自学教程：C++ ASN1_OCTET_STRING_set函数代码示例

OCSP_CERTID *OCSP_cert_id_new (const EVP_MD * dgst,                               X509_NAME * issuerName, ASN1_BIT_STRING * issuerKey, ASN1_INTEGER * serialNumber){    int nid;    unsigned int i;    X509_ALGOR *alg;    OCSP_CERTID *cid = NULL;    unsigned char md[EVP_MAX_MD_SIZE];    if (!(cid = OCSP_CERTID_new ()))        goto err;    alg = cid->hashAlgorithm;    if (alg->algorithm != NULL)        ASN1_OBJECT_free (alg->algorithm);    if ((nid = EVP_MD_type (dgst)) == NID_undef)    {        OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);        goto err;    }    if (!(alg->algorithm = OBJ_nid2obj (nid)))        goto err;    if ((alg->parameter = ASN1_TYPE_new ()) == NULL)        goto err;    alg->parameter->type = V_ASN1_NULL;    if (!X509_NAME_digest (issuerName, dgst, md, &i))        goto digerr;    if (!(ASN1_OCTET_STRING_set (cid->issuerNameHash, md, i)))        goto err;    /* Calculate the issuerKey hash, excluding tag and length */    if (!EVP_Digest (issuerKey->data, issuerKey->length, md, &i, dgst, NULL))        goto err;    if (!(ASN1_OCTET_STRING_set (cid->issuerKeyHash, md, i)))        goto err;    if (serialNumber)    {        ASN1_INTEGER_free (cid->serialNumber);        if (!(cid->serialNumber = ASN1_INTEGER_dup (serialNumber)))            goto err;    }    return cid;  digerr:    OCSPerr (OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);  err:    if (cid)        OCSP_CERTID_free (cid);    return NULL;}

intgost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params){	int len = 0;	unsigned char *buf = NULL;	unsigned char *p = NULL;	EVP_GOST2814789_CTX *c = ctx->cipher_data;	ASN1_OCTET_STRING *os = NULL;	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();	if (gcp == NULL) {		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,		    ERR_R_MALLOC_FAILURE);		return 0;	}	if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) {		GOST_CIPHER_PARAMS_free(gcp);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);		return 0;	}	ASN1_OBJECT_free(gcp->enc_param_set);	gcp->enc_param_set = OBJ_nid2obj(c->param_nid);	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);	p = buf = malloc(len);	if (buf == NULL) {		GOST_CIPHER_PARAMS_free(gcp);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,		    ERR_R_MALLOC_FAILURE);		return 0;	}	i2d_GOST_CIPHER_PARAMS(gcp, &p);	GOST_CIPHER_PARAMS_free(gcp);	os = ASN1_OCTET_STRING_new();	if (os == NULL) {		free(buf);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,		    ERR_R_MALLOC_FAILURE);		return 0;	}	if (ASN1_OCTET_STRING_set(os, buf, len) == 0) {		ASN1_OCTET_STRING_free(os);		free(buf);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);		return 0;	}	free(buf);	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);	return 1;}

void openssl_pkcs7_enveloped(){	int len;	FILE *fp;	PKCS7 *p7;	PKCS7_RECIP_INFO *inf;	unsigned char *der, *p;	const unsigned char edata[COMM_LEN] = "info....";	const unsigned char ekeys[COMM_LEN] = "key info....";	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_enveloped);	ASN1_INTEGER_set(p7->d.enveloped->version, 3);	inf = PKCS7_RECIP_INFO_new();	ASN1_INTEGER_set(inf->version, 4);	ASN1_INTEGER_set(inf->issuer_and_serial->serial, 888888);	inf->key_enc_algor->algorithm = OBJ_nid2obj(NID_des_ede3_cbc);	ASN1_OCTET_STRING_set(inf->enc_key, ekeys, 12);	sk_PKCS7_RECIP_INFO_push(p7->d.enveloped->recipientinfo, inf);	p7->d.enveloped->enc_data->algorithm->algorithm =		OBJ_nid2obj(NID_des_ede3_cbc);	p7->d.enveloped->enc_data->enc_data = ASN1_OCTET_STRING_new();	ASN1_OCTET_STRING_set(p7->d.enveloped->enc_data->enc_data, edata, 8);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/test.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	free(der);	PKCS7_free(p7);	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_signedAndEnveloped);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/testEnv.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	PKCS7_free(p7);	free(der);}

