1*b077aed3SPierre Pronchery /*
2*b077aed3SPierre Pronchery * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3*b077aed3SPierre Pronchery *
4*b077aed3SPierre Pronchery * Licensed under the Apache License 2.0 (the "License"). You may not use
5*b077aed3SPierre Pronchery * this file except in compliance with the License. You can obtain a copy
6*b077aed3SPierre Pronchery * in the file LICENSE in the source distribution or at
7*b077aed3SPierre Pronchery * https://www.openssl.org/source/license.html
8*b077aed3SPierre Pronchery */
9*b077aed3SPierre Pronchery
10*b077aed3SPierre Pronchery #include <stdio.h>
11*b077aed3SPierre Pronchery #include <stdlib.h>
12*b077aed3SPierre Pronchery #include <string.h>
13*b077aed3SPierre Pronchery #include "apps.h"
14*b077aed3SPierre Pronchery #include "progs.h"
15*b077aed3SPierre Pronchery #include <openssl/err.h>
16*b077aed3SPierre Pronchery #include <openssl/evp.h>
17*b077aed3SPierre Pronchery #include <openssl/x509.h>
18*b077aed3SPierre Pronchery #include <openssl/pem.h>
19*b077aed3SPierre Pronchery #include <openssl/asn1t.h>
20*b077aed3SPierre Pronchery
21*b077aed3SPierre Pronchery typedef enum OPTION_choice {
22*b077aed3SPierre Pronchery OPT_COMMON,
23*b077aed3SPierre Pronchery OPT_INFORM, OPT_IN, OPT_OUT, OPT_INDENT, OPT_NOOUT,
24*b077aed3SPierre Pronchery OPT_OID, OPT_OFFSET, OPT_LENGTH, OPT_DUMP, OPT_DLIMIT,
25*b077aed3SPierre Pronchery OPT_STRPARSE, OPT_GENSTR, OPT_GENCONF, OPT_STRICTPEM,
26*b077aed3SPierre Pronchery OPT_ITEM
27*b077aed3SPierre Pronchery } OPTION_CHOICE;
28*b077aed3SPierre Pronchery
29*b077aed3SPierre Pronchery const OPTIONS asn1parse_options[] = {
30*b077aed3SPierre Pronchery OPT_SECTION("General"),
31*b077aed3SPierre Pronchery {"help", OPT_HELP, '-', "Display this summary"},
32*b077aed3SPierre Pronchery {"oid", OPT_OID, '<', "file of extra oid definitions"},
33*b077aed3SPierre Pronchery
34*b077aed3SPierre Pronchery OPT_SECTION("I/O"),
35*b077aed3SPierre Pronchery {"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
36*b077aed3SPierre Pronchery {"in", OPT_IN, '<', "input file"},
37*b077aed3SPierre Pronchery {"out", OPT_OUT, '>', "output file (output format is always DER)"},
38*b077aed3SPierre Pronchery {"noout", OPT_NOOUT, 0, "do not produce any output"},
39*b077aed3SPierre Pronchery {"offset", OPT_OFFSET, 'p', "offset into file"},
40*b077aed3SPierre Pronchery {"length", OPT_LENGTH, 'p', "length of section in file"},
41*b077aed3SPierre Pronchery {"strparse", OPT_STRPARSE, 'p',
42*b077aed3SPierre Pronchery "offset; a series of these can be used to 'dig'"},
43*b077aed3SPierre Pronchery {"genstr", OPT_GENSTR, 's', "string to generate ASN1 structure from"},
44*b077aed3SPierre Pronchery {OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"},
45*b077aed3SPierre Pronchery {"genconf", OPT_GENCONF, 's', "file to generate ASN1 structure from"},
46*b077aed3SPierre Pronchery {"strictpem", OPT_STRICTPEM, 0,
47*b077aed3SPierre Pronchery "do not attempt base64 decode outside PEM markers"},
48*b077aed3SPierre Pronchery {"item", OPT_ITEM, 's', "item to parse and print"},
49*b077aed3SPierre Pronchery {OPT_MORE_STR, 0, 0, "(-inform will be ignored)"},
