Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the
documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.
This commit is contained in:
Dr. Stephen Henson
parent
0c5a65639d
commit
66ab08b1cf
@ -368,3 +368,5 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
|
||||
return(OBJ_dup(&o));
|
||||
}
|
||||
|
||||
IMPLEMENT_STACK_OF(ASN1_OBJECT)
|
||||
IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
|
||||
|
||||
@ -497,6 +497,9 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
|
||||
ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
|
||||
long length);
|
||||
|
||||
DECLARE_STACK_OF(ASN1_OBJECT)
|
||||
DECLARE_ASN1_SET_OF(ASN1_OBJECT)
|
||||
|
||||
ASN1_STRING * ASN1_STRING_new(void );
|
||||
void ASN1_STRING_free(ASN1_STRING *a);
|
||||
ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
|
||||
|
||||
@ -71,9 +71,9 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
|
||||
X509V3_EXT_METHOD v3_akey_id = {
|
||||
NID_authority_key_identifier, X509V3_EXT_MULTILINE,
|
||||
(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
|
||||
AUTHORITY_KEYID_free,
|
||||
(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
|
||||
(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
|
||||
i2d_AUTHORITY_KEYID,
|
||||
(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
|
||||
(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
|
||||
|
||||
@ -61,25 +61,25 @@
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
|
||||
static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
|
||||
static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
|
||||
static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
|
||||
static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
|
||||
static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
|
||||
X509V3_EXT_METHOD v3_alt[] = {
|
||||
{ NID_subject_alt_name, 0,
|
||||
(X509V3_EXT_NEW)GENERAL_NAMES_new,
|
||||
GENERAL_NAMES_free,
|
||||
(X509V3_EXT_FREE)GENERAL_NAMES_free,
|
||||
(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
|
||||
i2d_GENERAL_NAMES,
|
||||
(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
|
||||
(X509V3_EXT_V2I)v2i_subject_alt,
|
||||
NULL, NULL, NULL},
|
||||
{ NID_issuer_alt_name, 0,
|
||||
(X509V3_EXT_NEW)GENERAL_NAMES_new,
|
||||
GENERAL_NAMES_free,
|
||||
(X509V3_EXT_FREE)GENERAL_NAMES_free,
|
||||
(X509V3_EXT_D2I)d2i_GENERAL_NAMES,
|
||||
i2d_GENERAL_NAMES,
|
||||
(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_GENERAL_NAMES,
|
||||
(X509V3_EXT_V2I)v2i_issuer_alt,
|
||||
@ -156,7 +156,7 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
|
||||
}
|
||||
|
||||
static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK *nval)
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
|
||||
{
|
||||
STACK_OF(GENERAL_NAME) *gens = NULL;
|
||||
CONF_VALUE *cnf;
|
||||
@ -165,8 +165,8 @@ static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
|
||||
X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
for(i = 0; i < sk_num(nval); i++) {
|
||||
cnf = (CONF_VALUE *)sk_value(nval, i);
|
||||
for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||
cnf = sk_CONF_VALUE_value(nval, i);
|
||||
if(!name_cmp(cnf->name, "issuer") && cnf->value &&
|
||||
!strcmp(cnf->value, "copy")) {
|
||||
if(!copy_issuer(ctx, gens)) goto err;
|
||||
@ -221,7 +221,7 @@ static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
|
||||
}
|
||||
|
||||
static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK *nval)
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
|
||||
{
|
||||
STACK_OF(GENERAL_NAME) *gens = NULL;
|
||||
CONF_VALUE *cnf;
|
||||
@ -230,8 +230,8 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
|
||||
X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
for(i = 0; i < sk_num(nval); i++) {
|
||||
cnf = (CONF_VALUE *)sk_value(nval, i);
|
||||
for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||
cnf = sk_CONF_VALUE_value(nval, i);
|
||||
if(!name_cmp(cnf->name, "email") && cnf->value &&
|
||||
!strcmp(cnf->value, "copy")) {
|
||||
if(!copy_email(ctx, gens)) goto err;
|
||||
|
||||
@ -70,9 +70,9 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V
|
||||
