A1_PARSE_T(A1T_%s), %s, NULL }", itype, poffset);
+ break;
+ }
+ case TGeneralString:
+ add_line(temp, "{ A1_PARSE_T(A1T_GENERAL_STRING), %s, NULL }", poffset);
+ break;
+ case TTeletexString:
+ add_line(temp, "{ A1_PARSE_T(A1T_TELETEX_STRING), %s, NULL }", poffset);
+ break;
+ case TPrintableString:
+ add_line(temp, "{ A1_PARSE_T(A1T_PRINTABLE_STRING), %s, NULL }", poffset);
+ break;
+ case TOctetString:
+ add_line(temp, "{ A1_PARSE_T(A1T_OCTET_STRING), %s, NULL }", poffset);
+ break;
+ case TIA5String:
+ add_line(temp, "{ A1_PARSE_T(A1T_IA5_STRING), %s, NULL }", poffset);
+ break;
+ case TBMPString:
+ add_line(temp, "{ A1_PARSE_T(A1T_BMP_STRING), %s, NULL }", poffset);
+ break;
+ case TUniversalString:
+ add_line(temp, "{ A1_PARSE_T(A1T_UNIVERSAL_STRING), %s, NULL }", poffset);
+ break;
+ case TVisibleString:
+ add_line(temp, "{ A1_PARSE_T(A1T_VISIBLE_STRING), %s, NULL }", poffset);
+ break;
+ case TUTF8String:
+ add_line(temp, "{ A1_PARSE_T(A1T_UTF8_STRING), %s, NULL }", poffset);
+ break;
+ case TGeneralizedTime:
+ add_line(temp, "{ A1_PARSE_T(A1T_GENERALIZED_TIME), %s, NULL }", poffset);
+ break;
+ case TUTCTime:
+ add_line(temp, "{ A1_PARSE_T(A1T_UTC_TIME), %s, NULL }", poffset);
+ break;
+ case TBoolean:
+ add_line(temp, "{ A1_PARSE_T(A1T_BOOLEAN), %s, NULL }", poffset);
+ break;
+ case TOID:
+ add_line(temp, "{ A1_PARSE_T(A1T_OID), %s, NULL }", poffset);
+ break;
+ case TNull:
+ break;
+ case TBitString: {
+ struct templatehead template = ASN1_TAILQ_HEAD_INITIALIZER(template);
+ struct template *q;
+ Member *m;
+ size_t count = 0, i;
+ char *bname = NULL;
+ FILE *f = get_code_file();
+
+ if (ASN1_TAILQ_EMPTY(t->members)) {
+ add_line(temp, "{ A1_PARSE_T(A1T_HEIM_BIT_STRING), %s, NULL }", poffset);
+ break;
+ }
+
+ if (asprintf(&bname, "bmember_%s_%p", name ? name : "", t) < 0 || bname == NULL)
+ errx(1, "malloc");
+ output_name(bname);
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ add_line(&template, "{ 0, %d, 0 } /* %s */", m->val, m->gen_name);
+ }
+
+ ASN1_TAILQ_FOREACH(q, &template, members) {
+ count++;
+ }
+
+ fprintf(f, "static const struct asn1_template asn1_%s_%s[] = {\n", basetype, bname);
+ fprintf(f, "/* 0 */ { 0%s, sizeof(%s), ((void *)%lu) },\n",
+ rfc1510_bitstring ? "|A1_HBF_RFC1510" : "",
+ basetype, (unsigned long)count);
+ i = 1;
+ ASN1_TAILQ_FOREACH(q, &template, members) {
+ int last = (ASN1_TAILQ_LAST(&template, templatehead) == q);
+ fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ",");
+ }
+ fprintf(f, "};\n");
+
+ add_line(temp, "{ A1_OP_BMEMBER, %s, asn1_%s_%s }", poffset, basetype, bname);
+
+ free(bname);
+
+ break;
+ }
+ case TSequence: {
+ Member *m;
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ char *newbasename = NULL;
+
+ if (m->ellipsis)
+ continue;
+
+ if (name) {
+ if (asprintf(&newbasename, "%s_%s", basetype, name) < 0)
+ errx(1, "malloc");
+ } else
+ newbasename = strdup(basetype);
+ if (newbasename == NULL)
+ errx(1, "malloc");
+
+ template_members(temp, newbasename, m->gen_name, m->type, m->optional, isstruct, 1);
+
+ free(newbasename);
+ }
+
+ break;
+ }
+ case TTag: {
+ char *tname = NULL, *elname = NULL;
+ const char *sename, *dupname;
+ int subtype_is_struct = is_struct(t->subtype, isstruct);
+
+ if (subtype_is_struct)
+ sename = basetype;
+ else
+ sename = symbol_name(basetype, t->subtype);
+
+ if (asprintf(&tname, "tag_%s_%p", name ? name : "", t) < 0 || tname == NULL)
+ errx(1, "malloc");
+ output_name(tname);
+
+ if (asprintf(&elname, "%s_%s", basetype, tname) < 0 || elname == NULL)
+ errx(1, "malloc");
+
+ generate_template_type(elname, &dupname, NULL, sename, name,
+ t->subtype, 0, subtype_is_struct, 0);
+
+ add_line_pointer(temp, dupname, poffset,
+ "A1_TAG_T(%s,%s,%s)%s",
+ classname(t->tag.tagclass),
+ is_primitive_type(t->subtype->type) ? "PRIM" : "CONS",
+ valuename(t->tag.tagclass, t->tag.tagvalue),
+ optional ? "|A1_FLAG_OPTIONAL" : "");
+
+ free(tname);
+ free(elname);
+
+ break;
+ }
+ case TSetOf:
+ case TSequenceOf: {
+ const char *type = NULL, *tname, *dupname;
+ char *sename = NULL, *elname = NULL;
+ int subtype_is_struct = is_struct(t->subtype, 0);
+
+ if (name && subtype_is_struct) {
+ tname = "seofTstruct";
+ if (asprintf(&sename, "%s_%s_val", basetype, name) < 0)
+ errx(1, "malloc");
+ } else if (subtype_is_struct) {
+ tname = "seofTstruct";
+ if (asprintf(&sename, "%s_val", symbol_name(basetype, t->subtype)) < 0)
+ errx(1, "malloc");
+ } else {
+ if (name)
+ tname = name;
+ else
+ tname = "seofTstruct";
+ sename = strdup(symbol_name(basetype, t->subtype));
+ }
+ if (sename == NULL)
+ errx(1, "malloc");
+
+ if (t->type == TSetOf) type = "A1_OP_SETOF";
+ else if (t->type == TSequenceOf) type = "A1_OP_SEQOF";
+ else abort();
+
+ if (asprintf(&elname, "%s_%s_%p", basetype, tname, t) < 0 || elname == NULL)
+ errx(1, "malloc");
+
+ generate_template_type(elname, &dupname, NULL, sename, NULL, t->subtype,
+ 0, subtype_is_struct, need_offset);
+
+ add_line(temp, "{ %s, %s, asn1_%s }", type, poffset, dupname);
+ free(sename);
+ break;
+ }
+ case TChoice: {
+ struct templatehead template = ASN1_TAILQ_HEAD_INITIALIZER(template);
+ struct template *q;
+ size_t count = 0, i;
+ char *tname = NULL;
+ FILE *f = get_code_file();
+ Member *m;
+ int ellipsis = 0;
+ char *e;
+
+ if (asprintf(&tname, "asn1_choice_%s_%s%x",
+ basetype, name ? name : "", (unsigned int)(uintptr_t)t) < 0 || tname == NULL)
+ errx(1, "malloc");
+
+ ASN1_TAILQ_FOREACH(m, t->members, members) {
+ const char *dupname;
+ char *elname = NULL;
+ char *newbasename = NULL;
+ int subtype_is_struct;
+
+ if (m->ellipsis) {
+ ellipsis = 1;
+ continue;
+ }
+
+ subtype_is_struct = is_struct(m->type, 0);
+
+ if (asprintf(&elname, "%s_choice_%s", basetype, m->gen_name) < 0 || elname == NULL)
+ errx(1, "malloc");
+
+ if (subtype_is_struct) {
+ if (asprintf(&newbasename, "%s_%s", basetype, m->gen_name) < 0)
+ errx(1, "malloc");
+ } else
+ newbasename = strdup(basetype);
+
+ if (newbasename == NULL)
+ errx(1, "malloc");
+
+
+ generate_template_type(elname, &dupname, NULL,
+ symbol_name(newbasename, m->type),
+ NULL, m->type, 0, subtype_is_struct, 1);
+
+ add_line(&template, "{ %s, offsetof(%s%s, u.%s), asn1_%s }",
+ m->label, isstruct ? "struct " : "",
+ basetype, m->gen_name,
+ dupname);
+
+ free(elname);
+ free(newbasename);
+ }
+
+ e = NULL;
+ if (ellipsis) {
+ if (asprintf(&e, "offsetof(%s%s, u.asn1_ellipsis)", isstruct ? "struct " : "", basetype) < 0 || e == NULL)
+ errx(1, "malloc");
+ }
+
+ ASN1_TAILQ_FOREACH(q, &template, members) {
+ count++;
+ }
+
+ fprintf(f, "static const struct asn1_template %s[] = {\n", tname);
+ fprintf(f, "/* 0 */ { %s, offsetof(%s%s, element), ((void *)%lu) },\n",
+ e ? e : "0", isstruct ? "struct " : "", basetype, (unsigned long)count);
+ i = 1;
+ ASN1_TAILQ_FOREACH(q, &template, members) {
+ int last = (ASN1_TAILQ_LAST(&template, templatehead) == q);
+ fprintf(f, "/* %lu */ %s%s\n", (unsigned long)i++, q->line, last ? "" : ",");
+ }
+ fprintf(f, "};\n");
+
+ add_line(temp, "{ A1_OP_CHOICE, %s, %s }", poffset, tname);
+
+ free(e);
+ free(tname);
+ break;
+ }
+ default:
+ abort ();
+ }
+ if (poffset)
+ free(poffset);
+}
+
+static void
+gen_extern_stubs(FILE *f, const char *name)
+{
+ fprintf(f,
+ "static const struct asn1_type_func asn1_extern_%s = {\n"
+ "\t(asn1_type_encode)encode_%s,\n"
+ "\t(asn1_type_decode)decode_%s,\n"
+ "\t(asn1_type_length)length_%s,\n"
+ "\t(asn1_type_copy)copy_%s,\n"
+ "\t(asn1_type_release)free_%s,\n"
+ "\tsizeof(%s)\n"
+ "};\n",
+ name, name, name, name,
+ name, name, name);
+}
+
+void
+gen_template_import(const Symbol *s)
+{
+ FILE *f = get_code_file();
+
+ if (template_flag == 0)
+ return;
+
+ gen_extern_stubs(f, s->gen_name);
+}
+
+static void
+generate_template_type(const char *varname,
+ const char **dupname,
+ const char *symname,
+ const char *basetype,
+ const char *name,
+ Type *type,
+ int optional, int isstruct, int need_offset)
+{
+ struct tlist *tl;
+ const char *dup;
+ int have_ellipsis = 0;
+
+ tl = tlist_new(varname);
+
+ template_members(&tl->template, basetype, name, type, optional, isstruct, need_offset);
+
+ /* if its a sequence or set type, check if there is a ellipsis */
+ if (type->type == TSequence || type->type == TSet) {
+ Member *m;
+ ASN1_TAILQ_FOREACH(m, type->members, members) {
+ if (m->ellipsis)
+ have_ellipsis = 1;
+ }
+ }
+
+ if (ASN1_TAILQ_EMPTY(&tl->template) && compact_tag(type)->type != TNull)
+ errx(1, "Tag %s...%s with no content ?", basetype, name ? name : "");
+
+ tlist_header(tl, "{ 0%s%s, sizeof(%s%s), ((void *)%lu) }",
+ (symname && preserve_type(symname)) ? "|A1_HF_PRESERVE" : "",
+ have_ellipsis ? "|A1_HF_ELLIPSIS" : "",
+ isstruct ? "struct " : "", basetype, tlist_count(tl));
+
+ dup = tlist_find_dup(tl);
+ if (dup) {
+ if (strcmp(dup, tl->name) == 0)
+ errx(1, "found dup of ourself");
+ *dupname = dup;
+ } else {
+ *dupname = tl->name;
+ tlist_print(tl);
+ tlist_add(tl);
+ }
+}
+
+
+void
+generate_template(const Symbol *s)
+{
+ FILE *f = get_code_file();
+ const char *dupname;
+
+ if (use_extern(s)) {
+ gen_extern_stubs(f, s->gen_name);
+ return;
+ }
+
+ generate_template_type(s->gen_name, &dupname, s->name, s->gen_name, NULL, s->type, 0, 0, 1);
+
+ fprintf(f,
+ "\n"
+ "int\n"
+ "decode_%s(const unsigned char *p, size_t len, %s *data, size_t *size)\n"
+ "{\n"
+ " return _asn1_decode_top(asn1_%s, 0|%s, p, len, data, size);\n"
+ "}\n"
+ "\n",
+ s->gen_name,
+ s->gen_name,
+ dupname,
+ support_ber ? "A1_PF_ALLOW_BER" : "0");
+
+ fprintf(f,
+ "\n"
+ "int\n"
+ "encode_%s(unsigned char *p, size_t len, const %s *data, size_t *size)\n"
+ "{\n"
+ " return _asn1_encode(asn1_%s, p, len, data, size);\n"
+ "}\n"
+ "\n",
+ s->gen_name,
+ s->gen_name,
+ dupname);
+
+ fprintf(f,
+ "\n"
+ "size_t\n"
+ "length_%s(const %s *data)\n"
+ "{\n"
+ " return _asn1_length(asn1_%s, data);\n"
+ "}\n"
+ "\n",
+ s->gen_name,
+ s->gen_name,
+ dupname);
+
+
+ fprintf(f,
+ "\n"
+ "void\n"
+ "free_%s(%s *data)\n"
+ "{\n"
+ " _asn1_free(asn1_%s, data);\n"
+ "}\n"
+ "\n",
+ s->gen_name,
+ s->gen_name,
+ dupname);
+
+ fprintf(f,
+ "\n"
+ "int\n"
+ "copy_%s(const %s *from, %s *to)\n"
+ "{\n"
+ " return _asn1_copy_top(asn1_%s, from, to);\n"
+ "}\n"
+ "\n",
+ s->gen_name,
+ s->gen_name,
+ s->gen_name,
+ dupname);
+}
diff --git a/crypto/heimdal/lib/asn1/hash.c b/crypto/heimdal/lib/asn1/hash.c
new file mode 100644
index 000000000000..73b6cf97c423
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/hash.c
@@ -0,0 +1,206 @@
+/*
+ * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Hash table functions
+ */
+
+#include "gen_locl.h"
+
+RCSID("$Id$");
+
+static Hashentry *_search(Hashtab * htab, /* The hash table */
+ void *ptr); /* And key */
+
+Hashtab *
+hashtabnew(int sz,
+ int (*cmp) (void *, void *),
+ unsigned (*hash) (void *))
+{
+ Hashtab *htab;
+ int i;
+
+ assert(sz > 0);
+
+ htab = (Hashtab *) malloc(sizeof(Hashtab) + (sz - 1) * sizeof(Hashentry *));
+ if (htab == NULL)
+ return NULL;
+
+ for (i = 0; i < sz; ++i)
+ htab->tab[i] = NULL;
+
+ htab->cmp = cmp;
+ htab->hash = hash;
+ htab->sz = sz;
+ return htab;
+}
+
+/* Intern search function */
+
+static Hashentry *
+_search(Hashtab * htab, void *ptr)
+{
+ Hashentry *hptr;
+
+ assert(htab && ptr);
+
+ for (hptr = htab->tab[(*htab->hash) (ptr) % htab->sz];
+ hptr;
+ hptr = hptr->next)
+ if ((*htab->cmp) (ptr, hptr->ptr) == 0)
+ break;
+ return hptr;
+}
+
+/* Search for element in hash table */
+
+void *
+hashtabsearch(Hashtab * htab, void *ptr)
+{
+ Hashentry *tmp;
+
+ tmp = _search(htab, ptr);
+ return tmp ? tmp->ptr : tmp;
+}
+
+/* add element to hash table */
+/* if already there, set new value */
+/* !NULL if succesful */
+
+void *
+hashtabadd(Hashtab * htab, void *ptr)
+{
+ Hashentry *h = _search(htab, ptr);
+ Hashentry **tabptr;
+
+ assert(htab && ptr);
+
+ if (h)
+ free((void *) h->ptr);
+ else {
+ h = (Hashentry *) malloc(sizeof(Hashentry));
+ if (h == NULL) {
+ return NULL;
+ }
+ tabptr = &htab->tab[(*htab->hash) (ptr) % htab->sz];
+ h->next = *tabptr;
+ *tabptr = h;
+ h->prev = tabptr;
+ if (h->next)
+ h->next->prev = &h->next;
+ }
+ h->ptr = ptr;
+ return h;
+}
+
+/* delete element with key key. Iff freep, free Hashentry->ptr */
+
+int
+_hashtabdel(Hashtab * htab, void *ptr, int freep)
+{
+ Hashentry *h;
+
+ assert(htab && ptr);
+
+ h = _search(htab, ptr);
+ if (h) {
+ if (freep)
+ free(h->ptr);
+ if ((*(h->prev) = h->next))
+ h->next->prev = h->prev;
+ free(h);
+ return 0;
+ } else
+ return -1;
+}
+
+/* Do something for each element */
+
+void
+hashtabforeach(Hashtab * htab, int (*func) (void *ptr, void *arg),
+ void *arg)
+{
+ Hashentry **h, *g;
+
+ assert(htab);
+
+ for (h = htab->tab; h < &htab->tab[htab->sz]; ++h)
+ for (g = *h; g; g = g->next)
+ if ((*func) (g->ptr, arg))
+ return;
+}
+
+/* standard hash-functions for strings */
+
+unsigned
+hashadd(const char *s)
+{ /* Standard hash function */
+ unsigned i;
+
+ assert(s);
+
+ for (i = 0; *s; ++s)
+ i += *s;
+ return i;
+}
+
+unsigned
+hashcaseadd(const char *s)
+{ /* Standard hash function */
+ unsigned i;
+
+ assert(s);
+
+ for (i = 0; *s; ++s)
+ i += toupper((unsigned char)*s);
+ return i;
+}
+
+#define TWELVE (sizeof(unsigned))
+#define SEVENTYFIVE (6*sizeof(unsigned))
+#define HIGH_BITS (~((unsigned)(~0) >> TWELVE))
+
+unsigned
+hashjpw(const char *ss)
+{ /* another hash function */
+ unsigned h = 0;
+ unsigned g;
+ const unsigned char *s = (const unsigned char *)ss;
+
+ for (; *s; ++s) {
+ h = (h << TWELVE) + *s;
+ if ((g = h & HIGH_BITS))
+ h = (h ^ (g >> SEVENTYFIVE)) & ~HIGH_BITS;
+ }
+ return h;
+}
diff --git a/crypto/heimdal/lib/asn1/hash.h b/crypto/heimdal/lib/asn1/hash.h
new file mode 100644
index 000000000000..f37bdbb84967
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/hash.h
@@ -0,0 +1,87 @@
+/*
+ * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * hash.h. Header file for hash table functions
+ */
+
+/* $Id$ */
+
+struct hashentry { /* Entry in bucket */
+ struct hashentry **prev;
+ struct hashentry *next;
+ void *ptr;
+};
+
+typedef struct hashentry Hashentry;
+
+struct hashtab { /* Hash table */
+ int (*cmp)(void *, void *); /* Compare function */
+ unsigned (*hash)(void *); /* hash function */
+ int sz; /* Size */
+ Hashentry *tab[1]; /* The table */
+};
+
+typedef struct hashtab Hashtab;
+
+/* prototypes */
+
+Hashtab *hashtabnew(int sz,
+ int (*cmp)(void *, void *),
+ unsigned (*hash)(void *)); /* Make new hash table */
+
+void *hashtabsearch(Hashtab *htab, /* The hash table */
+ void *ptr); /* The key */
+
+
+void *hashtabadd(Hashtab *htab, /* The hash table */
+ void *ptr); /* The element */
+
+int _hashtabdel(Hashtab *htab, /* The table */
+ void *ptr, /* Key */
+ int freep); /* Free data part? */
+
+void hashtabforeach(Hashtab *htab,
+ int (*func)(void *ptr, void *arg),
+ void *arg);
+
+unsigned hashadd(const char *s); /* Standard hash function */
+unsigned hashcaseadd(const char *s); /* Standard hash function */
+unsigned hashjpw(const char *s); /* another hash function */
+
+/* macros */
+
+ /* Don't free space */
+#define hashtabdel(htab,key) _hashtabdel(htab,key,FALSE)
+
+#define hashtabfree(htab,key) _hashtabdel(htab,key,TRUE) /* Do! */
diff --git a/crypto/heimdal/lib/asn1/heim_asn1.h b/crypto/heimdal/lib/asn1/heim_asn1.h
new file mode 100644
index 000000000000..4eeafc20f94a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/heim_asn1.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef __HEIM_ANY_H__
+#define __HEIM_ANY_H__ 1
+
+int encode_heim_any(unsigned char *, size_t, const heim_any *, size_t *);
+int decode_heim_any(const unsigned char *, size_t, heim_any *, size_t *);
+void free_heim_any(heim_any *);
+size_t length_heim_any(const heim_any *);
+int copy_heim_any(const heim_any *, heim_any *);
+
+int encode_heim_any_set(unsigned char *, size_t,
+ const heim_any_set *, size_t *);
+int decode_heim_any_set(const unsigned char *, size_t,
+ heim_any_set *,size_t *);
+void free_heim_any_set(heim_any_set *);
+size_t length_heim_any_set(const heim_any_set *);
+int copy_heim_any_set(const heim_any_set *, heim_any_set *);
+int heim_any_cmp(const heim_any_set *, const heim_any_set *);
+
+#endif /* __HEIM_ANY_H__ */
diff --git a/crypto/heimdal/lib/asn1/krb5.asn1 b/crypto/heimdal/lib/asn1/krb5.asn1
new file mode 100644
index 000000000000..568fe0cd04b4
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/krb5.asn1
@@ -0,0 +1,825 @@
+-- $Id$
+
+KERBEROS5 DEFINITIONS ::=
+BEGIN
+EXPORTS
+ AD-AND-OR,
+ AD-IF-RELEVANT,
+ AD-KDCIssued,
+ AD-LoginAlias,
+ AP-REP,
+ AP-REQ,
+ AS-REP,
+ AS-REQ,
+ AUTHDATA-TYPE,
+ Authenticator,
+ AuthorizationData,
+ AuthorizationDataElement,
+ CKSUMTYPE,
+ ChangePasswdDataMS,
+ Checksum,
+ ENCTYPE,
+ ETYPE-INFO,
+ ETYPE-INFO-ENTRY,
+ ETYPE-INFO2,
+ ETYPE-INFO2-ENTRY,
+ EncAPRepPart,
+ EncASRepPart,
+ EncKDCRepPart,
+ EncKrbCredPart,
+ EncKrbPrivPart,
+ EncTGSRepPart,
+ EncTicketPart,
+ EncryptedData,
+ EncryptionKey,
+ EtypeList,
+ HostAddress,
+ HostAddresses,
+ KDC-REQ-BODY,
+ KDCOptions,
+ KDC-REP,
+ KRB-CRED,
+ KRB-ERROR,
+ KRB-PRIV,
+ KRB-SAFE,
+ KRB-SAFE-BODY,
+ KRB5SignedPath,
+ KRB5SignedPathData,
+ KRB5SignedPathPrincipals,
+ KerberosString,
+ KerberosTime,
+ KrbCredInfo,
+ LR-TYPE,
+ LastReq,
+ METHOD-DATA,
+ NAME-TYPE,
+ PA-ClientCanonicalized,
+ PA-ClientCanonicalizedNames,
+ PA-DATA,
+ PA-ENC-TS-ENC,
+ PA-PAC-REQUEST,
+ PA-S4U2Self,
+ PA-SERVER-REFERRAL-DATA,
+ PA-ServerReferralData,
+ PA-SvrReferralData,
+ PADATA-TYPE,
+ Principal,
+ PrincipalName,
+ Principals,
+ Realm,
+ TGS-REP,
+ TGS-REQ,
+ Ticket,
+ TicketFlags,
+ TransitedEncoding,
+ TypedData
+ ;
+
+NAME-TYPE ::= INTEGER {
+ KRB5_NT_UNKNOWN(0), -- Name type not known
+ KRB5_NT_PRINCIPAL(1), -- Just the name of the principal as in
+ KRB5_NT_SRV_INST(2), -- Service and other unique instance (krbtgt)
+ KRB5_NT_SRV_HST(3), -- Service with host name as instance
+ KRB5_NT_SRV_XHST(4), -- Service with host as remaining components
+ KRB5_NT_UID(5), -- Unique ID
+ KRB5_NT_X500_PRINCIPAL(6), -- PKINIT
+ KRB5_NT_SMTP_NAME(7), -- Name in form of SMTP email name
+ KRB5_NT_ENTERPRISE_PRINCIPAL(10), -- Windows 2000 UPN
+ KRB5_NT_WELLKNOWN(11), -- Wellknown
+ KRB5_NT_ENT_PRINCIPAL_AND_ID(-130), -- Windows 2000 UPN and SID
+ KRB5_NT_MS_PRINCIPAL(-128), -- NT 4 style name
+ KRB5_NT_MS_PRINCIPAL_AND_ID(-129), -- NT style name and SID
+ KRB5_NT_NTLM(-1200) -- NTLM name, realm is domain
+}
+
+-- message types
+
+MESSAGE-TYPE ::= INTEGER {
+ krb-as-req(10), -- Request for initial authentication
+ krb-as-rep(11), -- Response to KRB_AS_REQ request
+ krb-tgs-req(12), -- Request for authentication based on TGT
+ krb-tgs-rep(13), -- Response to KRB_TGS_REQ request
+ krb-ap-req(14), -- application request to server
+ krb-ap-rep(15), -- Response to KRB_AP_REQ_MUTUAL
+ krb-safe(20), -- Safe (checksummed) application message
+ krb-priv(21), -- Private (encrypted) application message
+ krb-cred(22), -- Private (encrypted) message to forward credentials