50*b077aed3SPierre Pronchery
51*b077aed3SPierre Pronchery OPT_SECTION("Formatting"),
52*b077aed3SPierre Pronchery {"i", OPT_INDENT, 0, "indents the output"},
53*b077aed3SPierre Pronchery {"dump", OPT_DUMP, 0, "unknown data in hex form"},
54*b077aed3SPierre Pronchery {"dlimit", OPT_DLIMIT, 'p',
55*b077aed3SPierre Pronchery "dump the first arg bytes of unknown data in hex form"},
56*b077aed3SPierre Pronchery {NULL}
57*b077aed3SPierre Pronchery };
58*b077aed3SPierre Pronchery
59*b077aed3SPierre Pronchery static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf);
60*b077aed3SPierre Pronchery
asn1parse_main(int argc,char ** argv)61*b077aed3SPierre Pronchery int asn1parse_main(int argc, char **argv)
62*b077aed3SPierre Pronchery {
63*b077aed3SPierre Pronchery ASN1_TYPE *at = NULL;
64*b077aed3SPierre Pronchery BIO *in = NULL, *b64 = NULL, *derout = NULL;
65*b077aed3SPierre Pronchery BUF_MEM *buf = NULL;
66*b077aed3SPierre Pronchery STACK_OF(OPENSSL_STRING) *osk = NULL;
67*b077aed3SPierre Pronchery char *genstr = NULL, *genconf = NULL;
68*b077aed3SPierre Pronchery char *infile = NULL, *oidfile = NULL, *derfile = NULL;
69*b077aed3SPierre Pronchery unsigned char *str = NULL;
70*b077aed3SPierre Pronchery char *name = NULL, *header = NULL, *prog;
71*b077aed3SPierre Pronchery const unsigned char *ctmpbuf;
72*b077aed3SPierre Pronchery int indent = 0, noout = 0, dump = 0, strictpem = 0, informat = FORMAT_PEM;
73*b077aed3SPierre Pronchery int offset = 0, ret = 1, i, j;
74*b077aed3SPierre Pronchery long num, tmplen;
75*b077aed3SPierre Pronchery unsigned char *tmpbuf;
76*b077aed3SPierre Pronchery unsigned int length = 0;
77*b077aed3SPierre Pronchery OPTION_CHOICE o;
78*b077aed3SPierre Pronchery const ASN1_ITEM *it = NULL;
79*b077aed3SPierre Pronchery
80*b077aed3SPierre Pronchery prog = opt_init(argc, argv, asn1parse_options);
81*b077aed3SPierre Pronchery
82*b077aed3SPierre Pronchery if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
83*b077aed3SPierre Pronchery BIO_printf(bio_err, "%s: Memory allocation failure\n", prog);
84*b077aed3SPierre Pronchery goto end;
85*b077aed3SPierre Pronchery }
86*b077aed3SPierre Pronchery
87*b077aed3SPierre Pronchery while ((o = opt_next()) != OPT_EOF) {
88*b077aed3SPierre Pronchery switch (o) {
89*b077aed3SPierre Pronchery case OPT_EOF:
90*b077aed3SPierre Pronchery case OPT_ERR:
91*b077aed3SPierre Pronchery opthelp:
92*b077aed3SPierre Pronchery BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
93*b077aed3SPierre Pronchery goto end;
94*b077aed3SPierre Pronchery case OPT_HELP:
95*b077aed3SPierre Pronchery opt_help(asn1parse_options);
96*b077aed3SPierre Pronchery ret = 0;
97*b077aed3SPierre Pronchery goto end;
98*b077aed3SPierre Pronchery case OPT_INFORM:
99*b077aed3SPierre Pronchery if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
100*b077aed3SPierre Pronchery goto opthelp;
101*b077aed3SPierre Pronchery break;
102*b077aed3SPierre Pronchery case OPT_IN:
103*b077aed3SPierre Pronchery infile = opt_arg();
104*b077aed3SPierre Pronchery break;
105*b077aed3SPierre Pronchery case OPT_OUT:
106*b077aed3SPierre Pronchery derfile = opt_arg();
