generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adds s2i function for ct_precert_poison X509 extension

Browse Source 
Allows CONF files for certificate requests to specify that a pre-
certificate should be created (see RFC6962).

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
This commit is contained in:
Rob Percival 2016-03-21 15:29:52 +00:00 committed by Rich Salz
parent 55327ddfc1
commit 367071f121
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/ct/ct_x509v3.c
View File

@ -67,6 +67,11 @@ static char *i2s_poison(const X509V3_EXT_METHOD *method, void *val)
return OPENSSL_strdup("NULL");
}
static void *s2i_poison(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str)
{
return ASN1_NULL_new();
}
static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
BIO *out, int indent)
{
@ -88,7 +93,7 @@ const X509V3_EXT_METHOD v3_ct_scts[] = {
/* X509v3 extension to mark a certificate as a pre-certificate */
{ NID_ct_precert_poison, 0, ASN1_ITEM_ref(ASN1_NULL),
NULL, NULL, NULL, NULL,
i2s_poison, NULL,
i2s_poison, s2i_poison,
NULL, NULL,
NULL, NULL,
NULL },