+ krb-error(30) -- Error response
+}
+
+
+-- pa-data types
+
+PADATA-TYPE ::= INTEGER {
+ KRB5-PADATA-NONE(0),
+ KRB5-PADATA-TGS-REQ(1),
+ KRB5-PADATA-AP-REQ(1),
+ KRB5-PADATA-ENC-TIMESTAMP(2),
+ KRB5-PADATA-PW-SALT(3),
+ KRB5-PADATA-ENC-UNIX-TIME(5),
+ KRB5-PADATA-SANDIA-SECUREID(6),
+ KRB5-PADATA-SESAME(7),
+ KRB5-PADATA-OSF-DCE(8),
+ KRB5-PADATA-CYBERSAFE-SECUREID(9),
+ KRB5-PADATA-AFS3-SALT(10),
+ KRB5-PADATA-ETYPE-INFO(11),
+ KRB5-PADATA-SAM-CHALLENGE(12), -- (sam/otp)
+ KRB5-PADATA-SAM-RESPONSE(13), -- (sam/otp)
+ KRB5-PADATA-PK-AS-REQ-19(14), -- (PKINIT-19)
+ KRB5-PADATA-PK-AS-REP-19(15), -- (PKINIT-19)
+ KRB5-PADATA-PK-AS-REQ-WIN(15), -- (PKINIT - old number)
+ KRB5-PADATA-PK-AS-REQ(16), -- (PKINIT-25)
+ KRB5-PADATA-PK-AS-REP(17), -- (PKINIT-25)
+ KRB5-PADATA-PA-PK-OCSP-RESPONSE(18),
+ KRB5-PADATA-ETYPE-INFO2(19),
+ KRB5-PADATA-USE-SPECIFIED-KVNO(20),
+ KRB5-PADATA-SVR-REFERRAL-INFO(20), --- old ms referral number
+ KRB5-PADATA-SAM-REDIRECT(21), -- (sam/otp)
+ KRB5-PADATA-GET-FROM-TYPED-DATA(22),
+ KRB5-PADATA-SAM-ETYPE-INFO(23),
+ KRB5-PADATA-SERVER-REFERRAL(25),
+ KRB5-PADATA-ALT-PRINC(24), -- (crawdad@fnal.gov)
+ KRB5-PADATA-SAM-CHALLENGE2(30), -- (kenh@pobox.com)
+ KRB5-PADATA-SAM-RESPONSE2(31), -- (kenh@pobox.com)
+ KRB5-PA-EXTRA-TGT(41), -- Reserved extra TGT
+ KRB5-PADATA-TD-KRB-PRINCIPAL(102), -- PrincipalName
+ KRB5-PADATA-PK-TD-TRUSTED-CERTIFIERS(104), -- PKINIT
+ KRB5-PADATA-PK-TD-CERTIFICATE-INDEX(105), -- PKINIT
+ KRB5-PADATA-TD-APP-DEFINED-ERROR(106), -- application specific
+ KRB5-PADATA-TD-REQ-NONCE(107), -- INTEGER
+ KRB5-PADATA-TD-REQ-SEQ(108), -- INTEGER
+ KRB5-PADATA-PA-PAC-REQUEST(128), -- jbrezak@exchange.microsoft.com
+ KRB5-PADATA-FOR-USER(129), -- MS-KILE
+ KRB5-PADATA-FOR-X509-USER(130), -- MS-KILE
+ KRB5-PADATA-FOR-CHECK-DUPS(131), -- MS-KILE
+ KRB5-PADATA-AS-CHECKSUM(132), -- MS-KILE
+ KRB5-PADATA-PK-AS-09-BINDING(132), -- client send this to
+ -- tell KDC that is supports
+ -- the asCheckSum in the
+ -- PK-AS-REP
+ KRB5-PADATA-CLIENT-CANONICALIZED(133), -- referals
+ KRB5-PADATA-FX-COOKIE(133), -- krb-wg-preauth-framework
+ KRB5-PADATA-AUTHENTICATION-SET(134), -- krb-wg-preauth-framework
+ KRB5-PADATA-AUTH-SET-SELECTED(135), -- krb-wg-preauth-framework
+ KRB5-PADATA-FX-FAST(136), -- krb-wg-preauth-framework
+ KRB5-PADATA-FX-ERROR(137), -- krb-wg-preauth-framework
+ KRB5-PADATA-ENCRYPTED-CHALLENGE(138), -- krb-wg-preauth-framework
+ KRB5-PADATA-OTP-CHALLENGE(141), -- (gareth.richards@rsa.com)
+ KRB5-PADATA-OTP-REQUEST(142), -- (gareth.richards@rsa.com)
+ KBB5-PADATA-OTP-CONFIRM(143), -- (gareth.richards@rsa.com)
+ KRB5-PADATA-OTP-PIN-CHANGE(144), -- (gareth.richards@rsa.com)
+ KRB5-PADATA-EPAK-AS-REQ(145),
+ KRB5-PADATA-EPAK-AS-REP(146),
+ KRB5-PADATA-PKINIT-KX(147), -- krb-wg-anon
+ KRB5-PADATA-PKU2U-NAME(148), -- zhu-pku2u
+ KRB5-PADATA-REQ-ENC-PA-REP(149), --
+ KRB5-PADATA-SUPPORTED-ETYPES(165) -- MS-KILE
+}
+
+AUTHDATA-TYPE ::= INTEGER {
+ KRB5-AUTHDATA-IF-RELEVANT(1),
+ KRB5-AUTHDATA-INTENDED-FOR_SERVER(2),
+ KRB5-AUTHDATA-INTENDED-FOR-APPLICATION-CLASS(3),
+ KRB5-AUTHDATA-KDC-ISSUED(4),
+ KRB5-AUTHDATA-AND-OR(5),
+ KRB5-AUTHDATA-MANDATORY-TICKET-EXTENSIONS(6),
+ KRB5-AUTHDATA-IN-TICKET-EXTENSIONS(7),
+ KRB5-AUTHDATA-MANDATORY-FOR-KDC(8),
+ KRB5-AUTHDATA-INITIAL-VERIFIED-CAS(9),
+ KRB5-AUTHDATA-OSF-DCE(64),
+ KRB5-AUTHDATA-SESAME(65),
+ KRB5-AUTHDATA-OSF-DCE-PKI-CERTID(66),
+ KRB5-AUTHDATA-WIN2K-PAC(128),
+ KRB5-AUTHDATA-GSS-API-ETYPE-NEGOTIATION(129), -- Authenticator only
+ KRB5-AUTHDATA-SIGNTICKET-OLDER(-17),
+ KRB5-AUTHDATA-SIGNTICKET-OLD(142),
+ KRB5-AUTHDATA-SIGNTICKET(512)
+}
+
+-- checksumtypes
+
+CKSUMTYPE ::= INTEGER {
+ CKSUMTYPE_NONE(0),
+ CKSUMTYPE_CRC32(1),
+ CKSUMTYPE_RSA_MD4(2),
+ CKSUMTYPE_RSA_MD4_DES(3),
+ CKSUMTYPE_DES_MAC(4),
+ CKSUMTYPE_DES_MAC_K(5),
+ CKSUMTYPE_RSA_MD4_DES_K(6),
+ CKSUMTYPE_RSA_MD5(7),
+ CKSUMTYPE_RSA_MD5_DES(8),
+ CKSUMTYPE_RSA_MD5_DES3(9),
+ CKSUMTYPE_SHA1_OTHER(10),
+ CKSUMTYPE_HMAC_SHA1_DES3(12),
+ CKSUMTYPE_SHA1(14),
+ CKSUMTYPE_HMAC_SHA1_96_AES_128(15),
+ CKSUMTYPE_HMAC_SHA1_96_AES_256(16),
+ CKSUMTYPE_GSSAPI(0x8003),
+ CKSUMTYPE_HMAC_MD5(-138), -- unofficial microsoft number
+ CKSUMTYPE_HMAC_MD5_ENC(-1138) -- even more unofficial
+}
+
+--enctypes
+ENCTYPE ::= INTEGER {
+ KRB5_ENCTYPE_NULL(0),
+ KRB5_ENCTYPE_DES_CBC_CRC(1),
+ KRB5_ENCTYPE_DES_CBC_MD4(2),
+ KRB5_ENCTYPE_DES_CBC_MD5(3),
+ KRB5_ENCTYPE_DES3_CBC_MD5(5),
+ KRB5_ENCTYPE_OLD_DES3_CBC_SHA1(7),
+ KRB5_ENCTYPE_SIGN_DSA_GENERATE(8),
+ KRB5_ENCTYPE_ENCRYPT_RSA_PRIV(9),
+ KRB5_ENCTYPE_ENCRYPT_RSA_PUB(10),
+ KRB5_ENCTYPE_DES3_CBC_SHA1(16), -- with key derivation
+ KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96(17),
+ KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96(18),
+ KRB5_ENCTYPE_ARCFOUR_HMAC_MD5(23),
+ KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56(24),
+ KRB5_ENCTYPE_ENCTYPE_PK_CROSS(48),
+-- some "old" windows types
+ KRB5_ENCTYPE_ARCFOUR_MD4(-128),
+ KRB5_ENCTYPE_ARCFOUR_HMAC_OLD(-133),
+ KRB5_ENCTYPE_ARCFOUR_HMAC_OLD_EXP(-135),
+-- these are for Heimdal internal use
+ KRB5_ENCTYPE_DES_CBC_NONE(-0x1000),
+ KRB5_ENCTYPE_DES3_CBC_NONE(-0x1001),
+ KRB5_ENCTYPE_DES_CFB64_NONE(-0x1002),
+ KRB5_ENCTYPE_DES_PCBC_NONE(-0x1003),
+ KRB5_ENCTYPE_DIGEST_MD5_NONE(-0x1004), -- private use, lukeh@padl.com
+ KRB5_ENCTYPE_CRAM_MD5_NONE(-0x1005) -- private use, lukeh@padl.com
+}
+
+
+
+
+-- this is sugar to make something ASN1 does not have: unsigned
+
+krb5uint32 ::= INTEGER (0..4294967295)
+krb5int32 ::= INTEGER (-2147483648..2147483647)
+
+KerberosString ::= GeneralString
+
+Realm ::= GeneralString
+PrincipalName ::= SEQUENCE {
+ name-type[0] NAME-TYPE,
+ name-string[1] SEQUENCE OF GeneralString
+}
+
+-- this is not part of RFC1510
+Principal ::= SEQUENCE {
+ name[0] PrincipalName,
+ realm[1] Realm
+}
+
+Principals ::= SEQUENCE OF Principal
+
+HostAddress ::= SEQUENCE {
+ addr-type[0] krb5int32,
+ address[1] OCTET STRING
+}
+
+-- This is from RFC1510.
+--
+-- HostAddresses ::= SEQUENCE OF SEQUENCE {
+-- addr-type[0] krb5int32,
+-- address[1] OCTET STRING
+-- }
+
+-- This seems much better.
+HostAddresses ::= SEQUENCE OF HostAddress
+
+
+KerberosTime ::= GeneralizedTime -- Specifying UTC time zone (Z)
+
+AuthorizationDataElement ::= SEQUENCE {
+ ad-type[0] krb5int32,
+ ad-data[1] OCTET STRING
+}
+
+AuthorizationData ::= SEQUENCE OF AuthorizationDataElement
+
+APOptions ::= BIT STRING {
+ reserved(0),
+ use-session-key(1),
+ mutual-required(2)
+}
+
+TicketFlags ::= BIT STRING {
+ reserved(0),
+ forwardable(1),
+ forwarded(2),
+ proxiable(3),
+ proxy(4),
+ may-postdate(5),
+ postdated(6),
+ invalid(7),
+ renewable(8),
+ initial(9),
+ pre-authent(10),
+ hw-authent(11),
+ transited-policy-checked(12),
+ ok-as-delegate(13),
+ anonymous(14),
+ enc-pa-rep(15)
+}
+
+KDCOptions ::= BIT STRING {
+ reserved(0),
+ forwardable(1),
+ forwarded(2),
+ proxiable(3),
+ proxy(4),
+ allow-postdate(5),
+ postdated(6),
+ renewable(8),
+ request-anonymous(14),
+ canonicalize(15),
+ constrained-delegation(16), -- ms extension
+ disable-transited-check(26),
+ renewable-ok(27),
+ enc-tkt-in-skey(28),
+ renew(30),
+ validate(31)
+}
+
+LR-TYPE ::= INTEGER {
+ LR_NONE(0), -- no information
+ LR_INITIAL_TGT(1), -- last initial TGT request
+ LR_INITIAL(2), -- last initial request
+ LR_ISSUE_USE_TGT(3), -- time of newest TGT used
+ LR_RENEWAL(4), -- time of last renewal
+ LR_REQUEST(5), -- time of last request (of any type)
+ LR_PW_EXPTIME(6), -- expiration time of password
+ LR_ACCT_EXPTIME(7) -- expiration time of account
+}
+
+LastReq ::= SEQUENCE OF SEQUENCE {
+ lr-type[0] LR-TYPE,
+ lr-value[1] KerberosTime
+}
+
+
+EncryptedData ::= SEQUENCE {
+ etype[0] ENCTYPE, -- EncryptionType
+ kvno[1] krb5uint32 OPTIONAL,
+ cipher[2] OCTET STRING -- ciphertext
+}
+
+EncryptionKey ::= SEQUENCE {
+ keytype[0] krb5int32,
+ keyvalue[1] OCTET STRING
+}
+
+-- encoded Transited field
+TransitedEncoding ::= SEQUENCE {
+ tr-type[0] krb5int32, -- must be registered
+ contents[1] OCTET STRING
+}
+
+Ticket ::= [APPLICATION 1] SEQUENCE {
+ tkt-vno[0] krb5int32,
+ realm[1] Realm,
+ sname[2] PrincipalName,
+ enc-part[3] EncryptedData
+}
+-- Encrypted part of ticket
+EncTicketPart ::= [APPLICATION 3] SEQUENCE {
+ flags[0] TicketFlags,
+ key[1] EncryptionKey,
+ crealm[2] Realm,
+ cname[3] PrincipalName,
+ transited[4] TransitedEncoding,
+ authtime[5] KerberosTime,
+ starttime[6] KerberosTime OPTIONAL,
+ endtime[7] KerberosTime,
+ renew-till[8] KerberosTime OPTIONAL,
+ caddr[9] HostAddresses OPTIONAL,
+ authorization-data[10] AuthorizationData OPTIONAL
+}
+
+Checksum ::= SEQUENCE {
+ cksumtype[0] CKSUMTYPE,
+ checksum[1] OCTET STRING
+}
+
+Authenticator ::= [APPLICATION 2] SEQUENCE {
+ authenticator-vno[0] krb5int32,
+ crealm[1] Realm,
+ cname[2] PrincipalName,
+ cksum[3] Checksum OPTIONAL,
+ cusec[4] krb5int32,
+ ctime[5] KerberosTime,
+ subkey[6] EncryptionKey OPTIONAL,
+ seq-number[7] krb5uint32 OPTIONAL,
+ authorization-data[8] AuthorizationData OPTIONAL
+}
+
+PA-DATA ::= SEQUENCE {
+ -- might be encoded AP-REQ
+ padata-type[1] PADATA-TYPE,
+ padata-value[2] OCTET STRING
+}
+
+ETYPE-INFO-ENTRY ::= SEQUENCE {
+ etype[0] ENCTYPE,
+ salt[1] OCTET STRING OPTIONAL,
+ salttype[2] krb5int32 OPTIONAL
+}
+
+ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY
+
+ETYPE-INFO2-ENTRY ::= SEQUENCE {
+ etype[0] ENCTYPE,
+ salt[1] KerberosString OPTIONAL,
+ s2kparams[2] OCTET STRING OPTIONAL
+}
+
+ETYPE-INFO2 ::= SEQUENCE SIZE (1..MAX) OF ETYPE-INFO2-ENTRY
+
+METHOD-DATA ::= SEQUENCE OF PA-DATA
+
+TypedData ::= SEQUENCE {
+ data-type[0] krb5int32,
+ data-value[1] OCTET STRING OPTIONAL
+}
+
+TYPED-DATA ::= SEQUENCE SIZE (1..MAX) OF TypedData
+
+KDC-REQ-BODY ::= SEQUENCE {
+ kdc-options[0] KDCOptions,
+ cname[1] PrincipalName OPTIONAL, -- Used only in AS-REQ
+ realm[2] Realm, -- Server's realm
+ -- Also client's in AS-REQ
+ sname[3] PrincipalName OPTIONAL,
+ from[4] KerberosTime OPTIONAL,
+ till[5] KerberosTime OPTIONAL,
+ rtime[6] KerberosTime OPTIONAL,
+ nonce[7] krb5int32,
+ etype[8] SEQUENCE OF ENCTYPE, -- EncryptionType,
+ -- in preference order
+ addresses[9] HostAddresses OPTIONAL,
+ enc-authorization-data[10] EncryptedData OPTIONAL,
+ -- Encrypted AuthorizationData encoding
+ additional-tickets[11] SEQUENCE OF Ticket OPTIONAL
+}
+
+KDC-REQ ::= SEQUENCE {
+ pvno[1] krb5int32,
+ msg-type[2] MESSAGE-TYPE,
+ padata[3] METHOD-DATA OPTIONAL,
+ req-body[4] KDC-REQ-BODY
+}
+
+AS-REQ ::= [APPLICATION 10] KDC-REQ
+TGS-REQ ::= [APPLICATION 12] KDC-REQ
+
+-- padata-type ::= PA-ENC-TIMESTAMP
+-- padata-value ::= EncryptedData - PA-ENC-TS-ENC
+
+PA-ENC-TS-ENC ::= SEQUENCE {
+ patimestamp[0] KerberosTime, -- client's time
+ pausec[1] krb5int32 OPTIONAL
+}
+
+-- draft-brezak-win2k-krb-authz-01
+PA-PAC-REQUEST ::= SEQUENCE {
+ include-pac[0] BOOLEAN -- Indicates whether a PAC
+ -- should be included or not
+}
+
+-- PacketCable provisioning server location, PKT-SP-SEC-I09-030728.pdf
+PROV-SRV-LOCATION ::= GeneralString
+
+KDC-REP ::= SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ padata[2] METHOD-DATA OPTIONAL,
+ crealm[3] Realm,
+ cname[4] PrincipalName,
+ ticket[5] Ticket,
+ enc-part[6] EncryptedData
+}
+
+AS-REP ::= [APPLICATION 11] KDC-REP
+TGS-REP ::= [APPLICATION 13] KDC-REP
+
+EncKDCRepPart ::= SEQUENCE {
+ key[0] EncryptionKey,
+ last-req[1] LastReq,
+ nonce[2] krb5int32,
+ key-expiration[3] KerberosTime OPTIONAL,
+ flags[4] TicketFlags,
+ authtime[5] KerberosTime,
+ starttime[6] KerberosTime OPTIONAL,
+ endtime[7] KerberosTime,
+ renew-till[8] KerberosTime OPTIONAL,
+ srealm[9] Realm,
+ sname[10] PrincipalName,
+ caddr[11] HostAddresses OPTIONAL,
+ encrypted-pa-data[12] METHOD-DATA OPTIONAL
+}
+
+EncASRepPart ::= [APPLICATION 25] EncKDCRepPart
+EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
+
+AP-REQ ::= [APPLICATION 14] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ ap-options[2] APOptions,
+ ticket[3] Ticket,
+ authenticator[4] EncryptedData
+}
+
+AP-REP ::= [APPLICATION 15] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ enc-part[2] EncryptedData
+}
+
+EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
+ ctime[0] KerberosTime,
+ cusec[1] krb5int32,
+ subkey[2] EncryptionKey OPTIONAL,
+ seq-number[3] krb5uint32 OPTIONAL
+}
+
+KRB-SAFE-BODY ::= SEQUENCE {
+ user-data[0] OCTET STRING,
+ timestamp[1] KerberosTime OPTIONAL,
+ usec[2] krb5int32 OPTIONAL,
+ seq-number[3] krb5uint32 OPTIONAL,
+ s-address[4] HostAddress OPTIONAL,
+ r-address[5] HostAddress OPTIONAL
+}
+
+KRB-SAFE ::= [APPLICATION 20] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ safe-body[2] KRB-SAFE-BODY,
+ cksum[3] Checksum
+}
+
+KRB-PRIV ::= [APPLICATION 21] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ enc-part[3] EncryptedData
+}
+EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE {
+ user-data[0] OCTET STRING,
+ timestamp[1] KerberosTime OPTIONAL,
+ usec[2] krb5int32 OPTIONAL,
+ seq-number[3] krb5uint32 OPTIONAL,
+ s-address[4] HostAddress OPTIONAL, -- sender's addr
+ r-address[5] HostAddress OPTIONAL -- recip's addr
+}
+
+KRB-CRED ::= [APPLICATION 22] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE, -- KRB_CRED
+ tickets[2] SEQUENCE OF Ticket,
+ enc-part[3] EncryptedData
+}
+
+KrbCredInfo ::= SEQUENCE {
+ key[0] EncryptionKey,
+ prealm[1] Realm OPTIONAL,
+ pname[2] PrincipalName OPTIONAL,
+ flags[3] TicketFlags OPTIONAL,
+ authtime[4] KerberosTime OPTIONAL,
+ starttime[5] KerberosTime OPTIONAL,
+ endtime[6] KerberosTime OPTIONAL,
+ renew-till[7] KerberosTime OPTIONAL,
+ srealm[8] Realm OPTIONAL,
+ sname[9] PrincipalName OPTIONAL,
+ caddr[10] HostAddresses OPTIONAL
+}
+
+EncKrbCredPart ::= [APPLICATION 29] SEQUENCE {
+ ticket-info[0] SEQUENCE OF KrbCredInfo,
+ nonce[1] krb5int32 OPTIONAL,
+ timestamp[2] KerberosTime OPTIONAL,
+ usec[3] krb5int32 OPTIONAL,
+ s-address[4] HostAddress OPTIONAL,
+ r-address[5] HostAddress OPTIONAL
+}
+
+KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
+ pvno[0] krb5int32,
+ msg-type[1] MESSAGE-TYPE,
+ ctime[2] KerberosTime OPTIONAL,
+ cusec[3] krb5int32 OPTIONAL,
+ stime[4] KerberosTime,
+ susec[5] krb5int32,
+ error-code[6] krb5int32,
+ crealm[7] Realm OPTIONAL,
+ cname[8] PrincipalName OPTIONAL,
+ realm[9] Realm, -- Correct realm
+ sname[10] PrincipalName, -- Correct name
+ e-text[11] GeneralString OPTIONAL,
+ e-data[12] OCTET STRING OPTIONAL
+}
+
+ChangePasswdDataMS ::= SEQUENCE {
+ newpasswd[0] OCTET STRING,
+ targname[1] PrincipalName OPTIONAL,
+ targrealm[2] Realm OPTIONAL
+}
+
+EtypeList ::= SEQUENCE OF ENCTYPE
+ -- the client's proposed enctype list in
+ -- decreasing preference order, favorite choice first
+
+krb5-pvno krb5int32 ::= 5 -- current Kerberos protocol version number
+
+-- transited encodings
+
+DOMAIN-X500-COMPRESS krb5int32 ::= 1
+
+-- authorization data primitives
+
+AD-IF-RELEVANT ::= AuthorizationData
+
+AD-KDCIssued ::= SEQUENCE {
+ ad-checksum[0] Checksum,
+ i-realm[1] Realm OPTIONAL,
+ i-sname[2] PrincipalName OPTIONAL,
+ elements[3] AuthorizationData
+}
+
+AD-AND-OR ::= SEQUENCE {
+ condition-count[0] INTEGER,
+ elements[1] AuthorizationData
+}
+
+AD-MANDATORY-FOR-KDC ::= AuthorizationData
+
+-- PA-SAM-RESPONSE-2/PA-SAM-RESPONSE-2
+
+PA-SAM-TYPE ::= INTEGER {
+ PA_SAM_TYPE_ENIGMA(1), -- Enigma Logic
+ PA_SAM_TYPE_DIGI_PATH(2), -- Digital Pathways
+ PA_SAM_TYPE_SKEY_K0(3), -- S/key where KDC has key 0
+ PA_SAM_TYPE_SKEY(4), -- Traditional S/Key
+ PA_SAM_TYPE_SECURID(5), -- Security Dynamics
+ PA_SAM_TYPE_CRYPTOCARD(6) -- CRYPTOCard
+}
+
+PA-SAM-REDIRECT ::= HostAddresses
+
+SAMFlags ::= BIT STRING {
+ use-sad-as-key(0),
+ send-encrypted-sad(1),
+ must-pk-encrypt-sad(2)
+}
+
+PA-SAM-CHALLENGE-2-BODY ::= SEQUENCE {
+ sam-type[0] krb5int32,
+ sam-flags[1] SAMFlags,
+ sam-type-name[2] GeneralString OPTIONAL,
+ sam-track-id[3] GeneralString OPTIONAL,
+ sam-challenge-label[4] GeneralString OPTIONAL,
+ sam-challenge[5] GeneralString OPTIONAL,
+ sam-response-prompt[6] GeneralString OPTIONAL,
+ sam-pk-for-sad[7] EncryptionKey OPTIONAL,
+ sam-nonce[8] krb5int32,
+ sam-etype[9] krb5int32,
+ ...
+}
+
+PA-SAM-CHALLENGE-2 ::= SEQUENCE {
+ sam-body[0] PA-SAM-CHALLENGE-2-BODY,
+ sam-cksum[1] SEQUENCE OF Checksum, -- (1..MAX)
+ ...
+}
+
+PA-SAM-RESPONSE-2 ::= SEQUENCE {
+ sam-type[0] krb5int32,
+ sam-flags[1] SAMFlags,
+ sam-track-id[2] GeneralString OPTIONAL,
+ sam-enc-nonce-or-sad[3] EncryptedData, -- PA-ENC-SAM-RESPONSE-ENC
+ sam-nonce[4] krb5int32,
+ ...
+}
+
+PA-ENC-SAM-RESPONSE-ENC ::= SEQUENCE {
+ sam-nonce[0] krb5int32,
+ sam-sad[1] GeneralString OPTIONAL,
+ ...
+}
+
+PA-S4U2Self ::= SEQUENCE {
+ name[0] PrincipalName,
+ realm[1] Realm,
+ cksum[2] Checksum,
+ auth[3] GeneralString
+}
+
+-- never encoded on the wire, just used to checksum over
+KRB5SignedPathData ::= SEQUENCE {
+ client[0] Principal OPTIONAL,
+ authtime[1] KerberosTime,
+ delegated[2] Principals OPTIONAL,
+ method_data[3] METHOD-DATA OPTIONAL
+}
+
+KRB5SignedPath ::= SEQUENCE {
+ -- DERcoded KRB5SignedPathData
+ -- krbtgt key (etype), KeyUsage = XXX
+ etype[0] ENCTYPE,
+ cksum[1] Checksum,
+ -- srvs delegated though
+ delegated[2] Principals OPTIONAL,
+ method_data[3] METHOD-DATA OPTIONAL
+}
+
+PA-ClientCanonicalizedNames ::= SEQUENCE{
+ requested-name [0] PrincipalName,
+ mapped-name [1] PrincipalName
+}
+
+PA-ClientCanonicalized ::= SEQUENCE {
+ names [0] PA-ClientCanonicalizedNames,
+ canon-checksum [1] Checksum
+}
+
+AD-LoginAlias ::= SEQUENCE { -- ad-type number TBD --
+ login-alias [0] PrincipalName,
+ checksum [1] Checksum
+}
+
+-- old ms referral
+PA-SvrReferralData ::= SEQUENCE {
+ referred-name [1] PrincipalName OPTIONAL,
+ referred-realm [0] Realm
+}
+
+PA-SERVER-REFERRAL-DATA ::= EncryptedData
+
+PA-ServerReferralData ::= SEQUENCE {
+ referred-realm [0] Realm OPTIONAL,
+ true-principal-name [1] PrincipalName OPTIONAL,
+ requested-principal-name [2] PrincipalName OPTIONAL,
+ referral-valid-until [3] KerberosTime OPTIONAL,
+ ...
+}
+
+FastOptions ::= BIT STRING {
+ reserved(0),
+ hide-client-names(1),
+ kdc-follow--referrals(16)
+}
+
+KrbFastReq ::= SEQUENCE {
+ fast-options [0] FastOptions,
+ padata [1] SEQUENCE OF PA-DATA,
+ req-body [2] KDC-REQ-BODY,
+ ...
+}
+
+KrbFastArmor ::= SEQUENCE {
+ armor-type [0] krb5int32,
+ armor-value [1] OCTET STRING,
+ ...
+}
+
+KrbFastArmoredReq ::= SEQUENCE {
+ armor [0] KrbFastArmor OPTIONAL,
+ req-checksum [1] Checksum,
+ enc-fast-req [2] EncryptedData -- KrbFastReq --
+}
+
+PA-FX-FAST-REQUEST ::= CHOICE {
+ armored-data [0] KrbFastArmoredReq,
+ ...
+}
+
+KrbFastFinished ::= SEQUENCE {
+ timestamp [0] KerberosTime,
+ usec [1] krb5int32,
+ crealm [2] Realm,
+ cname [3] PrincipalName,
+ checksum [4] Checksum,
+ ticket-checksum [5] Checksum,
+ ...
+}
+
+KrbFastResponse ::= SEQUENCE {
+ padata [0] SEQUENCE OF PA-DATA,
+ rep-key [1] EncryptionKey OPTIONAL,
+ finished [2] KrbFastFinished OPTIONAL,
+ ...
+}
+
+KrbFastArmoredRep ::= SEQUENCE {
+ enc-fast-rep [0] EncryptedData, -- KrbFastResponse --
+ ...