X509V3_EXT_METHOD v3_bcons = {
|
||||
NID_basic_constraints, 0,
|
||||
(X509V3_EXT_NEW)BASIC_CONSTRAINTS_new,
|
||||
BASIC_CONSTRAINTS_free,
|
||||
(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free,
|
||||
(X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS,
|
||||
i2d_BASIC_CONSTRAINTS,
|
||||
(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
|
||||
(X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
|
||||
|
||||
@ -78,9 +78,9 @@ static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos);
|
||||
X509V3_EXT_METHOD v3_cpols = {
|
||||
NID_certificate_policies, 0,
|
||||
(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
|
||||
CERTIFICATEPOLICIES_free,
|
||||
(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free,
|
||||
(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
|
||||
i2d_CERTIFICATEPOLICIES,
|
||||
(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES,
|
||||
NULL, NULL,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2R)i2r_certpol,
|
||||
|
||||
@ -71,9 +71,9 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
|
||||
X509V3_EXT_METHOD v3_crld = {
|
||||
NID_crl_distribution_points, X509V3_EXT_MULTILINE,
|
||||
(X509V3_EXT_NEW)CRL_DIST_POINTS_new,
|
||||
CRL_DIST_POINTS_free,
|
||||
(X509V3_EXT_FREE)CRL_DIST_POINTS_free,
|
||||
(X509V3_EXT_D2I)d2i_CRL_DIST_POINTS,
|
||||
i2d_CRL_DIST_POINTS,
|
||||
(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_crld,
|
||||
(X509V3_EXT_V2I)v2i_crld,
|
||||
|
||||
@ -76,12 +76,13 @@ static ENUMERATED_NAMES crl_reasons[] = {
|
||||
|
||||
X509V3_EXT_METHOD v3_crl_reason = {
|
||||
NID_crl_reason, 0,
|
||||
(X509V3_EXT_NEW)asn1_enumerated_new, ASN1_STRING_free,
|
||||
(X509V3_EXT_NEW)asn1_enumerated_new,
|
||||
(X509V3_EXT_FREE)ASN1_STRING_free,
|
||||
(X509V3_EXT_D2I)d2i_ASN1_ENUMERATED,
|
||||
i2d_ASN1_ENUMERATED,
|
||||
(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED,
|
||||
(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
|
||||
(X509V3_EXT_S2I)NULL,
|
||||
NULL, NULL, NULL, NULL, (char *)crl_reasons};
|
||||
NULL, NULL, NULL, NULL, crl_reasons};
|
||||
|
||||
|
||||
static ASN1_ENUMERATED *asn1_enumerated_new(void)
|
||||
|
||||
@ -63,16 +63,16 @@
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
STACK_OF(CONF_VALUE) *nval);
|
||||
static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
|
||||
static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
|
||||
STACK *eku, STACK_OF(CONF_VALUE) *extlist);
|
||||
STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
|
||||
X509V3_EXT_METHOD v3_ext_ku = {
|
||||
NID_ext_key_usage, 0,
|
||||
(X509V3_EXT_NEW)ext_ku_new,
|
||||
ext_ku_free,
|
||||
(X509V3_EXT_FREE)ext_ku_free,
|
||||
(X509V3_EXT_D2I)d2i_ext_ku,
|
||||
i2d_ext_ku,
|
||||
(X509V3_EXT_I2D)i2d_ext_ku,
|
||||
NULL, NULL,
|
||||
(X509V3_EXT_I2V)i2v_ext_ku,
|
||||
(X509V3_EXT_V2I)v2i_ext_ku,
|
||||
@ -80,55 +80,56 @@ NULL,NULL,
|
||||
NULL
|
||||
};
|
||||
|
||||
STACK *ext_ku_new(void)
|
||||
STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
|
||||
{
|
||||
return sk_new_null();
|
||||
return sk_ASN1_OBJECT_new_null();
|
||||
}
|
||||
|
||||
void ext_ku_free(STACK *eku)
|
||||
void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
|
||||
{
|
||||
sk_pop_free(eku, ASN1_OBJECT_free);
|
||||
sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
|
||||
return;
|
||||
}
|
||||
|
||||
int i2d_ext_ku(STACK *a, unsigned char **pp)
|
||||
int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
|
||||
{
|
||||
return i2d_ASN1_SET(a, pp, i2d_ASN1_OBJECT, V_ASN1_SEQUENCE,
|
||||
V_ASN1_UNIVERSAL, IS_SEQUENCE);
|
||||
return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
|
||||
V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
|
||||
}
|
||||
|
||||
STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length)
|
||||
STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
|
||||
unsigned char **pp, long length)
|
||||
{
|
||||
return d2i_ASN1_SET(a, pp, length, (char *(*)())(d2i_ASN1_OBJECT),
|
||||
return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
|
||||
ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
|
||||
}
|
||||
|
||||
|
||||
|
||||