107*b077aed3SPierre Pronchery break;
108*b077aed3SPierre Pronchery case OPT_INDENT:
109*b077aed3SPierre Pronchery indent = 1;
110*b077aed3SPierre Pronchery break;
111*b077aed3SPierre Pronchery case OPT_NOOUT:
112*b077aed3SPierre Pronchery noout = 1;
113*b077aed3SPierre Pronchery break;
114*b077aed3SPierre Pronchery case OPT_OID:
115*b077aed3SPierre Pronchery oidfile = opt_arg();
116*b077aed3SPierre Pronchery break;
117*b077aed3SPierre Pronchery case OPT_OFFSET:
118*b077aed3SPierre Pronchery offset = strtol(opt_arg(), NULL, 0);
119*b077aed3SPierre Pronchery break;
120*b077aed3SPierre Pronchery case OPT_LENGTH:
121*b077aed3SPierre Pronchery length = strtol(opt_arg(), NULL, 0);
122*b077aed3SPierre Pronchery break;
123*b077aed3SPierre Pronchery case OPT_DUMP:
124*b077aed3SPierre Pronchery dump = -1;
125*b077aed3SPierre Pronchery break;
126*b077aed3SPierre Pronchery case OPT_DLIMIT:
127*b077aed3SPierre Pronchery dump = strtol(opt_arg(), NULL, 0);
128*b077aed3SPierre Pronchery break;
129*b077aed3SPierre Pronchery case OPT_STRPARSE:
130*b077aed3SPierre Pronchery sk_OPENSSL_STRING_push(osk, opt_arg());
131*b077aed3SPierre Pronchery break;
132*b077aed3SPierre Pronchery case OPT_GENSTR:
133*b077aed3SPierre Pronchery genstr = opt_arg();
134*b077aed3SPierre Pronchery break;
135*b077aed3SPierre Pronchery case OPT_GENCONF:
136*b077aed3SPierre Pronchery genconf = opt_arg();
137*b077aed3SPierre Pronchery break;
138*b077aed3SPierre Pronchery case OPT_STRICTPEM:
139*b077aed3SPierre Pronchery strictpem = 1;
140*b077aed3SPierre Pronchery informat = FORMAT_PEM;
141*b077aed3SPierre Pronchery break;
142*b077aed3SPierre Pronchery case OPT_ITEM:
143*b077aed3SPierre Pronchery it = ASN1_ITEM_lookup(opt_arg());
144*b077aed3SPierre Pronchery if (it == NULL) {
145*b077aed3SPierre Pronchery size_t tmp;
146*b077aed3SPierre Pronchery
147*b077aed3SPierre Pronchery BIO_printf(bio_err, "Unknown item name %s\n", opt_arg());
148*b077aed3SPierre Pronchery BIO_puts(bio_err, "Supported types:\n");
149*b077aed3SPierre Pronchery for (tmp = 0;; tmp++) {
150*b077aed3SPierre Pronchery it = ASN1_ITEM_get(tmp);
151*b077aed3SPierre Pronchery if (it == NULL)
152*b077aed3SPierre Pronchery break;
153*b077aed3SPierre Pronchery BIO_printf(bio_err, " %s\n", it->sname);
154*b077aed3SPierre Pronchery }
155*b077aed3SPierre Pronchery goto end;
156*b077aed3SPierre Pronchery }
157*b077aed3SPierre Pronchery break;
158*b077aed3SPierre Pronchery }
159*b077aed3SPierre Pronchery }
160*b077aed3SPierre Pronchery
161*b077aed3SPierre Pronchery /* No extra args. */
162*b077aed3SPierre Pronchery argc = opt_num_rest();
163*b077aed3SPierre Pronchery if (argc != 0)
164*b077aed3SPierre Pronchery goto opthelp;
165*b077aed3SPierre Pronchery
166*b077aed3SPierre Pronchery if (oidfile != NULL) {
167*b077aed3SPierre Pronchery in = bio_open_default(oidfile, 'r', FORMAT_TEXT);
168*b077aed3SPierre Pronchery if (in == NULL)
169*b077aed3SPierre Pronchery goto end;
170*b077aed3SPierre Pronchery OBJ_create_objects(in);
171*b077aed3SPierre Pronchery BIO_free(in);
172*b077aed3SPierre Pronchery }
173*b077aed3SPierre Pronchery