+}
+
+PA-FX-FAST-REPLY ::= CHOICE {
+ armored-data [0] KrbFastArmoredRep,
+ ...
+}
+
+END
+
+-- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' k5.asn1
diff --git a/crypto/heimdal/lib/asn1/krb5.opt b/crypto/heimdal/lib/asn1/krb5.opt
new file mode 100644
index 000000000000..1d6d5e8989f1
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/krb5.opt
@@ -0,0 +1,6 @@
+--encode-rfc1510-bit-string
+--sequence=Principals
+--sequence=AuthorizationData
+--sequence=METHOD-DATA
+--sequence=ETYPE-INFO
+--sequence=ETYPE-INFO2
diff --git a/crypto/heimdal/lib/asn1/kx509.asn1 b/crypto/heimdal/lib/asn1/kx509.asn1
new file mode 100644
index 000000000000..14ebf50ecdbc
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/kx509.asn1
@@ -0,0 +1,31 @@
+-- $Id$
+
+KX509 DEFINITIONS ::=
+BEGIN
+
+KX509-ERROR-CODE ::= INTEGER {
+ KX509-STATUS-GOOD(0),
+ KX509-STATUS-CLIENT-BAD(1),
+ KX509-STATUS-CLIENT-FIX(2),
+ KX509-STATUS-CLIENT-TEMP(3),
+ KX509-STATUS-SERVER-BAD(4),
+ KX509-STATUS-SERVER-TEMP(5),
+ -- 6 is used internally in the umich client, avoid that
+ KX509-STATUS-SERVER-KEY(7)
+}
+
+Kx509Request ::= SEQUENCE {
+ authenticator OCTET STRING,
+ pk-hash OCTET STRING,
+ pk-key OCTET STRING
+}
+
+Kx509Response ::= SEQUENCE {
+ error-code[0] INTEGER (-2147483648..2147483647)
+ OPTIONAL -- DEFAULT 0 --,
+ hash[1] OCTET STRING OPTIONAL,
+ certificate[2] OCTET STRING OPTIONAL,
+ e-text[3] VisibleString OPTIONAL
+}
+
+END
diff --git a/crypto/heimdal/lib/asn1/lex.c b/crypto/heimdal/lib/asn1/lex.c
new file mode 100644
index 000000000000..3f2dc92e2775
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/lex.c
@@ -0,0 +1,2729 @@
+
+#line 3 "lex.c"
+
+#define YY_INT_ALIGNED short int
+
+/* A lexical scanner generated by flex */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+#define YY_FLEX_SUBMINOR_VERSION 35
+#if YY_FLEX_SUBMINOR_VERSION > 0
+#define FLEX_BETA
+#endif
+
+/* First, we deal with platform-specific or compiler-specific issues. */
+
+/* begin standard C headers. */
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+
+/* end standard C headers. */
+
+/* flex integer type definitions */
+
+#ifndef FLEXINT_H
+#define FLEXINT_H
+
+/* C99 systems have <inttypes.h>. Non-C99 systems may or may not. */
+
+#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
+
+/* C99 says to define __STDC_LIMIT_MACROS before including stdint.h,
+ * if you want the limit (max/min) macros for int types.
+ */
+#ifndef __STDC_LIMIT_MACROS
+#define __STDC_LIMIT_MACROS 1
+#endif
+
+#include <inttypes.h>
+typedef int8_t flex_int8_t;
+typedef uint8_t flex_uint8_t;
+typedef int16_t flex_int16_t;
+typedef uint16_t flex_uint16_t;
+typedef int32_t flex_int32_t;
+typedef uint32_t flex_uint32_t;
+#else
+typedef signed char flex_int8_t;
+typedef short int flex_int16_t;
+typedef int flex_int32_t;
+typedef unsigned char flex_uint8_t;
+typedef unsigned short int flex_uint16_t;
+typedef unsigned int flex_uint32_t;
+#endif /* ! C99 */
+
+/* Limits of integral types. */
+#ifndef INT8_MIN
+#define INT8_MIN (-128)
+#endif
+#ifndef INT16_MIN
+#define INT16_MIN (-32767-1)
+#endif
+#ifndef INT32_MIN
+#define INT32_MIN (-2147483647-1)
+#endif
+#ifndef INT8_MAX
+#define INT8_MAX (127)
+#endif
+#ifndef INT16_MAX
+#define INT16_MAX (32767)
+#endif
+#ifndef INT32_MAX
+#define INT32_MAX (2147483647)
+#endif
+#ifndef UINT8_MAX
+#define UINT8_MAX (255U)
+#endif
+#ifndef UINT16_MAX
+#define UINT16_MAX (65535U)
+#endif
+#ifndef UINT32_MAX
+#define UINT32_MAX (4294967295U)
+#endif
+
+#endif /* ! FLEXINT_H */
+
+#ifdef __cplusplus
+
+/* The "const" storage-class-modifier is valid. */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+/* C99 requires __STDC__ to be defined as 1. */
+#if defined (__STDC__)
+
+#define YY_USE_CONST
+
+#endif /* defined (__STDC__) */
+#endif /* ! __cplusplus */
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+/* Returned upon end-of-file. */
+#define YY_NULL 0
+
+/* Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative,
+ * we want to instead treat it as an 8-bit unsigned char, hence the
+ * double cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/* Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN (yy_start) = 1 + 2 *
+
+/* Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START (((yy_start) - 1) / 2)
+#define YYSTATE YY_START
+
+/* Action number for EOF rule of a given start state. */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/* Special action meaning "start processing a new file". */
+#define YY_NEW_FILE yyrestart(yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/* Size of default input buffer. */
+#ifndef YY_BUF_SIZE
+#define YY_BUF_SIZE 16384
+#endif
+
+/* The state buf must be large enough to hold one state per character in the main buffer.
+ */
+#define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type))
+
+#ifndef YY_TYPEDEF_YY_BUFFER_STATE
+#define YY_TYPEDEF_YY_BUFFER_STATE
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+#endif
+
+#ifndef YY_TYPEDEF_YY_SIZE_T
+#define YY_TYPEDEF_YY_SIZE_T
+typedef size_t yy_size_t;
+#endif
+
+extern yy_size_t yyleng;
+
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+ #define YY_LESS_LINENO(n)
+
+/* Return all but the first "n" matched characters back to the input stream. */
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ *yy_cp = (yy_hold_char); \
+ YY_RESTORE_YY_MORE_OFFSET \
+ (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, (yytext_ptr) )
+
+#ifndef YY_STRUCT_YY_BUFFER_STATE
+#define YY_STRUCT_YY_BUFFER_STATE
+struct yy_buffer_state
+ {
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /* Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /* Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ yy_size_t yy_n_chars;
+
+ /* Whether we "own" the buffer - i.e., we know we created it,
+ * and can realloc() it to grow it, and should free() it to
+ * delete it.
+ */
+ int yy_is_our_buffer;
+
+ /* Whether this is an "interactive" input source; if so, and
+ * if we're using stdio for input, then we want to use getc()
+ * instead of fread(), to make sure we stop fetching input after
+ * each newline.
+ */
+ int yy_is_interactive;
+
+ /* Whether we're considered to be at the beginning of a line.
+ * If so, '^' rules will be active on the next match, otherwise
+ * not.
+ */
+ int yy_at_bol;
+
+ int yy_bs_lineno; /**< The line count. */
+ int yy_bs_column; /**< The column count. */
+
+ /* Whether to try to fill the input buffer when we reach the
+ * end of it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /* When an EOF's been seen but there's still some text to process
+ * then we mark the buffer as YY_EOF_PENDING, to indicate that we
+ * shouldn't try reading from the input source any more. We might
+ * still have a bunch of tokens to match, though, because of
+ * possible backing-up.
+ *
+ * When we actually see the EOF, we change the status to "new"
+ * (via yyrestart()), so that the user can continue scanning by
+ * just pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+
+ };
+#endif /* !YY_STRUCT_YY_BUFFER_STATE */
+
+/* Stack of input buffers. */
+static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */
+static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */
+static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */
+
+/* We provide macros for accessing buffer states in case in the
+ * future we want to put the buffer states in a more general
+ * "scanner state".
+ *
+ * Returns the top of the stack, or NULL.
+ */
+#define YY_CURRENT_BUFFER ( (yy_buffer_stack) \
+ ? (yy_buffer_stack)[(yy_buffer_stack_top)] \
+ : NULL)
+
+/* Same as previous macro, but useful when we know that the buffer stack is not
+ * NULL or when we need an lvalue. For internal use only.
+ */
+#define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)]
+
+/* yy_hold_char holds the character lost when yytext is formed. */
+static char yy_hold_char;
+static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */
+yy_size_t yyleng;
+
+/* Points to current character in buffer. */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 0; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/* Flag which is used to allow yywrap()'s to do buffer switches
+ * instead of setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart (FILE *input_file );
+void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer );
+YY_BUFFER_STATE yy_create_buffer (FILE *file,int size );
+void yy_delete_buffer (YY_BUFFER_STATE b );
+void yy_flush_buffer (YY_BUFFER_STATE b );
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer );
+void yypop_buffer_state (void );
+
+static void yyensure_buffer_stack (void );
+static void yy_load_buffer_state (void );
+static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file );
+
+#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER )
+
+YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size );
+YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str );
+YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len );
+
+void *yyalloc (yy_size_t );
+void *yyrealloc (void *,yy_size_t );
+void yyfree (void * );
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){ \
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! YY_CURRENT_BUFFER ){\
+ yyensure_buffer_stack (); \
+ YY_CURRENT_BUFFER_LVALUE = \
+ yy_create_buffer(yyin,YY_BUF_SIZE ); \
+ } \
+ YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol)
+
+/* Begin user sect3 */
+
+typedef unsigned char YY_CHAR;
+
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+
+typedef int yy_state_type;
+
+extern int yylineno;
+
+int yylineno = 1;
+
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state (void );
+static yy_state_type yy_try_NUL_trans (yy_state_type current_state );
+static int yy_get_next_buffer (void );
+static void yy_fatal_error (yyconst char msg[] );
+
+/* Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ (yytext_ptr) = yy_bp; \
+ yyleng = (size_t) (yy_cp - yy_bp); \
+ (yy_hold_char) = *yy_cp; \
+ *yy_cp = '\0'; \
+ (yy_c_buf_p) = yy_cp;
+
+#define YY_NUM_RULES 95
+#define YY_END_OF_BUFFER 96
+/* This struct is not used in this scanner,
+ but its presence is necessary. */
+struct yy_trans_info
+ {
+ flex_int32_t yy_verify;
+ flex_int32_t yy_nxt;
+ };
+static yyconst flex_int16_t yy_accept[568] =
+ { 0,
+ 0, 0, 96, 94, 90, 91, 87, 81, 81, 94,
+ 94, 88, 88, 94, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 82, 83, 85, 88, 88, 93, 86,
+ 0, 0, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 10, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 51, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 92, 88, 84,
+
+ 89, 3, 89, 89, 89, 7, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 22, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 44, 45, 89, 89, 89, 89, 89, 89,
+ 89, 55, 89, 89, 89, 89, 89, 89, 89, 63,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 30, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+
+ 47, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 60, 89, 89, 64, 89, 89, 89, 68, 69,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 80, 89, 89, 89, 89, 6, 89, 89, 89, 89,
+ 13, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 29, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 50,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 72, 89, 89, 89, 89, 89,
+ 89, 89, 1, 89, 89, 89, 89, 89, 89, 12,
+
+ 89, 89, 89, 89, 89, 89, 89, 89, 24, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 49, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 65, 66, 89,
+ 89, 89, 73, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 9, 89, 89, 89, 89, 18, 89,
+ 89, 21, 89, 89, 26, 89, 89, 89, 89, 89,
+ 89, 89, 37, 38, 89, 89, 41, 89, 89, 89,
+ 89, 89, 89, 54, 89, 57, 58, 89, 89, 89,
+ 89, 89, 89, 89, 75, 89, 89, 89, 89, 89,
+
+ 89, 89, 89, 89, 89, 89, 89, 89, 20, 89,
+ 25, 89, 28, 89, 89, 89, 89, 89, 36, 39,
+ 40, 89, 89, 89, 89, 52, 89, 89, 89, 89,
+ 62, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 5, 8, 11, 14, 89, 89, 89, 89, 89,
+ 89, 89, 89, 34, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 67, 89, 89, 74, 89, 89, 89,
+ 89, 89, 89, 15, 89, 17, 89, 23, 89, 89,
+ 89, 89, 35, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 76, 89, 89, 89, 89, 4, 16,
+
+ 19, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 89, 89, 89, 89, 89, 89, 89,
+ 89, 89, 89, 42, 43, 89, 89, 89, 89, 89,
+ 61, 89, 89, 89, 89, 89, 89, 27, 31, 89,
+ 33, 89, 48, 89, 56, 89, 89, 71, 89, 89,
+ 79, 89, 89, 46, 89, 89, 89, 89, 78, 2,
+ 32, 89, 59, 70, 77, 53, 0
+ } ;
+
+static yyconst flex_int32_t yy_ec[256] =
+ { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 2, 1, 4, 1, 1, 1, 1, 1, 5,
+ 5, 6, 1, 5, 7, 8, 9, 10, 11, 12,
+ 12, 13, 14, 15, 12, 16, 12, 17, 5, 1,
+ 18, 1, 1, 1, 19, 20, 21, 22, 23, 24,
+ 25, 26, 27, 28, 29, 30, 31, 32, 33, 34,
+ 35, 36, 37, 38, 39, 40, 41, 42, 43, 44,
+ 45, 1, 46, 1, 47, 1, 48, 49, 50, 51,
+
+ 52, 53, 54, 55, 56, 57, 29, 58, 59, 60,
+ 61, 62, 29, 63, 64, 65, 66, 67, 29, 68,
+ 29, 69, 5, 5, 5, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+ } ;
+
+static yyconst flex_int32_t yy_meta[70] =
+ { 0,
+ 1, 1, 1, 1, 1, 1, 2, 1, 1, 3,
+ 3, 3, 3, 3, 3, 3, 1, 1, 3, 3,
+ 3, 3, 3, 3, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 1, 1, 2, 3, 3, 3,
+ 3, 3, 3, 2, 2, 2, 2, 2, 2, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2
+ } ;
+
+static yyconst flex_int16_t yy_base[570] =
+ { 0,
+ 0, 0, 636, 637, 637, 637, 637, 637, 63, 627,
+ 628, 70, 77, 616, 74, 72, 76, 609, 65, 81,
+ 49, 0, 92, 91, 32, 101, 97, 608, 103, 113,
+ 99, 574, 602, 637, 637, 637, 156, 163, 620, 637,
+ 0, 609, 0, 589, 595, 590, 585, 597, 583, 586,
+ 586, 0, 101, 599, 108, 593, 596, 122, 124, 585,
+ 581, 553, 564, 597, 587, 575, 115, 575, 565, 574,
+ 575, 545, 575, 564, 0, 563, 543, 561, 558, 558,
+ 124, 540, 161, 119, 551, 558, 561, 581, 566, 551,
+ 555, 530, 560, 160, 530, 91, 547, 637, 0, 637,
+
+ 125, 0, 554, 550, 555, 0, 544, 550, 543, 551,
+ 540, 542, 145, 166, 552, 541, 0, 542, 549, 156,
+ 548, 533, 538, 516, 505, 529, 533, 157, 534, 525,
+ 539, 546, 0, 521, 529, 506, 534, 533, 528, 502,
+ 515, 0, 515, 514, 510, 489, 518, 528, 507, 0,
+ 522, 517, 505, 505, 504, 517, 516, 486, 159, 499,
+ 520, 468, 482, 477, 506, 499, 494, 502, 497, 495,
+ 461, 502, 505, 502, 485, 488, 482, 500, 479, 485,
+ 494, 493, 491, 479, 485, 475, 164, 487, 0, 446,
+ 453, 442, 468, 478, 468, 464, 483, 170, 488, 463,
+
+ 0, 436, 477, 459, 463, 445, 471, 486, 469, 472,
+ 425, 0, 451, 465, 0, 455, 467, 420, 0, 0,
+ 477, 418, 450, 442, 457, 423, 441, 425, 415, 426,
+ 0, 436, 454, 451, 452, 0, 407, 450, 447, 444,
+ 0, 434, 429, 437, 433, 435, 439, 437, 423, 420,
+ 436, 418, 418, 422, 0, 405, 396, 388, 423, 180,
+ 411, 426, 415, 423, 408, 429, 436, 386, 403, 0,
+ 408, 374, 402, 410, 404, 397, 386, 406, 400, 406,
+ 388, 366, 401, 375, 0, 403, 389, 365, 358, 359,
+ 356, 362, 0, 398, 399, 379, 360, 383, 376, 0,
+
+ 390, 393, 379, 372, 371, 385, 385, 387, 0, 378,
+ 367, 376, 383, 343, 350, 343, 374, 370, 374, 358,
+ 371, 372, 356, 368, 353, 362, 338, 0, 368, 364,
+ 353, 352, 345, 359, 332, 340, 358, 0, 0, 322,
+ 355, 308, 0, 338, 322, 310, 308, 319, 318, 331,
+ 330, 340, 306, 0, 342, 332, 336, 335, 0, 334,
+ 338, 0, 321, 320, 0, 337, 326, 151, 318, 294,
+ 326, 314, 0, 0, 314, 327, 0, 328, 283, 315,
+ 309, 315, 292, 0, 319, 0, 0, 284, 318, 317,
+ 279, 315, 300, 317, 0, 279, 286, 265, 295, 324,
+
+ 303, 308, 274, 291, 288, 293, 292, 290, 0, 299,
+ 0, 294, 0, 255, 250, 253, 263, 293, 0, 0,
+ 0, 277, 251, 289, 247, 0, 247, 283, 257, 261,
+ 0, 253, 274, 240, 274, 243, 244, 264, 235, 262,
+ 265, 0, 0, 0, 260, 273, 270, 262, 271, 262,
+ 228, 238, 226, 0, 252, 260, 230, 258, 221, 233,
+ 250, 244, 247, 0, 241, 215, 0, 223, 239, 210,
+ 211, 230, 240, 0, 249, 0, 233, 0, 242, 212,
+ 216, 210, 0, 232, 204, 231, 206, 198, 233, 194,
+ 231, 230, 200, 0, 190, 191, 197, 220, 0, 0,
+
+ 0, 213, 190, 211, 188, 215, 192, 218, 184, 187,
+ 204, 178, 218, 215, 178, 174, 180, 175, 196, 190,
+ 178, 175, 176, 0, 0, 191, 174, 165, 180, 166,
+ 0, 194, 166, 163, 158, 163, 197, 0, 0, 156,
+ 0, 171, 0, 148, 0, 152, 188, 0, 150, 155,
+ 0, 166, 153, 0, 143, 148, 162, 143, 0, 0,
+ 0, 101, 0, 0, 0, 0, 637, 223, 69
+ } ;
+
+static yyconst flex_int16_t yy_def[570] =
+ { 0,
+ 567, 1, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 567, 567, 567, 567, 567, 567, 567,
+ 569, 567, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 567, 569, 567,
+
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 568, 568, 568, 568,
+ 568, 568, 568, 568, 568, 568, 0, 567, 567
+ } ;
+
+static yyconst flex_int16_t yy_nxt[707] =
+ { 0,
+ 4, 5, 6, 7, 8, 4, 9, 10, 11, 12,
+ 13, 13, 13, 13, 13, 13, 14, 4, 15, 16,
+ 17, 18, 19, 20, 21, 22, 23, 22, 22, 22,
+ 24, 25, 26, 27, 22, 28, 29, 30, 31, 32,
+ 33, 22, 22, 22, 34, 35, 4, 22, 22, 22,
+ 22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
+ 22, 22, 22, 22, 22, 22, 22, 22, 22, 36,
+ 71, 99, 37, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 44, 48, 57, 58, 72, 49, 60,
+
+ 62, 53, 50, 45, 51, 54, 59, 46, 55, 69,
+ 64, 63, 47, 65, 52, 78, 61, 70, 79, 109,
+ 73, 74, 66, 67, 75, 84, 80, 88, 68, 85,
+ 93, 89, 81, 110, 76, 129, 94, 41, 112, 113,
+ 86, 163, 116, 117, 119, 87, 144, 166, 90, 77,
+ 145, 130, 131, 149, 164, 91, 150, 120, 95, 82,
+ 118, 121, 167, 566, 92, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 147,
+ 160, 177, 178, 161, 179, 185, 194, 414, 186, 195,
+ 148, 223, 180, 224, 264, 253, 565, 564, 225, 254,
+
+ 318, 563, 319, 562, 561, 265, 415, 560, 559, 558,
+ 557, 556, 555, 554, 553, 552, 551, 550, 549, 548,
+ 547, 546, 545, 41, 43, 43, 544, 543, 542, 541,
+ 540, 539, 538, 537, 536, 535, 534, 533, 532, 531,
+ 530, 529, 528, 527, 526, 525, 524, 523, 522, 521,
+ 520, 519, 518, 517, 516, 515, 514, 513, 512, 511,
+ 510, 509, 508, 507, 506, 505, 504, 503, 502, 501,
+ 500, 499, 498, 497, 496, 495, 494, 493, 492, 491,
+ 490, 489, 488, 487, 486, 485, 484, 483, 482, 481,
+ 480, 479, 478, 477, 476, 475, 474, 473, 472, 471,
+
+ 470, 469, 468, 467, 466, 465, 464, 463, 462, 461,
+ 460, 459, 458, 457, 456, 455, 454, 453, 452, 451,
+ 450, 449, 448, 447, 446, 445, 444, 443, 442, 441,
+ 440, 439, 438, 437, 436, 435, 434, 433, 432, 431,
+ 430, 429, 428, 427, 426, 425, 424, 423, 422, 421,
+ 420, 419, 418, 417, 416, 413, 412, 411, 410, 409,
+ 408, 407, 406, 405, 404, 403, 402, 401, 400, 399,
+ 398, 397, 396, 395, 394, 393, 392, 391, 390, 389,
+ 388, 387, 386, 385, 384, 383, 382, 381, 380, 379,
+ 378, 377, 376, 375, 374, 373, 372, 371, 370, 369,
+
+ 368, 367, 366, 365, 364, 363, 362, 361, 360, 359,
+ 358, 357, 356, 355, 354, 353, 352, 351, 350, 349,
+ 348, 347, 346, 345, 344, 343, 342, 341, 340, 339,
+ 338, 337, 336, 335, 334, 333, 332, 331, 330, 329,
+ 328, 327, 326, 325, 324, 323, 322, 321, 320, 317,
+ 316, 315, 314, 313, 312, 311, 310, 309, 308, 307,
+ 306, 305, 304, 303, 302, 301, 300, 299, 298, 297,
+ 296, 295, 294, 293, 292, 291, 290, 289, 288, 287,
+ 286, 285, 284, 283, 282, 281, 280, 279, 278, 277,
+ 276, 275, 274, 273, 272, 271, 270, 269, 268, 267,
+
+ 266, 263, 262, 261, 260, 259, 258, 257, 256, 255,
+ 252, 251, 250, 249, 248, 247, 246, 245, 244, 243,
+ 242, 241, 240, 239, 238, 237, 236, 235, 234, 233,
+ 232, 231, 230, 229, 228, 227, 226, 222, 221, 220,
+ 219, 218, 217, 216, 215, 214, 213, 212, 211, 210,
+ 209, 208, 207, 206, 205, 204, 203, 202, 201, 200,
+ 199, 198, 197, 196, 193, 192, 191, 190, 189, 188,
+ 187, 184, 183, 182, 181, 176, 175, 174, 173, 172,
+ 171, 170, 169, 168, 165, 162, 159, 158, 157, 156,
+ 155, 154, 153, 152, 151, 146, 143, 142, 141, 140,
+
+ 139, 138, 137, 136, 135, 134, 133, 132, 128, 127,
+ 126, 125, 124, 123, 122, 115, 114, 111, 108, 107,
+ 106, 105, 104, 103, 102, 101, 100, 98, 97, 96,
+ 83, 56, 42, 40, 39, 567, 3, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+
+ 567, 567, 567, 567, 567, 567
+ } ;
+
+static yyconst flex_int16_t yy_chk[707] =
+ { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 9,
+ 25, 569, 9, 9, 9, 9, 9, 9, 9, 12,
+ 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
+ 13, 13, 13, 15, 16, 19, 19, 25, 16, 20,
+
+ 21, 17, 16, 15, 16, 17, 19, 15, 17, 24,
+ 23, 21, 15, 23, 16, 27, 20, 24, 27, 53,
+ 26, 26, 23, 23, 26, 29, 27, 30, 23, 29,
+ 31, 30, 27, 53, 26, 67, 31, 12, 55, 55,
+ 29, 96, 58, 58, 59, 29, 81, 101, 30, 26,
+ 81, 67, 67, 84, 96, 30, 84, 59, 31, 27,
+ 58, 59, 101, 562, 30, 37, 37, 37, 37, 37,
+ 37, 37, 38, 38, 38, 38, 38, 38, 38, 83,
+ 94, 113, 113, 94, 114, 120, 128, 368, 120, 128,
+ 83, 159, 114, 159, 198, 187, 558, 557, 159, 187,
+
+ 260, 556, 260, 555, 553, 198, 368, 552, 550, 549,
+ 547, 546, 544, 542, 540, 537, 536, 535, 534, 533,
+ 532, 530, 529, 37, 568, 568, 528, 527, 526, 523,
+ 522, 521, 520, 519, 518, 517, 516, 515, 514, 513,
+ 512, 511, 510, 509, 508, 507, 506, 505, 504, 503,
+ 502, 498, 497, 496, 495, 493, 492, 491, 490, 489,
+ 488, 487, 486, 485, 484, 482, 481, 480, 479, 477,
+ 475, 473, 472, 471, 470, 469, 468, 466, 465, 463,
+ 462, 461, 460, 459, 458, 457, 456, 455, 453, 452,
+ 451, 450, 449, 448, 447, 446, 445, 441, 440, 439,
+
+ 438, 437, 436, 435, 434, 433, 432, 430, 429, 428,
+ 427, 425, 424, 423, 422, 418, 417, 416, 415, 414,
+ 412, 410, 408, 407, 406, 405, 404, 403, 402, 401,
+ 400, 399, 398, 397, 396, 394, 393, 392, 391, 390,
+ 389, 388, 385, 383, 382, 381, 380, 379, 378, 376,
+ 375, 372, 371, 370, 369, 367, 366, 364, 363, 361,
+ 360, 358, 357, 356, 355, 353, 352, 351, 350, 349,
+ 348, 347, 346, 345, 344, 342, 341, 340, 337, 336,
+ 335, 334, 333, 332, 331, 330, 329, 327, 326, 325,
+ 324, 323, 322, 321, 320, 319, 318, 317, 316, 315,
+
+ 314, 313, 312, 311, 310, 308, 307, 306, 305, 304,
+ 303, 302, 301, 299, 298, 297, 296, 295, 294, 292,
+ 291, 290, 289, 288, 287, 286, 284, 283, 282, 281,
+ 280, 279, 278, 277, 276, 275, 274, 273, 272, 271,
+ 269, 268, 267, 266, 265, 264, 263, 262, 261, 259,
+ 258, 257, 256, 254, 253, 252, 251, 250, 249, 248,
+ 247, 246, 245, 244, 243, 242, 240, 239, 238, 237,
+ 235, 234, 233, 232, 230, 229, 228, 227, 226, 225,
+ 224, 223, 222, 221, 218, 217, 216, 214, 213, 211,
+ 210, 209, 208, 207, 206, 205, 204, 203, 202, 200,
+
+ 199, 197, 196, 195, 194, 193, 192, 191, 190, 188,
+ 186, 185, 184, 183, 182, 181, 180, 179, 178, 177,
+ 176, 175, 174, 173, 172, 171, 170, 169, 168, 167,
+ 166, 165, 164, 163, 162, 161, 160, 158, 157, 156,
+ 155, 154, 153, 152, 151, 149, 148, 147, 146, 145,
+ 144, 143, 141, 140, 139, 138, 137, 136, 135, 134,
+ 132, 131, 130, 129, 127, 126, 125, 124, 123, 122,
+ 121, 119, 118, 116, 115, 112, 111, 110, 109, 108,
+ 107, 105, 104, 103, 97, 95, 93, 92, 91, 90,
+ 89, 88, 87, 86, 85, 82, 80, 79, 78, 77,
+
+ 76, 74, 73, 72, 71, 70, 69, 68, 66, 65,
+ 64, 63, 62, 61, 60, 57, 56, 54, 51, 50,
+ 49, 48, 47, 46, 45, 44, 42, 39, 33, 32,
+ 28, 18, 14, 11, 10, 3, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+ 567, 567, 567, 567, 567, 567, 567, 567, 567, 567,
+
+ 567, 567, 567, 567, 567, 567
+ } ;
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+extern int yy_flex_debug;
+int yy_flex_debug = 0;
+
+/* The intent behind this definition is that it'll catch
+ * any uses of REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "lex.l"
+#line 2 "lex.l"
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#undef ECHO
+#include "symbol.h"
+#include "asn1parse.h"
+#include "lex.h"
+#include "gen_locl.h"
+
+static unsigned lineno = 1;
+
+#undef ECHO
+
+static void unterminated(const char *, unsigned);
+
+/* This is for broken old lexes (solaris 10 and hpux) */
+#line 851 "lex.c"
+
+#define INITIAL 0
+
+#ifndef YY_NO_UNISTD_H
+/* Special case for "unistd.h", since it is non-ANSI. We include it way
+ * down here because we want the user's section 1 to have been scanned first.