static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, STACK *eku,
|
||||
STACK_OF(CONF_VALUE) *ext_list)
|
||||
static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
|
||||
STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
|
||||
{
|
||||
int i;
|
||||
ASN1_OBJECT *obj;
|
||||
char obj_tmp[80];
|
||||
for(i = 0; i < sk_num(eku); i++) {
|
||||
obj = (ASN1_OBJECT *)sk_value(eku, i);
|
||||
for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
|
||||
obj = sk_ASN1_OBJECT_value(eku, i);
|
||||
i2t_ASN1_OBJECT(obj_tmp, 80, obj);
|
||||
X509V3_add_value(NULL, obj_tmp, &ext_list);
|
||||
}
|
||||
return ext_list;
|
||||
}
|
||||
|
||||
static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
STACK_OF(CONF_VALUE) *nval)
|
||||
static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
|
||||
{
|
||||
STACK *extku;
|
||||
STACK_OF(ASN1_OBJECT) *extku;
|
||||
char *extval;
|
||||
ASN1_OBJECT *objtmp;
|
||||
CONF_VALUE *val;
|
||||
int i;
|
||||
|
||||
if(!(extku = sk_new(NULL))) {
|
||||
if(!(extku = sk_ASN1_OBJECT_new(NULL))) {
|
||||
X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
@ -138,12 +139,12 @@ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||
if(val->value) extval = val->value;
|
||||
else extval = val->name;
|
||||
if(!(objtmp = OBJ_txt2obj(extval, 0))) {
|
||||
sk_pop_free(extku, ASN1_OBJECT_free);
|
||||
sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
|
||||
X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
|
||||
X509V3_conf_err(val);
|
||||
return NULL;
|
||||
}
|
||||
sk_push(extku, (char *)objtmp);
|
||||
sk_ASN1_OBJECT_push(extku, objtmp);
|
||||
}
|
||||
return extku;
|
||||
}
|
||||
|
||||
@ -64,9 +64,10 @@ static ASN1_INTEGER *asn1_integer_new(void);
|
||||
|
||||
X509V3_EXT_METHOD v3_crl_num = {
|
||||
NID_crl_number, 0,
|
||||
(X509V3_EXT_NEW)asn1_integer_new, ASN1_STRING_free,
|
||||
(X509V3_EXT_NEW)asn1_integer_new,
|
||||
(X509V3_EXT_FREE)ASN1_STRING_free,
|
||||
(X509V3_EXT_D2I)d2i_ASN1_INTEGER,
|
||||
i2d_ASN1_INTEGER,
|
||||
(X509V3_EXT_I2D)i2d_ASN1_INTEGER,
|
||||
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
|
||||
(X509V3_EXT_S2I)NULL,
|
||||
NULL, NULL, NULL, NULL, NULL};
|
||||
|
||||
@ -64,14 +64,14 @@
|
||||
|
||||
static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
|
||||
/*
|
||||
static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
|
||||
static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
|
||||
*/
|
||||
X509V3_EXT_METHOD v3_pkey_usage_period = {
|
||||
NID_private_key_usage_period, 0,
|
||||
(X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new,
|
||||
PKEY_USAGE_PERIOD_free,
|
||||
(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free,
|
||||
(X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD,
|
||||
i2d_PKEY_USAGE_PERIOD,
|
||||
(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD,
|
||||
NULL, NULL, NULL, NULL,
|
||||
(X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
|
||||
NULL
|
||||
@ -144,7 +144,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
|
||||
static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
|
||||
X509V3_EXT_METHOD *method;
|
||||
X509V3_CTX *ctx;
|
||||
STACK *values;
|
||||
STACK_OF(CONF_VALUE) *values;
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -65,9 +65,10 @@ static ASN1_OCTET_STRING *octet_string_new(void);
|
||||
static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
|
||||
X509V3_EXT_METHOD v3_skey_id = {
|
||||
NID_subject_key_identifier, 0,
|
||||
(X509V3_EXT_NEW)octet_string_new, ASN1_STRING_free,
|
||||
(X509V3_EXT_NEW)octet_string_new,
|
||||
(X509V3_EXT_FREE)ASN1_STRING_free,
|
||||
(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING,
|
||||
i2d_ASN1_OCTET_STRING,
|
||||
(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING,
|
||||
(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
|
||||
(X509V3_EXT_S2I)s2i_skey_id,
|
||||
NULL, NULL, NULL, NULL, NULL};
|
||||
|
||||
@ -69,14 +69,15 @@
|
||||
|
||||
static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
|
||||
#ifdef SXNET_TEST
|
||||
static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
|
||||
static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