174*b077aed3SPierre Pronchery if ((in = bio_open_default(infile, 'r', informat)) == NULL)
175*b077aed3SPierre Pronchery goto end;
176*b077aed3SPierre Pronchery
177*b077aed3SPierre Pronchery if (derfile && (derout = bio_open_default(derfile, 'w', FORMAT_ASN1)) == NULL)
178*b077aed3SPierre Pronchery goto end;
179*b077aed3SPierre Pronchery
180*b077aed3SPierre Pronchery if ((buf = BUF_MEM_new()) == NULL)
181*b077aed3SPierre Pronchery goto end;
182*b077aed3SPierre Pronchery if (strictpem) {
183*b077aed3SPierre Pronchery if (PEM_read_bio(in, &name, &header, &str, &num) != 1) {
184*b077aed3SPierre Pronchery BIO_printf(bio_err, "Error reading PEM file\n");
185*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
186*b077aed3SPierre Pronchery goto end;
187*b077aed3SPierre Pronchery }
188*b077aed3SPierre Pronchery buf->data = (char *)str;
189*b077aed3SPierre Pronchery buf->length = buf->max = num;
190*b077aed3SPierre Pronchery } else {
191*b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, BUFSIZ * 8))
192*b077aed3SPierre Pronchery goto end; /* Pre-allocate :-) */
193*b077aed3SPierre Pronchery
194*b077aed3SPierre Pronchery if (genstr || genconf) {
195*b077aed3SPierre Pronchery num = do_generate(genstr, genconf, buf);
196*b077aed3SPierre Pronchery if (num < 0) {
197*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
198*b077aed3SPierre Pronchery goto end;
199*b077aed3SPierre Pronchery }
200*b077aed3SPierre Pronchery } else {
201*b077aed3SPierre Pronchery
202*b077aed3SPierre Pronchery if (informat == FORMAT_PEM) {
203*b077aed3SPierre Pronchery BIO *tmp;
204*b077aed3SPierre Pronchery
205*b077aed3SPierre Pronchery if ((b64 = BIO_new(BIO_f_base64())) == NULL)
206*b077aed3SPierre Pronchery goto end;
207*b077aed3SPierre Pronchery BIO_push(b64, in);
208*b077aed3SPierre Pronchery tmp = in;
209*b077aed3SPierre Pronchery in = b64;
210*b077aed3SPierre Pronchery b64 = tmp;
211*b077aed3SPierre Pronchery }
212*b077aed3SPierre Pronchery
213*b077aed3SPierre Pronchery num = 0;
214*b077aed3SPierre Pronchery for (;;) {
215*b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, num + BUFSIZ))
216*b077aed3SPierre Pronchery goto end;
217*b077aed3SPierre Pronchery i = BIO_read(in, &(buf->data[num]), BUFSIZ);
218*b077aed3SPierre Pronchery if (i <= 0)
219*b077aed3SPierre Pronchery break;
220*b077aed3SPierre Pronchery num += i;
221*b077aed3SPierre Pronchery }
222*b077aed3SPierre Pronchery }
223*b077aed3SPierre Pronchery str = (unsigned char *)buf->data;
224*b077aed3SPierre Pronchery
225*b077aed3SPierre Pronchery }
226*b077aed3SPierre Pronchery
227*b077aed3SPierre Pronchery /* If any structs to parse go through in sequence */
228*b077aed3SPierre Pronchery
229*b077aed3SPierre Pronchery if (sk_OPENSSL_STRING_num(osk)) {
230*b077aed3SPierre Pronchery tmpbuf = str;
231*b077aed3SPierre Pronchery tmplen = num;
232*b077aed3SPierre Pronchery for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
233*b077aed3SPierre Pronchery ASN1_TYPE *atmp;
234*b077aed3SPierre Pronchery int typ;
235*b077aed3SPierre Pronchery j = strtol(sk_OPENSSL_STRING_value(osk, i), NULL, 0);
236*b077aed3SPierre Pronchery if (j <= 0 || j >= tmplen) {