+ * The user has a chance to override it with an option.
+ */
+#include <unistd.h>
+#endif
+
+#ifndef YY_EXTRA_TYPE
+#define YY_EXTRA_TYPE void *
+#endif
+
+static int yy_init_globals (void );
+
+/* Accessor methods to globals.
+ These are made visible to non-reentrant scanners for convenience. */
+
+int yylex_destroy (void );
+
+int yyget_debug (void );
+
+void yyset_debug (int debug_flag );
+
+YY_EXTRA_TYPE yyget_extra (void );
+
+void yyset_extra (YY_EXTRA_TYPE user_defined );
+
+FILE *yyget_in (void );
+
+void yyset_in (FILE * in_str );
+
+FILE *yyget_out (void );
+
+void yyset_out (FILE * out_str );
+
+yy_size_t yyget_leng (void );
+
+char *yyget_text (void );
+
+int yyget_lineno (void );
+
+void yyset_lineno (int line_number );
+
+/* Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap (void );
+#else
+extern int yywrap (void );
+#endif
+#endif
+
+ static void yyunput (int c,char *buf_ptr );
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char *,yyconst char *,int );
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * );
+#endif
+
+#ifndef YY_NO_INPUT
+
+#ifdef __cplusplus
+static int yyinput (void );
+#else
+static int input (void );
+#endif
+
+#endif
+
+/* Amount of stuff to slurp up with each read. */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/* Copy whatever the last rule matched to the standard output. */
+#ifndef ECHO
+/* This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
+ * is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \
+ { \
+ int c = '*'; \
+ yy_size_t n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else \
+ { \
+ errno=0; \
+ while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \
+ { \
+ if( errno != EINTR) \
+ { \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ break; \
+ } \
+ errno=0; \
+ clearerr(yyin); \
+ } \
+ }\
+\
+
+#endif
+
+/* No semi-colon after return; correct usage is to write "yyterminate();" -
+ * we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/* Number of entries by which start-condition stack grows. */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/* Report a fatal error. */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/* end tables serialization structures and prototypes */
+
+/* Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL_IS_OURS 1
+
+extern int yylex (void);
+
+#define YY_DECL int yylex (void)
+#endif /* !YY_DECL */
+
+/* Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/* Code executed at the end of each rule. */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+/** The main scanner function which does all the work.
+ */
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 68 "lex.l"
+
+#line 1035 "lex.c"
+
+ if ( !(yy_init) )
+ {
+ (yy_init) = 1;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if ( ! (yy_start) )
+ (yy_start) = 1; /* first start state */
+
+ if ( ! yyin )
+ yyin = stdin;
+
+ if ( ! yyout )
+ yyout = stdout;
+
+ if ( ! YY_CURRENT_BUFFER ) {
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_load_buffer_state( );
+ }
+
+ while ( 1 ) /* loops until end-of-file is reached */
+ {
+ yy_cp = (yy_c_buf_p);
+
+ /* Support of yytext. */
+ *yy_cp = (yy_hold_char);
+
+ /* yy_bp points to the position in yy_ch_buf of the start of
+ * the current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = (yy_start);
+yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 568 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while ( yy_base[yy_current_state] != 637 );
+
+yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if ( yy_act == 0 )
+ { /* have to back up */
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+do_action: /* This label is used only to access EOF actions. */
+
+ switch ( yy_act )
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /* undo the effects of YY_DO_BEFORE_ACTION */
+ *yy_cp = (yy_hold_char);
+ yy_cp = (yy_last_accepting_cpos);
+ yy_current_state = (yy_last_accepting_state);
+ goto yy_find_action;
+
+case 1:
+YY_RULE_SETUP
+#line 69 "lex.l"
+{ return kw_ABSENT; }
+ YY_BREAK
+case 2:
+YY_RULE_SETUP
+#line 70 "lex.l"
+{ return kw_ABSTRACT_SYNTAX; }
+ YY_BREAK
+case 3:
+YY_RULE_SETUP
+#line 71 "lex.l"
+{ return kw_ALL; }
+ YY_BREAK
+case 4:
+YY_RULE_SETUP
+#line 72 "lex.l"
+{ return kw_APPLICATION; }
+ YY_BREAK
+case 5:
+YY_RULE_SETUP
+#line 73 "lex.l"
+{ return kw_AUTOMATIC; }
+ YY_BREAK
+case 6:
+YY_RULE_SETUP
+#line 74 "lex.l"
+{ return kw_BEGIN; }
+ YY_BREAK
+case 7:
+YY_RULE_SETUP
+#line 75 "lex.l"
+{ return kw_BIT; }
+ YY_BREAK
+case 8:
+YY_RULE_SETUP
+#line 76 "lex.l"
+{ return kw_BMPString; }
+ YY_BREAK
+case 9:
+YY_RULE_SETUP
+#line 77 "lex.l"
+{ return kw_BOOLEAN; }
+ YY_BREAK
+case 10:
+YY_RULE_SETUP
+#line 78 "lex.l"
+{ return kw_BY; }
+ YY_BREAK
+case 11:
+YY_RULE_SETUP
+#line 79 "lex.l"
+{ return kw_CHARACTER; }
+ YY_BREAK
+case 12:
+YY_RULE_SETUP
+#line 80 "lex.l"
+{ return kw_CHOICE; }
+ YY_BREAK
+case 13:
+YY_RULE_SETUP
+#line 81 "lex.l"
+{ return kw_CLASS; }
+ YY_BREAK
+case 14:
+YY_RULE_SETUP
+#line 82 "lex.l"
+{ return kw_COMPONENT; }
+ YY_BREAK
+case 15:
+YY_RULE_SETUP
+#line 83 "lex.l"
+{ return kw_COMPONENTS; }
+ YY_BREAK
+case 16:
+YY_RULE_SETUP
+#line 84 "lex.l"
+{ return kw_CONSTRAINED; }
+ YY_BREAK
+case 17:
+YY_RULE_SETUP
+#line 85 "lex.l"
+{ return kw_CONTAINING; }
+ YY_BREAK
+case 18:
+YY_RULE_SETUP
+#line 86 "lex.l"
+{ return kw_DEFAULT; }
+ YY_BREAK
+case 19:
+YY_RULE_SETUP
+#line 87 "lex.l"
+{ return kw_DEFINITIONS; }
+ YY_BREAK
+case 20:
+YY_RULE_SETUP
+#line 88 "lex.l"
+{ return kw_EMBEDDED; }
+ YY_BREAK
+case 21:
+YY_RULE_SETUP
+#line 89 "lex.l"
+{ return kw_ENCODED; }
+ YY_BREAK
+case 22:
+YY_RULE_SETUP
+#line 90 "lex.l"
+{ return kw_END; }
+ YY_BREAK
+case 23:
+YY_RULE_SETUP
+#line 91 "lex.l"
+{ return kw_ENUMERATED; }
+ YY_BREAK
+case 24:
+YY_RULE_SETUP
+#line 92 "lex.l"
+{ return kw_EXCEPT; }
+ YY_BREAK
+case 25:
+YY_RULE_SETUP
+#line 93 "lex.l"
+{ return kw_EXPLICIT; }
+ YY_BREAK
+case 26:
+YY_RULE_SETUP
+#line 94 "lex.l"
+{ return kw_EXPORTS; }
+ YY_BREAK
+case 27:
+YY_RULE_SETUP
+#line 95 "lex.l"
+{ return kw_EXTENSIBILITY; }
+ YY_BREAK
+case 28:
+YY_RULE_SETUP
+#line 96 "lex.l"
+{ return kw_EXTERNAL; }
+ YY_BREAK
+case 29:
+YY_RULE_SETUP
+#line 97 "lex.l"
+{ return kw_FALSE; }
+ YY_BREAK
+case 30:
+YY_RULE_SETUP
+#line 98 "lex.l"
+{ return kw_FROM; }
+ YY_BREAK
+case 31:
+YY_RULE_SETUP
+#line 99 "lex.l"
+{ return kw_GeneralString; }
+ YY_BREAK
+case 32:
+YY_RULE_SETUP
+#line 100 "lex.l"
+{ return kw_GeneralizedTime; }
+ YY_BREAK
+case 33:
+YY_RULE_SETUP
+#line 101 "lex.l"
+{ return kw_GraphicString; }
+ YY_BREAK
+case 34:
+YY_RULE_SETUP
+#line 102 "lex.l"
+{ return kw_IA5String; }
+ YY_BREAK
+case 35:
+YY_RULE_SETUP
+#line 103 "lex.l"
+{ return kw_IDENTIFIER; }
+ YY_BREAK
+case 36:
+YY_RULE_SETUP
+#line 104 "lex.l"
+{ return kw_IMPLICIT; }
+ YY_BREAK
+case 37:
+YY_RULE_SETUP
+#line 105 "lex.l"
+{ return kw_IMPLIED; }
+ YY_BREAK
+case 38:
+YY_RULE_SETUP
+#line 106 "lex.l"
+{ return kw_IMPORTS; }
+ YY_BREAK
+case 39:
+YY_RULE_SETUP
+#line 107 "lex.l"
+{ return kw_INCLUDES; }
+ YY_BREAK
+case 40:
+YY_RULE_SETUP
+#line 108 "lex.l"
+{ return kw_INSTANCE; }
+ YY_BREAK
+case 41:
+YY_RULE_SETUP
+#line 109 "lex.l"
+{ return kw_INTEGER; }
+ YY_BREAK
+case 42:
+YY_RULE_SETUP
+#line 110 "lex.l"
+{ return kw_INTERSECTION; }
+ YY_BREAK
+case 43:
+YY_RULE_SETUP
+#line 111 "lex.l"
+{ return kw_ISO646String; }
+ YY_BREAK
+case 44:
+YY_RULE_SETUP
+#line 112 "lex.l"
+{ return kw_MAX; }
+ YY_BREAK
+case 45:
+YY_RULE_SETUP
+#line 113 "lex.l"
+{ return kw_MIN; }
+ YY_BREAK
+case 46:
+YY_RULE_SETUP
+#line 114 "lex.l"
+{ return kw_MINUS_INFINITY; }
+ YY_BREAK
+case 47:
+YY_RULE_SETUP
+#line 115 "lex.l"
+{ return kw_NULL; }
+ YY_BREAK
+case 48:
+YY_RULE_SETUP
+#line 116 "lex.l"
+{ return kw_NumericString; }
+ YY_BREAK
+case 49:
+YY_RULE_SETUP
+#line 117 "lex.l"
+{ return kw_OBJECT; }
+ YY_BREAK
+case 50:
+YY_RULE_SETUP
+#line 118 "lex.l"
+{ return kw_OCTET; }
+ YY_BREAK
+case 51:
+YY_RULE_SETUP
+#line 119 "lex.l"
+{ return kw_OF; }
+ YY_BREAK
+case 52:
+YY_RULE_SETUP
+#line 120 "lex.l"
+{ return kw_OPTIONAL; }
+ YY_BREAK
+case 53:
+YY_RULE_SETUP
+#line 121 "lex.l"
+{ return kw_ObjectDescriptor; }
+ YY_BREAK
+case 54:
+YY_RULE_SETUP
+#line 122 "lex.l"
+{ return kw_PATTERN; }
+ YY_BREAK
+case 55:
+YY_RULE_SETUP
+#line 123 "lex.l"
+{ return kw_PDV; }
+ YY_BREAK
+case 56:
+YY_RULE_SETUP
+#line 124 "lex.l"
+{ return kw_PLUS_INFINITY; }
+ YY_BREAK
+case 57:
+YY_RULE_SETUP
+#line 125 "lex.l"
+{ return kw_PRESENT; }
+ YY_BREAK
+case 58:
+YY_RULE_SETUP
+#line 126 "lex.l"
+{ return kw_PRIVATE; }
+ YY_BREAK
+case 59:
+YY_RULE_SETUP
+#line 127 "lex.l"
+{ return kw_PrintableString; }
+ YY_BREAK
+case 60:
+YY_RULE_SETUP
+#line 128 "lex.l"
+{ return kw_REAL; }
+ YY_BREAK
+case 61:
+YY_RULE_SETUP
+#line 129 "lex.l"
+{ return kw_RELATIVE_OID; }
+ YY_BREAK
+case 62:
+YY_RULE_SETUP
+#line 130 "lex.l"
+{ return kw_SEQUENCE; }
+ YY_BREAK
+case 63:
+YY_RULE_SETUP
+#line 131 "lex.l"
+{ return kw_SET; }
+ YY_BREAK
+case 64:
+YY_RULE_SETUP
+#line 132 "lex.l"
+{ return kw_SIZE; }
+ YY_BREAK
+case 65:
+YY_RULE_SETUP
+#line 133 "lex.l"
+{ return kw_STRING; }
+ YY_BREAK
+case 66:
+YY_RULE_SETUP
+#line 134 "lex.l"
+{ return kw_SYNTAX; }
+ YY_BREAK
+case 67:
+YY_RULE_SETUP
+#line 135 "lex.l"
+{ return kw_T61String; }
+ YY_BREAK
+case 68:
+YY_RULE_SETUP
+#line 136 "lex.l"
+{ return kw_TAGS; }
+ YY_BREAK
+case 69:
+YY_RULE_SETUP
+#line 137 "lex.l"
+{ return kw_TRUE; }
+ YY_BREAK
+case 70:
+YY_RULE_SETUP
+#line 138 "lex.l"
+{ return kw_TYPE_IDENTIFIER; }
+ YY_BREAK
+case 71:
+YY_RULE_SETUP
+#line 139 "lex.l"
+{ return kw_TeletexString; }
+ YY_BREAK
+case 72:
+YY_RULE_SETUP
+#line 140 "lex.l"
+{ return kw_UNION; }
+ YY_BREAK
+case 73:
+YY_RULE_SETUP
+#line 141 "lex.l"
+{ return kw_UNIQUE; }
+ YY_BREAK
+case 74:
+YY_RULE_SETUP
+#line 142 "lex.l"
+{ return kw_UNIVERSAL; }
+ YY_BREAK
+case 75:
+YY_RULE_SETUP
+#line 143 "lex.l"
+{ return kw_UTCTime; }
+ YY_BREAK
+case 76:
+YY_RULE_SETUP
+#line 144 "lex.l"
+{ return kw_UTF8String; }
+ YY_BREAK
+case 77:
+YY_RULE_SETUP
+#line 145 "lex.l"
+{ return kw_UniversalString; }
+ YY_BREAK
+case 78:
+YY_RULE_SETUP
+#line 146 "lex.l"
+{ return kw_VideotexString; }
+ YY_BREAK
+case 79:
+YY_RULE_SETUP
+#line 147 "lex.l"
+{ return kw_VisibleString; }
+ YY_BREAK
+case 80:
+YY_RULE_SETUP
+#line 148 "lex.l"
+{ return kw_WITH; }
+ YY_BREAK
+case 81:
+YY_RULE_SETUP
+#line 149 "lex.l"
+{ return *yytext; }
+ YY_BREAK
+case 82:
+YY_RULE_SETUP
+#line 150 "lex.l"
+{ return *yytext; }
+ YY_BREAK
+case 83:
+YY_RULE_SETUP
+#line 151 "lex.l"
+{ return *yytext; }
+ YY_BREAK
+case 84:
+YY_RULE_SETUP
+#line 152 "lex.l"
+{ return EEQUAL; }
+ YY_BREAK
+case 85:
+YY_RULE_SETUP
+#line 153 "lex.l"
+{
+ int c, start_lineno = lineno;
+ int f = 0;
+ while((c = input()) != EOF) {
+ if(f && c == '-')
+ break;
+ if(c == '-') {
+ f = 1;
+ continue;
+ }
+ if(c == '\n') {
+ lineno++;
+ break;
+ }
+ f = 0;
+ }
+ if(c == EOF)
+ unterminated("comment", start_lineno);
+ }
+ YY_BREAK
+case 86:
+YY_RULE_SETUP
+#line 172 "lex.l"
+{
+ int c, start_lineno = lineno;
+ int level = 1;
+ int seen_star = 0;
+ int seen_slash = 0;
+ while((c = input()) != EOF) {
+ if(c == '/') {
+ if(seen_star) {
+ if(--level == 0)
+ break;
+ seen_star = 0;
+ continue;
+ }
+ seen_slash = 1;
+ continue;
+ }
+ if(seen_star && c == '/') {
+ if(--level == 0)
+ break;
+ seen_star = 0;
+ continue;
+ }
+ if(c == '*') {
+ if(seen_slash) {
+ level++;
+ seen_star = seen_slash = 0;
+ continue;
+ }
+ seen_star = 1;
+ continue;
+ }
+ seen_star = seen_slash = 0;
+ if(c == '\n') {
+ lineno++;
+ continue;
+ }
+ }
+ if(c == EOF)
+ unterminated("comment", start_lineno);
+ }
+ YY_BREAK
+case 87:
+YY_RULE_SETUP
+#line 212 "lex.l"
+{
+ int start_lineno = lineno;
+ int c;
+ char buf[1024];
+ char *p = buf;
+ int f = 0;
+ int skip_ws = 0;
+
+ while((c = input()) != EOF) {
+ if(isspace(c) && skip_ws) {
+ if(c == '\n')
+ lineno++;
+ continue;
+ }
+ skip_ws = 0;
+
+ if(c == '"') {
+ if(f) {
+ *p++ = '"';
+ f = 0;
+ } else
+ f = 1;
+ continue;
+ }
+ if(f == 1) {
+ unput(c);
+ break;
+ }
+ if(c == '\n') {
+ lineno++;
+ while(p > buf && isspace((unsigned char)p[-1]))
+ p--;
+ skip_ws = 1;
+ continue;
+ }
+ *p++ = c;
+ }
+ if(c == EOF)
+ unterminated("string", start_lineno);
+ *p++ = '\0';
+ fprintf(stderr, "string -- %s\n", buf);
+ yylval.name = estrdup(buf);
+ return STRING;
+ }
+ YY_BREAK
+case 88:
+YY_RULE_SETUP
+#line 257 "lex.l"
+{ char *e, *y = yytext;
+ yylval.constant = strtol((const char *)yytext,
+ &e, 0);
+ if(e == y)
+ lex_error_message("malformed constant (%s)", yytext);
+ else
+ return NUMBER;
+ }
+ YY_BREAK
+case 89:
+YY_RULE_SETUP
+#line 265 "lex.l"
+{
+ yylval.name = estrdup ((const char *)yytext);
+ return IDENTIFIER;
+ }
+ YY_BREAK
+case 90:
+YY_RULE_SETUP
+#line 269 "lex.l"
+;
+ YY_BREAK
+case 91:
+/* rule 91 can match eol */
+YY_RULE_SETUP
+#line 270 "lex.l"
+{ ++lineno; }
+ YY_BREAK
+case 92:
+YY_RULE_SETUP
+#line 271 "lex.l"
+{ return ELLIPSIS; }
+ YY_BREAK
+case 93:
+YY_RULE_SETUP
+#line 272 "lex.l"
+{ return RANGE; }
+ YY_BREAK
+case 94:
+YY_RULE_SETUP
+#line 273 "lex.l"
+{ lex_error_message("Ignoring char(%c)\n", *yytext); }
+ YY_BREAK
+case 95:
+YY_RULE_SETUP
+#line 274 "lex.l"
+ECHO;
+ YY_BREAK
+#line 1704 "lex.c"
+case YY_STATE_EOF(INITIAL):
+ yyterminate();
+
+ case YY_END_OF_BUFFER:
+ {
+ /* Amount of text matched not including the EOB char. */
+ int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1;
+
+ /* Undo the effects of YY_DO_BEFORE_ACTION. */
+ *yy_cp = (yy_hold_char);
+ YY_RESTORE_YY_MORE_OFFSET
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW )
+ {
+ /* We're scanning a new file or input source. It's
+ * possible that this happened because the user
+ * just pointed yyin at a new source and called
+ * yylex(). If so, then we have to assure
+ * consistency between YY_CURRENT_BUFFER and our
+ * globals. Here is the right place to do so, because
+ * this is the first action (other than possibly a
+ * back-up) that will match for the new input source.
+ */
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /* Note that here we test for yy_c_buf_p "<=" to the position
+ * of the first EOB in the buffer, since yy_c_buf_p will
+ * already have been incremented past the NUL character
+ * (since all states make transitions on EOB to the
+ * end-of-buffer state). Contrast this with the test
+ * in input().
+ */
+ if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ /* Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it
+ * for us because it doesn't know how to deal
+ * with the possibility of jamming (and we don't
+ * want to build jamming into it because then it
+ * will run more slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans( yy_current_state );
+
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+
+ if ( yy_next_state )
+ {
+ /* Consume the NUL. */
+ yy_cp = ++(yy_c_buf_p);
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = (yy_c_buf_p);
+ goto yy_find_action;
+ }
+ }
+
+ else switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ (yy_did_buffer_switch_on_eof) = 0;
+
+ if ( yywrap( ) )
+ {
+ /* Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up
+ * yy_c_buf_p so that if some total
+ * hoser (like flex itself) wants to
+ * call the scanner after we return the
+ * YY_NULL, it'll still work - another
+ * YY_NULL will get returned.
+ */
+ (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) =
+ (yytext_ptr) + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ (yy_c_buf_p) =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)];
+
+ yy_current_state = yy_get_previous_state( );
+
+ yy_cp = (yy_c_buf_p);
+ yy_bp = (yytext_ptr) + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--no action found" );
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/* yy_get_next_buffer - try to read in a new buffer
+ *
+ * Returns a code representing an action:
+ * EOB_ACT_LAST_MATCH -
+ * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
+ * EOB_ACT_END_OF_FILE - end of file
+ */
+static int yy_get_next_buffer (void)
+{
+ register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf;
+ register char *source = (yytext_ptr);
+ register int number_to_move, i;
+ int ret_val;
+
+ if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] )
+ YY_FATAL_ERROR(
+ "fatal flex scanner internal error--end of buffer missed" );
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 )
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 )
+ {
+ /* We matched a single character, the EOB, so
+ * treat this as a final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /* We matched some text prior to the EOB, first
+ * process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /* Try to read more data. */
+
+ /* First move last chars to start of buffer. */
+ number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1;
+
+ for ( i = 0; i < number_to_move; ++i )
+ *(dest++) = *(source++);
+
+ if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING )
+ /* don't do the read, it's not guaranteed to return an EOF,
+ * just force an EOF
+ */
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0;
+
+ else
+ {
+ yy_size_t num_to_read =
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
+
+ while ( num_to_read <= 0 )
+ { /* Not enough room in the buffer - grow it. */
+
+ /* just a shorter name for the current buffer */
+ YY_BUFFER_STATE b = YY_CURRENT_BUFFER;
+
+ int yy_c_buf_p_offset =
+ (int) ((yy_c_buf_p) - b->yy_ch_buf);
+
+ if ( b->yy_is_our_buffer )
+ {
+ yy_size_t new_size = b->yy_buf_size * 2;
+
+ if ( new_size <= 0 )
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /* Include room in for 2 EOB chars. */
+ yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 );
+ }
+ else
+ /* Can't grow it, we don't own it. */
+ b->yy_ch_buf = 0;
+
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR(
+ "fatal error - scanner input buffer overflow" );
+
+ (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size -
+ number_to_move - 1;
+
+ }
+
+ if ( num_to_read > YY_READ_BUF_SIZE )
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /* Read in more data. */
+ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]),
+ (yy_n_chars), num_to_read );
+
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ if ( (yy_n_chars) == 0 )
+ {
+ if ( number_to_move == YY_MORE_ADJ )
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin );
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ YY_CURRENT_BUFFER_LVALUE->yy_buffer_status =
+ YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
+ /* Extend the array by 50%, plus the number we really need. */
+ yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1);
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size );
+ if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" );
+ }
+
+ (yy_n_chars) += number_to_move;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR;
+ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR;
+
+ (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/* yy_get_previous_state - get the state just before the EOB char was reached */
+
+ static yy_state_type yy_get_previous_state (void)
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = (yy_start);
+
+ for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp )
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 568 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/* yy_try_NUL_trans - try to make a transition on the NUL character
+ *
+ * synopsis
+ * next_state = yy_try_NUL_trans( current_state );
+ */
+ static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state )
+{
+ register int yy_is_jam;
+ register char *yy_cp = (yy_c_buf_p);
+
+ register YY_CHAR yy_c = 1;
+ if ( yy_accept[yy_current_state] )
+ {
+ (yy_last_accepting_state) = yy_current_state;
+ (yy_last_accepting_cpos) = yy_cp;
+ }
+ while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if ( yy_current_state >= 568 )
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 567);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+ static void yyunput (int c, register char * yy_bp )
+{
+ register char *yy_cp;
+
+ yy_cp = (yy_c_buf_p);
+
+ /* undo effects of setting up yytext */
+ *yy_cp = (yy_hold_char);
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ { /* need to shift things up to make room */
+ /* +2 for EOB chars. */
+ register yy_size_t number_to_move = (yy_n_chars) + 2;
+ register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2];
+ register char *source =
+ &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move];
+
+ while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf )
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars =
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size;
+
+ if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 )
+ YY_FATAL_ERROR( "flex scanner push-back overflow" );
+ }
+
+ *--yy_cp = (char) c;
+
+ (yytext_ptr) = yy_bp;
+ (yy_hold_char) = *yy_cp;
+ (yy_c_buf_p) = yy_cp;
+}
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+ static int yyinput (void)
+#else
+ static int input (void)
+#endif
+
+{
+ int c;
+
+ *(yy_c_buf_p) = (yy_hold_char);
+
+ if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR )
+ {
+ /* yy_c_buf_p now points to the character we want to return.
+ * If this occurs *before* the EOB characters, then it's a
+ * valid NUL; if not, then we've hit the end of the buffer.
+ */
+ if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] )
+ /* This was really a NUL. */
+ *(yy_c_buf_p) = '\0';
+
+ else
+ { /* need more input */
+ yy_size_t offset = (yy_c_buf_p) - (yytext_ptr);
+ ++(yy_c_buf_p);
+
+ switch ( yy_get_next_buffer( ) )
+ {
+ case EOB_ACT_LAST_MATCH:
+ /* This happens because yy_g_n_b()
+ * sees that we've accumulated a
+ * token and flags that we need to
+ * try matching the token before
+ * proceeding. But for input(),
+ * there's no matching to consider.
+ * So convert the EOB_ACT_LAST_MATCH
+ * to EOB_ACT_END_OF_FILE.
