diff options
author | Dr. Stephen Henson <steve@openssl.org> | 1999-03-27 14:06:25 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 1999-03-27 14:06:25 +0000 |
commit | 785cdf20482063a6b59c44825e33c1dee60217d2 (patch) | |
tree | 58f0d2c932ca955c34677b8cf61792748d2c0c53 /crypto/x509v3 | |
parent | ba423addddbc43be1e3bddca727332a9bfe3cb46 (diff) | |
download | openssl-785cdf20482063a6b59c44825e33c1dee60217d2.tar.gz |
Add initial support for Thawte strong extranet certificate extensions and
include an 'indent' option to V3 stuff.
Diffstat (limited to 'crypto/x509v3')
-rw-r--r-- | crypto/x509v3/Makefile.ssl | 4 | ||||
-rw-r--r-- | crypto/x509v3/v3_akey.c | 2 | ||||
-rw-r--r-- | crypto/x509v3/v3_lib.c | 3 | ||||
-rw-r--r-- | crypto/x509v3/v3_pku.c | 6 | ||||
-rw-r--r-- | crypto/x509v3/v3_prn.c | 24 | ||||
-rw-r--r-- | crypto/x509v3/v3prin.c | 2 | ||||
-rw-r--r-- | crypto/x509v3/x509v3.h | 40 |
7 files changed, 61 insertions, 20 deletions
diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl index 6b5399cc0a..5c27afcc82 100644 --- a/crypto/x509v3/Makefile.ssl +++ b/crypto/x509v3/Makefile.ssl @@ -24,10 +24,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \ v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \ -v3_pku.c v3_int.c v3_enum.c +v3_pku.c v3_int.c v3_enum.c v3_sxnet.c LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \ v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \ -v3_int.o v3_enum.o +v3_int.o v3_enum.o v3_sxnet.o SRC= $(LIBSRC) diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index 8bee98cc18..016a6a806c 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -75,7 +75,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(); #endif X509V3_EXT_METHOD v3_akey_id = { -NID_authority_key_identifier, 0, +NID_authority_key_identifier, X509V3_EXT_MULTILINE, (X509V3_EXT_NEW)AUTHORITY_KEYID_new, AUTHORITY_KEYID_free, (X509V3_EXT_D2I)d2i_AUTHORITY_KEYID, diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c index 268617303f..7abac2997e 100644 --- a/crypto/x509v3/v3_lib.c +++ b/crypto/x509v3/v3_lib.c @@ -146,7 +146,7 @@ X509V3_EXT_METHOD *ext; } extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; -extern X509V3_EXT_METHOD v3_pkey_usage_period; +extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet; extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id; extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason; @@ -163,6 +163,7 @@ int X509V3_add_standard_extensions() X509V3_EXT_add(&v3_akey_id); X509V3_EXT_add(&v3_pkey_usage_period); X509V3_EXT_add(&v3_crl_num); + X509V3_EXT_add(&v3_sxnet); X509V3_EXT_add(&v3_crl_reason); return 1; } diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c index a602191c55..23a71522f6 100644 --- a/crypto/x509v3/v3_pku.c +++ b/crypto/x509v3/v3_pku.c @@ -63,7 +63,7 @@ #include "x509v3.h" #ifndef NOPROTO -static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out); +static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent); /* static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values); */ @@ -143,11 +143,13 @@ PKEY_USAGE_PERIOD *a; Free ((char *)a); } -static int i2r_PKEY_USAGE_PERIOD(method, usage, out) +static int i2r_PKEY_USAGE_PERIOD(method, usage, out, indent) X509V3_EXT_METHOD *method; PKEY_USAGE_PERIOD *usage; BIO *out; +int indent; { + BIO_printf(out, "%*s", indent, ""); if(usage->notBefore) { BIO_write(out, "Not Before: ", 12); ASN1_GENERALIZEDTIME_print(out, usage->notBefore); diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index f3cca7a8d6..34bc9c86a5 100644 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -66,28 +66,34 @@ /* Print out a name+value stack */ -void X509V3_EXT_val_prn(out, val) +void X509V3_EXT_val_prn(out, val, indent, ml) BIO *out; STACK *val; +int indent; +int ml; { int i; CONF_VALUE *nval; if(!val) return; + if(!ml) BIO_printf(out, "%*s", indent, ""); for(i = 0; i < sk_num(val); i++) { - if(i > 0) BIO_printf(out, ", "); + if(ml) BIO_printf(out, "%*s", indent, ""); + else if(i > 0) BIO_printf(out, ", "); nval = (CONF_VALUE *)sk_value(val, i); if(!nval->name) BIO_printf(out, "%s", nval->value); else if(!nval->value) BIO_printf(out, "%s", nval->name); else BIO_printf(out, "%s:%s", nval->name, nval->value); + if(ml) BIO_puts(out, "\n"); } } /* Main routine: print out a general extension */ -int X509V3_EXT_print(out, ext, flag) +int X509V3_EXT_print(out, ext, flag, indent) BIO *out; X509_EXTENSION *ext; int flag; +int indent; { char *ext_str = NULL, *p, *value = NULL; X509V3_EXT_METHOD *method; @@ -101,15 +107,16 @@ int flag; ok = 0; goto err; } - BIO_printf(out, value); + BIO_printf(out, "%*s%s", indent, "", value); } else if(method->i2v) { if(!