Add initial support for Thawte strong extranet certificate extensions and

include an 'indent' option to V3 stuff.
author: Dr. Stephen Henson <steve@openssl.org> 1999-03-27 14:06:25 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 1999-03-27 14:06:25 +0000
commit: 785cdf20482063a6b59c44825e33c1dee60217d2 (patch)
tree: 58f0d2c932ca955c34677b8cf61792748d2c0c53 /crypto/x509v3
parent: ba423addddbc43be1e3bddca727332a9bfe3cb46 (diff)
download: openssl-785cdf20482063a6b59c44825e33c1dee60217d2.tar.gz
7 files changed, 61 insertions, 20 deletions
diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl
index 6b5399cc0a..5c27afcc82 100644
--- a/crypto/x509v3/Makefile.ssl
+++ b/crypto/x509v3/Makefile.ssl
@@ -24,10 +24,10 @@ APPS=
 LIB=$(TOP)/libcrypto.a
 LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
 v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
-v3_pku.c v3_int.c v3_enum.c
+v3_pku.c v3_int.c v3_enum.c v3_sxnet.c
 LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
 v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o
+v3_int.o v3_enum.o v3_sxnet.o
 
 SRC= $(LIBSRC)
 
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index 8bee98cc18..016a6a806c 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -75,7 +75,7 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID();
 #endif
 
 X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, 0,
+NID_authority_key_identifier, X509V3_EXT_MULTILINE,
 (X509V3_EXT_NEW)AUTHORITY_KEYID_new,
 AUTHORITY_KEYID_free,
 (X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c
index 268617303f..7abac2997e 100644
--- a/crypto/x509v3/v3_lib.c
+++ b/crypto/x509v3/v3_lib.c
@@ -146,7 +146,7 @@ X509V3_EXT_METHOD *ext;
 }
 
 extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period;
+extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet;
 extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
 
 extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason;
@@ -163,6 +163,7 @@ int X509V3_add_standard_extensions()
 	X509V3_EXT_add(&v3_akey_id);
 	X509V3_EXT_add(&v3_pkey_usage_period);
 	X509V3_EXT_add(&v3_crl_num);
+	X509V3_EXT_add(&v3_sxnet);
 	X509V3_EXT_add(&v3_crl_reason);
 	return 1;
 }
diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c
index a602191c55..23a71522f6 100644
--- a/crypto/x509v3/v3_pku.c
+++ b/crypto/x509v3/v3_pku.c
@@ -63,7 +63,7 @@
 #include "x509v3.h"
 
 #ifndef NOPROTO
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out);
+static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
 /*
 static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
 */
@@ -143,11 +143,13 @@ PKEY_USAGE_PERIOD *a;
 	Free ((char *)a);
 }
 
-static int i2r_PKEY_USAGE_PERIOD(method, usage, out)
+static int i2r_PKEY_USAGE_PERIOD(method, usage, out, indent)
 X509V3_EXT_METHOD *method;
 PKEY_USAGE_PERIOD *usage;
 BIO *out;
+int indent;
 {
+	BIO_printf(out, "%*s", indent, "");
 	if(usage->notBefore) {
 		BIO_write(out, "Not Before: ", 12);
 		ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c
index f3cca7a8d6..34bc9c86a5 100644
--- a/crypto/x509v3/v3_prn.c
+++ b/crypto/x509v3/v3_prn.c
@@ -66,28 +66,34 @@
 
 /* Print out a name+value stack */
 
-void X509V3_EXT_val_prn(out, val)
+void X509V3_EXT_val_prn(out, val, indent, ml)
 BIO *out;
 STACK *val;
+int indent;
+int ml;
 {
 	int i;
 	CONF_VALUE *nval;
 	if(!val) return;
+	if(!ml) BIO_printf(out, "%*s", indent, "");
 	for(i = 0; i < sk_num(val); i++) {
-		if(i > 0) BIO_printf(out, ", ");
+		if(ml) BIO_printf(out, "%*s", indent, "");
+		else if(i > 0) BIO_printf(out, ", ");
 		nval = (CONF_VALUE *)sk_value(val, i);
 		if(!nval->name) BIO_printf(out, "%s", nval->value);
 		else if(!nval->value) BIO_printf(out, "%s", nval->name);
 		else BIO_printf(out, "%s:%s", nval->name, nval->value);
+		if(ml) BIO_puts(out, "\n");
 	}
 }
 
