Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
231493c9
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
231493c9
编写于
7月 23, 2005
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Initial print only support for IDP CRL extension.
上级
20a90e3a
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
143 addition
and
9 deletion
+143
-9
CHANGES
CHANGES
+2
-1
crypto/objects/obj_dat.h
crypto/objects/obj_dat.h
+11
-5
crypto/objects/obj_mac.h
crypto/objects/obj_mac.h
+5
-0
crypto/objects/obj_mac.num
crypto/objects/obj_mac.num
+1
-0
crypto/objects/objects.txt
crypto/objects/objects.txt
+2
-0
crypto/x509v3/ext_dat.h
crypto/x509v3/ext_dat.h
+3
-2
crypto/x509v3/v3_crld.c
crypto/x509v3/v3_crld.c
+110
-1
crypto/x509v3/x509v3.h
crypto/x509v3/x509v3.h
+9
-0
未找到文件。
CHANGES
浏览文件 @
231493c9
...
...
@@ -4,7 +4,8 @@
Changes between 0.9.8 and 0.9.9 [xx XXX xxxx]
*)
*) Add print only support for Issuing Distribution Point CRL extension.
[Steve Henson]
Changes between 0.9.8 and 0.9.8a [XX xxx XXXX]
...
...
crypto/objects/obj_dat.h
浏览文件 @
231493c9
...
...
@@ -62,12 +62,12 @@
* [including the GNU Public Licence.]
*/
#define NUM_NID 75
1
#define NUM_SN 74
7
#define NUM_LN 74
7
#define NUM_OBJ 7
09
#define NUM_NID 75
2
#define NUM_SN 74
8
#define NUM_LN 74
8
#define NUM_OBJ 7
10
static
unsigned
char
lvalues
[
500
2
]
=
{
static
unsigned
char
lvalues
[
500
5
]
=
{
0x00
,
/* [ 0] OBJ_undef */
0x2A
,
0x86
,
0x48
,
0x86
,
0xF7
,
0x0D
,
/* [ 1] OBJ_rsadsi */
0x2A
,
0x86
,
0x48
,
0x86
,
0xF7
,
0x0D
,
0x01
,
/* [ 7] OBJ_pkcs */
...
...
@@ -777,6 +777,7 @@ static unsigned char lvalues[5002]={
0x2B
,
0x06
,
0x01
,
0x05
,
0x05
,
0x07
,
0x15
,
0x00
,
/* [4977] OBJ_id_ppl_anyLanguage */
0x2B
,
0x06
,
0x01
,
0x05
,
0x05
,
0x07
,
0x15
,
0x01
,
/* [4985] OBJ_id_ppl_inheritAll */
0x2B
,
0x06
,
0x01
,
0x05
,
0x05
,
0x07
,
0x15
,
0x02
,
/* [4993] OBJ_Independent */
0x55
,
0x1D
,
0x1C
,
/* [5001] OBJ_issuing_distribution_point */
};
static
ASN1_OBJECT
nid_objs
[
NUM_NID
]
=
{
...
...
@@ -1945,6 +1946,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
{
"id-ppl-inheritAll"
,
"Inherit all"
,
NID_id_ppl_inheritAll
,
8
,
&
(
lvalues
[
4985
]),
0
},
{
"id-ppl-independent"
,
"Independent"
,
NID_Independent
,
8
,
&
(
lvalues
[
4993
]),
0
},
{
"issuingDistributionPoint"
,
"X509v3 Issuing Distrubution Point"
,
NID_issuing_distribution_point
,
3
,
&
(
lvalues
[
5001
]),
0
},
};
static
ASN1_OBJECT
*
sn_objs
[
NUM_SN
]
=
{
...
...
@@ -2382,6 +2385,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
&
(
nid_objs
[
295
]),
/* "ipsecTunnel" */
&
(
nid_objs
[
296
]),
/* "ipsecUser" */
&
(
nid_objs
[
86
]),
/* "issuerAltName" */
&
(
nid_objs
[
751
]),
/* "issuingDistributionPoint" */
&
(
nid_objs
[
492
]),
/* "janetMailbox" */
&
(
nid_objs
[
150
]),
/* "keyBag" */
&
(
nid_objs
[
83
]),
/* "keyUsage" */
...
...
@@ -2797,6 +2801,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
&
(
nid_objs
[
126
]),
/* "X509v3 Extended Key Usage" */
&
(
nid_objs
[
739
]),
/* "X509v3 Inhibit Any Policy" */
&
(
nid_objs
[
86
]),
/* "X509v3 Issuer Alternative Name" */
&
(
nid_objs
[
751
]),
/* "X509v3 Issuing Distrubution Point" */
&
(
nid_objs
[
83
]),
/* "X509v3 Key Usage" */
&
(
nid_objs
[
736
]),
/* "X509v3 Name Constraints" */
&
(
nid_objs
[
403
]),
/* "X509v3 No Revocation Available" */
...
...