STACK_OF(CONF_VALUE) *nval);
|
||||
#endif
|
||||
X509V3_EXT_METHOD v3_sxnet = {
|
||||
NID_sxnet, X509V3_EXT_MULTILINE,
|
||||
(X509V3_EXT_NEW)SXNET_new,
|
||||
SXNET_free,
|
||||
(X509V3_EXT_FREE)SXNET_free,
|
||||
(X509V3_EXT_D2I)d2i_SXNET,
|
||||
i2d_SXNET,
|
||||
(X509V3_EXT_I2D)i2d_SXNET,
|
||||
NULL, NULL,
|
||||
NULL,
|
||||
#ifdef SXNET_TEST
|
||||
@ -206,13 +207,13 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
|
||||
|
||||
|
||||
static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
STACK *nval)
|
||||
STACK_OF(CONF_VALUE) *nval)
|
||||
{
|
||||
CONF_VALUE *cnf;
|
||||
SXNET *sx = NULL;
|
||||
int i;
|
||||
for(i = 0; i < sk_num(nval); i++) {
|
||||
cnf = (CONF_VALUE *)sk_value(nval, i);
|
||||
for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
|
||||
cnf = sk_CONF_VALUE_value(nval, i);
|
||||
if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -96,7 +96,7 @@ int X509V3_add_value_uchar(const char *name, const unsigned char *value,
|
||||
return X509V3_add_value(name,(const char *)value,extlist);
|
||||
}
|
||||
|
||||
/* Free function for STACK of CONF_VALUE */
|
||||
/* Free function for STACK_OF(CONF_VALUE) */
|
||||
|
||||
void X509V3_conf_free(CONF_VALUE *conf)
|
||||
{
|
||||
|
||||
@ -72,10 +72,10 @@ struct v3_ext_ctx;
|
||||
|
||||
/* Useful typedefs */
|
||||
|
||||
typedef void * (*X509V3_EXT_NEW)();
|
||||
typedef void (*X509V3_EXT_FREE)();
|
||||
typedef char * (*X509V3_EXT_D2I)();
|
||||
typedef int (*X509V3_EXT_I2D)();
|
||||
typedef void * (*X509V3_EXT_NEW)(void);
|
||||
typedef void (*X509V3_EXT_FREE)(void *);
|
||||
typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
|
||||
typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
|
||||
typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
|
||||
typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
|
||||
typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
|
||||
@ -255,9 +255,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
|
||||
#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
|
||||
|
||||
#define EXT_BITSTRING(nid, table) { nid, 0, \
|
||||
(X509V3_EXT_NEW)asn1_bit_string_new, ASN1_STRING_free, \
|
||||
(X509V3_EXT_NEW)asn1_bit_string_new, \
|
||||
(X509V3_EXT_FREE)ASN1_STRING_free, \
|
||||
(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
|
||||
i2d_ASN1_BIT_STRING, \
|
||||
(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
|
||||
NULL, NULL, \
|
||||
(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
|
||||
(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
|
||||
@ -265,9 +266,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
|
||||
(char *)table}
|
||||
|
||||
#define EXT_IA5STRING(nid) { nid, 0, \
|
||||
(X509V3_EXT_NEW)ia5string_new, ASN1_STRING_free, \
|
||||
(X509V3_EXT_NEW)ia5string_new, \
|
||||
(X509V3_EXT_FREE)ASN1_STRING_free, \
|
||||
(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
|
||||
i2d_ASN1_IA5STRING, \
|
||||
(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
|
||||
(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
|
||||
(X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
|
||||
NULL, NULL, NULL, NULL, \
|
||||
@ -329,10 +331,11 @@ STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
|
||||
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
|
||||
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
|
||||
|
||||
int i2d_ext_ku(STACK *a, unsigned char **pp);
|
||||
STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length);
|
||||
void ext_ku_free(STACK *a);
|
||||
STACK *ext_ku_new(void);
|
||||
int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
|
||||
STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
|
||||
unsigned char **pp, long length);
|
||||
void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
|
||||
STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
|
||||
|
||||
int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
|
||||
STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
|
||||
|
||||
@ -581,11 +581,11 @@ void X509V3_string_free(X509V3_CTX *ctx, char *str);
|
||||
|
||||
This function frees up the string returned by the above function.