+ */
+
+ /* Reset buffer status. */
+ yyrestart(yyin );
+
+ /*FALLTHROUGH*/
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if ( yywrap( ) )
+ return 0;
+
+ if ( ! (yy_did_buffer_switch_on_eof) )
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ (yy_c_buf_p) = (yytext_ptr) + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */
+ *(yy_c_buf_p) = '\0'; /* preserve yytext */
+ (yy_hold_char) = *++(yy_c_buf_p);
+
+ return c;
+}
+#endif /* ifndef YY_NO_INPUT */
+
+/** Immediately switch to a different input stream.
+ * @param input_file A readable stream.
+ *
+ * @note This function does not reset the start condition to @c INITIAL .
+ */
+ void yyrestart (FILE * input_file )
+{
+
+ if ( ! YY_CURRENT_BUFFER ){
+ yyensure_buffer_stack ();
+ YY_CURRENT_BUFFER_LVALUE =
+ yy_create_buffer(yyin,YY_BUF_SIZE );
+ }
+
+ yy_init_buffer(YY_CURRENT_BUFFER,input_file );
+ yy_load_buffer_state( );
+}
+
+/** Switch to a different input buffer.
+ * @param new_buffer The new input buffer.
+ *
+ */
+ void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer )
+{
+
+ /* TODO. We should be able to replace this entire function body
+ * with
+ * yypop_buffer_state();
+ * yypush_buffer_state(new_buffer);
+ */
+ yyensure_buffer_stack ();
+ if ( YY_CURRENT_BUFFER == new_buffer )
+ return;
+
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+ yy_load_buffer_state( );
+
+ /* We don't actually know whether we did this switch during
+ * EOF (yywrap()) processing, but the only time this flag
+ * is looked at is after yywrap() is called, so it's safe
+ * to go ahead and always set it.
+ */
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+static void yy_load_buffer_state (void)
+{
+ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
+ (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos;
+ yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file;
+ (yy_hold_char) = *(yy_c_buf_p);
+}
+
+/** Allocate and initialize an input buffer state.
+ * @param file A readable stream.
+ * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE.
+ *
+ * @return the allocated buffer state.
+ */
+ YY_BUFFER_STATE yy_create_buffer (FILE * file, int size )
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_buf_size = size;
+
+ /* yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 );
+ if ( ! b->yy_ch_buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b,file );
+
+ return b;
+}
+
+/** Destroy the buffer.
+ * @param b a buffer created with yy_create_buffer()
+ *
+ */
+ void yy_delete_buffer (YY_BUFFER_STATE b )
+{
+
+ if ( ! b )
+ return;
+
+ if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */
+ YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0;
+
+ if ( b->yy_is_our_buffer )
+ yyfree((void *) b->yy_ch_buf );
+
+ yyfree((void *) b );
+}
+
+#ifndef __cplusplus
+extern int isatty (int );
+#endif /* __cplusplus */
+
+/* Initializes or reinitializes a buffer.
+ * This function is sometimes called more than once on the same buffer,
+ * such as during a yyrestart() or at EOF.
+ */
+ static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file )
+
+{
+ int oerrno = errno;
+
+ yy_flush_buffer(b );
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+ /* If b is the current buffer, then yy_init_buffer was _probably_
+ * called from yyrestart() or through yy_get_next_buffer.
+ * In that case, we don't want to reset the lineno or column.
+ */
+ if (b != YY_CURRENT_BUFFER){
+ b->yy_bs_lineno = 1;
+ b->yy_bs_column = 0;
+ }
+
+ b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
+
+ errno = oerrno;
+}
+
+/** Discard all buffered characters. On the next scan, YY_INPUT will be called.
+ * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER.
+ *
+ */
+ void yy_flush_buffer (YY_BUFFER_STATE b )
+{
+ if ( ! b )
+ return;
+
+ b->yy_n_chars = 0;
+
+ /* We always need two end-of-buffer characters. The first causes
+ * a transition to the end-of-buffer state. The second causes
+ * a jam in that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if ( b == YY_CURRENT_BUFFER )
+ yy_load_buffer_state( );
+}
+
+/** Pushes the new state onto the stack. The new state becomes
+ * the current state. This function will allocate the stack
+ * if necessary.
+ * @param new_buffer The new state.
+ *
+ */
+void yypush_buffer_state (YY_BUFFER_STATE new_buffer )
+{
+ if (new_buffer == NULL)
+ return;
+
+ yyensure_buffer_stack();
+
+ /* This block is copied from yy_switch_to_buffer. */
+ if ( YY_CURRENT_BUFFER )
+ {
+ /* Flush out information for old buffer. */
+ *(yy_c_buf_p) = (yy_hold_char);
+ YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p);
+ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars);
+ }
+
+ /* Only push if top exists. Otherwise, replace top. */
+ if (YY_CURRENT_BUFFER)
+ (yy_buffer_stack_top)++;
+ YY_CURRENT_BUFFER_LVALUE = new_buffer;
+
+ /* copied from yy_switch_to_buffer. */
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+}
+
+/** Removes and deletes the top of the stack, if present.
+ * The next element becomes the new top.
+ *
+ */
+void yypop_buffer_state (void)
+{
+ if (!YY_CURRENT_BUFFER)
+ return;
+
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ if ((yy_buffer_stack_top) > 0)
+ --(yy_buffer_stack_top);
+
+ if (YY_CURRENT_BUFFER) {
+ yy_load_buffer_state( );
+ (yy_did_buffer_switch_on_eof) = 1;
+ }
+}
+
+/* Allocates the stack if it does not exist.
+ * Guarantees space for at least one push.
+ */
+static void yyensure_buffer_stack (void)
+{
+ yy_size_t num_to_alloc;
+
+ if (!(yy_buffer_stack)) {
+
+ /* First allocation is just for 2 elements, since we don't know if this
+ * scanner will even need a stack. We use 2 instead of 1 to avoid an
+ * immediate realloc on the next call.
+ */
+ num_to_alloc = 1;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc
+ (num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+ if ( ! (yy_buffer_stack) )
+ YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" );
+
+ memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*));
+
+ (yy_buffer_stack_max) = num_to_alloc;
+ (yy_buffer_stack_top) = 0;
+ return;
+ }
+
+ if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){
+
+ /* Increase the buffer to prepare for a possible push. */
+ int grow_size = 8 /* arbitrary grow size */;
+
+ num_to_alloc = (yy_buffer_stack_max) + grow_size;
+ (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc
+ ((yy_buffer_stack),
+ num_to_alloc * sizeof(struct yy_buffer_state*)
+ );
+ if ( ! (yy_buffer_stack) )
+ YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" );
+
+ /* zero only the new slots.*/
+ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*));
+ (yy_buffer_stack_max) = num_to_alloc;
+ }
+}
+
+/** Setup the input buffer state to scan directly from a user-specified character buffer.
+ * @param base the character buffer
+ * @param size the size in bytes of the character buffer
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size )
+{
+ YY_BUFFER_STATE b;
+
+ if ( size < 2 ||
+ base[size-2] != YY_END_OF_BUFFER_CHAR ||
+ base[size-1] != YY_END_OF_BUFFER_CHAR )
+ /* They forgot to leave room for the EOB's. */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) );
+ if ( ! b )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b );
+
+ return b;
+}
+
+/** Setup the input buffer state to scan a string. The next call to yylex() will
+ * scan from a @e copy of @a str.
+ * @param yystr a NUL-terminated string to scan
+ *
+ * @return the newly allocated buffer state object.
+ * @note If you want to scan bytes that may contain NUL values, then use
+ * yy_scan_bytes() instead.
+ */
+YY_BUFFER_STATE yy_scan_string (yyconst char * yystr )
+{
+
+ return yy_scan_bytes(yystr,strlen(yystr) );
+}
+
+/** Setup the input buffer state to scan the given bytes. The next call to yylex() will
+ * scan from a @e copy of @a bytes.
+ * @param bytes the byte buffer to scan
+ * @param len the number of bytes in the buffer pointed to by @a bytes.
+ *
+ * @return the newly allocated buffer state object.
+ */
+YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len )
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n, i;
+
+ /* Get memory for full buffer, including space for trailing EOB's. */
+ n = _yybytes_len + 2;
+ buf = (char *) yyalloc(n );
+ if ( ! buf )
+ YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
+
+ for ( i = 0; i < _yybytes_len; ++i )
+ buf[i] = yybytes[i];
+
+ buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf,n );
+ if ( ! b )
+ YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
+
+ /* It's okay to grow etc. this buffer, and we should throw it
+ * away when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+static void yy_fatal_error (yyconst char* msg )
+{
+ (void) fprintf( stderr, "%s\n", msg );
+ exit( YY_EXIT_FAILURE );
+}
+
+/* Redefine yyless() so it works in section 3 code. */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ int yyless_macro_arg = (n); \
+ YY_LESS_LINENO(yyless_macro_arg);\
+ yytext[yyleng] = (yy_hold_char); \
+ (yy_c_buf_p) = yytext + yyless_macro_arg; \
+ (yy_hold_char) = *(yy_c_buf_p); \
+ *(yy_c_buf_p) = '\0'; \
+ yyleng = yyless_macro_arg; \
+ } \
+ while ( 0 )
+
+/* Accessor methods (get/set functions) to struct members. */
+
+/** Get the current line number.
+ *
+ */
+int yyget_lineno (void)
+{
+
+ return yylineno;
+}
+
+/** Get the input stream.
+ *
+ */
+FILE *yyget_in (void)
+{
+ return yyin;
+}
+
+/** Get the output stream.
+ *
+ */
+FILE *yyget_out (void)
+{
+ return yyout;
+}
+
+/** Get the length of the current token.
+ *
+ */
+yy_size_t yyget_leng (void)
+{
+ return yyleng;
+}
+
+/** Get the current token.
+ *
+ */
+
+char *yyget_text (void)
+{
+ return yytext;
+}
+
+/** Set the current line number.
+ * @param line_number
+ *
+ */
+void yyset_lineno (int line_number )
+{
+
+ yylineno = line_number;
+}
+
+/** Set the input stream. This does not discard the current
+ * input buffer.
+ * @param in_str A readable stream.
+ *
+ * @see yy_switch_to_buffer
+ */
+void yyset_in (FILE * in_str )
+{
+ yyin = in_str ;
+}
+
+void yyset_out (FILE * out_str )
+{
+ yyout = out_str ;
+}
+
+int yyget_debug (void)
+{
+ return yy_flex_debug;
+}
+
+void yyset_debug (int bdebug )
+{
+ yy_flex_debug = bdebug ;
+}
+
+static int yy_init_globals (void)
+{
+ /* Initialization is the same as for the non-reentrant scanner.
+ * This function is called from yylex_destroy(), so don't allocate here.
+ */
+
+ (yy_buffer_stack) = 0;
+ (yy_buffer_stack_top) = 0;
+ (yy_buffer_stack_max) = 0;
+ (yy_c_buf_p) = (char *) 0;
+ (yy_init) = 0;
+ (yy_start) = 0;
+
+/* Defined in main.c */
+#ifdef YY_STDINIT
+ yyin = stdin;
+ yyout = stdout;
+#else
+ yyin = (FILE *) 0;
+ yyout = (FILE *) 0;
+#endif
+
+ /* For future reference: Set errno on error, since we are called by
+ * yylex_init()
+ */
+ return 0;
+}
+
+/* yylex_destroy is for both reentrant and non-reentrant scanners. */
+int yylex_destroy (void)
+{
+
+ /* Pop the buffer stack, destroying each element. */
+ while(YY_CURRENT_BUFFER){
+ yy_delete_buffer(YY_CURRENT_BUFFER );
+ YY_CURRENT_BUFFER_LVALUE = NULL;
+ yypop_buffer_state();
+ }
+
+ /* Destroy the stack itself. */
+ yyfree((yy_buffer_stack) );
+ (yy_buffer_stack) = NULL;
+
+ /* Reset the globals. This is important in a non-reentrant scanner so the next time
+ * yylex() is called, initialization will occur. */
+ yy_init_globals( );
+
+ return 0;
+}
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy (char* s1, yyconst char * s2, int n )
+{
+ register int i;
+ for ( i = 0; i < n; ++i )
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen (yyconst char * s )
+{
+ register int n;
+ for ( n = 0; s[n]; ++n )
+ ;
+
+ return n;
+}
+#endif
+
+void *yyalloc (yy_size_t size )
+{
+ return (void *) malloc( size );
+}
+
+void *yyrealloc (void * ptr, yy_size_t size )
+{
+ /* The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those
+ * that use void* generic pointers. It works with the latter
+ * because both ANSI C and C++ allow castless assignment from
+ * any pointer type to void*, and deal with argument conversions
+ * as though doing an assignment.
+ */
+ return (void *) realloc( (char *) ptr, size );
+}
+
+void yyfree (void * ptr )
+{
+ free( (char *) ptr ); /* see yyrealloc() for (char *) cast */
+}
+
+#define YYTABLES_NAME "yytables"
+
+#line 274 "lex.l"
+
+
+
+#ifndef yywrap /* XXX */
+int
+yywrap ()
+{
+ return 1;
+}
+#endif
+
+void
+lex_error_message (const char *format, ...)
+{
+ va_list args;
+
+ va_start (args, format);
+ fprintf (stderr, "%s:%d: ", get_filename(), lineno);
+ vfprintf (stderr, format, args);
+ va_end (args);
+ error_flag++;
+}
+
+static void
+unterminated(const char *type, unsigned start_lineno)
+{
+ lex_error_message("unterminated %s, possibly started on line %d\n", type, start_lineno);
+}
+
diff --git a/crypto/heimdal/lib/asn1/lex.h b/crypto/heimdal/lib/asn1/lex.h
new file mode 100644
index 000000000000..1ee534178996
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/lex.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#include <roken.h>
+
+void lex_error_message (const char *, ...)
+__attribute__ ((format (printf, 1, 2)));
+extern int error_flag;
+
+int yylex(void);
diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l
new file mode 100644
index 000000000000..2d32020266c8
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/lex.l
@@ -0,0 +1,300 @@
+%{
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#undef ECHO
+#include "symbol.h"
+#include "asn1parse.h"
+#include "lex.h"
+#include "gen_locl.h"
+
+static unsigned lineno = 1;
+
+#undef ECHO
+
+static void unterminated(const char *, unsigned);
+
+%}
+
+/* This is for broken old lexes (solaris 10 and hpux) */
+%e 2000
+%p 5000
+%a 5000
+%n 1000
+%o 10000
+
+%%
+ABSENT { return kw_ABSENT; }
+ABSTRACT-SYNTAX { return kw_ABSTRACT_SYNTAX; }
+ALL { return kw_ALL; }
+APPLICATION { return kw_APPLICATION; }
+AUTOMATIC { return kw_AUTOMATIC; }
+BEGIN { return kw_BEGIN; }
+BIT { return kw_BIT; }
+BMPString { return kw_BMPString; }
+BOOLEAN { return kw_BOOLEAN; }
+BY { return kw_BY; }
+CHARACTER { return kw_CHARACTER; }
+CHOICE { return kw_CHOICE; }
+CLASS { return kw_CLASS; }
+COMPONENT { return kw_COMPONENT; }
+COMPONENTS { return kw_COMPONENTS; }
+CONSTRAINED { return kw_CONSTRAINED; }
+CONTAINING { return kw_CONTAINING; }
+DEFAULT { return kw_DEFAULT; }
+DEFINITIONS { return kw_DEFINITIONS; }
+EMBEDDED { return kw_EMBEDDED; }
+ENCODED { return kw_ENCODED; }
+END { return kw_END; }
+ENUMERATED { return kw_ENUMERATED; }
+EXCEPT { return kw_EXCEPT; }
+EXPLICIT { return kw_EXPLICIT; }
+EXPORTS { return kw_EXPORTS; }
+EXTENSIBILITY { return kw_EXTENSIBILITY; }
+EXTERNAL { return kw_EXTERNAL; }
+FALSE { return kw_FALSE; }
+FROM { return kw_FROM; }
+GeneralString { return kw_GeneralString; }
+GeneralizedTime { return kw_GeneralizedTime; }
+GraphicString { return kw_GraphicString; }
+IA5String { return kw_IA5String; }
+IDENTIFIER { return kw_IDENTIFIER; }
+IMPLICIT { return kw_IMPLICIT; }
+IMPLIED { return kw_IMPLIED; }
+IMPORTS { return kw_IMPORTS; }
+INCLUDES { return kw_INCLUDES; }
+INSTANCE { return kw_INSTANCE; }
+INTEGER { return kw_INTEGER; }
+INTERSECTION { return kw_INTERSECTION; }
+ISO646String { return kw_ISO646String; }
+MAX { return kw_MAX; }
+MIN { return kw_MIN; }
+MINUS-INFINITY { return kw_MINUS_INFINITY; }
+NULL { return kw_NULL; }
+NumericString { return kw_NumericString; }
+OBJECT { return kw_OBJECT; }
+OCTET { return kw_OCTET; }
+OF { return kw_OF; }
+OPTIONAL { return kw_OPTIONAL; }
+ObjectDescriptor { return kw_ObjectDescriptor; }
+PATTERN { return kw_PATTERN; }
+PDV { return kw_PDV; }
+PLUS-INFINITY { return kw_PLUS_INFINITY; }
+PRESENT { return kw_PRESENT; }
+PRIVATE { return kw_PRIVATE; }
+PrintableString { return kw_PrintableString; }
+REAL { return kw_REAL; }
+RELATIVE_OID { return kw_RELATIVE_OID; }
+SEQUENCE { return kw_SEQUENCE; }
+SET { return kw_SET; }
+SIZE { return kw_SIZE; }
+STRING { return kw_STRING; }
+SYNTAX { return kw_SYNTAX; }
+T61String { return kw_T61String; }
+TAGS { return kw_TAGS; }
+TRUE { return kw_TRUE; }
+TYPE-IDENTIFIER { return kw_TYPE_IDENTIFIER; }
+TeletexString { return kw_TeletexString; }
+UNION { return kw_UNION; }
+UNIQUE { return kw_UNIQUE; }
+UNIVERSAL { return kw_UNIVERSAL; }
+UTCTime { return kw_UTCTime; }
+UTF8String { return kw_UTF8String; }
+UniversalString { return kw_UniversalString; }
+VideotexString { return kw_VideotexString; }
+VisibleString { return kw_VisibleString; }
+WITH { return kw_WITH; }
+[-,;{}()|] { return *yytext; }
+"[" { return *yytext; }
+"]" { return *yytext; }
+::= { return EEQUAL; }
+-- {
+ int c, start_lineno = lineno;
+ int f = 0;
+ while((c = input()) != EOF) {
+ if(f && c == '-')
+ break;
+ if(c == '-') {
+ f = 1;
+ continue;
+ }
+ if(c == '\n') {
+ lineno++;
+ break;
+ }
+ f = 0;
+ }
+ if(c == EOF)
+ unterminated("comment", start_lineno);
+ }
+\/\* {
+ int c, start_lineno = lineno;
+ int level = 1;
+ int seen_star = 0;
+ int seen_slash = 0;
+ while((c = input()) != EOF) {
+ if(c == '/') {
+ if(seen_star) {
+ if(--level == 0)
+ break;
+ seen_star = 0;
+ continue;
+ }
+ seen_slash = 1;
+ continue;
+ }
+ if(seen_star && c == '/') {
+ if(--level == 0)
+ break;
+ seen_star = 0;
+ continue;
+ }
+ if(c == '*') {
+ if(seen_slash) {
+ level++;
+ seen_star = seen_slash = 0;
+ continue;
+ }
+ seen_star = 1;
+ continue;
+ }
+ seen_star = seen_slash = 0;
+ if(c == '\n') {
+ lineno++;
+ continue;
+ }
+ }
+ if(c == EOF)
+ unterminated("comment", start_lineno);
+ }
+"\"" {
+ int start_lineno = lineno;
+ int c;
+ char buf[1024];
+ char *p = buf;
+ int f = 0;
+ int skip_ws = 0;
+
+ while((c = input()) != EOF) {
+ if(isspace(c) && skip_ws) {
+ if(c == '\n')
+ lineno++;
+ continue;
+ }
+ skip_ws = 0;
+
+ if(c == '"') {
+ if(f) {
+ *p++ = '"';
+ f = 0;
+ } else
+ f = 1;
+ continue;
+ }
+ if(f == 1) {
+ unput(c);
+ break;
+ }
+ if(c == '\n') {
+ lineno++;
+ while(p > buf && isspace((unsigned char)p[-1]))
+ p--;
+ skip_ws = 1;
+ continue;
+ }
+ *p++ = c;
+ }
+ if(c == EOF)
+ unterminated("string", start_lineno);
+ *p++ = '\0';
+ fprintf(stderr, "string -- %s\n", buf);
+ yylval.name = estrdup(buf);
+ return STRING;
+ }
+
+-?0x[0-9A-Fa-f]+|-?[0-9]+ { char *e, *y = yytext;
+ yylval.constant = strtol((const char *)yytext,
+ &e, 0);
+ if(e == y)
+ lex_error_message("malformed constant (%s)", yytext);
+ else
+ return NUMBER;
+ }
+[A-Za-z][-A-Za-z0-9_]* {
+ yylval.name = estrdup ((const char *)yytext);
+ return IDENTIFIER;
+ }
+[ \t] ;
+\n { ++lineno; }
+\.\.\. { return ELLIPSIS; }
+\.\. { return RANGE; }
+. { lex_error_message("Ignoring char(%c)\n", *yytext); }
+%%
+
+#ifndef yywrap /* XXX */
+int
+yywrap ()
+{
+ return 1;
+}
+#endif
+
+void
+lex_error_message (const char *format, ...)
