Dead code removal: #if 0 asn1, pkcs7
Keep one #if 0 but rename the symbol to be more descriptive of what it's doing (you can disable support for old broken Netscape software). Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
75d0ebef2a
commit
02a938c953
10 changed files with 6 additions and 244 deletions
|
@ -66,57 +66,6 @@
|
|||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
|
||||
#if 0
|
||||
|
||||
int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
|
||||
{
|
||||
# ifdef CHARSET_EBCDIC
|
||||
/* KLUDGE! We convert to ascii before writing DER */
|
||||
int len;
|
||||
char tmp[24];
|
||||
ASN1_STRING tmpstr = *(ASN1_STRING *)a;
|
||||
|
||||
len = tmpstr.length;
|
||||
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
|
||||
tmpstr.data = tmp;
|
||||
|
||||
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
|
||||
# endif
|
||||
return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
|
||||
V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
|
||||
}
|
||||
|
||||
ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
|
||||
unsigned char **pp,
|
||||
long length)
|
||||
{
|
||||
ASN1_GENERALIZEDTIME *ret = NULL;
|
||||
|
||||
ret =
|
||||
(ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
|
||||
V_ASN1_GENERALIZEDTIME,
|
||||
V_ASN1_UNIVERSAL);
|
||||
if (ret == NULL) {
|
||||
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
|
||||
return (NULL);
|
||||
}
|
||||
# ifdef CHARSET_EBCDIC
|
||||
ascii2ebcdic(ret->data, ret->data, ret->length);
|
||||
# endif
|
||||
if (!ASN1_GENERALIZEDTIME_check(ret)) {
|
||||
ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
|
||||
goto err;
|
||||
}
|
||||
|
||||
return (ret);
|
||||
err:
|
||||
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
|
||||
M_ASN1_GENERALIZEDTIME_free(ret);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
|
||||
{
|
||||
static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
|
||||
|
|
|
@ -83,18 +83,6 @@
|
|||
* Three IO functions for sending data to memory, a BIO and and a FILE
|
||||
* pointer.
|
||||
*/
|
||||
#if 0 /* never used */
|
||||
static int send_mem_chars(void *arg, const void *buf, int len)
|
||||
{
|
||||
unsigned char **out = arg;
|
||||
if (!out)
|
||||
return 1;
|
||||
memcpy(*out, buf, len);
|
||||
*out += len;
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int send_bio_chars(void *arg, const void *buf, int len)
|
||||
{
|
||||
if (!arg)
|
||||
|
|
|
@ -71,33 +71,6 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
|
|||
|
||||
IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
|
||||
|
||||
#if 0
|
||||
int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
|
||||
{
|
||||
# ifdef CHARSET_EBCDIC
|
||||
/* KLUDGE! We convert to ascii before writing DER */
|
||||
char tmp[24];
|
||||
ASN1_STRING tmpstr;
|
||||
|
||||
if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
|
||||
int len;
|
||||
|
||||
tmpstr = *(ASN1_STRING *)a;
|
||||
len = tmpstr.length;
|
||||
ebcdic2ascii(tmp, tmpstr.data,
|
||||
(len >= sizeof tmp) ? sizeof tmp : len);
|
||||
tmpstr.data = tmp;
|
||||
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
|
||||
}
|
||||
# endif
|
||||
if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
|
||||
return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
|
||||
a->type, V_ASN1_UNIVERSAL));
|
||||
ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
|
||||
{
|
||||
return ASN1_TIME_adj(s, t, 0, 0);
|
||||
|
|
|
@ -62,53 +62,6 @@
|
|||
#include <openssl/asn1.h>
|
||||
#include "asn1_locl.h"
|
||||
|
||||
#if 0
|
||||
int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
|
||||
{
|
||||
# ifndef CHARSET_EBCDIC
|
||||
return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
|
||||