static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length){	ASN1_OCTET_STRING *os, **pos;	pos = a;	if (pos == NULL || *pos == NULL) {		os = ASN1_OCTET_STRING_new();		if (os == NULL)			goto err;	} else		os = *pos;	if (ASN1_OCTET_STRING_set(os, *pp, length) == 0)		goto err;	*pp += length;	if (pos != NULL)		*pos = os;	return os;err:	if (pos == NULL || *pos != os)		ASN1_OCTET_STRING_free(os);	OCSPerror(ERR_R_MALLOC_FAILURE);	return NULL;}

void openssl_pkcs7_encrypt(){	BIO *b;	int len;	FILE *fp;	PKCS7 *p7;	unsigned char *der, *p;	const unsigned char edata[COMM_LEN] = "pkcs7 encrypt";	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_encrypted);	ASN1_INTEGER_set(p7->d.encrypted->version, 3);	p7->d.encrypted->enc_data->algorithm->algorithm =		OBJ_nid2obj(NID_des_ede3_cbc);	p7->d.encrypted->enc_data->enc_data = ASN1_OCTET_STRING_new();	ASN1_OCTET_STRING_set(p7->d.encrypted->enc_data->enc_data, edata, 14);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/test.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	PKCS7_free(p7);	free(der);	b = BIO_new_file("/tmp/test.pem", "r");	p7 = PEM_read_bio_PKCS7(b, NULL, NULL, NULL);	BIO_free(b);	PKCS7_free(p7);}

void openssl_pkcs7_sign(){	int len;	BIO *in;	X509 *x;	FILE *fp;	PKCS7 *p7;	X509_ALGOR *md;	PKCS7_SIGNER_INFO *si;	char name[MAX1_LEN], tmp[MAX1_LEN];	unsigned char *der, *p, buf[SHA_DIGEST_LENGTH] = "pkcs7 sign";	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_data);	ASN1_OCTET_STRING_set(p7->d.data, buf, SHA_DIGEST_LENGTH);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/test.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	free(der);	PKCS7_free(p7);	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_signed);	p7->d.sign->cert = sk_X509_new_null();	in = BIO_new_file("/tmp/test.cer", "r");	x = PEM_read_bio_X509(in, NULL, NULL, NULL);	sk_X509_push(p7->d.sign->cert, x);	BIO_free(in);	md = X509_ALGOR_new();	md->algorithm = OBJ_nid2obj(NID_md5);	sk_X509_ALGOR_push(p7->d.sign->md_algs, md);	si = PKCS7_SIGNER_INFO_new();	ASN1_INTEGER_set(si->version, 2);	ASN1_INTEGER_set(si->issuer_and_serial->serial, 333);	sk_PKCS7_SIGNER_INFO_push(p7->d.sign->signer_info, si);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/test.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	free(der);	fp = fopen("/tmp/test.cer", "rb");	len = fread(tmp, 1, MAX1_LEN, fp);	fclose(fp);	p = (unsigned char *)&tmp;	d2i_PKCS7(&p7, (const unsigned char **)&p, len);	OBJ_obj2txt(name, MAX1_LEN, p7->type, 0);	PKCS7_free(p7);}