+{
+ va_list args;
+
+ va_start (args, format);
+ fprintf (stderr, "%s:%d: ", get_filename(), lineno);
+ vfprintf (stderr, format, args);
+ va_end (args);
+ error_flag++;
+}
+
+static void
+unterminated(const char *type, unsigned start_lineno)
+{
+ lex_error_message("unterminated %s, possibly started on line %d\n", type, start_lineno);
+}
diff --git a/crypto/heimdal/lib/asn1/main.c b/crypto/heimdal/lib/asn1/main.c
new file mode 100644
index 000000000000..f22dc8792c27
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/main.c
@@ -0,0 +1,207 @@
+/*
+ * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+#include <getarg.h>
+#include "lex.h"
+
+RCSID("$Id$");
+
+extern FILE *yyin;
+
+static getarg_strings preserve;
+static getarg_strings seq;
+
+int
+preserve_type(const char *p)
+{
+ int i;
+ for (i = 0; i < preserve.num_strings; i++)
+ if (strcmp(preserve.strings[i], p) == 0)
+ return 1;
+ return 0;
+}
+
+int
+seq_type(const char *p)
+{
+ int i;
+ for (i = 0; i < seq.num_strings; i++)
+ if (strcmp(seq.strings[i], p) == 0)
+ return 1;
+ return 0;
+}
+
+int support_ber;
+int template_flag;
+int rfc1510_bitstring;
+int one_code_file;
+char *option_file;
+int version_flag;
+int help_flag;
+struct getargs args[] = {
+ { "template", 0, arg_flag, &template_flag },
+ { "encode-rfc1510-bit-string", 0, arg_flag, &rfc1510_bitstring },
+ { "decode-dce-ber", 0, arg_flag, &support_ber },
+ { "support-ber", 0, arg_flag, &support_ber },
+ { "preserve-binary", 0, arg_strings, &preserve },
+ { "sequence", 0, arg_strings, &seq },
+ { "one-code-file", 0, arg_flag, &one_code_file },
+ { "option-file", 0, arg_string, &option_file },
+ { "version", 0, arg_flag, &version_flag },
+ { "help", 0, arg_flag, &help_flag }
+};
+int num_args = sizeof(args) / sizeof(args[0]);
+
+static void
+usage(int code)
+{
+ arg_printusage(args, num_args, NULL, "[asn1-file [name]]");
+ exit(code);
+}
+
+int error_flag;
+
+int
+main(int argc, char **argv)
+{
+ int ret;
+ const char *file;
+ const char *name = NULL;
+ int optidx = 0;
+ char **arg = NULL;
+ size_t len = 0, i;
+
+ setprogname(argv[0]);
+ if(getarg(args, num_args, argc, argv, &optidx))
+ usage(1);
+ if(help_flag)
+ usage(0);
+ if(version_flag) {
+ print_version(NULL);
+ exit(0);
+ }
+ if (argc == optidx) {
+ file = "stdin";
+ name = "stdin";
+ yyin = stdin;
+ } else {
+ file = argv[optidx];
+ yyin = fopen (file, "r");
+ if (yyin == NULL)
+ err (1, "open %s", file);
+ if (argc == optidx + 1) {
+ char *p;
+ name = estrdup(file);
+ p = strrchr(name, '.');
+ if (p)
+ *p = '\0';
+ } else
+ name = argv[optidx + 1];
+ }
+
+ /*
+ * Parse extra options file
+ */
+ if (option_file) {
+ char buf[1024];
+ FILE *opt;
+
+ opt = fopen(option_file, "r");
+ if (opt == NULL) {
+ perror("open");
+ exit(1);
+ }
+
+ arg = calloc(2, sizeof(arg[0]));
+ if (arg == NULL) {
+ perror("calloc");
+ exit(1);
+ }
+ arg[0] = option_file;
+ arg[1] = NULL;
+ len = 1;
+
+ while (fgets(buf, sizeof(buf), opt) != NULL) {
+ buf[strcspn(buf, "\n\r")] = '\0';
+
+ arg = realloc(arg, (len + 2) * sizeof(arg[0]));
+ if (arg == NULL) {
+ perror("malloc");
+ exit(1);
+ }
+ arg[len] = strdup(buf);
+ if (arg[len] == NULL) {
+ perror("strdup");
+ exit(1);
+ }
+ arg[len + 1] = NULL;
+ len++;
+ }
+ fclose(opt);
+
+ optidx = 0;
+ if(getarg(args, num_args, len, arg, &optidx))
+ usage(1);
+
+ if (len != optidx) {
+ fprintf(stderr, "extra args");
+ exit(1);
+ }
+ }
+
+
+ init_generate (file, name);
+
+ if (one_code_file)
+ generate_header_of_codefile(name);
+
+ initsym ();
+ ret = yyparse ();
+ if(ret != 0 || error_flag != 0)
+ exit(1);
+ close_generate ();
+ if (argc != optidx)
+ fclose(yyin);
+
+ if (one_code_file)
+ close_codefile();
+
+ if (arg) {
+ for (i = 1; i < len; i++)
+ free(arg[i]);
+ free(arg);
+ }
+
+ return 0;
+}
diff --git a/crypto/heimdal/lib/asn1/pkcs12.asn1 b/crypto/heimdal/lib/asn1/pkcs12.asn1
new file mode 100644
index 000000000000..8b604c68d7e4
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/pkcs12.asn1
@@ -0,0 +1,81 @@
+-- $Id$ --
+
+PKCS12 DEFINITIONS ::=
+
+BEGIN
+
+IMPORTS ContentInfo FROM cms
+ DigestInfo FROM rfc2459
+ heim_any, heim_any_set FROM heim;
+
+-- The PFX PDU
+
+id-pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) pkcs(1) pkcs-12(12) }
+
+id-pkcs-12PbeIds OBJECT IDENTIFIER ::= { id-pkcs-12 1}
+id-pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 1}
+id-pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 2}
+id-pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 3}
+id-pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 4}
+id-pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 5}
+id-pbewithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= { id-pkcs-12PbeIds 6}
+
+id-pkcs12-bagtypes OBJECT IDENTIFIER ::= { id-pkcs-12 10 1}
+
+id-pkcs12-keyBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 1 }
+id-pkcs12-pkcs8ShroudedKeyBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 2 }
+id-pkcs12-certBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 3 }
+id-pkcs12-crlBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 4 }
+id-pkcs12-secretBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 5 }
+id-pkcs12-safeContentsBag OBJECT IDENTIFIER ::= { id-pkcs12-bagtypes 6 }
+
+
+PKCS12-MacData ::= SEQUENCE {
+ mac DigestInfo,
+ macSalt OCTET STRING,
+ iterations INTEGER OPTIONAL
+}
+
+PKCS12-PFX ::= SEQUENCE {
+ version INTEGER,
+ authSafe ContentInfo,
+ macData PKCS12-MacData OPTIONAL
+}
+
+PKCS12-AuthenticatedSafe ::= SEQUENCE OF ContentInfo
+ -- Data if unencrypted
+ -- EncryptedData if password-encrypted
+ -- EnvelopedData if public key-encrypted
+
+PKCS12-Attribute ::= SEQUENCE {
+ attrId OBJECT IDENTIFIER,
+ attrValues -- SET OF -- heim_any_set
+}
+
+PKCS12-Attributes ::= SET OF PKCS12-Attribute
+
+PKCS12-SafeBag ::= SEQUENCE {
+ bagId OBJECT IDENTIFIER,
+ bagValue [0] heim_any,
+ bagAttributes PKCS12-Attributes OPTIONAL
+}
+
+PKCS12-SafeContents ::= SEQUENCE OF PKCS12-SafeBag
+
+PKCS12-CertBag ::= SEQUENCE {
+ certType OBJECT IDENTIFIER,
+ certValue [0] heim_any
+}
+
+PKCS12-PBEParams ::= SEQUENCE {
+ salt OCTET STRING,
+ iterations INTEGER (0..4294967295) OPTIONAL
+}
+
+PKCS12-OctetString ::= OCTET STRING
+
+-- KeyBag ::= PrivateKeyInfo
+-- PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo
+
+END
diff --git a/crypto/heimdal/lib/asn1/pkcs8.asn1 b/crypto/heimdal/lib/asn1/pkcs8.asn1
new file mode 100644
index 000000000000..45a7d715dfce
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/pkcs8.asn1
@@ -0,0 +1,30 @@
+-- $Id$ --
+
+PKCS8 DEFINITIONS ::=
+
+BEGIN
+
+IMPORTS Attribute, AlgorithmIdentifier FROM rfc2459
+ heim_any, heim_any_set FROM heim;
+
+PKCS8PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+
+PKCS8PrivateKey ::= OCTET STRING
+
+PKCS8Attributes ::= SET OF Attribute
+
+PKCS8PrivateKeyInfo ::= SEQUENCE {
+ version INTEGER,
+ privateKeyAlgorithm PKCS8PrivateKeyAlgorithmIdentifier,
+ privateKey PKCS8PrivateKey,
+ attributes [0] IMPLICIT SET OF Attribute OPTIONAL
+}
+
+PKCS8EncryptedData ::= OCTET STRING
+
+PKCS8EncryptedPrivateKeyInfo ::= SEQUENCE {
+ encryptionAlgorithm AlgorithmIdentifier,
+ encryptedData PKCS8EncryptedData
+}
+
+END
diff --git a/crypto/heimdal/lib/asn1/pkcs9.asn1 b/crypto/heimdal/lib/asn1/pkcs9.asn1
new file mode 100644
index 000000000000..50bf9dd1cd71
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/pkcs9.asn1
@@ -0,0 +1,28 @@
+-- $Id$ --
+
+PKCS9 DEFINITIONS ::=
+
+BEGIN
+
+-- The PFX PDU
+
+id-pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) pkcs(1) pkcs-9(9) }
+
+id-pkcs9-emailAddress OBJECT IDENTIFIER ::= {id-pkcs-9 1 }
+id-pkcs9-contentType OBJECT IDENTIFIER ::= {id-pkcs-9 3 }
+id-pkcs9-messageDigest OBJECT IDENTIFIER ::= {id-pkcs-9 4 }
+id-pkcs9-signingTime OBJECT IDENTIFIER ::= {id-pkcs-9 5 }
+id-pkcs9-countersignature OBJECT IDENTIFIER ::= {id-pkcs-9 6 }
+
+id-pkcs-9-at-friendlyName OBJECT IDENTIFIER ::= {id-pkcs-9 20}
+id-pkcs-9-at-localKeyId OBJECT IDENTIFIER ::= {id-pkcs-9 21}
+id-pkcs-9-at-certTypes OBJECT IDENTIFIER ::= {id-pkcs-9 22}
+id-pkcs-9-at-certTypes-x509 OBJECT IDENTIFIER ::= {id-pkcs-9-at-certTypes 1}
+
+PKCS9-BMPString ::= BMPString
+
+PKCS9-friendlyName ::= SET OF PKCS9-BMPString
+
+END
+
diff --git a/crypto/heimdal/lib/asn1/pkinit.asn1 b/crypto/heimdal/lib/asn1/pkinit.asn1
new file mode 100644
index 000000000000..f36ebf0b32fb
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/pkinit.asn1
@@ -0,0 +1,200 @@
+-- $Id$ --
+
+PKINIT DEFINITIONS ::= BEGIN
+
+IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, Checksum, Ticket FROM krb5
+ IssuerAndSerialNumber, ContentInfo FROM cms
+ SubjectPublicKeyInfo, AlgorithmIdentifier FROM rfc2459
+ heim_any FROM heim;
+
+id-pkinit OBJECT IDENTIFIER ::=
+ { iso (1) org (3) dod (6) internet (1) security (5)
+ kerberosv5 (2) pkinit (3) }
+
+id-pkauthdata OBJECT IDENTIFIER ::= { id-pkinit 1 }
+id-pkdhkeydata OBJECT IDENTIFIER ::= { id-pkinit 2 }
+id-pkrkeydata OBJECT IDENTIFIER ::= { id-pkinit 3 }
+id-pkekuoid OBJECT IDENTIFIER ::= { id-pkinit 4 }
+id-pkkdcekuoid OBJECT IDENTIFIER ::= { id-pkinit 5 }
+
+id-pkinit-kdf OBJECT IDENTIFIER ::= { id-pkinit 6 }
+id-pkinit-kdf-ah-sha1 OBJECT IDENTIFIER ::= { id-pkinit-kdf 1 }
+id-pkinit-kdf-ah-sha256 OBJECT IDENTIFIER ::= { id-pkinit-kdf 2 }
+id-pkinit-kdf-ah-sha512 OBJECT IDENTIFIER ::= { id-pkinit-kdf 3 }
+
+id-pkinit-san OBJECT IDENTIFIER ::=
+ { iso(1) org(3) dod(6) internet(1) security(5) kerberosv5(2)
+ x509-sanan(2) }
+
+id-pkinit-ms-eku OBJECT IDENTIFIER ::=
+ { iso(1) org(3) dod(6) internet(1) private(4)
+ enterprise(1) microsoft(311) 20 2 2 }
+
+id-pkinit-ms-san OBJECT IDENTIFIER ::=
+ { iso(1) org(3) dod(6) internet(1) private(4)
+ enterprise(1) microsoft(311) 20 2 3 }
+
+MS-UPN-SAN ::= UTF8String
+
+pa-pk-as-req INTEGER ::= 16
+pa-pk-as-rep INTEGER ::= 17
+
+td-trusted-certifiers INTEGER ::= 104
+td-invalid-certificates INTEGER ::= 105
+td-dh-parameters INTEGER ::= 109
+
+DHNonce ::= OCTET STRING
+
+KDFAlgorithmId ::= SEQUENCE {
+ kdf-id [0] OBJECT IDENTIFIER,
+ ...
+}
+
+TrustedCA ::= SEQUENCE {
+ caName [0] IMPLICIT OCTET STRING,
+ certificateSerialNumber [1] INTEGER OPTIONAL,
+ subjectKeyIdentifier [2] OCTET STRING OPTIONAL,
+ ...
+}
+
+ExternalPrincipalIdentifier ::= SEQUENCE {
+ subjectName [0] IMPLICIT OCTET STRING OPTIONAL,
+ issuerAndSerialNumber [1] IMPLICIT OCTET STRING OPTIONAL,
+ subjectKeyIdentifier [2] IMPLICIT OCTET STRING OPTIONAL,
+ ...
+}
+
+ExternalPrincipalIdentifiers ::= SEQUENCE OF ExternalPrincipalIdentifier
+
+PA-PK-AS-REQ ::= SEQUENCE {
+ signedAuthPack [0] IMPLICIT OCTET STRING,
+ trustedCertifiers [1] ExternalPrincipalIdentifiers OPTIONAL,
+ kdcPkId [2] IMPLICIT OCTET STRING OPTIONAL,
+ ...
+}
+
+PKAuthenticator ::= SEQUENCE {
+ cusec [0] INTEGER -- (0..999999) --,
+ ctime [1] KerberosTime,
+ nonce [2] INTEGER (0..4294967295),
+ paChecksum [3] OCTET STRING OPTIONAL,
+ ...
+}
+
+AuthPack ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL,
+ supportedCMSTypes [2] SEQUENCE OF AlgorithmIdentifier OPTIONAL,
+ clientDHNonce [3] DHNonce OPTIONAL,
+ ...,
+ supportedKDFs [4] SEQUENCE OF KDFAlgorithmId OPTIONAL,
+ ...
+}
+
+TD-TRUSTED-CERTIFIERS ::= ExternalPrincipalIdentifiers
+TD-INVALID-CERTIFICATES ::= ExternalPrincipalIdentifiers
+
+KRB5PrincipalName ::= SEQUENCE {
+ realm [0] Realm,
+ principalName [1] PrincipalName
+}
+
+AD-INITIAL-VERIFIED-CAS ::= SEQUENCE OF ExternalPrincipalIdentifier
+
+DHRepInfo ::= SEQUENCE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ serverDHNonce [1] DHNonce OPTIONAL,
+ ...,
+ kdf [2] KDFAlgorithmId OPTIONAL,
+ ...
+}
+
+PA-PK-AS-REP ::= CHOICE {
+ dhInfo [0] DHRepInfo,
+ encKeyPack [1] IMPLICIT OCTET STRING,
+ ...
+}
+
+KDCDHKeyInfo ::= SEQUENCE {
+ subjectPublicKey [0] BIT STRING,
+ nonce [1] INTEGER (0..4294967295),
+ dhKeyExpiration [2] KerberosTime OPTIONAL,
+ ...
+}
+
+ReplyKeyPack ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ asChecksum [1] Checksum,
+ ...
+}
+
+TD-DH-PARAMETERS ::= SEQUENCE OF AlgorithmIdentifier
+
+
+-- Windows compat glue --
+
+PKAuthenticator-Win2k ::= SEQUENCE {
+ kdcName [0] PrincipalName,
+ kdcRealm [1] Realm,
+ cusec [2] INTEGER (0..4294967295),
+ ctime [3] KerberosTime,
+ nonce [4] INTEGER (-2147483648..2147483647)
+}
+
+AuthPack-Win2k ::= SEQUENCE {
+ pkAuthenticator [0] PKAuthenticator-Win2k,
+ clientPublicValue [1] SubjectPublicKeyInfo OPTIONAL
+}
+
+
+TrustedCA-Win2k ::= CHOICE {
+ caName [1] heim_any,
+ issuerAndSerial [2] IssuerAndSerialNumber
+}
+
+PA-PK-AS-REQ-Win2k ::= SEQUENCE {
+ signed-auth-pack [0] IMPLICIT OCTET STRING,
+ trusted-certifiers [2] SEQUENCE OF TrustedCA-Win2k OPTIONAL,
+ kdc-cert [3] IMPLICIT OCTET STRING OPTIONAL,
+ encryption-cert [4] IMPLICIT OCTET STRING OPTIONAL
+}
+
+PA-PK-AS-REP-Win2k ::= CHOICE {
+ dhSignedData [0] IMPLICIT OCTET STRING,
+ encKeyPack [1] IMPLICIT OCTET STRING
+}
+
+KDCDHKeyInfo-Win2k ::= SEQUENCE {
+ nonce [0] INTEGER (-2147483648..2147483647),
+ subjectPublicKey [2] BIT STRING
+}
+
+ReplyKeyPack-Win2k ::= SEQUENCE {
+ replyKey [0] EncryptionKey,
+ nonce [1] INTEGER (-2147483648..2147483647),
+ ...
+}
+
+PA-PK-AS-REP-BTMM ::= SEQUENCE {
+ dhSignedData [0] heim_any OPTIONAL,
+ encKeyPack [1] heim_any OPTIONAL
+}
+
+
+PkinitSP80056AOtherInfo ::= SEQUENCE {
+ algorithmID AlgorithmIdentifier,
+ partyUInfo [0] OCTET STRING,
+ partyVInfo [1] OCTET STRING,
+ suppPubInfo [2] OCTET STRING OPTIONAL,
+ suppPrivInfo [3] OCTET STRING OPTIONAL
+}
+
+PkinitSuppPubInfo ::= SEQUENCE {
+ enctype [0] INTEGER (-2147483648..2147483647),
+ as-REQ [1] OCTET STRING,
+ pk-as-rep [2] OCTET STRING,
+ ticket [3] Ticket,
+ ...
+}
+
+END
diff --git a/crypto/heimdal/lib/asn1/rfc2459.asn1 b/crypto/heimdal/lib/asn1/rfc2459.asn1
new file mode 100644
index 000000000000..5df9e41fffd2
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/rfc2459.asn1
@@ -0,0 +1,562 @@
+-- $Id$ --
+-- Definitions from rfc2459/rfc3280
+
+RFC2459 DEFINITIONS ::= BEGIN
+
+IMPORTS heim_any FROM heim;
+
+Version ::= INTEGER {
+ rfc3280_version_1(0),
+ rfc3280_version_2(1),
+ rfc3280_version_3(2)
+}
+
+id-pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) pkcs(1) 1 }
+id-pkcs1-rsaEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 1 }
+id-pkcs1-md2WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 2 }
+id-pkcs1-md5WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 4 }
+id-pkcs1-sha1WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 5 }
+id-pkcs1-sha256WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 11 }
+id-pkcs1-sha384WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 12 }
+id-pkcs1-sha512WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 13 }
+
+id-heim-rsa-pkcs1-x509 OBJECT IDENTIFIER ::= { 1 2 752 43 16 1 }
+
+id-pkcs-2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) pkcs(1) 2 }
+id-pkcs2-md2 OBJECT IDENTIFIER ::= { id-pkcs-2 2 }
+id-pkcs2-md4 OBJECT IDENTIFIER ::= { id-pkcs-2 4 }
+id-pkcs2-md5 OBJECT IDENTIFIER ::= { id-pkcs-2 5 }
+
+id-rsa-digestAlgorithm OBJECT IDENTIFIER ::=
+{ iso(1) member-body(2) us(840) rsadsi(113549) 2 }
+
+id-rsa-digest-md2 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 2 }
+id-rsa-digest-md4 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 4 }
+id-rsa-digest-md5 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 5 }
+
+id-pkcs-3 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) pkcs(1) 3 }
+
+id-pkcs3-rc2-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 2 }
+id-pkcs3-rc4 OBJECT IDENTIFIER ::= { id-pkcs-3 4 }
+id-pkcs3-des-ede3-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 7 }
+
+id-rsadsi-encalg OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ rsadsi(113549) 3 }
+
+id-rsadsi-rc2-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 2 }
+id-rsadsi-des-ede3-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 7 }
+
+id-secsig-sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+ oiw(14) secsig(3) algorithm(2) 26 }
+
+id-secsig-sha-1WithRSAEncryption OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+ oiw(14) secsig(3) algorithm(2) 29 }
+
+id-nistAlgorithm OBJECT IDENTIFIER ::= {
+ joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) 4 }
+
+id-nist-aes-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 1 }
+
+id-aes-128-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 2 }
+id-aes-192-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 22 }
+id-aes-256-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 42 }
+
+id-nist-sha-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 2 }
+
+id-sha256 OBJECT IDENTIFIER ::= { id-nist-sha-algs 1 }
+id-sha224 OBJECT IDENTIFIER ::= { id-nist-sha-algs 4 }
+id-sha384 OBJECT IDENTIFIER ::= { id-nist-sha-algs 2 }
+id-sha512 OBJECT IDENTIFIER ::= { id-nist-sha-algs 3 }
+
+id-dhpublicnumber OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-x942(10046)
+ number-type(2) 1 }
+
+-- ECC
+
+id-ecPublicKey OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 }
+
+id-ecDH OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) certicom(132) schemes(1)
+ ecdh(12) }
+
+id-ecMQV OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) certicom(132) schemes(1)
+ ecmqv(13) }
+
+id-ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ ecdsa-with-SHA2(3) 2 }
+
+id-ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 }
+
+-- some EC group ids
+
+id-ec-group-secp256r1 OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3)
+ prime(1) 7 }
+
+id-ec-group-secp160r1 OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) certicom(132) 0 8 }
+
+id-ec-group-secp160r2 OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) certicom(132) 0 30 }
+
+-- DSA
+
+id-x9-57 OBJECT IDENTIFIER ::= {
+ iso(1) member-body(2) us(840) ansi-x942(10046) 4 }
+
+id-dsa OBJECT IDENTIFIER ::= { id-x9-57 1 }
+id-dsa-with-sha1 OBJECT IDENTIFIER ::= { id-x9-57 3 }
+
+-- x.520 names types
+
+id-x520-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }
+
+id-at-commonName OBJECT IDENTIFIER ::= { id-x520-at 3 }
+id-at-surname OBJECT IDENTIFIER ::= { id-x520-at 4 }
+id-at-serialNumber OBJECT IDENTIFIER ::= { id-x520-at 5 }
+id-at-countryName OBJECT IDENTIFIER ::= { id-x520-at 6 }
+id-at-localityName OBJECT IDENTIFIER ::= { id-x520-at 7 }
+id-at-stateOrProvinceName OBJECT IDENTIFIER ::= { id-x520-at 8 }
+id-at-streetAddress OBJECT IDENTIFIER ::= { id-x520-at 9 }
+id-at-organizationName OBJECT IDENTIFIER ::= { id-x520-at 10 }
+id-at-organizationalUnitName OBJECT IDENTIFIER ::= { id-x520-at 11 }
+id-at-name OBJECT IDENTIFIER ::= { id-x520-at 41 }
+id-at-givenName OBJECT IDENTIFIER ::= { id-x520-at 42 }
+id-at-initials OBJECT IDENTIFIER ::= { id-x520-at 43 }
+id-at-generationQualifier OBJECT IDENTIFIER ::= { id-x520-at 44 }
+id-at-pseudonym OBJECT IDENTIFIER ::= { id-x520-at 65 }
+-- RFC 2247
+id-Userid OBJECT IDENTIFIER ::=
+ { 0 9 2342 19200300 100 1 1 }
+id-domainComponent OBJECT IDENTIFIER ::=
+ { 0 9 2342 19200300 100 1 25 }
+
+
+-- rfc3280
+
+id-x509-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29}
+
+AlgorithmIdentifier ::= SEQUENCE {
+ algorithm OBJECT IDENTIFIER,
+ parameters heim_any OPTIONAL
+}
+
+AttributeType ::= OBJECT IDENTIFIER
+
+AttributeValue ::= heim_any
+
+DirectoryString ::= CHOICE {
+ ia5String IA5String,
+ teletexString TeletexString,
+ printableString PrintableString,
+ universalString UniversalString,
+ utf8String UTF8String,
+ bmpString BMPString
+}
+
+Attribute ::= SEQUENCE {
+ type AttributeType,
+ value SET OF -- AttributeValue -- heim_any
+}
+
+AttributeTypeAndValue ::= SEQUENCE {
+ type AttributeType,
+ value DirectoryString
+}
+
+RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
+
+RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+
+Name ::= CHOICE {
+ rdnSequence RDNSequence
+}
+
+CertificateSerialNumber ::= INTEGER
+
+Time ::= CHOICE {
+ utcTime UTCTime,
+ generalTime GeneralizedTime
+}
+
+Validity ::= SEQUENCE {
+ notBefore Time,
+ notAfter Time
+}
+
+UniqueIdentifier ::= BIT STRING
+
+SubjectPublicKeyInfo ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ subjectPublicKey BIT STRING
+}
+
+Extension ::= SEQUENCE {
+ extnID OBJECT IDENTIFIER,
+ critical BOOLEAN OPTIONAL, -- DEFAULT FALSE XXX
+ extnValue OCTET STRING
+}
+
+Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
+
+TBSCertificate ::= SEQUENCE {
+ version [0] Version OPTIONAL, -- EXPLICIT nnn DEFAULT 1,
+ serialNumber CertificateSerialNumber,
+ signature AlgorithmIdentifier,
+ issuer Name,
+ validity Validity,
+ subject Name,
+ subjectPublicKeyInfo SubjectPublicKeyInfo,
+ issuerUniqueID [1] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL,
+ -- If present, version shall be v2 or v3
+ subjectUniqueID [2] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL,
+ -- If present, version shall be v2 or v3
+ extensions [3] EXPLICIT Extensions OPTIONAL
+ -- If present, version shall be v3
+}
+
+Certificate ::= SEQUENCE {
+ tbsCertificate TBSCertificate,
+ signatureAlgorithm AlgorithmIdentifier,
+ signatureValue BIT STRING
+}
+
+Certificates ::= SEQUENCE OF Certificate
+
+ValidationParms ::= SEQUENCE {
+ seed BIT STRING,
+ pgenCounter INTEGER
+}
+
+DomainParameters ::= SEQUENCE {
+ p INTEGER, -- odd prime, p=jq +1
+ g INTEGER, -- generator, g
+ q INTEGER, -- factor of p-1
+ j INTEGER OPTIONAL, -- subgroup factor
+ validationParms ValidationParms OPTIONAL -- ValidationParms
+}
+
+-- As defined by PKCS3
+DHParameter ::= SEQUENCE {
+ prime INTEGER, -- odd prime, p=jq +1
+ base INTEGER, -- generator, g
+ privateValueLength INTEGER OPTIONAL
+}
+
+DHPublicKey ::= INTEGER
+
+OtherName ::= SEQUENCE {
+ type-id OBJECT IDENTIFIER,
+ value [0] EXPLICIT heim_any
+}
+
+GeneralName ::= CHOICE {
+ otherName [0] IMPLICIT -- OtherName -- SEQUENCE {
+ type-id OBJECT IDENTIFIER,
+ value [0] EXPLICIT heim_any
+ },
+ rfc822Name [1] IMPLICIT IA5String,
+ dNSName [2] IMPLICIT IA5String,
+-- x400Address [3] IMPLICIT ORAddress,--
+ directoryName [4] IMPLICIT -- Name -- CHOICE {
+ rdnSequence RDNSequence
+ },
+-- ediPartyName [5] IMPLICIT EDIPartyName, --
+ uniformResourceIdentifier [6] IMPLICIT IA5String,
+ iPAddress [7] IMPLICIT OCTET STRING,
+ registeredID [8] IMPLICIT OBJECT IDENTIFIER
+}
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+id-x509-ce-keyUsage OBJECT IDENTIFIER ::= { id-x509-ce 15 }
+
+KeyUsage ::= BIT STRING {
+ digitalSignature (0),
+ nonRepudiation (1),
+ keyEncipherment (2),
+ dataEncipherment (3),
+ keyAgreement (4),
+ keyCertSign (5),
+ cRLSign (6),
+ encipherOnly (7),
+ decipherOnly (8)
+}
+
+id-x509-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 35 }
+
+KeyIdentifier ::= OCTET STRING
+
+AuthorityKeyIdentifier ::= SEQUENCE {
+ keyIdentifier [0] IMPLICIT OCTET STRING OPTIONAL,
+ authorityCertIssuer [1] IMPLICIT -- GeneralName --
+ SEQUENCE -- SIZE (1..MAX) -- OF GeneralName OPTIONAL,
+ authorityCertSerialNumber [2] IMPLICIT INTEGER OPTIONAL
+}
+
+id-x509-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 14 }
+
+SubjectKeyIdentifier ::= KeyIdentifier
+
+id-x509-ce-basicConstraints OBJECT IDENTIFIER ::= { id-x509-ce 19 }
+
+BasicConstraints ::= SEQUENCE {
+ cA BOOLEAN OPTIONAL -- DEFAULT FALSE --,
+ pathLenConstraint INTEGER (0..4294967295) OPTIONAL
+}
+
+id-x509-ce-nameConstraints OBJECT IDENTIFIER ::= { id-x509-ce 30 }
+
+BaseDistance ::= INTEGER -- (0..MAX) --
+
+GeneralSubtree ::= SEQUENCE {
+ base GeneralName,
+ minimum [0] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL -- DEFAULT 0 --,
+ maximum [1] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL
+}
+
+GeneralSubtrees ::= SEQUENCE -- SIZE (1..MAX) -- OF GeneralSubtree
+
+NameConstraints ::= SEQUENCE {
+ permittedSubtrees [0] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL,
+ excludedSubtrees [1] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL
+}
+
+id-x509-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-x509-ce 16 }
+id-x509-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-x509-ce 32 }
+id-x509-ce-policyMappings OBJECT IDENTIFIER ::= { id-x509-ce 33 }
+id-x509-ce-subjectAltName OBJECT IDENTIFIER ::= { id-x509-ce 17 }
+id-x509-ce-issuerAltName OBJECT IDENTIFIER ::= { id-x509-ce 18 }
+id-x509-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-x509-ce 9 }
+id-x509-ce-policyConstraints OBJECT IDENTIFIER ::= { id-x509-ce 36 }
+
+id-x509-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-x509-ce 37}
+
+ExtKeyUsage ::= SEQUENCE OF OBJECT IDENTIFIER
+
+id-x509-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-x509-ce 31 }
+id-x509-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-x509-ce 27 }
+id-x509-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-x509-ce 28 }
+id-x509-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-x509-ce 23 }
+id-x509-ce-invalidityDate OBJECT IDENTIFIER ::= { id-x509-ce 24 }
+id-x509-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-x509-ce 29 }
+id-x509-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-x509-ce 54 }
+
+DistributionPointReasonFlags ::= BIT STRING {
+ unused (0),
+ keyCompromise (1),
+ cACompromise (2),
+ affiliationChanged (3),
+ superseded (4),
+ cessationOfOperation (5),
+ certificateHold (6),
+ privilegeWithdrawn (7),
+ aACompromise (8)
+}
+
+DistributionPointName ::= CHOICE {
+ fullName [0] IMPLICIT -- GeneralNames -- SEQUENCE SIZE (1..MAX) OF GeneralName,
+ nameRelativeToCRLIssuer [1] RelativeDistinguishedName
+}
+
+DistributionPoint ::= SEQUENCE {
+ distributionPoint [0] IMPLICIT heim_any -- DistributionPointName -- OPTIONAL,
+ reasons [1] IMPLICIT heim_any -- DistributionPointReasonFlags -- OPTIONAL,
+ cRLIssuer [2] IMPLICIT heim_any -- GeneralNames -- OPTIONAL
+}
+
+CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+
+
+-- rfc3279
+
+DSASigValue ::= SEQUENCE {
+ r INTEGER,
+ s INTEGER
+}
+
+DSAPublicKey ::= INTEGER
+
+DSAParams ::= SEQUENCE {
+ p INTEGER,
+ q INTEGER,
+ g INTEGER
+}
+
+-- draft-ietf-pkix-ecc-subpubkeyinfo-11
+
+ECPoint ::= OCTET STRING
+
+ECParameters ::= CHOICE {
+ namedCurve OBJECT IDENTIFIER
+ -- implicitCurve NULL
+ -- specifiedCurve SpecifiedECDomain
+}
+
+ECDSA-Sig-Value ::= SEQUENCE {
+ r INTEGER,
+ s INTEGER
+}
+
+-- really pkcs1
+
+RSAPublicKey ::= SEQUENCE {
+ modulus INTEGER, -- n
+ publicExponent INTEGER -- e
+}
+
+RSAPrivateKey ::= SEQUENCE {
+ version INTEGER (0..4294967295),
+ modulus INTEGER, -- n
+ publicExponent INTEGER, -- e
+ privateExponent INTEGER, -- d
+ prime1 INTEGER, -- p
+ prime2 INTEGER, -- q
+ exponent1 INTEGER, -- d mod (p-1)
+ exponent2 INTEGER, -- d mod (q-1)
+ coefficient INTEGER -- (inverse of q) mod p
+}
+
+DigestInfo ::= SEQUENCE {
+ digestAlgorithm AlgorithmIdentifier,
+ digest OCTET STRING
+}
+
+-- some ms ext
+
+-- szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2" is Encoded as a
+
+-- UNICODESTRING (0x1E tag)
+
+-- szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7" is Encoded as:
+
+-- TemplateVersion ::= INTEGER (0..4294967295)
+
+-- CertificateTemplate ::= SEQUENCE {
+-- templateID OBJECT IDENTIFIER,
+-- templateMajorVersion TemplateVersion,
+-- templateMinorVersion TemplateVersion OPTIONAL
+-- }
+
+
+--
+-- CRL
+--
+
+TBSCRLCertList ::= SEQUENCE {
+ version Version OPTIONAL, -- if present, MUST be v2
+ signature AlgorithmIdentifier,
+ issuer Name,
+ thisUpdate Time,
+ nextUpdate Time OPTIONAL,
+ revokedCertificates SEQUENCE OF SEQUENCE {
+ userCertificate CertificateSerialNumber,
+ revocationDate Time,
+ crlEntryExtensions Extensions OPTIONAL
+ -- if present, MUST be v2
+ } OPTIONAL,
+ crlExtensions [0] EXPLICIT Extensions OPTIONAL
+ -- if present, MUST be v2
+}
+
+
+CRLCertificateList ::= SEQUENCE {
+ tbsCertList TBSCRLCertList,
+ signatureAlgorithm AlgorithmIdentifier,
+ signatureValue BIT STRING
+}
+
+id-x509-ce-cRLNumber OBJECT IDENTIFIER ::= { id-x509-ce 20 }
+id-x509-ce-freshestCRL OBJECT IDENTIFIER ::= { id-x509-ce 46 }
+id-x509-ce-cRLReason OBJECT IDENTIFIER ::= { id-x509-ce 21 }
+
+CRLReason ::= ENUMERATED {
+ unspecified (0),
+ keyCompromise (1),
+ cACompromise (2),
+ affiliationChanged (3),
+ superseded (4),
+ cessationOfOperation (5),
+ certificateHold (6),
+ removeFromCRL (8),
+ privilegeWithdrawn (9),
+ aACompromise (10)
+}
+
+PKIXXmppAddr ::= UTF8String
+
+id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+ dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
+
+id-pkix-on OBJECT IDENTIFIER ::= { id-pkix 8 }
+id-pkix-on-xmppAddr OBJECT IDENTIFIER ::= { id-pkix-on 5 }
+id-pkix-on-dnsSRV OBJECT IDENTIFIER ::= { id-pkix-on 7 }
+
+id-pkix-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
+id-pkix-kp-serverAuth OBJECT IDENTIFIER ::= { id-pkix-kp 1 }
+id-pkix-kp-clientAuth OBJECT IDENTIFIER ::= { id-pkix-kp 2 }
+id-pkix-kp-emailProtection OBJECT IDENTIFIER ::= { id-pkix-kp 4 }
+id-pkix-kp-timeStamping OBJECT IDENTIFIER ::= { id-pkix-kp 8 }
+id-pkix-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-pkix-kp 9 }
+
+id-pkix-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
+
+id-pkix-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pkix-pe 1 }
+
+AccessDescription ::= SEQUENCE {
+ accessMethod OBJECT IDENTIFIER,
+ accessLocation GeneralName
+}
+
+AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription
+
+-- RFC 3820 Proxy Certificate Profile
+
+id-pkix-pe-proxyCertInfo OBJECT IDENTIFIER ::= { id-pkix-pe 14 }
+
+id-pkix-ppl OBJECT IDENTIFIER ::= { id-pkix 21 }
+
+id-pkix-ppl-anyLanguage OBJECT IDENTIFIER ::= { id-pkix-ppl 0 }
+id-pkix-ppl-inheritAll OBJECT IDENTIFIER ::= { id-pkix-ppl 1 }
+id-pkix-ppl-independent OBJECT IDENTIFIER ::= { id-pkix-ppl 2 }
+
+ProxyPolicy ::= SEQUENCE {
+ policyLanguage OBJECT IDENTIFIER,
+ policy OCTET STRING OPTIONAL
+}
+
+ProxyCertInfo ::= SEQUENCE {
+ pCPathLenConstraint INTEGER (0..4294967295) OPTIONAL, -- really MAX
+ proxyPolicy ProxyPolicy
+}
+
+--- U.S. Federal PKI Common Policy Framework
+-- Card Authentication key
+id-uspkicommon-card-id OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 6 }
+id-uspkicommon-piv-interim OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 9 1 }
+
+--- Netscape extentions
+
+id-netscape OBJECT IDENTIFIER ::=
+ { joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730) }
+id-netscape-cert-comment OBJECT IDENTIFIER ::= { id-netscape 1 13 }
+
+--- MS extentions
+
+id-ms-cert-enroll-domaincontroller OBJECT IDENTIFIER ::=
+ { 1 3 6 1 4 1 311 20 2 }
+
+id-ms-client-authentication OBJECT IDENTIFIER ::=
+ { 1 3 6 1 5 5 7 3 2 }
+
+-- DER:1e:20:00:44:00:6f:00:6d:00:61:00:69:00:6e:00:43:00:6f:00:6e:00:74:00:72:00:6f:00:6c:00:6c:00:65:00:72
+
+END
diff --git a/crypto/heimdal/lib/asn1/setchgpw2.asn1 b/crypto/heimdal/lib/asn1/setchgpw2.asn1
new file mode 100644
index 000000000000..2f52cb1ceb1a
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/setchgpw2.asn1
@@ -0,0 +1,193 @@
+-- $Id$
+
+SETCHGPW2 DEFINITIONS ::=
+BEGIN
+
+IMPORTS PrincipalName, Realm, ENCTYPE FROM krb5;
+
+ProtocolErrorCode ::= ENUMERATED {
+ generic-error(0),
+ unsupported-major-version(1),
+ unsupported-minor-version(2),
+ unsupported-operation(3),
+ authorization-failed(4),
+ initial-ticket-required(5),
+ target-principal-unknown(6),
+ ...