 /* Main routine: print out a general extension */
 
-int X509V3_EXT_print(out, ext, flag)
+int X509V3_EXT_print(out, ext, flag, indent)
 BIO *out;
 X509_EXTENSION *ext;
 int flag;
+int indent;
 {
 	char *ext_str = NULL, *p, *value = NULL;
 	X509V3_EXT_METHOD *method;	
@@ -101,15 +107,16 @@ int flag;
 			ok = 0;
 			goto err;
 		}
-		BIO_printf(out, value);
+		BIO_printf(out, "%*s%s", indent, "", value);
 	} else if(method->i2v) {
 		if(!(nval = method->i2v(method, ext_str, NULL))) {
 			ok = 0;
 			goto err;
 		}
-		X509V3_EXT_val_prn(out, nval);
+		X509V3_EXT_val_prn(out, nval, indent,
+				 method->ext_flags & X509V3_EXT_MULTILINE);
 	} else if(method->i2r) {
-		if(!method->i2r(method, ext_str, out)) ok = 0;
+		if(!method->i2r(method, ext_str, out, indent)) ok = 0;
 	} else ok = 0;
 
 	err:
@@ -119,15 +126,16 @@ int flag;
 		return ok;
 }
 
-int X509V3_EXT_print_fp(fp, ext, flag)
+int X509V3_EXT_print_fp(fp, ext, flag, indent)
 FILE *fp;
 X509_EXTENSION *ext;
 int flag;
+int indent;
 {
 	BIO *bio_tmp;
 	int ret;
 	if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
-	ret = X509V3_EXT_print(bio_tmp, ext, flag);
+	ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
 	BIO_free(bio_tmp);
 	return ret;
 }
diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c
index 3a8ce93141..36f78b25df 100644
--- a/crypto/x509v3/v3prin.c
+++ b/crypto/x509v3/v3prin.c
@@ -95,7 +95,7 @@ char **argv;
 	for(i = 0; i < count; i++) {
 		ext = X509_get_ext(cert, i);
 		printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
-		if(!X509V3_EXT_print_fp(stdout, ext, 0)) ERR_print_errors_fp(stderr);
+		if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
 		printf("\n");
 		
 	}
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 0d1b340552..89147cf938 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -79,7 +79,7 @@ typedef STACK * (*X509V3_EXT_I2V)(struct v3_ext_method *method, char *ext, STACK
 typedef char * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values);
 typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, char *ext);
 typedef char * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out);
+typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out, int indent);
 typedef char *(*X509V3_EXT_R2I)(struct v3_ext_method *method, char *db, char *value);
 
 /* V3 extension structure */
@@ -123,8 +123,9 @@ typedef struct v3_ext_method X509V3_EXT_METHOD;
 typedef struct v3_ext_ctx X509V3_CTX;
 
 /* ext_flags values */
-#define X509V3_EXT_DYNAMIC 0x1
-#define X509V3_EXT_CTX_DEP 0x2
+#define X509V3_EXT_DYNAMIC	0x1
+#define X509V3_EXT_CTX_DEP	0x2
+#define X509V3_EXT_MULTILINE	0x4
 
 typedef struct {
 int bitnum;
@@ -173,8 +174,17 @@ union {
 } d;
 } GENERAL_NAME;
 
+/* Strong extranet structures */
 
+typedef struct {
+	ASN1_INTEGER *version;
+	STACK /* SXNETID */ *ids;
+} SXNET;
 
+typedef struct {
+	ASN1_INTEGER *zone;
+	ASN1_OCTET_STRING *user;
+} SXNETID;
 
 #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
 ",name:", val->name, ",value:", val->value);
@@ -215,6 +225,16 @@ GENERAL_NAME *GENERAL_NAME_new(void);
 void GENERAL_NAME_free(GENERAL_NAME *a);
 STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK *ret);
 
+int i2d_SXNET(SXNET *a, unsigned char **pp);
+SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
+SXNET *SXNET_new(void);
+void SXNET_free(SXNET *a);
+
+int i2d_SXNETID(SXNETID *a, unsigned char **pp);
+SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
+SXNETID *SXNETID_new(void);
+void SXNETID_free(SXNETID *a);
+
 int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
 AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
 AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
@@ -272,8 +292,8 @@ char *hex_to_string(unsigned char *buffer, long len);
 unsigned char *string_to_hex(char *str, long *len);
 int name_cmp(char *name, char *cmp);
 
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag);
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 
 #else
 
@@ -290,6 +310,16 @@ void GENERAL_NAME_free();
 STACK *i2v_GENERAL_NAME();
 GENERAL_NAME *v2i_GENERAL_NAME();
 
+int i2d_SXNET();
+SXNET *d2i_SXNET();
+SXNET *SXNET_new();
+void SXNET_free();
+
+int i2d_SXNETID();
+SXNETID *d2i_SXNETID();
+SXNETID *SXNETID_new();
+void SXNETID_free();
+
 int i2d_AUTHORITY_KEYID();
 AUTHORITY_KEYID *d2i_AUTHORITY_KEYID();
 AUTHORITY_KEYID *AUTHORITY_KEYID_new();
author	Dr. Stephen Henson <steve@openssl.org>	1999-03-27 14:06:25 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	1999-03-27 14:06:25 +0000
commit	785cdf20482063a6b59c44825e33c1dee60217d2 (patch)
tree	58f0d2c932ca955c34677b8cf61792748d2c0c53 /crypto/x509v3
parent	ba423addddbc43be1e3bddca727332a9bfe3cb46 (diff)
download	openssl-785cdf20482063a6b59c44825e33c1dee60217d2.tar.gz