static int rsa_cms_encrypt(CMS_RecipientInfo *ri){    const EVP_MD *md, *mgf1md;    RSA_OAEP_PARAMS *oaep = NULL;    ASN1_STRING *os = NULL;    X509_ALGOR *alg;    EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);    int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;    unsigned char *label;    CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg);    if (pkctx) {        if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)            return 0;    }    if (pad_mode == RSA_PKCS1_PADDING) {        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);        return 1;    }    /* Not supported */    if (pad_mode != RSA_PKCS1_OAEP_PADDING)        return 0;    if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0)        goto err;    if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)        goto err;    labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label);    if (labellen < 0)        goto err;    oaep = RSA_OAEP_PARAMS_new();    if (oaep == NULL)        goto err;    if (!rsa_md_to_algor(&oaep->hashFunc, md))        goto err;    if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))        goto err;    if (labellen > 0) {        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();        oaep->pSourceFunc = X509_ALGOR_new();        if (oaep->pSourceFunc == NULL)            goto err;        if (los == NULL)            goto err;        if (!ASN1_OCTET_STRING_set(los, label, labellen)) {            ASN1_OCTET_STRING_free(los);            goto err;        }        X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified),                        V_ASN1_OCTET_STRING, los);    }    /* create string with pss parameter encoding. */    if (!ASN1_item_pack(oaep, ASN1_ITEM_rptr(RSA_OAEP_PARAMS), &os))         goto err;    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os);    os = NULL;    rv = 1; err:    RSA_OAEP_PARAMS_free(oaep);    ASN1_STRING_free(os);    return rv;}

static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length){	ASN1_OCTET_STRING *os, **pos;	pos = a;	if (!pos || !*pos)		os = ASN1_OCTET_STRING_new();	else		os = *pos;	if (!ASN1_OCTET_STRING_set(os, *pp, length))		goto err;	*pp += length;	if (pos)		*pos = os;	return os;err:	if (os && (!pos || (*pos != os)))		M_ASN1_OCTET_STRING_free(os);	OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE);	return NULL;}

/** * @ingroup proxypolicy * * Sets the policy of the PROXYPOLICY * * @param proxypolicy the proxy policy to set the policy of * @param policy the policy to set it to * @param length the length of the policy * * @return 1 on success, 0 on error */int PROXYPOLICY_set_policy(    PROXYPOLICY *                       proxypolicy,    unsigned char *                     policy,    int                                 length){    if(policy != NULL)    {        unsigned char *                 copy = malloc(length);        memcpy(copy, policy, length);        if(!proxypolicy->policy)        {            proxypolicy->policy = ASN1_OCTET_STRING_new();        }                ASN1_OCTET_STRING_set(proxypolicy->policy, copy, length);    }    else    {        if(proxypolicy->policy)        {            ASN1_OCTET_STRING_free(proxypolicy->policy);        }    }    return 1;}

static int ossl_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2){    OSSL_HMAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx);    EVP_PKEY *pk;    ASN1_OCTET_STRING *key;    switch (type) {    case EVP_PKEY_CTRL_SET_MAC_KEY:        if ((!p2 && p1 > 0) || (p1 < -1))            return 0;        if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))            return 0;        break;    case EVP_PKEY_CTRL_MD:        hctx->md = p2;        break;    case EVP_PKEY_CTRL_DIGESTINIT:        pk = EVP_PKEY_CTX_get0_pkey(ctx);        key = EVP_PKEY_get0(pk);        if (!HMAC_Init_ex(hctx->ctx, key->data, key->length, hctx->md, NULL))            return 0;        break;    default:        return -2;    }    return 1;}

static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)	{	HMAC_PKEY_CTX *hctx = (HMAC_PKEY_CTX *)ctx->data;	ASN1_OCTET_STRING *key;	switch (type)		{		case EVP_PKEY_CTRL_SET_MAC_KEY:		if ((!p2 && p1 > 0) || (p1 < -1))			return 0;		if (!ASN1_OCTET_STRING_set(&hctx->ktmp, (const unsigned char*)p2, p1))			return 0;		break;		case EVP_PKEY_CTRL_MD:		hctx->md = (const EVP_MD*)p2;		break;		case EVP_PKEY_CTRL_DIGESTINIT:		key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;		HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,				ctx->engine);		break;		default:		return -2;		}	return 1;	}

static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) {  HMAC_PKEY_CTX *hctx = ctx->data;  ASN1_OCTET_STRING *key;  switch (type) {    case EVP_PKEY_CTRL_SET_MAC_KEY:      if ((!p2 && p1 > 0) || (p1 < -1)) {        return 0;      }      if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) {        return 0;      }      break;    case EVP_PKEY_CTRL_MD:      hctx->md = p2;      break;    case EVP_PKEY_CTRL_DIGESTINIT:      key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;      if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,                        ctx->engine)) {        return 0;      }      break;    default:      OPENSSL_PUT_ERROR(EVP, pkey_hmac_ctrl, EVP_R_COMMAND_NOT_SUPPORTED);      return 0;  }  return 1;}