237*b077aed3SPierre Pronchery BIO_printf(bio_err, "'%s' is out of range\n",
238*b077aed3SPierre Pronchery sk_OPENSSL_STRING_value(osk, i));
239*b077aed3SPierre Pronchery continue;
240*b077aed3SPierre Pronchery }
241*b077aed3SPierre Pronchery tmpbuf += j;
242*b077aed3SPierre Pronchery tmplen -= j;
243*b077aed3SPierre Pronchery atmp = at;
244*b077aed3SPierre Pronchery ctmpbuf = tmpbuf;
245*b077aed3SPierre Pronchery at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
246*b077aed3SPierre Pronchery ASN1_TYPE_free(atmp);
247*b077aed3SPierre Pronchery if (!at) {
248*b077aed3SPierre Pronchery BIO_printf(bio_err, "Error parsing structure\n");
249*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
250*b077aed3SPierre Pronchery goto end;
251*b077aed3SPierre Pronchery }
252*b077aed3SPierre Pronchery typ = ASN1_TYPE_get(at);
253*b077aed3SPierre Pronchery if ((typ == V_ASN1_OBJECT)
254*b077aed3SPierre Pronchery || (typ == V_ASN1_BOOLEAN)
255*b077aed3SPierre Pronchery || (typ == V_ASN1_NULL)) {
256*b077aed3SPierre Pronchery BIO_printf(bio_err, "Can't parse %s type\n", ASN1_tag2str(typ));
257*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
258*b077aed3SPierre Pronchery goto end;
259*b077aed3SPierre Pronchery }
260*b077aed3SPierre Pronchery /* hmm... this is a little evil but it works */
261*b077aed3SPierre Pronchery tmpbuf = at->value.asn1_string->data;
262*b077aed3SPierre Pronchery tmplen = at->value.asn1_string->length;
263*b077aed3SPierre Pronchery }
264*b077aed3SPierre Pronchery str = tmpbuf;
265*b077aed3SPierre Pronchery num = tmplen;
266*b077aed3SPierre Pronchery }
267*b077aed3SPierre Pronchery
268*b077aed3SPierre Pronchery if (offset < 0 || offset >= num) {
269*b077aed3SPierre Pronchery BIO_printf(bio_err, "Error: offset out of range\n");
270*b077aed3SPierre Pronchery goto end;
271*b077aed3SPierre Pronchery }
272*b077aed3SPierre Pronchery
273*b077aed3SPierre Pronchery num -= offset;
274*b077aed3SPierre Pronchery
275*b077aed3SPierre Pronchery if (length == 0 || length > (unsigned int)num)
276*b077aed3SPierre Pronchery length = (unsigned int)num;
277*b077aed3SPierre Pronchery if (derout != NULL) {
278*b077aed3SPierre Pronchery if (BIO_write(derout, str + offset, length) != (int)length) {
279*b077aed3SPierre Pronchery BIO_printf(bio_err, "Error writing output\n");
280*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
281*b077aed3SPierre Pronchery goto end;
282*b077aed3SPierre Pronchery }
283*b077aed3SPierre Pronchery }
284*b077aed3SPierre Pronchery if (!noout) {
285*b077aed3SPierre Pronchery const unsigned char *p = str + offset;
286*b077aed3SPierre Pronchery
287*b077aed3SPierre Pronchery if (it != NULL) {
288*b077aed3SPierre Pronchery ASN1_VALUE *value = ASN1_item_d2i(NULL, &p, length, it);
289*b077aed3SPierre Pronchery if (value == NULL) {
290*b077aed3SPierre Pronchery BIO_printf(bio_err, "Error parsing item %s\n", it->sname);
291*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
292*b077aed3SPierre Pronchery goto end;
293*b077aed3SPierre Pronchery }
294*b077aed3SPierre Pronchery ASN1_item_print(bio_out, value, 0, it, NULL);
295*b077aed3SPierre Pronchery ASN1_item_free(value, it);