@@ -3502,6 +3507,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
&
(
nid_objs
[
430
]),
/* OBJ_hold_instruction_code 2 5 29 23 */
&
(
nid_objs
[
142
]),
/* OBJ_invalidity_date 2 5 29 24 */
&
(
nid_objs
[
140
]),
/* OBJ_delta_crl 2 5 29 27 */
&
(
nid_objs
[
751
]),
/* OBJ_issuing_distribution_point 2 5 29 28 */
&
(
nid_objs
[
736
]),
/* OBJ_name_constraints 2 5 29 30 */
&
(
nid_objs
[
103
]),
/* OBJ_crl_distribution_points 2 5 29 31 */
&
(
nid_objs
[
89
]),
/* OBJ_certificate_policies 2 5 29 32 */
...
...
crypto/objects/obj_mac.h
浏览文件 @
231493c9
...
...
@@ -2094,6 +2094,11 @@
#define NID_delta_crl 140
#define OBJ_delta_crl OBJ_id_ce,27L
#define SN_issuing_distribution_point "issuingDistributionPoint"
#define LN_issuing_distribution_point "X509v3 Issuing Distrubution Point"
#define NID_issuing_distribution_point 751
#define OBJ_issuing_distribution_point OBJ_id_ce,28L
#define SN_name_constraints "nameConstraints"
#define LN_name_constraints "X509v3 Name Constraints"
#define NID_name_constraints 736
...
...
crypto/objects/obj_mac.num
浏览文件 @
231493c9
...
...
@@ -748,3 +748,4 @@ proxyCertInfo 747
id_ppl_anyLanguage 748
id_ppl_inheritAll 749
Independent 750
issuing_distribution_point 751
crypto/objects/objects.txt
浏览文件 @
231493c9
...
...
@@ -677,6 +677,8 @@ id-ce 21 : CRLReason : X509v3 CRL Reason Code
id-ce 24 : invalidityDate : Invalidity Date
!Cname delta-crl
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
!Cname issuing-distribution-point
id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point
!Cname name-constraints
id-ce 30 : nameConstraints : X509v3 Name Constraints
!Cname crl-distribution-points
...
...
crypto/x509v3/ext_dat.h
浏览文件 @
231493c9
...
...
@@ -66,7 +66,7 @@ extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
extern
X509V3_EXT_METHOD
v3_ocsp_crlid
,
v3_ocsp_nocheck
,
v3_ocsp_serviceloc
;
extern
X509V3_EXT_METHOD
v3_crl_hold
,
v3_pci
;
extern
X509V3_EXT_METHOD
v3_policy_mappings
,
v3_policy_constraints
;
extern
X509V3_EXT_METHOD
v3_name_constraints
,
v3_inhibit_anyp
;
extern
X509V3_EXT_METHOD
v3_name_constraints
,
v3_inhibit_anyp
,
v3_idp
;
/* This table will be searched using OBJ_bsearch so it *must* kept in
* order of the ext_nid values.
...
...
@@ -115,7 +115,8 @@ static X509V3_EXT_METHOD *standard_exts[] = {
&
v3_name_constraints
,
&
v3_policy_mappings
,
&
v3_inhibit_anyp
,
&
v3_pci
&
v3_pci
,
&
v3_idp
};
/* Number of standard extensions */
...
...
crypto/x509v3/v3_crld.c
浏览文件 @
231493c9
...
...
@@ -3,7 +3,7 @@
* project 1999.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999
, 2005
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -160,3 +160,112 @@ ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
ASN1_ITEM_TEMPLATE_END
(
CRL_DIST_POINTS
)
IMPLEMENT_ASN1_FUNCTIONS
(
CRL_DIST_POINTS
)
ASN1_SEQUENCE
(
ISSUING_DIST_POINT
)
=
{
ASN1_EXP_OPT
(
ISSUING_DIST_POINT
,
distpoint
,
DIST_POINT_NAME
,
0
),
ASN1_IMP_OPT
(
ISSUING_DIST_POINT
,
onlyuser
,
ASN1_FBOOLEAN
,
1
),
ASN1_IMP_OPT
(
ISSUING_DIST_POINT
,
onlyCA
,
ASN1_FBOOLEAN
,
2
),
ASN1_IMP_OPT
(
ISSUING_DIST_POINT
,
onlysomereasons
,
ASN1_BIT_STRING
,
3
),
ASN1_IMP_OPT
(
ISSUING_DIST_POINT
,
indirectCRL
,
ASN1_FBOOLEAN
,
4
),
ASN1_IMP_OPT
(
ISSUING_DIST_POINT
,
onlyattr
,
ASN1_FBOOLEAN
,
5
)
}
ASN1_SEQUENCE_END
(
ISSUING_DIST_POINT