X509_EXTENSION* AuthorityKeyIdentifierExtension::getX509Extension(){    X509_EXTENSION *ret;    AUTHORITY_KEYID *authKeyId;    ByteArray temp;    authKeyId = AUTHORITY_KEYID_new();    if (this->keyIdentifier.size() > 0)    {        authKeyId->keyid = ASN1_OCTET_STRING_new();        temp = this->keyIdentifier;        ASN1_OCTET_STRING_set(authKeyId->keyid, temp.getDataPointer(), temp.size());    }    if (this->authorityCertIssuer.getNumberOfEntries() > 0)    {        authKeyId->issuer = this->authorityCertIssuer.getInternalGeneralNames();    }    if (this->serialNumber >= 0)    {        authKeyId->serial = ASN1_INTEGER_new();        ASN1_INTEGER_set(authKeyId->serial, this->serialNumber);    }    ret = X509V3_EXT_i2d(NID_authority_key_identifier, this->critical?1:0, (void *)authKeyId);    AUTHORITY_KEYID_free(authKeyId);    return ret;}

/* Set cipher parameters from ASN1 structure */int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx,ASN1_TYPE *params)	{	int len=0;	unsigned char *buf=NULL;	unsigned char *p=NULL;	struct ossl_gost_cipher_ctx *c = ctx->cipher_data;	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();	ASN1_OCTET_STRING *os = NULL;	if (!gcp)		{		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);		return 0;		}	if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len))		{		GOST_CIPHER_PARAMS_free(gcp);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);		return 0;		}	ASN1_OBJECT_free(gcp->enc_param_set);	gcp->enc_param_set = OBJ_nid2obj(c->paramNID);	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);	p = buf = (unsigned char*)OPENSSL_malloc(len);	if (!buf)		{		GOST_CIPHER_PARAMS_free(gcp);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);		return 0;		}	i2d_GOST_CIPHER_PARAMS(gcp, &p);	GOST_CIPHER_PARAMS_free(gcp);	os = ASN1_OCTET_STRING_new();	if(!os || !ASN1_OCTET_STRING_set(os, buf, len))		{		OPENSSL_free(buf);		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);		return 0;		}	OPENSSL_free(buf);	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);	return 1;	}

static int old_hmac_decode(EVP_PKEY *pkey,					const unsigned char **pder, int derlen)	{	ASN1_OCTET_STRING *os;	os = ASN1_OCTET_STRING_new();	if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))		return 0;	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);	return 1;	}

X509_EXTENSION* Extension::getX509Extension(){	X509_EXTENSION *ret;	ByteArray data;	ret = X509_EXTENSION_new();	ret->object = OBJ_dup(this->objectIdentifier.getObjectIdentifier());	ret->critical = this->critical?1:0;	ret->value = ASN1_OCTET_STRING_new();	data = this->value;	ASN1_OCTET_STRING_set(ret->value, data.getDataPointer(), this->value.size());	return ret;}

static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,                                      X509V3_CTX *ctx, char *str){    ASN1_OCTET_STRING *oct;    X509_PUBKEY *pubkey;    const unsigned char *pk;    int pklen;    unsigned char pkey_dig[EVP_MAX_MD_SIZE];    unsigned int diglen;    if (strcmp(str, "hash"))        return s2i_ASN1_OCTET_STRING(method, ctx, str);    if ((oct = ASN1_OCTET_STRING_new()) == NULL) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        return NULL;    }    if (ctx && (ctx->flags == CTX_TEST))        return oct;    if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    if (ctx->subject_req)        pubkey = ctx->subject_req->req_info.pubkey;    else        pubkey = ctx->subject_cert->cert_info.key;    if (pubkey == NULL) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey);    if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, EVP_sha1(), NULL))        goto err;    if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        goto err;    }    return oct; err:    ASN1_OCTET_STRING_free(oct);    return NULL;}