296*b077aed3SPierre Pronchery } else {
297*b077aed3SPierre Pronchery if (!ASN1_parse_dump(bio_out, p, length, indent, dump)) {
298*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
299*b077aed3SPierre Pronchery goto end;
300*b077aed3SPierre Pronchery }
301*b077aed3SPierre Pronchery }
302*b077aed3SPierre Pronchery }
303*b077aed3SPierre Pronchery ret = 0;
304*b077aed3SPierre Pronchery end:
305*b077aed3SPierre Pronchery BIO_free(derout);
306*b077aed3SPierre Pronchery BIO_free(in);
307*b077aed3SPierre Pronchery BIO_free(b64);
308*b077aed3SPierre Pronchery if (ret != 0)
309*b077aed3SPierre Pronchery ERR_print_errors(bio_err);
310*b077aed3SPierre Pronchery BUF_MEM_free(buf);
311*b077aed3SPierre Pronchery OPENSSL_free(name);
312*b077aed3SPierre Pronchery OPENSSL_free(header);
313*b077aed3SPierre Pronchery ASN1_TYPE_free(at);
314*b077aed3SPierre Pronchery sk_OPENSSL_STRING_free(osk);
315*b077aed3SPierre Pronchery return ret;
316*b077aed3SPierre Pronchery }
317*b077aed3SPierre Pronchery
do_generate(char * genstr,const char * genconf,BUF_MEM * buf)318*b077aed3SPierre Pronchery static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf)
319*b077aed3SPierre Pronchery {
320*b077aed3SPierre Pronchery CONF *cnf = NULL;
321*b077aed3SPierre Pronchery int len;
322*b077aed3SPierre Pronchery unsigned char *p;
323*b077aed3SPierre Pronchery ASN1_TYPE *atyp = NULL;
324*b077aed3SPierre Pronchery
325*b077aed3SPierre Pronchery if (genconf != NULL) {
326*b077aed3SPierre Pronchery if ((cnf = app_load_config(genconf)) == NULL)
327*b077aed3SPierre Pronchery goto err;
328*b077aed3SPierre Pronchery if (genstr == NULL)
329*b077aed3SPierre Pronchery genstr = NCONF_get_string(cnf, "default", "asn1");
330*b077aed3SPierre Pronchery if (genstr == NULL) {
331*b077aed3SPierre Pronchery BIO_printf(bio_err, "Can't find 'asn1' in '%s'\n", genconf);
332*b077aed3SPierre Pronchery goto err;
333*b077aed3SPierre Pronchery }
334*b077aed3SPierre Pronchery }
335*b077aed3SPierre Pronchery
336*b077aed3SPierre Pronchery atyp = ASN1_generate_nconf(genstr, cnf);
337*b077aed3SPierre Pronchery NCONF_free(cnf);
338*b077aed3SPierre Pronchery cnf = NULL;
339*b077aed3SPierre Pronchery
340*b077aed3SPierre Pronchery if (atyp == NULL)
341*b077aed3SPierre Pronchery return -1;
342*b077aed3SPierre Pronchery
343*b077aed3SPierre Pronchery len = i2d_ASN1_TYPE(atyp, NULL);
344*b077aed3SPierre Pronchery
345*b077aed3SPierre Pronchery if (len <= 0)
346*b077aed3SPierre Pronchery goto err;
347*b077aed3SPierre Pronchery
348*b077aed3SPierre Pronchery if (!BUF_MEM_grow(buf, len))
349*b077aed3SPierre Pronchery goto err;
350*b077aed3SPierre Pronchery
351*b077aed3SPierre Pronchery p = (unsigned char *)buf->data;
352*b077aed3SPierre Pronchery
353*b077aed3SPierre Pronchery i2d_ASN1_TYPE(atyp, &p);
354*b077aed3SPierre Pronchery
355*b077aed3SPierre Pronchery ASN1_TYPE_free(atyp);
356*b077aed3SPierre Pronchery return len;
357*b077aed3SPierre Pronchery
358*b077aed3SPierre Pronchery err:
359*b077aed3SPierre Pronchery NCONF_free(cnf);
360*b077aed3SPierre Pronchery ASN1_TYPE_free(atyp);
361*b077aed3SPierre Pronchery return -1;
362*b077aed3SPierre Pronchery }
363