V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
|
||||
# else
|
||||
/* KLUDGE! We convert to ascii before writing DER */
|
||||
int len;
|
||||
char tmp[24];
|
||||
ASN1_STRING x = *(ASN1_STRING *)a;
|
||||
|
||||
len = x.length;
|
||||
ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
|
||||
x.data = tmp;
|
||||
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
|
||||
# endif
|
||||
}
|
||||
|
||||
ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
|
||||
long length)
|
||||
{
|
||||
ASN1_UTCTIME *ret = NULL;
|
||||
|
||||
ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
|
||||
V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
|
||||
if (ret == NULL) {
|
||||
ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
|
||||
return (NULL);
|
||||
}
|
||||
# ifdef CHARSET_EBCDIC
|
||||
ascii2ebcdic(ret->data, ret->data, ret->length);
|
||||
# endif
|
||||
if (!ASN1_UTCTIME_check(ret)) {
|
||||
ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
|
||||
goto err;
|
||||
}
|
||||
|
||||
return (ret);
|
||||
err:
|
||||
if ((ret != NULL) && ((a == NULL) || (*a != ret)))
|
||||
M_ASN1_UTCTIME_free(ret);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
|
||||
{
|
||||
static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
|
||||
|
@ -309,43 +262,3 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
|
|||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if 0
|
||||
time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
|
||||
{
|
||||
struct tm tm;
|
||||
int offset;
|
||||
|
||||
memset(&tm, '\0', sizeof tm);
|
||||
|
||||
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
|
||||
tm.tm_year = g2(s->data);
|
||||
if (tm.tm_year < 50)
|
||||
tm.tm_year += 100;
|
||||
tm.tm_mon = g2(s->data + 2) - 1;
|
||||
tm.tm_mday = g2(s->data + 4);
|
||||
tm.tm_hour = g2(s->data + 6);
|
||||
tm.tm_min = g2(s->data + 8);
|
||||
tm.tm_sec = g2(s->data + 10);
|
||||
if (s->data[12] == 'Z')
|
||||
offset = 0;
|
||||
else {
|
||||
offset = g2(s->data + 13) * 60 + g2(s->data + 15);
|
||||
if (s->data[12] == '-')
|
||||
offset = -offset;
|
||||
}
|
||||
# undef g2
|
||||
|
||||
/*
|
||||
* FIXME: mktime assumes the current timezone
|
||||
* instead of UTC, and unless we rewrite OpenSSL
|
||||
* in Lisp we cannot locally change the timezone
|
||||
* without possibly interfering with other parts
|
||||
* of the program. timegm, which uses UTC, is
|
||||
* non-standard.
|
||||
* Also time_t is inappropriate for general
|
||||
* UTC times because it may a 32 bit type.
|
||||
*/
|
||||
return mktime(&tm) - offset * 60;
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -137,12 +137,6 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
|
|||
if (inf && !(ret & V_ASN1_CONSTRUCTED))
|
||||
goto err;
|
||||
|
||||
#if 0
|
||||
fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
|
||||
(int)p, *plength, omax, (int)*pp, (int)(p + *plength),
|
||||
(int)(omax + *pp));
|
||||
|
||||
#endif
|
||||
if (*plength > (omax - (p - *pp))) {
|
||||
ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
|
||||
/*
|
||||
|
|
|
@ -123,11 +123,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
|||
/* ASN1_BMPSTRING *bmp=NULL; */
|
||||
int dump_indent;
|
||||
|
||||
#if 0
|
||||
dump_indent = indent;
|
||||
#else
|
||||
dump_indent = 6; /* Because we know BIO_dump_indent() */
|
||||
#endif
|
||||
p = *pp;
|
||||
tot = p + length;
|
||||
op = p - 1;
|
||||
|
|
|
@ -166,14 +166,6 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
|
|||
if (!(cflag & X509_FLAG_NO_SIGNAME)) {
|
||||
if (X509_signature_print(bp, ci->signature, NULL) <= 0)
|
||||
goto err;
|
||||
#if 0
|
||||
if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
|
||||
goto err;
|
||||
if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
|
