Add ASN1 code for netscape certificate sequences.

CHANGES

@@ -5,6 +5,9 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Add ASN1 and PEM code to support netscape certificate sequences.
+     [Steve Henson]
+
   *) Add several PKIX and private extended key usage OIDs.
      [Steve Henson]
 

crypto/asn1/Makefile.ssl

@@ -26,7 +26,7 @@ LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
 	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
 	a_sign.c a_digest.c a_verify.c \
 	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
-	x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \
+	x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c nsseq.c \
 	d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
 	d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
 	d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
@@ -41,7 +41,7 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
 	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
 	a_sign.o a_digest.o a_verify.o \
 	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
-	x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \
+	x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o nsseq.o \
 	d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
 	d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
 	d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \

crypto/asn1/asn1.err

@@ -46,6 +46,7 @@
 #define ASN1_F_D2I_DSAPARAMS				 137
 #define ASN1_F_D2I_DSAPRIVATEKEY			 138
 #define ASN1_F_D2I_DSAPUBLICKEY				 139
+#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE		 228
 #define ASN1_F_D2I_NETSCAPE_PKEY			 140
 #define ASN1_F_D2I_NETSCAPE_RSA				 141
 #define ASN1_F_D2I_NETSCAPE_RSA_2			 142
@@ -96,6 +97,7 @@
 #define ASN1_F_I2D_RSAPUBLICKEY				 186
 #define ASN1_F_I2D_X509_ATTRIBUTE			 187
 #define ASN1_F_I2T_ASN1_OBJECT				 188
+#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW		 229
 #define ASN1_F_NETSCAPE_PKEY_NEW			 189
 #define ASN1_F_NETSCAPE_SPKAC_NEW			 190
 #define ASN1_F_NETSCAPE_SPKI_NEW			 191

crypto/asn1/asn1.h

@@ -700,6 +700,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
 #define ASN1_F_D2I_DSAPARAMS				 137
 #define ASN1_F_D2I_DSAPRIVATEKEY			 138
 #define ASN1_F_D2I_DSAPUBLICKEY				 139
+#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE		 228
 #define ASN1_F_D2I_NETSCAPE_PKEY			 140
 #define ASN1_F_D2I_NETSCAPE_RSA				 141
 #define ASN1_F_D2I_NETSCAPE_RSA_2			 142
@@ -750,6 +751,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
 #define ASN1_F_I2D_RSAPUBLICKEY				 186
 #define ASN1_F_I2D_X509_ATTRIBUTE			 187
 #define ASN1_F_I2T_ASN1_OBJECT				 188
+#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW		 229
 #define ASN1_F_NETSCAPE_PKEY_NEW			 189
 #define ASN1_F_NETSCAPE_SPKAC_NEW			 190
 #define ASN1_F_NETSCAPE_SPKI_NEW			 191

crypto/asn1/asn1_err.c

@@ -108,6 +108,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0),	"D2I_DSAPARAMS"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0),	"D2I_DSAPRIVATEKEY"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0),	"D2I_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0),	"D2I_NETSCAPE_CERT_SEQUENCE"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0),	"D2I_NETSCAPE_PKEY"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0),	"D2I_NETSCAPE_RSA"},
 {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0),	"D2I_NETSCAPE_RSA_2"},
@@ -158,6 +159,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0),	"I2D_RSAPUBLICKEY"},
 {ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0),	"I2D_X509_ATTRIBUTE"},
 {ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0),	"i2t_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0),	"NETSCAPE_CERT_SEQUENCE_NEW"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0),	"NETSCAPE_PKEY_NEW"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0),	"NETSCAPE_SPKAC_NEW"},
 {ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0),	"NETSCAPE_SPKI_NEW"},

crypto/pem/Makefile.ssl

@@ -40,7 +40,7 @@ top:
 
 all:	pem.h lib
 
-pem.h: $(CTX_SIZE)
+pem.h: $(CTX_SIZE) pem.org
 	./$(CTX_SIZE) <pem.org >pem.new
 	if [ -f pem.h ]; then mv -f pem.h pem.old; fi
 	mv -f pem.new pem.h

crypto/pem/pem.org

@@ -251,6 +251,11 @@ typedef struct pem_ctx_st
 		PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
 			(char *)x,NULL,NULL,0,NULL)
 
