From 92c046cac0d64ecd8d53126af3e52db5a6de83cf Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 28 Jan 1999 00:16:44 +0000 Subject: [PATCH] Add ASN1 code for netscape certificate sequences. --- CHANGES | 3 +++ crypto/asn1/Makefile.ssl | 4 ++-- crypto/asn1/asn1.err | 2 ++ crypto/asn1/asn1.h | 2 ++ crypto/asn1/asn1_err.c | 2 ++ crypto/pem/Makefile.ssl | 2 +- crypto/pem/pem.org | 24 +++++++++++++++++++++++ crypto/pem/pem_all.c | 42 ++++++++++++++++++++++++++++++++++++++++ crypto/x509/x509.h | 18 +++++++++++++++++ 9 files changed, 96 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index f13c8ad0e..40e3b9d01 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,9 @@ Changes between 0.9.1c and 0.9.2 + *) Add ASN1 and PEM code to support netscape certificate sequences. + [Steve Henson] + *) Add several PKIX and private extended key usage OIDs. [Steve Henson] diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index c6c568a7f..b8ae390a2 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -26,7 +26,7 @@ LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \ a_sign.c a_digest.c a_verify.c \ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \ - x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \ + x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c nsseq.c \ d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \ d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \ d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ @@ -41,7 +41,7 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \ a_sign.o a_digest.o a_verify.o \ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \ - x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \ + x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o nsseq.o \ d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \ d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \ d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err index 4bd71a15f..1533d0ccd 100644 --- a/crypto/asn1/asn1.err +++ b/crypto/asn1/asn1.err @@ -46,6 +46,7 @@ #define ASN1_F_D2I_DSAPARAMS 137 #define ASN1_F_D2I_DSAPRIVATEKEY 138 #define ASN1_F_D2I_DSAPUBLICKEY 139 +#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228 #define ASN1_F_D2I_NETSCAPE_PKEY 140 #define ASN1_F_D2I_NETSCAPE_RSA 141 #define ASN1_F_D2I_NETSCAPE_RSA_2 142 @@ -96,6 +97,7 @@ #define ASN1_F_I2D_RSAPUBLICKEY 186 #define ASN1_F_I2D_X509_ATTRIBUTE 187 #define ASN1_F_I2T_ASN1_OBJECT 188 +#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229 #define ASN1_F_NETSCAPE_PKEY_NEW 189 #define ASN1_F_NETSCAPE_SPKAC_NEW 190 #define ASN1_F_NETSCAPE_SPKI_NEW 191 diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index c3cd6273f..16df6fadf 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -700,6 +700,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(); #define ASN1_F_D2I_DSAPARAMS 137 #define ASN1_F_D2I_DSAPRIVATEKEY 138 #define ASN1_F_D2I_DSAPUBLICKEY 139 +#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228 #define ASN1_F_D2I_NETSCAPE_PKEY 140 #define ASN1_F_D2I_NETSCAPE_RSA 141 #define ASN1_F_D2I_NETSCAPE_RSA_2 142 @@ -750,6 +751,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(); #define ASN1_F_I2D_RSAPUBLICKEY 186 #define ASN1_F_I2D_X509_ATTRIBUTE 187 #define ASN1_F_I2T_ASN1_OBJECT 188 +#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229 #define ASN1_F_NETSCAPE_PKEY_NEW 189 #define ASN1_F_NETSCAPE_SPKAC_NEW 190 #define ASN1_F_NETSCAPE_SPKI_NEW 191 diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 061ee319b..fa7265748 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -108,6 +108,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "D2I_DSAPARAMS"}, {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "D2I_DSAPRIVATEKEY"}, {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "D2I_DSAPUBLICKEY"}, +{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "D2I_NETSCAPE_CERT_SEQUENCE"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "D2I_NETSCAPE_RSA"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"}, @@ -158,6 +159,7 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "I2D_RSAPUBLICKEY"}, {ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "I2D_X509_ATTRIBUTE"}, {ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"}, +{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_NEW"}, {ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"}, {ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"}, {ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"}, diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl index dac839cce..42787f133 100644 --- a/crypto/pem/Makefile.ssl +++ b/crypto/pem/Makefile.ssl @@ -40,7 +40,7 @@ top: all: pem.h lib -pem.h: $(CTX_SIZE) +pem.h: $(CTX_SIZE) pem.org ./$(CTX_SIZE) pem.new if [ -f pem.h ]; then mv -f pem.h pem.old; fi mv -f pem.new pem.h diff --git a/crypto/pem/pem.org b/crypto/pem/pem.org index 38952509d..37d19021e 100644 --- a/crypto/pem/pem.org +++ b/crypto/pem/pem.org @@ -251,6 +251,11 @@ typedef struct pem_ctx_st PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\ (char *)x,NULL,NULL,0,NULL) +#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \ + PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ + PEM_STRING_X509,fp, \ + (char *)x, NULL,NULL,0,NULL) + #define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb) #define PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \ @@ -272,6 +277,11 @@ typedef struct pem_ctx_st #define PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb) +#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb) \ + (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \ + (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ + (char **)x,cb) + #define PEM_write_bio_SSL_SESSION(bp,x) \ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL) @@ -308,6 +318,11 @@ typedef struct pem_ctx_st PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \ PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL) +#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \ + PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ + PEM_STRING_X509,bp, \ + (char *)x, NULL,NULL,0,NULL) + #define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb) #define PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \ @@ -332,6 +347,11 @@ typedef struct pem_ctx_st #define PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \ (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb) +#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb) \ + (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \ + (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\ + (char **)x,cb) + #endif #ifndef NOPROTO @@ -395,6 +415,7 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)()); PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)()); DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)()); DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)()); +NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)()); int PEM_write_X509(FILE *fp,X509 *x); int PEM_write_X509_REQ(FILE *fp,X509_REQ *x); int PEM_write_X509_CRL(FILE *fp,X509_CRL *x); @@ -408,6 +429,7 @@ int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc, int PEM_write_PKCS7(FILE *fp,PKCS7 *x); int PEM_write_DHparams(FILE *fp,DH *x); int PEM_write_DSAparams(FILE *fp,DSA *x); +int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp,NETSCAPE_CERT_SEQUENCE *x); #endif #ifdef HEADER_BIO_H @@ -420,6 +442,7 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)()); EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)()); PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)()); DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)()); +NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE **x,int (*cb)()); DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)()); int PEM_write_bio_X509(BIO *bp,X509 *x); int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x); @@ -434,6 +457,7 @@ int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc, int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x); int PEM_write_bio_DHparams(BIO *bp,DH *x); int PEM_write_bio_DSAparams(BIO *bp,DSA *x); +int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,NETSCAPE_CERT_SEQUENCE *x); #endif #endif /* SSLEAY_MACROS */ diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index d1cda7aab..92d5a5db4 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -486,3 +486,45 @@ DSA *x; } #endif +/* The Netscape Certificate sequence functions */ + +#ifndef NO_FP_API +NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb) +FILE *fp; +NETSCAPE_CERT_SEQUENCE **x; +int (*cb)(); + { + return((NETSCAPE_CERT_SEQUENCE *) + PEM_ASN1_read((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509,fp,(char **)x,cb)); + } +#endif + +NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb) +BIO *bp; +NETSCAPE_CERT_SEQUENCE **x; +int (*cb)(); + { + return((NETSCAPE_CERT_SEQUENCE *) + PEM_ASN1_read_bio((char *(*)())d2i_NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509,bp,(char **)x,cb)); + } + +#ifndef NO_FP_API +int PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) +FILE *fp; +NETSCAPE_CERT_SEQUENCE *x; + { + return(PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509,fp, (char *)x, NULL,NULL,0,NULL)); + } +#endif + +int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) +BIO *bp; +NETSCAPE_CERT_SEQUENCE *x; + { + return(PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, + PEM_STRING_X509,bp, (char *)x, NULL,NULL,0,NULL)); + } + diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index b010de1fc..5aa239aa8 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -320,6 +320,13 @@ typedef struct Netscape_spki_st ASN1_BIT_STRING *signature; } NETSCAPE_SPKI; +/* Netscape certificate sequence structure */ +typedef struct Netscape_certificate_sequence + { + ASN1_OBJECT *type; + STACK /* X509 */ *certs; + } NETSCAPE_CERT_SEQUENCE; + #ifndef HEADER_BN_H #define BIGNUM char #endif @@ -670,6 +677,12 @@ int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, long length); + +int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); +NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); +NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); +void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); + #ifdef HEADER_ENVELOPE_H X509_INFO * X509_INFO_new(void); void X509_INFO_free(X509_INFO *a); @@ -985,6 +998,11 @@ void NETSCAPE_SPKAC_free(); int i2d_NETSCAPE_SPKAC(); NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(); +int i2d_NETSCAPE_CERT_SEQUENCE(); +NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(); +NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(); +void NETSCAPE_CERT_SEQUENCE_free(); + #ifdef HEADER_ENVELOPE_H X509_INFO * X509_INFO_new(); void X509_INFO_free();