||||
goto err;
|
||||
if (BIO_puts(bp, "\n") <= 0)
|
||||
goto err;
|
||||
#endif
|
||||
}
|
||||
|
||||
if (!(cflag & X509_FLAG_NO_ISSUER)) {
|
||||
|
|
|
@ -245,10 +245,6 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
|
|||
break;
|
||||
|
||||
case ASN1_ITYPE_CHOICE:
|
||||
#if 0
|
||||
if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
|
||||
return 0;
|
||||
#endif
|
||||
/* CHOICE type, get selector */
|
||||
i = asn1_get_choice_selector(fld, it);
|
||||
/* This should never happen... */
|
||||
|
@ -376,11 +372,6 @@ static int asn1_print_fsname(BIO *out, int indent,
|
|||
static const char spaces[] = " ";
|
||||
static const int nspaces = sizeof(spaces) - 1;
|
||||
|
||||
#if 0
|
||||
if (!sname && !fname)
|
||||
return 1;
|
||||
#endif
|
||||
|
||||
while (indent > nspaces) {
|
||||
if (BIO_write(out, spaces, nspaces) != nspaces)
|
||||
return 0;
|
||||
|
|
|
@ -479,15 +479,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||
}
|
||||
|
||||
if (evp_cipher != NULL) {
|
||||
#if 0
|
||||
unsigned char key[EVP_MAX_KEY_LENGTH];
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH];
|
||||
unsigned char *p;
|
||||
int keylen, ivlen;
|
||||
int max;
|
||||
X509_OBJECT ret;
|
||||
#endif
|
||||
|
||||
if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
|
||||
PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
|
||||
goto err;
|
||||
|
@ -593,22 +584,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||
BIO_push(out, etmp);
|
||||
etmp = NULL;
|
||||
}
|
||||
#if 1
|
||||
if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
|
||||
bio = in_bio;
|
||||
} else {
|
||||
# if 0
|
||||
bio = BIO_new(BIO_s_mem());
|
||||
/*
|
||||
* We need to set this so that when we have read all the data, the
|
||||
* encrypt BIO, if present, will read EOF and encode the last few
|
||||
* bytes
|
||||
*/
|
||||
BIO_set_mem_eof_return(bio, 0);
|
||||
|
||||
if (data_body->length > 0)
|
||||
BIO_write(bio, (char *)data_body->data, data_body->length);
|
||||
# else
|
||||
if (data_body->length > 0)
|
||||
bio = BIO_new_mem_buf(data_body->data, data_body->length);
|
||||
else {
|
||||
|
@ -617,11 +595,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
|
|||
}
|
||||
if (bio == NULL)
|
||||
goto err;
|
||||
# endif
|
||||
}
|
||||
BIO_push(out, bio);
|
||||
bio = NULL;
|
||||
#endif
|
||||
if (0) {
|
||||
err:
|
||||
if (ek) {
|
||||
|
@ -1017,17 +993,6 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
|
|||
}
|
||||
if ((message_digest->length != (int)md_len) ||
|
||||
(memcmp(message_digest->data, md_dat, md_len))) {
|
||||
#if 0
|
||||
{
|
||||
int ii;
|
||||
for (ii = 0; ii < message_digest->length; ii++)
|
||||
printf("%02X", message_digest->data[ii]);
|
||||
printf(" sent\n");
|
||||
for (ii = 0; ii < md_len; ii++)
|
||||
printf("%02X", md_dat[ii]);
|
||||
printf(" calc\n");
|
||||
}
|
||||
#endif
|
||||
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
|
||||
ret = -1;
|
||||
goto err;
|
||||
|
|
|
@ -274,12 +274,13 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
|||
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
|
||||
return 0;
|
||||
}
|
||||
#if 0
|
||||
/*
|
||||
* NB: this test commented out because some versions of Netscape
|
||||
* illegally include zero length content when signing data.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Very old Netscape illegally included empty content with
|
||||
* a detached signature. To not support that, enable the
|
||||
* following flag.
|
||||
*/
|
||||
#ifdef OPENSSL_DONT_SUPPORT_OLD_NETSCAPE
|
||||
/* Check for data and content: two sets of data */
|
||||
if (!PKCS7_get_detached(p7) && indata) {
|
||||
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
|
||||
|
|
Loading…
Reference in a new issue