+#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
+                PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
+			PEM_STRING_X509,fp, \
+                        (char *)x, NULL,NULL,0,NULL)
+
 #define	PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
 	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
 #define	PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
@@ -272,6 +277,11 @@ typedef struct pem_ctx_st
 #define	PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
 	(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
 
+#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb) \
+		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
+        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
+							(char **)x,cb)
+
 #define PEM_write_bio_SSL_SESSION(bp,x) \
 		PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
 			PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
@@ -308,6 +318,11 @@ typedef struct pem_ctx_st
 		PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
 			PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
 
+#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
+                PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
+			PEM_STRING_X509,bp, \
+                        (char *)x, NULL,NULL,0,NULL)
+
 #define	PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
 	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
 #define	PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
@@ -332,6 +347,11 @@ typedef struct pem_ctx_st
 #define	PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
 	(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
 
+#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb) \
+		(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
+        (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
+							(char **)x,cb)
+
 #endif
 
 #ifndef NOPROTO
@@ -395,6 +415,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
 PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
 DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
 DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)());
 int PEM_write_X509(FILE *fp,X509 *x);
 int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
 int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
@@ -408,6 +429,7 @@ int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
 int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
 int PEM_write_DHparams(FILE *fp,DH *x);
 int PEM_write_DSAparams(FILE *fp,DSA *x);
+int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE *x);
 #endif
 
 #ifdef HEADER_BIO_H
@@ -420,6 +442,7 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
 EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
 PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
 DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)());
 DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
 int PEM_write_bio_X509(BIO *bp,X509 *x);
 int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
@@ -434,6 +457,7 @@ int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
 int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
 int PEM_write_bio_DHparams(BIO *bp,DH *x);
 int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE *x);
 #endif
 
 #endif /* SSLEAY_MACROS */

crypto/pem/pem_all.c

@@ -486,3 +486,45 @@ DSA *x;
 	}
 #endif
 
+/* The Netscape Certificate sequence functions */
+
+#ifndef NO_FP_API
+NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb)
+FILE *fp;
+NETSCAPE_CERT_SEQUENCE **x;
+int (*cb)();
+	{
+	return((NETSCAPE_CERT_SEQUENCE *)
+		PEM_ASN1_read((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,
+		PEM_STRING_X509,fp,(char **)x,cb));
+	}
+#endif
+
+NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb)
+BIO *bp;
+NETSCAPE_CERT_SEQUENCE **x;
+int (*cb)();
+	{
+	return((NETSCAPE_CERT_SEQUENCE *)
+		PEM_ASN1_read_bio((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,
+		PEM_STRING_X509,bp,(char **)x,cb));
+	}
+
+#ifndef NO_FP_API
+int PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x)
+FILE *fp;
+NETSCAPE_CERT_SEQUENCE *x;
+	{
+	return(PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE,
+		PEM_STRING_X509,fp, (char *)x, NULL,NULL,0,NULL));
+	}
+#endif
+
+int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x)
+BIO *bp;
+NETSCAPE_CERT_SEQUENCE *x;
+	{
+	return(PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE,
+		PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL));
+	}
+

crypto/x509/x509.h

@@ -320,6 +320,13 @@ typedef struct Netscape_spki_st
 	ASN1_BIT_STRING *signature;
 	} NETSCAPE_SPKI;
 
+/* Netscape certificate sequence structure */
+typedef struct Netscape_certificate_sequence
+	{
+	ASN1_OBJECT *type;
+	STACK /* X509 */ *certs;
+	} NETSCAPE_CERT_SEQUENCE;
+
 #ifndef HEADER_BN_H
 #define BIGNUM 		char
 #endif
@@ -670,6 +677,12 @@ int		i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
 NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
 		long length);
 
+
+int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
+NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
+NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
+void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
+
 #ifdef HEADER_ENVELOPE_H
 X509_INFO *	X509_INFO_new(void);
 void		X509_INFO_free(X509_INFO *a);
@@ -985,6 +998,11 @@ void		NETSCAPE_SPKAC_free();
 int		i2d_NETSCAPE_SPKAC();
 NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC();
 
+int i2d_NETSCAPE_CERT_SEQUENCE();
+NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new();
+NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE();
+void NETSCAPE_CERT_SEQUENCE_free();
+
 #ifdef HEADER_ENVELOPE_H
 X509_INFO *	X509_INFO_new();
 void		X509_INFO_free();