/* ########################################### */intadd_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2){	/* To add an object of OID 1.9.999, which is a sequence containing	 * 2 octet strings */	unsigned char *p;	ASN1_OCTET_STRING *os1, *os2;	ASN1_STRING *seq;	unsigned char *data;	int i, total;	if (signed_seq2string_nid == -1)		signed_seq2string_nid =		    OBJ_create("1.9.9999","OID_example","Our example OID");	os1 = ASN1_OCTET_STRING_new();	os2 = ASN1_OCTET_STRING_new();	ASN1_OCTET_STRING_set(os1, (unsigned char*)str1, strlen(str1));	ASN1_OCTET_STRING_set(os2, (unsigned char*)str1, strlen(str1));	i = i2d_ASN1_OCTET_STRING(os1, NULL);	i += i2d_ASN1_OCTET_STRING(os2, NULL);	total = ASN1_object_size(1, i, V_ASN1_SEQUENCE);	data = malloc(total);	p = data;	ASN1_put_object(&p, 1,i, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);	i2d_ASN1_OCTET_STRING(os1, &p);	i2d_ASN1_OCTET_STRING(os2, &p);	seq = ASN1_STRING_new();	ASN1_STRING_set(seq, data, total);	free(data);	ASN1_OCTET_STRING_free(os1);	ASN1_OCTET_STRING_free(os2);	PKCS7_add_signed_attribute(si, signed_seq2string_nid,	    V_ASN1_SEQUENCE, (char *)seq);	return (1);}

int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len){    ASN1_STRING *os;    if ((os = ASN1_OCTET_STRING_new()) == NULL)        return (0);    if (!ASN1_OCTET_STRING_set(os, data, len)) {        ASN1_OCTET_STRING_free(os);        return 0;    }    ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);    return (1);}

X509_EXTENSION* SubjectKeyIdentifierExtension::getX509Extension(){	X509_EXTENSION *ret;	ASN1_OCTET_STRING *octetString;	ByteArray data;		ret = X509_EXTENSION_new();	octetString = ASN1_OCTET_STRING_new();	data = this->keyIdentifier;	ASN1_OCTET_STRING_set(octetString, data.getDataPointer(), data.size());	ret = X509V3_EXT_i2d(NID_subject_key_identifier, this->critical?1:0, (void *)octetString);	return ret;}

void add_signed_string(PKCS7_SIGNER_INFO *si, char *str)	{	ASN1_OCTET_STRING *os;	/* To a an object of OID 1.2.3.4.5, which is an octet string */	if (signed_string_nid == -1)		signed_string_nid=			OBJ_create("1.2.3.4.5","OID_example","Our example OID");	os=ASN1_OCTET_STRING_new();	ASN1_OCTET_STRING_set(os,(unsigned char*)str,TINYCLR_SSL_STRLEN(str));	/* When we add, we do not free */	PKCS7_add_signed_attribute(si,signed_string_nid,		V_ASN1_OCTET_STRING,(char *)os);	}

static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,                                      X509V3_CTX *ctx, char *str){    ASN1_OCTET_STRING *oct;    ASN1_BIT_STRING *pk;    unsigned char pkey_dig[EVP_MAX_MD_SIZE];    unsigned int diglen;    if (strcmp(str, "hash"))        return s2i_ASN1_OCTET_STRING(method, ctx, str);    if ((oct = ASN1_OCTET_STRING_new()) == NULL) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        return NULL;    }    if (ctx && (ctx->flags == CTX_TEST))        return oct;    if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    if (ctx->subject_req)        pk = ctx->subject_req->req_info->pubkey->public_key;    else        pk = ctx->subject_cert->cert_info->key->public_key;    if (!pk) {        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);        goto err;    }    if (!EVP_Digest        (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))        goto err;    if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);        goto err;    }    return oct; err:    ASN1_OCTET_STRING_free(oct);    return NULL;}

static int old_hmac_decode(EVP_PKEY *pkey,                           const unsigned char **pder, int derlen){    ASN1_OCTET_STRING *os;    os = ASN1_OCTET_STRING_new();    if (os == NULL || !ASN1_OCTET_STRING_set(os, *pder, derlen))        goto err;    if (!EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os))        goto err;    return 1; err:    ASN1_OCTET_STRING_free(os);    return 0;}