)
static
int
i2r_idp
(
X509V3_EXT_METHOD
*
method
,
void
*
pidp
,
BIO
*
out
,
int
indent
);
X509V3_EXT_METHOD
v3_idp
=
{
NID_issuing_distribution_point
,
X509V3_EXT_MULTILINE
,
ASN1_ITEM_ref
(
ISSUING_DIST_POINT
),
0
,
0
,
0
,
0
,
0
,
0
,
0
,
0
,
i2r_idp
,
0
,
NULL
};
static
const
BIT_STRING_BITNAME
reason_flags
[]
=
{
{
1
,
"Key Compromise"
,
"keyCompromise"
},
{
2
,
"CA Compromise"
,
"CACompromise"
},
{
3
,
"Affiliation Changed"
,
"affiliationChanged"
},
{
4
,
"Superseded"
,
"superseded"
},
{
5
,
"Cessation Of Operation"
,
"cessationOfOperation"
},
{
6
,
"Certificate Hold"
,
"certificateHold"
},
{
7
,
"Privilege Withdrawn"
,
"privilegeWithdrawn"
},
{
8
,
"AA Compromise"
,
"AACompromise"
},
{
-
1
,
NULL
,
NULL
}
};
static
int
print_reasons
(
BIO
*
out
,
const
char
*
rname
,
ASN1_BIT_STRING
*
rflags
,
int
indent
)
{
int
first
=
1
;
const
BIT_STRING_BITNAME
*
pbn
;
BIO_printf
(
out
,
"%*s%s:
\n
%*s"
,
indent
,
""
,
rname
,
indent
+
2
,
""
);
for
(
pbn
=
reason_flags
;
pbn
->
lname
;
pbn
++
)
{
if
(
ASN1_BIT_STRING_get_bit
(
rflags
,
pbn
->
bitnum
))
{
if
(
first
)
first
=
0
;
else
BIO_puts
(
out
,
","
);
BIO_puts
(
out
,
pbn
->
lname
);
}
}
if
(
first
)
BIO_puts
(
out
,
"<EMPTY>
\n
"
);
else
BIO_puts
(
out
,
"
\n
"
);
return
1
;
}
static
int
print_distpoint
(
BIO
*
out
,
DIST_POINT_NAME
*
dpn
,
int
indent
)
{
int
i
;
if
(
dpn
->
type
==
0
)
{
STACK_OF
(
GENERAL_NAME
)
*
gens
;
BIO_printf
(
out
,
"%*sFull Name:
\n
"
,
indent
,
""
);
gens
=
dpn
->
name
.
fullname
;
for
(
i
=
0
;
i
<
sk_GENERAL_NAME_num
(
gens
);
i
++
)
{
BIO_printf
(
out
,
"%*s"
,
indent
+
2
,
""
);
GENERAL_NAME_print
(
out
,
sk_GENERAL_NAME_value
(
gens
,
i
));
}
}
else
{
X509_NAME
ntmp
;
ntmp
.
entries
=
dpn
->
name
.
relativename
;
BIO_printf
(
out
,
"%*sRelative Name:
\n
%*s"
,
indent
,
""
,
indent
+
2
,
""
);
X509_NAME_print_ex
(
out
,
&
ntmp
,
0
,
XN_FLAG_ONELINE
);
BIO_puts
(
out
,
"
\n
"
);
}
return
1
;
}
static
int
i2r_idp
(
X509V3_EXT_METHOD
*
method
,
void
*
pidp
,
BIO
*
out
,
int
indent
)
{
ISSUING_DIST_POINT
*
idp
=
pidp
;
if
(
idp
->
distpoint
)
print_distpoint
(
out
,
idp
->
distpoint
,
indent
);
if
(
idp
->
onlyuser
>
0
)
BIO_printf
(
out
,
"%*sOnly User Certificates
\n
"
,
indent
,
""
);
if
(
idp
->
onlyCA
>
0
)
BIO_printf
(
out
,
"%*sOnly CA Certificates
\n
"
,
indent
,
""
);
if
(
idp
->
indirectCRL
>
0
)
BIO_printf
(
out
,
"%*sIndirect CRL
\n
"
,
indent
,
""
);
if
(
idp
->
onlysomereasons
)
print_reasons
(
out
,
"Only Some Reasons"
,
idp
->
onlysomereasons
,
indent
);
if
(
idp
->
onlyattr
>
0
)
BIO_printf
(
out
,
"%*sOnly Attribute Certificates
\n
"
,
indent
,
""
);
if
(
!
idp
->
distpoint
&&
(
idp
->
onlyuser
<=
0
)
&&
(
idp
->
onlyCA
<=
0
)
&&
(
idp
->
indirectCRL
<=
0
)
&&
!
idp
->
onlysomereasons
&&
(
idp
->
onlyattr
<=
0
))
BIO_printf
(
out
,
"%*s<EMPTY>
\n
"
,
indent
,
""
);
return
1
;
}
crypto/x509v3/x509v3.h
浏览文件 @
231493c9
...
...
@@ -329,6 +329,15 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st
DECLARE_ASN1_FUNCTIONS
(
PROXY_POLICY
)
DECLARE_ASN1_FUNCTIONS
(
PROXY_CERT_INFO_EXTENSION
)
typedef
struct
ISSUING_DIST_POINT_st
{
DIST_POINT_NAME
*
distpoint
;
int
onlyuser
;
int
onlyCA
;
ASN1_BIT_STRING
*
onlysomereasons
;
int
indirectCRL
;
int
onlyattr
;
}
ISSUING_DIST_POINT
;
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录