+}
+
+Key ::= SEQUENCE {
+ enc-type[0] INTEGER,
+ key[1] OCTET STRING,
+ ...
+}
+
+Language-Tag ::= UTF8String -- Constrained by RFC3066
+
+LangTaggedText ::= SEQUENCE {
+ language[0] Language-Tag OPTIONAL,
+ text[1] UTF8String,
+ ...
+}
+
+-- NULL Op
+
+Req-null ::= NULL
+Rep-null ::= NULL
+Err-null ::= NULL
+
+-- Change password
+Req-change-pw ::= SEQUENCE {
+ old-pw[0] UTF8String,
+ new-pw[1] UTF8String OPTIONAL,
+ etypes[2] SEQUENCE OF ENCTYPE OPTIONAL,
+ ...
+}
+
+Rep-change-pw ::= SEQUENCE {
+ info-text[0] UTF8String OPTIONAL,
+ new-pw[1] UTF8String OPTIONAL,
+ etypes[2] SEQUENCE OF ENCTYPE OPTIONAL
+}
+
+Err-change-pw ::= SEQUENCE {
+ help-text[0] UTF8String OPTIONAL,
+ code[1] ENUMERATED {
+ generic(0),
+ wont-generate-new-pw(1),
+ old-pw-incorrect(2),
+ new-pw-rejected-geneneric(3),
+ pw-change-too-short(4),
+ ...
+ },
+ suggested-new-pw[2] UTF8String OPTIONAL,
+ ...
+}
+
+-- Change/Set keys
+Req-set-keys ::= SEQUENCE {
+ etypes[0] SEQUENCE OF ENCTYPE,
+ entropy[1] OCTET STRING,
+ ...
+}
+
+Rep-set-keys ::= SEQUENCE {
+ info-text[0] UTF8String OPTIONAL,
+ kvno[1] INTEGER,
+ keys[2] SEQUENCE OF Key,
+ aliases[3] SEQUENCE OF SEQUENCE {
+ name[0] PrincipalName,
+ realm[1] Realm OPTIONAL,
+ ...
+ },
+ ...
+}
+
+Err-set-keys ::= SEQUENCE {
+ help-text[0] UTF8String OPTIONAL,
+ enctypes[1] SEQUENCE OF ENCTYPE OPTIONAL,
+ code[1] ENUMERATED {
+ etype-no-support(0),
+ ...
+ },
+ ...
+}
+
+-- Get password policy
+Req-get-pw-policy ::= NULL
+
+Rep-get-pw-policy ::= SEQUENCE {
+ help-text[0] UTF8String OPTIONAL,
+ policy-name[1] UTF8String OPTIONAL,
+ description[2] UTF8String OPTIONAL,
+ ...
+}
+
+Err-get-pw-policy ::= NULL
+
+-- Get principal aliases
+Req-get-princ-aliases ::= NULL
+
+Rep-get-princ-aliases ::= SEQUENCE {
+ help-text[0] UTF8String OPTIONAL,
+ aliases[1] SEQUENCE OF SEQUENCE {
+ name[0] PrincipalName,
+ realm[1] Realm OPTIONAL,
+ ...
+ } OPTIONAL,
+ ...
+}
+
+Err-get-princ-aliases ::= NULL
+
+-- Get list of encryption types supported by KDC for new types
+Req-get-supported-etypes ::= NULL
+
+Rep-get-supported-etypes ::= SEQUENCE OF ENCTYPE
+
+Err-get-supported-etypes ::= NULL
+
+-- Choice switch
+
+Op-req ::= CHOICE {
+ null[0] Req-null,
+ change-pw[1] Req-change-pw,
+ set-keys[2] Req-set-keys,
+ get-pw-policy[3] Req-get-pw-policy,
+ get-princ-aliases[4] Req-get-princ-aliases,
+ get-supported-etypes[5] Req-get-supported-etypes,
+ ...
+}
+
+Op-rep ::= CHOICE {
+ null[0] Rep-null,
+ change-pw[1] Rep-change-pw,
+ set-keys[2] Rep-set-keys,
+ get-pw-policy[3] Rep-get-pw-policy,
+ get-princ-aliases[4] Rep-get-princ-aliases,
+ get-supported-etypes[5] Rep-get-supported-etypes,
+ ...
+}
+
+Op-error ::= CHOICE {
+ null[0] Err-null,
+ change-pw[1] Err-change-pw,
+ set-keys[2] Err-set-keys,
+ get-pw-policy[3] Err-get-pw-policy,
+ get-princ-aliases[4] Err-get-princ-aliases,
+ get-supported-etypes[5] Err-get-supported-etypes,
+ ...
+}
+
+
+Request ::= [ APPLICATION 0 ] SEQUENCE {
+ pvno-major[0] INTEGER DEFAULT 2,
+ pvno-minor[1] INTEGER DEFAULT 0,
+ languages[2] SEQUENCE OF Language-Tag OPTIONAL,
+ targ-name[3] PrincipalName OPTIONAL,
+ targ-realm[4] Realm OPTIONAL,
+ operation[5] Op-Req,
+ ...
+}
+
+Response ::= [ APPLICATION 1 ] SEQUENCE {
+ pvno-major[0] INTEGER DEFAULT 2,
+ pvno-minor[1] INTEGER DEFAULT 0,
+ language[2] Language-Tag DEFAULT "i-default",
+ result[3] Op-rep OPTIONAL,
+ ...
+}
+
+Error-Response ::= [ APPLICATION 2 ] SEQUENCE {
+ pvno-major[0] INTEGER DEFAULT 2,
+ pvno-minor[1] INTEGER DEFAULT 0,
+ language[2] Language-Tag DEFAULT "i-default",
+ error-code[3] ProtocolErrorCode,
+ help-text[4] UTF8String OPTIONAL,
+ op-error[5] Op-error OP-ERROR,
+ ...
+}
+
+END
+
+-- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' setchgpw2.asn1
diff --git a/crypto/heimdal/lib/asn1/symbol.c b/crypto/heimdal/lib/asn1/symbol.c
new file mode 100644
index 000000000000..b05f68fa74a9
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/symbol.c
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gen_locl.h"
+#include "lex.h"
+
+static Hashtab *htab;
+
+static int
+cmp(void *a, void *b)
+{
+ Symbol *s1 = (Symbol *) a;
+ Symbol *s2 = (Symbol *) b;
+
+ return strcmp(s1->name, s2->name);
+}
+
+static unsigned
+hash(void *a)
+{
+ Symbol *s = (Symbol *) a;
+
+ return hashjpw(s->name);
+}
+
+void
+initsym(void)
+{
+ htab = hashtabnew(101, cmp, hash);
+}
+
+
+void
+output_name(char *s)
+{
+ char *p;
+
+ for (p = s; *p; ++p)
+ if (*p == '-' || *p == '.')
+ *p = '_';
+}
+
+Symbol *
+addsym(char *name)
+{
+ Symbol key, *s;
+
+ key.name = name;
+ s = (Symbol *) hashtabsearch(htab, (void *) &key);
+ if (s == NULL) {
+ s = (Symbol *) emalloc(sizeof(*s));
+ s->name = name;
+ s->gen_name = estrdup(name);
+ output_name(s->gen_name);
+ s->stype = SUndefined;
+ hashtabadd(htab, s);
+ }
+ return s;
+}
+
+static int
+checkfunc(void *ptr, void *arg)
+{
+ Symbol *s = ptr;
+ if (s->stype == SUndefined) {
+ lex_error_message("%s is still undefined\n", s->name);
+ *(int *) arg = 1;
+ }
+ return 0;
+}
+
+int
+checkundefined(void)
+{
+ int f = 0;
+ hashtabforeach(htab, checkfunc, &f);
+ return f;
+}
diff --git a/crypto/heimdal/lib/asn1/symbol.h b/crypto/heimdal/lib/asn1/symbol.h
new file mode 100644
index 000000000000..a39c8f46512d
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/symbol.h
@@ -0,0 +1,162 @@
+/*
+ * Copyright (c) 1997 - 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+#ifndef _SYMBOL_H
+#define _SYMBOL_H
+
+#include "asn1_queue.h"
+
+enum typetype {
+ TBitString,
+ TBoolean,
+ TChoice,
+ TEnumerated,
+ TGeneralString,
+ TTeletexString,
+ TGeneralizedTime,
+ TIA5String,
+ TInteger,
+ TNull,
+ TOID,
+ TOctetString,
+ TPrintableString,
+ TSequence,
+ TSequenceOf,
+ TSet,
+ TSetOf,
+ TTag,
+ TType,
+ TUTCTime,
+ TUTF8String,
+ TBMPString,
+ TUniversalString,
+ TVisibleString
+};
+
+typedef enum typetype Typetype;
+
+struct type;
+
+struct value {
+ enum { booleanvalue,
+ nullvalue,
+ integervalue,
+ stringvalue,
+ objectidentifiervalue
+ } type;
+ union {
+ int booleanvalue;
+ int integervalue;
+ char *stringvalue;
+ struct objid *objectidentifiervalue;
+ } u;
+};
+
+struct member {
+ char *name;
+ char *gen_name;
+ char *label;
+ int val;
+ int optional;
+ int ellipsis;
+ struct type *type;
+ ASN1_TAILQ_ENTRY(member) members;
+ struct value *defval;
+};
+
+typedef struct member Member;
+
+ASN1_TAILQ_HEAD(memhead, member);
+
+struct symbol;
+
+struct tagtype {
+ int tagclass;
+ int tagvalue;
+ enum { TE_IMPLICIT, TE_EXPLICIT } tagenv;
+};
+
+struct range {
+ int min;
+ int max;
+};
+
+enum ctype { CT_CONTENTS, CT_USER } ;
+
+struct constraint_spec;
+
+struct type {
+ Typetype type;
+ struct memhead *members;
+ struct symbol *symbol;
+ struct type *subtype;
+ struct tagtype tag;
+ struct range *range;
+ struct constraint_spec *constraint;
+};
+
+typedef struct type Type;
+
+struct constraint_spec {
+ enum ctype ctype;
+ union {
+ struct {
+ Type *type;
+ struct value *encoding;
+ } content;
+ } u;
+};
+
+struct objid {
+ const char *label;
+ int value;
+ struct objid *next;
+};
+
+struct symbol {
+ char *name;
+ char *gen_name;
+ enum { SUndefined, SValue, Stype } stype;
+ struct value *value;
+ Type *type;
+};
+
+typedef struct symbol Symbol;
+
+void initsym (void);
+Symbol *addsym (char *);
+void output_name (char *);
+int checkundefined(void);
+#endif
diff --git a/crypto/heimdal/lib/asn1/template.c b/crypto/heimdal/lib/asn1/template.c
new file mode 100644
index 000000000000..3e0b6932357e
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/template.c
@@ -0,0 +1,1119 @@
+/*
+ * Copyright (c) 2009 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+#include <com_err.h>
+
+#if 0
+#define ABORT_ON_ERROR() abort()
+#else
+#define ABORT_ON_ERROR() do { } while(0)
+#endif
+
+#define DPOC(data,offset) ((const void *)(((const unsigned char *)data) + offset))
+#define DPO(data,offset) ((void *)(((unsigned char *)data) + offset))
+
+
+static struct asn1_type_func prim[] = {
+#define el(name, type) { \
+ (asn1_type_encode)der_put_##name, \
+ (asn1_type_decode)der_get_##name, \
+ (asn1_type_length)der_length_##name, \
+ (asn1_type_copy)der_copy_##name, \
+ (asn1_type_release)der_free_##name, \
+ sizeof(type) \
+ }
+#define elber(name, type) { \
+ (asn1_type_encode)der_put_##name, \
+ (asn1_type_decode)der_get_##name##_ber, \
+ (asn1_type_length)der_length_##name, \
+ (asn1_type_copy)der_copy_##name, \
+ (asn1_type_release)der_free_##name, \
+ sizeof(type) \
+ }
+ el(integer, int),
+ el(heim_integer, heim_integer),
+ el(integer, int),
+ el(unsigned, unsigned),
+ el(general_string, heim_general_string),
+ el(octet_string, heim_octet_string),
+ elber(octet_string, heim_octet_string),
+ el(ia5_string, heim_ia5_string),
+ el(bmp_string, heim_bmp_string),
+ el(universal_string, heim_universal_string),
+ el(printable_string, heim_printable_string),
+ el(visible_string, heim_visible_string),
+ el(utf8string, heim_utf8_string),
+ el(generalized_time, time_t),
+ el(utctime, time_t),
+ el(bit_string, heim_bit_string),
+ { (asn1_type_encode)der_put_boolean, (asn1_type_decode)der_get_boolean,
+ (asn1_type_length)der_length_boolean, (asn1_type_copy)der_copy_integer,
+ (asn1_type_release)der_free_integer, sizeof(int)
+ },
+ el(oid, heim_oid),
+ el(general_string, heim_general_string),
+#undef el
+#undef elber
+};
+
+static size_t
+sizeofType(const struct asn1_template *t)
+{
+ return t->offset;
+}
+
+/*
+ * Here is abstraction to not so well evil fact of bit fields in C,
+ * they are endian dependent, so when getting and setting bits in the
+ * host local structure we need to know the endianness of the host.
+ *
+ * Its not the first time in Heimdal this have bitten us, and some day
+ * we'll grow up and use #defined constant, but bit fields are still
+ * so pretty and shiny.
+ */
+
+static void
+bmember_get_bit(const unsigned char *p, void *data,
+ unsigned int bit, size_t size)
+{
+ unsigned int localbit = bit % 8;
+ if ((*p >> (7 - localbit)) & 1) {
+#ifdef WORDS_BIGENDIAN
+ *(unsigned int *)data |= (1 << ((size * 8) - bit - 1));
+#else
+ *(unsigned int *)data |= (1 << bit);
+#endif
+ }
+}
+
+static int
+bmember_isset_bit(const void *data, unsigned int bit, size_t size)
+{
+#ifdef WORDS_BIGENDIAN
+ if ((*(unsigned int *)data) & (1 << ((size * 8) - bit - 1)))
+ return 1;
+ return 0;
+#else
+ if ((*(unsigned int *)data) & (1 << bit))
+ return 1;
+ return 0;
+#endif
+}
+
+static void
+bmember_put_bit(unsigned char *p, const void *data, unsigned int bit,
+ size_t size, unsigned int *bitset)
+{
+ unsigned int localbit = bit % 8;
+
+ if (bmember_isset_bit(data, bit, size)) {
+ *p |= (1 << (7 - localbit));
+ if (*bitset == 0)
+ *bitset = (7 - localbit) + 1;
+ }
+}
+
+int
+_asn1_decode(const struct asn1_template *t, unsigned flags,
+ const unsigned char *p, size_t len, void *data, size_t *size)
+{
+ size_t elements = A1_HEADER_LEN(t);
+ size_t oldlen = len;
+ int ret = 0;
+ const unsigned char *startp = NULL;
+ unsigned int template_flags = t->tt;
+
+ /* skip over header */
+ t++;
+
+ if (template_flags & A1_HF_PRESERVE)
+ startp = p;
+
+ while (elements) {
+ switch (t->tt & A1_OP_MASK) {
+ case A1_OP_TYPE:
+ case A1_OP_TYPE_EXTERN: {
+ size_t newsize, size;
+ void *el = DPO(data, t->offset);
+ void **pel = (void **)el;
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ size = sizeofType(t->ptr);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ size = f->size;
+ }
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ *pel = calloc(1, size);
+ if (*pel == NULL)
+ return ENOMEM;
+ el = *pel;
+ }
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ ret = _asn1_decode(t->ptr, flags, p, len, el, &newsize);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ ret = (f->decode)(p, len, el, &newsize);
+ }
+ if (ret) {
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ free(*pel);
+ *pel = NULL;
+ break;
+ }
+ return ret;
+ }
+ p += newsize; len -= newsize;
+
+ break;
+ }
+ case A1_OP_TAG: {
+ Der_type dertype;
+ size_t newsize;
+ size_t datalen, l;
+ void *olddata = data;
+ int is_indefinite = 0;
+ int subflags = flags;
+
+ ret = der_match_tag_and_length(p, len, A1_TAG_CLASS(t->tt),
+ &dertype, A1_TAG_TAG(t->tt),
+ &datalen, &l);
+ if (ret) {
+ if (t->tt & A1_FLAG_OPTIONAL)
+ break;
+ return ret;
+ }
+
+ p += l; len -= l;
+
+ /*
+ * Only allow indefinite encoding for OCTET STRING and BER
+ * for now. Should handle BIT STRING too.
+ */
+
+ if (dertype != A1_TAG_TYPE(t->tt) && (flags & A1_PF_ALLOW_BER)) {
+ const struct asn1_template *subtype = t->ptr;
+ subtype++; /* skip header */
+
+ if (((subtype->tt & A1_OP_MASK) == A1_OP_PARSE) &&
+ A1_PARSE_TYPE(subtype->tt) == A1T_OCTET_STRING)
+ subflags |= A1_PF_INDEFINTE;
+ }
+
+ if (datalen == ASN1_INDEFINITE) {
+ if ((flags & A1_PF_ALLOW_BER) == 0)
+ return ASN1_GOT_BER;
+ is_indefinite = 1;
+ datalen = len;
+ if (datalen < 2)
+ return ASN1_OVERRUN;
+ /* hide EndOfContent for sub-decoder, catching it below */
+ datalen -= 2;
+ } else if (datalen > len)
+ return ASN1_OVERRUN;
+
+ data = DPO(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **el = (void **)data;
+ size_t ellen = sizeofType(t->ptr);
+
+ *el = calloc(1, ellen);
+ if (*el == NULL)
+ return ENOMEM;
+ data = *el;
+ }
+
+ ret = _asn1_decode(t->ptr, subflags, p, datalen, data, &newsize);
+ if (ret)
+ return ret;
+
+ if (newsize != datalen)
+ return ASN1_EXTRA_DATA;
+
+ len -= datalen;
+ p += datalen;
+
+ /*
+ * Indefinite encoding needs a trailing EndOfContent,
+ * check for that.
+ */
+ if (is_indefinite) {
+ ret = der_match_tag_and_length(p, len, ASN1_C_UNIV,
+ &dertype, UT_EndOfContent,
+ &datalen, &l);
+ if (ret)
+ return ret;
+ if (dertype != PRIM)
+ return ASN1_BAD_ID;
+ if (datalen != 0)
+ return ASN1_INDEF_EXTRA_DATA;
+ p += l; len -= l;
+ }
+ data = olddata;
+
+ break;
+ }
+ case A1_OP_PARSE: {
+ unsigned int type = A1_PARSE_TYPE(t->tt);
+ size_t newsize;
+ void *el = DPO(data, t->offset);
+
+ /*
+ * INDEFINITE primitive types are one element after the
+ * same type but non-INDEFINITE version.
+ */
+ if (flags & A1_PF_INDEFINTE)
+ type++;
+
+ if (type >= sizeof(prim)/sizeof(prim[0])) {
+ ABORT_ON_ERROR();
+ return ASN1_PARSE_ERROR;
+ }
+
+ ret = (prim[type].decode)(p, len, el, &newsize);
+ if (ret)
+ return ret;
+ p += newsize; len -= newsize;
+
+ break;
+ }
+ case A1_OP_SETOF:
+ case A1_OP_SEQOF: {
+ struct template_of *el = DPO(data, t->offset);
+ size_t newsize;
+ size_t ellen = sizeofType(t->ptr);
+ size_t vallength = 0;
+
+ while (len > 0) {
+ void *tmp;
+ size_t newlen = vallength + ellen;
+ if (vallength > newlen)
+ return ASN1_OVERFLOW;
+
+ tmp = realloc(el->val, newlen);
+ if (tmp == NULL)
+ return ENOMEM;
+
+ memset(DPO(tmp, vallength), 0, ellen);
+ el->val = tmp;
+
+ ret = _asn1_decode(t->ptr, flags & (~A1_PF_INDEFINTE), p, len,
+ DPO(el->val, vallength), &newsize);
+ if (ret)
+ return ret;
+ vallength = newlen;
+ el->len++;
+ p += newsize; len -= newsize;
+ }
+
+ break;
+ }
+ case A1_OP_BMEMBER: {
+ const struct asn1_template *bmember = t->ptr;
+ size_t size = bmember->offset;
+ size_t elements = A1_HEADER_LEN(bmember);
+ size_t pos = 0;
+
+ bmember++;
+
+ memset(data, 0, size);
+
+ if (len < 1)
+ return ASN1_OVERRUN;
+ p++; len--;
+
+ while (elements && len) {
+ while (bmember->offset / 8 > pos / 8) {
+ if (len < 1)
+ break;
+ p++; len--;
+ pos += 8;
+ }
+ if (len) {
+ bmember_get_bit(p, data, bmember->offset, size);
+ elements--; bmember++;
+ }
+ }
+ len = 0;
+ break;
+ }
+ case A1_OP_CHOICE: {
+ const struct asn1_template *choice = t->ptr;
+ unsigned int *element = DPO(data, choice->offset);
+ size_t datalen;
+ unsigned int i;
+
+ for (i = 1; i < A1_HEADER_LEN(choice) + 1; i++) {
+ /* should match first tag instead, store it in choice.tt */
+ ret = _asn1_decode(choice[i].ptr, 0, p, len,
+ DPO(data, choice[i].offset), &datalen);
+ if (ret == 0) {
+ *element = i;
+ p += datalen; len -= datalen;
+ break;
+ } else if (ret != ASN1_BAD_ID && ret != ASN1_MISPLACED_FIELD && ret != ASN1_MISSING_FIELD) {
+ return ret;
+ }
+ }
+ if (i >= A1_HEADER_LEN(choice) + 1) {
+ if (choice->tt == 0)
+ return ASN1_BAD_ID;
+
+ *element = 0;
+ ret = der_get_octet_string(p, len,
+ DPO(data, choice->tt), &datalen);
+ if (ret)
+ return ret;
+ p += datalen; len -= datalen;
+ }
+
+ break;
+ }
+ default:
+ ABORT_ON_ERROR();
+ return ASN1_PARSE_ERROR;
+ }
+ t++;
+ elements--;
+ }
+ /* if we are using padding, eat up read of context */
+ if (template_flags & A1_HF_ELLIPSIS)
+ len = 0;
+
+ oldlen -= len;
+
+ if (size)
+ *size = oldlen;
+
+ /*
+ * saved the raw bits if asked for it, useful for signature
+ * verification.