|
||||
|
||||
STACK * X509V3_get_section(X509V3_CTX *ctx, char *section);
|
||||
STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
|
||||
|
||||
This function returns a whole section as a STACK of CONF_VALUE structures.
|
||||
This function returns a whole section as a STACK_OF(CONF_VALUE) .
|
||||
|
||||
void X509V3_section_free( X509V3_CTX *ctx, STACK *section);
|
||||
void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
|
||||
|
||||
This function frees up the STACK returned by the above function.
|
||||
|
||||
@ -595,9 +595,9 @@ be set to an X509V3_CTX_METHOD structure. This structure contains the following
|
||||
function pointers:
|
||||
|
||||
char * (*get_string)(void *db, char *section, char *value);
|
||||
STACK * (*get_section)(void *db, char *section);
|
||||
STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
|
||||
void (*free_string)(void *db, char * string);
|
||||
void (*free_section)(void *db, STACK *section);
|
||||
void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
|
||||
|
||||
these will be called and passed the 'db' element in the X509V3_CTX structure
|
||||
to access the database. If a given function is not implemented or not required
|
||||
@ -646,24 +646,28 @@ int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
|
||||
|
||||
This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
|
||||
|
||||
int X509V3_add_value(const char *name, const char *value, STACK **extlist);
|
||||
int X509V3_add_value(const char *name, const char *value,
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
|
||||
This simply adds a string name and value pair.
|
||||
|
||||
int X509V3_add_value_uchar(const char *name, const unsigned char *value,
|
||||
STACK **extlist);
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
|
||||
The same as above but for an unsigned character value.
|
||||
|
||||
int X509V3_add_value_bool(const char *name, int asn1_bool, STACK **extlist);
|
||||
int X509V3_add_value_bool(const char *name, int asn1_bool,
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
|
||||
This adds either "TRUE" or "FALSE" depending on the value of 'ans1_bool'
|
||||
|
||||
int X509V3_add_value_bool_nf(char *name, int asn1_bool, STACK **extlist);
|
||||
int X509V3_add_value_bool_nf(char *name, int asn1_bool,
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
|
||||
This is the same as above except it adds nothing if asn1_bool is FALSE.
|
||||
|
||||
int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, STACK **extlist);
|
||||
int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
|
||||
This function adds the value of the ASN1_INTEGER in decimal form.
|
||||
|
||||
@ -678,8 +682,8 @@ Currently there are three types of supported extensions.
|
||||
String extensions are simple strings where the value is placed directly in the
|
||||
extensions, and the string returned is printed out.
|
||||
|
||||
Multi value extensions are passed a STACK of name and value pairs or return
|
||||
such a STACK.
|
||||
Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
|
||||
or return a STACK_OF(CONF_VALUE).
|
||||
|
||||
Raw extensions are just passed a BIO or a value and it is the extensions
|
||||
responsiblity to handle all the necessary printing.
|
||||
@ -776,7 +780,7 @@ This function takes the string representation in the ext parameter and returns
|
||||
an allocated internal structure: ext_free() will be used on this internal
|
||||
structure after use.
|
||||
|
||||
i2v and v2i handle a stack of CONF_VALUE structures:
|
||||
i2v and v2i handle a STACK_OF(CONF_VALUE):
|
||||
|
||||
typedef struct
|
||||
{
|
||||
@ -787,16 +791,17 @@ typedef struct
|
||||
|
||||
Only the name and value members are currently used.
|
||||
|
||||
STACK * i2v(struct v3_ext_method *method, void *ext);
|
||||
STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
|
||||
|
||||
This function is passed the internal structure in the ext parameter and
|
||||
returns a STACK of CONF_VALUE structures. The values of name, value,
|
||||
section and the structure itself will be freed up with Free after use.
|
||||
Several helper functions are available to add values to this STACK.
|
||||
|
||||
void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values);
|
||||
void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
|
||||
STACK_OF(CONF_VALUE) *values);
|
||||
|
||||
This function takes a STACK of CONF_VALUE structures and should set the
|
||||
This function takes a STACK_OF(CONF_VALUE) structures and should set the
|
||||
values of the external structure. This typically uses the name element to
|
||||
determine which structure element to set and the value element to determine
|
||||
what to set it to. Several helper functions are available for this
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user