static int ossl_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src){    OSSL_HMAC_PKEY_CTX *sctx, *dctx;    if (!ossl_hmac_init(dst))        return 0;    sctx = EVP_PKEY_CTX_get_data(src);    dctx = EVP_PKEY_CTX_get_data(dst);    dctx->md = sctx->md;    if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))        return 0;    if (sctx->ktmp.data) {        if (!ASN1_OCTET_STRING_set(&dctx->ktmp,                                   sctx->ktmp.data, sctx->ktmp.length))            return 0;    }    return 1;}

static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src){    HMAC_PKEY_CTX *sctx, *dctx;    if (!pkey_hmac_init(dst))        return 0;    sctx = src->data;    dctx = dst->data;    dctx->md = sctx->md;    HMAC_CTX_init(&dctx->ctx);    HMAC_CTX_copy(&dctx->ctx, &sctx->ctx);    if (sctx->ktmp.data) {        if (!ASN1_OCTET_STRING_set(&dctx->ktmp,                                   sctx->ktmp.data, sctx->ktmp.length))            return 0;    }    return 1;}

/* * Create a new extension * * Extension  ::=  SEQUENCE  { *      id          OBJECT IDENTIFIER, *      critical    BOOLEAN DEFAULT FALSE, *      value       OCTET STRING  } * * Parameters: *   pex: OpenSSL extension pointer (output parameter) *   nid: extension identifier *   crit: extension critical (EXT_NON_CRIT, EXT_CRIT) *   data: extension data. This data will be encapsulated in an Octet String * * Return: Extension address, NULL if error */staticX509_EXTENSION *ext_new(int nid, int crit, unsigned char *data, int len){	X509_EXTENSION *ex;	ASN1_OCTET_STRING *ext_data;	/* Octet string containing the extension data */	ext_data = ASN1_OCTET_STRING_new();	ASN1_OCTET_STRING_set(ext_data, data, len);	/* Create the extension */	ex = X509_EXTENSION_create_by_NID(NULL, nid, crit, ext_data);	/* The extension makes a copy of the data, so we can free this object */	ASN1_OCTET_STRING_free(ext_data);	return ex;}

intconv_point2os(const EC_GROUP *grp, const EC_POINT *p, ASN1_OCTET_STRING *os,              BN_CTX *ctx){    size_t s;    s = EC_POINT_point2oct(grp, p, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx);    if (s == 0)        return ENOMEM;    unsigned char buf[s];    s = EC_POINT_point2oct(grp, p, POINT_CONVERSION_COMPRESSED, buf, s, ctx);    if (s == 0)        return ENOMEM;    if (ASN1_OCTET_STRING_set(os, buf, s) <= 0)        return ENOMEM;    return 0;}

void openssl_pkcs7_msg(){	int len;	FILE *fp;	PKCS7 *p7;	unsigned char *der, *p, buf[SHA_DIGEST_LENGTH] = "pkcs7 msg";	p7 = PKCS7_new();	PKCS7_set_type(p7, NID_pkcs7_data);	ASN1_OCTET_STRING_set(p7->d.data, buf, SHA_DIGEST_LENGTH);	len = i2d_PKCS7(p7, NULL);	der = (unsigned char *)malloc(len);	p = der;	len = i2d_PKCS7(p7, &p);	fp = fopen("/tmp/test.cer", "wb");	fwrite(der, 1, len, fp);	fclose(fp);	free(der);	PKCS7_free(p7);}

static int ossl_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src){    OSSL_HMAC_PKEY_CTX *sctx, *dctx;    /* allocate memory for dst->data and a new HMAC_CTX in dst->data->ctx */    if (!ossl_hmac_init(dst))        return 0;    sctx = EVP_PKEY_CTX_get_data(src);    dctx = EVP_PKEY_CTX_get_data(dst);    dctx->md = sctx->md;    if (!HMAC_CTX_copy(dctx->ctx, sctx->ctx))        goto err;    if (sctx->ktmp.data) {        if (!ASN1_OCTET_STRING_set(&dctx->ktmp,                                   sctx->ktmp.data, sctx->ktmp.length))            goto err;    }    return 1;err:    /* release HMAC_CTX in dst->data->ctx and memory allocated for dst->data */    ossl_hmac_cleanup(dst);    return 0;}