(nval = method->i2v(method, ext_str, NULL))) { ok = 0; goto err; } - X509V3_EXT_val_prn(out, nval); + X509V3_EXT_val_prn(out, nval, indent, + method->ext_flags & X509V3_EXT_MULTILINE); } else if(method->i2r) { - if(!method->i2r(method, ext_str, out)) ok = 0; + if(!method->i2r(method, ext_str, out, indent)) ok = 0; } else ok = 0; err: @@ -119,15 +126,16 @@ int flag; return ok; } -int X509V3_EXT_print_fp(fp, ext, flag) +int X509V3_EXT_print_fp(fp, ext, flag, indent) FILE *fp; X509_EXTENSION *ext; int flag; +int indent; { BIO *bio_tmp; int ret; if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0; - ret = X509V3_EXT_print(bio_tmp, ext, flag); + ret = X509V3_EXT_print(bio_tmp, ext, flag, indent); BIO_free(bio_tmp); return ret; } diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c index 3a8ce93141..36f78b25df 100644 --- a/crypto/x509v3/v3prin.c +++ b/crypto/x509v3/v3prin.c @@ -95,7 +95,7 @@ char **argv; for(i = 0; i < count; i++) { ext = X509_get_ext(cert, i); printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object))); - if(!X509V3_EXT_print_fp(stdout, ext, 0)) ERR_print_errors_fp(stderr); + if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr); printf("\n"); } diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 0d1b340552..89147cf938 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -79,7 +79,7 @@ typedef STACK * (*X509V3_EXT_I2V)(struct v3_ext_method *method, char *ext, STACK typedef char * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values); typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, char *ext); typedef char * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); -typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out); +typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out, int indent); typedef char *(*X509V3_EXT_R2I)(struct v3_ext_method *method, char *db, char *value); /* V3 extension structure */ @@ -123,8 +123,9 @@ typedef struct v3_ext_method X509V3_EXT_METHOD; typedef struct v3_ext_ctx X509V3_CTX; /* ext_flags values */ -#define X509V3_EXT_DYNAMIC 0x1 -#define X509V3_EXT_CTX_DEP 0x2 +#define X509V3_EXT_DYNAMIC 0x1 +#define X509V3_EXT_CTX_DEP 0x2 +#define X509V3_EXT_MULTILINE 0x4 typedef struct { int bitnum; @@ -173,8 +174,17 @@ union { } d; } GENERAL_NAME; +/* Strong extranet structures */ +typedef struct { + ASN1_INTEGER *version; + STACK /* SXNETID */ *ids; +} SXNET; +typedef struct { + ASN1_INTEGER *zone; + ASN1_OCTET_STRING *user; +} SXNETID; #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ ",name:", val->name, ",value:", val->value); @@ -215,6 +225,16 @@ GENERAL_NAME *GENERAL_NAME_new(void); void GENERAL_NAME_free(GENERAL_NAME *a); STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK *ret); +int i2d_SXNET(SXNET *a, unsigned char **pp); +SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length); +SXNET *SXNET_new(void); +void SXNET_free(SXNET *a); + +int i2d_SXNETID(SXNETID *a, unsigned char **pp); +SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length); +SXNETID *SXNETID_new(void); +void SXNETID_free(SXNETID *a); + int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp); AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length); AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); @@ -272,8 +292,8 @@ char *hex_to_string(unsigned char *buffer, long len); unsigned char *string_to_hex(char *str, long *len); int name_cmp(char *name, char *cmp); -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag); -int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag); +int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent); +int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); #else @@ -290,6 +310,16 @@ void GENERAL_NAME_free(); STACK *i2v_GENERAL_NAME(); GENERAL_NAME *v2i_GENERAL_NAME(); +int i2d_SXNET(); +SXNET *d2i_SXNET(); +SXNET *SXNET_new(); +void SXNET_free(); + +int i2d_SXNETID(); +SXNETID *d2i_SXNETID(); +SXNETID *SXNETID_new(); +void SXNETID_free(); + int i2d_AUTHORITY_KEYID(); AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(); AUTHORITY_KEYID *AUTHORITY_KEYID_new(); |