+ */
+ if (startp) {
+ heim_octet_string *save = data;
+
+ save->data = malloc(oldlen);
+ if (save->data == NULL)
+ return ENOMEM;
+ else {
+ save->length = oldlen;
+ memcpy(save->data, startp, oldlen);
+ }
+ }
+ return 0;
+}
+
+int
+_asn1_encode(const struct asn1_template *t, unsigned char *p, size_t len, const void *data, size_t *size)
+{
+ size_t elements = A1_HEADER_LEN(t);
+ int ret = 0;
+ size_t oldlen = len;
+
+ t += A1_HEADER_LEN(t);
+
+ while (elements) {
+ switch (t->tt & A1_OP_MASK) {
+ case A1_OP_TYPE:
+ case A1_OP_TYPE_EXTERN: {
+ size_t newsize;
+ const void *el = DPOC(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **pel = (void **)el;
+ if (*pel == NULL)
+ break;
+ el = *pel;
+ }
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ ret = _asn1_encode(t->ptr, p, len, el, &newsize);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ ret = (f->encode)(p, len, el, &newsize);
+ }
+
+ if (ret)
+ return ret;
+ p -= newsize; len -= newsize;
+
+ break;
+ }
+ case A1_OP_TAG: {
+ const void *olddata = data;
+ size_t l, datalen;
+
+ data = DPOC(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **el = (void **)data;
+ if (*el == NULL) {
+ data = olddata;
+ break;
+ }
+ data = *el;
+ }
+
+ ret = _asn1_encode(t->ptr, p, len, data, &datalen);
+ if (ret)
+ return ret;
+
+ len -= datalen; p -= datalen;
+
+ ret = der_put_length_and_tag(p, len, datalen,
+ A1_TAG_CLASS(t->tt),
+ A1_TAG_TYPE(t->tt),
+ A1_TAG_TAG(t->tt), &l);
+ if (ret)
+ return ret;
+
+ p -= l; len -= l;
+
+ data = olddata;
+
+ break;
+ }
+ case A1_OP_PARSE: {
+ unsigned int type = A1_PARSE_TYPE(t->tt);
+ size_t newsize;
+ const void *el = DPOC(data, t->offset);
+
+ if (type > sizeof(prim)/sizeof(prim[0])) {
+ ABORT_ON_ERROR();
+ return ASN1_PARSE_ERROR;
+ }
+
+ ret = (prim[type].encode)(p, len, el, &newsize);
+ if (ret)
+ return ret;
+ p -= newsize; len -= newsize;
+
+ break;
+ }
+ case A1_OP_SETOF: {
+ const struct template_of *el = DPOC(data, t->offset);
+ size_t ellen = sizeofType(t->ptr);
+ struct heim_octet_string *val;
+ unsigned char *elptr = el->val;
+ size_t i, totallen;
+
+ if (el->len == 0)
+ break;
+
+ if (el->len > UINT_MAX/sizeof(val[0]))
+ return ERANGE;
+
+ val = malloc(sizeof(val[0]) * el->len);
+ if (val == NULL)
+ return ENOMEM;
+
+ for(totallen = 0, i = 0; i < el->len; i++) {
+ unsigned char *next;
+ size_t l;
+
+ val[i].length = _asn1_length(t->ptr, elptr);
+ val[i].data = malloc(val[i].length);
+
+ ret = _asn1_encode(t->ptr, DPO(val[i].data, val[i].length - 1),
+ val[i].length, elptr, &l);
+ if (ret)
+ break;
+
+ next = elptr + ellen;
+ if (next < elptr) {
+ ret = ASN1_OVERFLOW;
+ break;
+ }
+ elptr = next;
+ totallen += val[i].length;
+ }
+ if (ret == 0 && totallen > len)
+ ret = ASN1_OVERFLOW;
+ if (ret) {
+ do {
+ free(val[i].data);
+ } while(i-- > 0);
+ free(val);
+ return ret;
+ }
+
+ len -= totallen;
+
+ qsort(val, el->len, sizeof(val[0]), _heim_der_set_sort);
+
+ i = el->len - 1;
+ do {
+ p -= val[i].length;
+ memcpy(p + 1, val[i].data, val[i].length);
+ free(val[i].data);
+ } while(i-- > 0);
+ free(val);
+
+ break;
+
+ }
+ case A1_OP_SEQOF: {
+ struct template_of *el = DPO(data, t->offset);
+ size_t ellen = sizeofType(t->ptr);
+ size_t newsize;
+ unsigned int i;
+ unsigned char *elptr = el->val;
+
+ if (el->len == 0)
+ break;
+
+ elptr += ellen * (el->len - 1);
+
+ for (i = 0; i < el->len; i++) {
+ ret = _asn1_encode(t->ptr, p, len,
+ elptr,
+ &newsize);
+ if (ret)
+ return ret;
+ p -= newsize; len -= newsize;
+ elptr -= ellen;
+ }
+
+ break;
+ }
+ case A1_OP_BMEMBER: {
+ const struct asn1_template *bmember = t->ptr;
+ size_t size = bmember->offset;
+ size_t elements = A1_HEADER_LEN(bmember);
+ size_t pos;
+ unsigned char c = 0;
+ unsigned int bitset = 0;
+ int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
+
+ bmember += elements;
+
+ if (rfc1510)
+ pos = 31;
+ else
+ pos = bmember->offset;
+
+ while (elements && len) {
+ while (bmember->offset / 8 < pos / 8) {
+ if (rfc1510 || bitset || c) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = c; len--;
+ }
+ c = 0;
+ pos -= 8;
+ }
+ bmember_put_bit(&c, data, bmember->offset, size, &bitset);
+ elements--; bmember--;
+ }
+ if (rfc1510 || bitset) {
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ *p-- = c; len--;
+ }
+
+ if (len < 1)
+ return ASN1_OVERFLOW;
+ if (rfc1510 || bitset == 0)
+ *p-- = 0;
+ else
+ *p-- = bitset - 1;
+
+ len--;
+
+ break;
+ }
+ case A1_OP_CHOICE: {
+ const struct asn1_template *choice = t->ptr;
+ const unsigned int *element = DPOC(data, choice->offset);
+ size_t datalen;
+ const void *el;
+
+ if (*element > A1_HEADER_LEN(choice)) {
+ printf("element: %d\n", *element);
+ return ASN1_PARSE_ERROR;
+ }
+
+ if (*element == 0) {
+ ret += der_put_octet_string(p, len,
+ DPOC(data, choice->tt), &datalen);
+ } else {
+ choice += *element;
+ el = DPOC(data, choice->offset);
+ ret = _asn1_encode(choice->ptr, p, len, el, &datalen);
+ if (ret)
+ return ret;
+ }
+ len -= datalen; p -= datalen;
+
+ break;
+ }
+ default:
+ ABORT_ON_ERROR();
+ }
+ t--;
+ elements--;
+ }
+ if (size)
+ *size = oldlen - len;
+
+ return 0;
+}
+
+size_t
+_asn1_length(const struct asn1_template *t, const void *data)
+{
+ size_t elements = A1_HEADER_LEN(t);
+ size_t ret = 0;
+
+ t += A1_HEADER_LEN(t);
+
+ while (elements) {
+ switch (t->tt & A1_OP_MASK) {
+ case A1_OP_TYPE:
+ case A1_OP_TYPE_EXTERN: {
+ const void *el = DPOC(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **pel = (void **)el;
+ if (*pel == NULL)
+ break;
+ el = *pel;
+ }
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ ret += _asn1_length(t->ptr, el);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ ret += (f->length)(el);
+ }
+ break;
+ }
+ case A1_OP_TAG: {
+ size_t datalen;
+ const void *olddata = data;
+
+ data = DPO(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **el = (void **)data;
+ if (*el == NULL) {
+ data = olddata;
+ break;
+ }
+ data = *el;
+ }
+ datalen = _asn1_length(t->ptr, data);
+ ret += der_length_tag(A1_TAG_TAG(t->tt)) + der_length_len(datalen);
+ ret += datalen;
+ data = olddata;
+ break;
+ }
+ case A1_OP_PARSE: {
+ unsigned int type = A1_PARSE_TYPE(t->tt);
+ const void *el = DPOC(data, t->offset);
+
+ if (type > sizeof(prim)/sizeof(prim[0])) {
+ ABORT_ON_ERROR();
+ break;
+ }
+ ret += (prim[type].length)(el);
+ break;
+ }
+ case A1_OP_SETOF:
+ case A1_OP_SEQOF: {
+ const struct template_of *el = DPOC(data, t->offset);
+ size_t ellen = sizeofType(t->ptr);
+ const unsigned char *element = el->val;
+ unsigned int i;
+
+ for (i = 0; i < el->len; i++) {
+ ret += _asn1_length(t->ptr, element);
+ element += ellen;
+ }
+
+ break;
+ }
+ case A1_OP_BMEMBER: {
+ const struct asn1_template *bmember = t->ptr;
+ size_t size = bmember->offset;
+ size_t elements = A1_HEADER_LEN(bmember);
+ int rfc1510 = (bmember->tt & A1_HBF_RFC1510);
+
+ if (rfc1510) {
+ ret += 5;
+ } else {
+
+ ret += 1;
+
+ bmember += elements;
+
+ while (elements) {
+ if (bmember_isset_bit(data, bmember->offset, size)) {
+ ret += (bmember->offset / 8) + 1;
+ break;
+ }
+ elements--; bmember--;
+ }
+ }
+ break;
+ }
+ case A1_OP_CHOICE: {
+ const struct asn1_template *choice = t->ptr;
+ const unsigned int *element = DPOC(data, choice->offset);
+
+ if (*element > A1_HEADER_LEN(choice))
+ break;
+
+ if (*element == 0) {
+ ret += der_length_octet_string(DPOC(data, choice->tt));
+ } else {
+ choice += *element;
+ ret += _asn1_length(choice->ptr, DPOC(data, choice->offset));
+ }
+ break;
+ }
+ default:
+ ABORT_ON_ERROR();
+ break;
+ }
+ elements--;
+ t--;
+ }
+ return ret;
+}
+
+void
+_asn1_free(const struct asn1_template *t, void *data)
+{
+ size_t elements = A1_HEADER_LEN(t);
+
+ if (t->tt & A1_HF_PRESERVE)
+ der_free_octet_string(data);
+
+ t++;
+
+ while (elements) {
+ switch (t->tt & A1_OP_MASK) {
+ case A1_OP_TYPE:
+ case A1_OP_TYPE_EXTERN: {
+ void *el = DPO(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **pel = (void **)el;
+ if (*pel == NULL)
+ break;
+ el = *pel;
+ }
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ _asn1_free(t->ptr, el);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ (f->release)(el);
+ }
+ if (t->tt & A1_FLAG_OPTIONAL)
+ free(el);
+
+ break;
+ }
+ case A1_OP_PARSE: {
+ unsigned int type = A1_PARSE_TYPE(t->tt);
+ void *el = DPO(data, t->offset);
+
+ if (type > sizeof(prim)/sizeof(prim[0])) {
+ ABORT_ON_ERROR();
+ break;
+ }
+ (prim[type].release)(el);
+ break;
+ }
+ case A1_OP_TAG: {
+ void *el = DPO(data, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **pel = (void **)el;
+ if (*pel == NULL)
+ break;
+ el = *pel;
+ }
+
+ _asn1_free(t->ptr, el);
+
+ if (t->tt & A1_FLAG_OPTIONAL)
+ free(el);
+
+ break;
+ }
+ case A1_OP_SETOF:
+ case A1_OP_SEQOF: {
+ struct template_of *el = DPO(data, t->offset);
+ size_t ellen = sizeofType(t->ptr);
+ unsigned char *element = el->val;
+ unsigned int i;
+
+ for (i = 0; i < el->len; i++) {
+ _asn1_free(t->ptr, element);
+ element += ellen;
+ }
+ free(el->val);
+ el->val = NULL;
+ el->len = 0;
+
+ break;
+ }
+ case A1_OP_BMEMBER:
+ break;
+ case A1_OP_CHOICE: {
+ const struct asn1_template *choice = t->ptr;
+ const unsigned int *element = DPOC(data, choice->offset);
+
+ if (*element > A1_HEADER_LEN(choice))
+ break;
+
+ if (*element == 0) {
+ der_free_octet_string(DPO(data, choice->tt));
+ } else {
+ choice += *element;
+ _asn1_free(choice->ptr, DPO(data, choice->offset));
+ }
+ break;
+ }
+ default:
+ ABORT_ON_ERROR();
+ break;
+ }
+ t++;
+ elements--;
+ }
+}
+
+int
+_asn1_copy(const struct asn1_template *t, const void *from, void *to)
+{
+ size_t elements = A1_HEADER_LEN(t);
+ int ret = 0;
+ int preserve = (t->tt & A1_HF_PRESERVE);
+
+ t++;
+
+ if (preserve) {
+ ret = der_copy_octet_string(from, to);
+ if (ret)
+ return ret;
+ }
+
+ while (elements) {
+ switch (t->tt & A1_OP_MASK) {
+ case A1_OP_TYPE:
+ case A1_OP_TYPE_EXTERN: {
+ const void *fel = DPOC(from, t->offset);
+ void *tel = DPO(to, t->offset);
+ void **ptel = (void **)tel;
+ size_t size;
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ size = sizeofType(t->ptr);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ size = f->size;
+ }
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **pfel = (void **)fel;
+ if (*pfel == NULL)
+ break;
+ fel = *pfel;
+
+ tel = *ptel = calloc(1, size);
+ if (tel == NULL)
+ return ENOMEM;
+ }
+
+ if ((t->tt & A1_OP_MASK) == A1_OP_TYPE) {
+ ret = _asn1_copy(t->ptr, fel, tel);
+ } else {
+ const struct asn1_type_func *f = t->ptr;
+ ret = (f->copy)(fel, tel);
+ }
+
+ if (ret) {
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ free(*ptel);
+ *ptel = NULL;
+ }
+ return ret;
+ }
+ break;
+ }
+ case A1_OP_PARSE: {
+ unsigned int type = A1_PARSE_TYPE(t->tt);
+ const void *fel = DPOC(from, t->offset);
+ void *tel = DPO(to, t->offset);
+
+ if (type > sizeof(prim)/sizeof(prim[0])) {
+ ABORT_ON_ERROR();
+ return ASN1_PARSE_ERROR;
+ }
+ ret = (prim[type].copy)(fel, tel);
+ if (ret)
+ return ret;
+ break;
+ }
+ case A1_OP_TAG: {
+ const void *oldfrom = from;
+ void *oldto = to;
+ void **tel = NULL;
+
+ from = DPOC(from, t->offset);
+ to = DPO(to, t->offset);
+
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ void **fel = (void **)from;
+ tel = (void **)to;
+ if (*fel == NULL) {
+ from = oldfrom;
+ to = oldto;
+ break;
+ }
+ from = *fel;
+
+ to = *tel = calloc(1, sizeofType(t->ptr));
+ if (to == NULL)
+ return ENOMEM;
+ }
+
+ ret = _asn1_copy(t->ptr, from, to);
+ if (ret) {
+ if (t->tt & A1_FLAG_OPTIONAL) {
+ free(*tel);
+ *tel = NULL;
+ }
+ return ret;
+ }
+
+ from = oldfrom;
+ to = oldto;
+
+ break;
+ }
+ case A1_OP_SETOF:
+ case A1_OP_SEQOF: {
+ const struct template_of *fel = DPOC(from, t->offset);
+ struct template_of *tel = DPO(to, t->offset);
+ size_t ellen = sizeofType(t->ptr);
+ unsigned int i;
+
+ tel->val = calloc(fel->len, ellen);
+ if (tel->val == NULL)
+ return ENOMEM;
+
+ tel->len = fel->len;
+
+ for (i = 0; i < fel->len; i++) {
+ ret = _asn1_copy(t->ptr,
+ DPOC(fel->val, (i * ellen)),
+ DPO(tel->val, (i *ellen)));
+ if (ret)
+ return ret;
+ }
+ break;
+ }
+ case A1_OP_BMEMBER: {
+ const struct asn1_template *bmember = t->ptr;
+ size_t size = bmember->offset;
+ memcpy(to, from, size);
+ break;
+ }
+ case A1_OP_CHOICE: {
+ const struct asn1_template *choice = t->ptr;
+ const unsigned int *felement = DPOC(from, choice->offset);
+ unsigned int *telement = DPO(to, choice->offset);
+
+ if (*felement > A1_HEADER_LEN(choice))
+ return ASN1_PARSE_ERROR;
+
+ *telement = *felement;
+
+ if (*felement == 0) {
+ ret = der_copy_octet_string(DPOC(from, choice->tt), DPO(to, choice->tt));
+ } else {
+ choice += *felement;
+ ret = _asn1_copy(choice->ptr,
+ DPOC(from, choice->offset),
+ DPO(to, choice->offset));
+ }
+ if (ret)
+ return ret;
+ break;
+ }
+ default:
+ ABORT_ON_ERROR();
+ break;
+ }
+ t++;
+ elements--;
+ }
+ return 0;
+}
+
+int
+_asn1_decode_top(const struct asn1_template *t, unsigned flags, const unsigned char *p, size_t len, void *data, size_t *size)
+{
+ int ret;
+ memset(data, 0, t->offset);
+ ret = _asn1_decode(t, flags, p, len, data, size);
+ if (ret) {
+ _asn1_free(t, data);
+ memset(data, 0, t->offset);
+ }
+
+ return ret;
+}
+
+int
+_asn1_copy_top(const struct asn1_template *t, const void *from, void *to)
+{
+ int ret;
+ memset(to, 0, t->offset);
+ ret = _asn1_copy(t, from, to);
+ if (ret) {
+ _asn1_free(t, to);
+ memset(to, 0, t->offset);
+ }
+ return ret;
+}
diff --git a/crypto/heimdal/lib/asn1/test.asn1 b/crypto/heimdal/lib/asn1/test.asn1
new file mode 100644
index 000000000000..89154e337c8f
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/test.asn1
@@ -0,0 +1,138 @@
+-- $Id$ --
+
+TEST DEFINITIONS ::=
+
+BEGIN
+
+IMPORTS heim_any FROM heim;
+
+TESTuint32 ::= INTEGER (0..4294967295)
+
+TESTLargeTag ::= SEQUENCE {
+ foo[127] INTEGER (-2147483648..2147483647),
+ bar[128] INTEGER (-2147483648..2147483647)
+}
+
+TESTSeq ::= SEQUENCE {
+ tag0[0] INTEGER (-2147483648..2147483647),
+ tag1[1] TESTLargeTag,
+ tagless INTEGER (-2147483648..2147483647),
+ tag3[2] INTEGER (-2147483648..2147483647)
+}
+
+TESTChoice1 ::= CHOICE {
+ i1[1] INTEGER (-2147483648..2147483647),
+ i2[2] INTEGER (-2147483648..2147483647),
+ ...
+}
+
+TESTChoice2 ::= CHOICE {
+ i1[1] INTEGER (-2147483648..2147483647),
+ ...
+}
+
+TESTInteger ::= INTEGER (-2147483648..2147483647)
+
+TESTInteger2 ::= [4] IMPLICIT TESTInteger
+TESTInteger3 ::= [5] IMPLICIT TESTInteger2
+
+TESTImplicit ::= SEQUENCE {
+ ti1[0] IMPLICIT INTEGER (-2147483648..2147483647),
+ ti2[1] IMPLICIT SEQUENCE {
+ foo[127] INTEGER (-2147483648..2147483647)
+ },
+ ti3[2] IMPLICIT [5] IMPLICIT [4] IMPLICIT INTEGER (-2147483648..2147483647)
+}
+
+TESTImplicit2 ::= SEQUENCE {
+ ti1[0] IMPLICIT TESTInteger,
+ ti2[1] IMPLICIT TESTLargeTag,
+ ti3[2] IMPLICIT TESTInteger3
+}
+
+TESTAllocInner ::= SEQUENCE {
+ ai[0] TESTInteger
+}
+
+TESTAlloc ::= SEQUENCE {
+ tagless TESTAllocInner OPTIONAL,
+ three [1] INTEGER (-2147483648..2147483647),
+ tagless2 heim_any OPTIONAL
+}
+
+TESTOptional ::= SEQUENCE {
+ zero [0] INTEGER (-2147483648..2147483647) OPTIONAL,
+ one [1] INTEGER (-2147483648..2147483647) OPTIONAL
+}
+
+
+TESTCONTAINING ::= OCTET STRING ( CONTAINING INTEGER )
+TESTENCODEDBY ::= OCTET STRING ( ENCODED BY
+ { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) }
+)
+
+TESTDer OBJECT IDENTIFIER ::= {
+ joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1)
+}
+
+TESTCONTAININGENCODEDBY ::= OCTET STRING ( CONTAINING INTEGER ENCODED BY
+ { joint-iso-itu-t(2) asn(1) ber-derived(2) distinguished-encoding(1) }
+)
+
+TESTCONTAININGENCODEDBY2 ::= OCTET STRING (
+ CONTAINING INTEGER ENCODED BY TESTDer
+)
+
+
+TESTValue1 INTEGER ::= 1
+
+TESTUSERCONSTRAINED ::= OCTET STRING (CONSTRAINED BY { -- meh -- })
+-- TESTUSERCONSTRAINED2 ::= OCTET STRING (CONSTRAINED BY { TESTInteger })
+-- TESTUSERCONSTRAINED3 ::= OCTET STRING (CONSTRAINED BY { INTEGER })
+-- TESTUSERCONSTRAINED4 ::= OCTET STRING (CONSTRAINED BY { INTEGER : 1 })
+
+TESTSeqOf ::= SEQUENCE OF TESTInteger
+
+TESTSeqSizeOf1 ::= SEQUENCE SIZE (2) OF TESTInteger
+TESTSeqSizeOf2 ::= SEQUENCE SIZE (1..2) OF TESTInteger
+TESTSeqSizeOf3 ::= SEQUENCE SIZE (1..MAX) OF TESTInteger
+TESTSeqSizeOf4 ::= SEQUENCE SIZE (MIN..2) OF TESTInteger
+
+TESTOSSize1 ::= OCTET STRING SIZE (1..2)
+
+TESTSeqOfSeq ::= SEQUENCE OF SEQUENCE {
+ zero [0] TESTInteger
+}
+
+TESTSeqOfSeq2 ::= SEQUENCE OF SEQUENCE {
+ string [0] GeneralString
+}
+
+TESTSeqOfSeq3 ::= SEQUENCE OF SEQUENCE {
+ zero [0] TESTInteger,
+ string [0] GeneralString
+}
+
+TESTSeqOf2 ::= SEQUENCE {
+ strings SEQUENCE OF GeneralString
+}
+
+TESTSeqOf3 ::= SEQUENCE {
+ strings SEQUENCE OF GeneralString OPTIONAL
+}
+
+TESTPreserve ::= SEQUENCE {
+ zero [0] TESTInteger,
+ one [1] TESTInteger
+}
+
+TESTBitString ::= BIT STRING {
+ zero(0),
+ eight(8),
+ thirtyone(31)
+}
+
+TESTMechType::= OBJECT IDENTIFIER
+TESTMechTypeList ::= SEQUENCE OF TESTMechType
+
+END
diff --git a/crypto/heimdal/lib/asn1/test.gen b/crypto/heimdal/lib/asn1/test.gen
new file mode 100644
index 000000000000..bfb04864818f
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/test.gen
@@ -0,0 +1,14 @@
+# $Id$
+# Sample for TESTSeq in test.asn1
+#
+
+UNIV CONS Sequence 23
+ CONTEXT CONS 0 3
+ UNIV PRIM Integer 1 01
+ CONTEXT CONS 1 8
+ UNIV CONS Sequence 6
+ CONTEXT CONS 127 3
+ UNIV PRIM Integer 1 01
+ UNIV PRIM Integer 1 01
+ CONTEXT CONS 2 3
+ UNIV PRIM Integer 1 01
diff --git a/crypto/heimdal/lib/asn1/timegm.c b/crypto/heimdal/lib/asn1/timegm.c
new file mode 100644
index 000000000000..d9f4adbd5591
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/timegm.c
@@ -0,0 +1,136 @@
+/*
+ * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "der_locl.h"
+
+#define ASN1_MAX_YEAR 2000
+
+static int
+is_leap(unsigned y)
+{
+ y += 1900;
+ return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0);
+}
+
+static const unsigned ndays[2][12] ={
+ {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
+ {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}};
+
+/*
+ * This is a simplifed version of timegm(3) that doesn't accept out of
+ * bound values that timegm(3) normally accepts but those are not
+ * valid in asn1 encodings.
+ */
+
+time_t
+_der_timegm (struct tm *tm)
+{
+ time_t res = 0;
+ int i;
+
+ /*
+ * See comment in _der_gmtime
+ */
+ if (tm->tm_year > ASN1_MAX_YEAR)
+ return 0;
+
+ if (tm->tm_year < 0)
+ return -1;
+ if (tm->tm_mon < 0 || tm->tm_mon > 11)
+ return -1;
+ if (tm->tm_mday < 1 || tm->tm_mday > (int)ndays[is_leap(tm->tm_year)][tm->tm_mon])
+ return -1;
+ if (tm->tm_hour < 0 || tm->tm_hour > 23)
+ return -1;
+ if (tm->tm_min < 0 || tm->tm_min > 59)
+ return -1;
+ if (tm->tm_sec < 0 || tm->tm_sec > 59)
+ return -1;
+
+ for (i = 70; i < tm->tm_year; ++i)
+ res += is_leap(i) ? 366 : 365;
+
+ for (i = 0; i < tm->tm_mon; ++i)
+ res += ndays[is_leap(tm->tm_year)][i];
+ res += tm->tm_mday - 1;
+ res *= 24;
+ res += tm->tm_hour;
+ res *= 60;
+ res += tm->tm_min;
+ res *= 60;
+ res += tm->tm_sec;
+ return res;
+}
+
+struct tm *
+_der_gmtime(time_t t, struct tm *tm)
+{
+ time_t secday = t % (3600 * 24);
+ time_t days = t / (3600 * 24);
+
+ memset(tm, 0, sizeof(*tm));
+
+ tm->tm_sec = secday % 60;
+ tm->tm_min = (secday % 3600) / 60;
+ tm->tm_hour = secday / 3600;
+
+ /*
+ * Refuse to calculate time ~ 2000 years into the future, this is
+ * not possible for systems where time_t is a int32_t, however,
+ * when time_t is a int64_t, that can happen, and this becomes a
+ * denial of sevice.
+ */
+ if (days > (ASN1_MAX_YEAR * 365))
+ return NULL;
+
+ tm->tm_year = 70;
+ while(1) {
+ unsigned dayinyear = (is_leap(tm->tm_year) ? 366 : 365);
+ if (days < dayinyear)
+ break;
+ tm->tm_year += 1;
+ days -= dayinyear;
+ }
+ tm->tm_mon = 0;
+
+ while (1) {
+ unsigned daysinmonth = ndays[is_leap(tm->tm_year)][tm->tm_mon];
+ if (days < daysinmonth)
+ break;
+ days -= daysinmonth;
+ tm->tm_mon++;
+ }
+ tm->tm_mday = days + 1;
+
+ return tm;
+}
diff --git a/crypto/heimdal/lib/asn1/version-script.map b/crypto/heimdal/lib/asn1/version-script.map
new file mode 100644
index 000000000000..67f9ff0983a3
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/version-script.map
@@ -0,0 +1,6 @@
+# Export everything, but put a tag on is so that we make ourself incompatible with older versions
+
+HEIMDAL_ASN1_1.0 {
+ global:
+ *;
+};
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-28 12:01:16 +0000