提交 41b731f2 编写于 作者: D Dr. Stephen Henson

Initial support for Certificate Policies extension: print out works but setting

isn't fully implemented (yet).
上级 8de421b6
......@@ -5,6 +5,11 @@
Changes between 0.9.2b and 0.9.3
*) Initial support for Certificate Policies extension: print works but
setting doesn't work fully (yet). Also various additions to support
the r2i method this extension will use.
[Steve Henson]
*) A lot of constification, and fix a bug in X509_NAME_oneline() that could
return a const string when you are expecting an allocated buffer.
[Ben Laurie]
......
......@@ -712,7 +712,10 @@ bad:
extensions=CONF_get_string(conf,section,ENV_EXTENSIONS);
if(extensions) {
/* Check syntax of file */
if(!X509V3_EXT_check_conf(conf, extensions)) {
X509V3_CTX ctx;
X509V3_set_ctx_test(&ctx);
X509V3_set_conf_lhash(&ctx, conf);
if(!X509V3_EXT_add_conf(conf, &ctx, extensions, NULL)) {
BIO_printf(bio_err,
"Error Loading extension section %s\n",
extensions);
......@@ -984,7 +987,10 @@ bad:
crl_ext=CONF_get_string(conf,section,ENV_CRLEXT);
if(crl_ext) {
/* Check syntax of file */
if(!X509V3_EXT_check_conf(conf, crl_ext)) {
X509V3_CTX ctx;
X509V3_set_ctx_test(&ctx);
X509V3_set_conf_lhash(&ctx, conf);
if(!X509V3_EXT_add_conf(conf, &ctx, crl_ext, NULL)) {
BIO_printf(bio_err,
"Error Loading CRL extension section %s\n",
crl_ext);
......
......@@ -438,7 +438,10 @@ bad:
extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
if(extensions) {
/* Check syntax of file */
if(!X509V3_EXT_check_conf(req_conf, extensions)) {
X509V3_CTX ctx;
X509V3_set_ctx_test(&ctx);
X509V3_set_conf_lhash(&ctx, req_conf);
if(!X509V3_EXT_add_conf(req_conf, &ctx, extensions, NULL)) {
BIO_printf(bio_err,
"Error Loading extension section %s\n", extensions);
goto end;
......
......@@ -67,6 +67,7 @@
#define ASN1_F_D2I_NETSCAPE_RSA_2 142
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
#define ASN1_F_D2I_NETSCAPE_SPKI 144
#define ASN1_F_D2I_NOTICEREF 268
#define ASN1_F_D2I_PBE2PARAM 262
#define ASN1_F_D2I_PBEPARAM 249
#define ASN1_F_D2I_PBKDF2PARAM 263
......@@ -86,12 +87,15 @@
#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
#define ASN1_F_D2I_POLICYINFO 269
#define ASN1_F_D2I_POLICYQUALINFO 270
#define ASN1_F_D2I_PRIVATEKEY 155
#define ASN1_F_D2I_PUBLICKEY 156
#define ASN1_F_D2I_RSAPRIVATEKEY 157
#define ASN1_F_D2I_RSAPUBLICKEY 158
#define ASN1_F_D2I_SXNET 241
#define ASN1_F_D2I_SXNETID 243
#define ASN1_F_D2I_USERNOTICE 271
#define ASN1_F_D2I_X509 159
#define ASN1_F_D2I_X509_ALGOR 160
#define ASN1_F_D2I_X509_ATTRIBUTE 161
......@@ -128,6 +132,7 @@
#define ASN1_F_NETSCAPE_PKEY_NEW 189
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
#define ASN1_F_NETSCAPE_SPKI_NEW 191
#define ASN1_F_NOTICEREF_NEW 272
#define ASN1_F_PBE2PARAM_NEW 264
#define ASN1_F_PBEPARAM_NEW 251
#define ASN1_F_PBKDF2PARAM_NEW 265
......@@ -147,8 +152,11 @@
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
#define ASN1_F_POLICYINFO_NEW 273
#define ASN1_F_POLICYQUALINFO_NEW 274
#define ASN1_F_SXNETID_NEW 244
#define ASN1_F_SXNET_NEW 242
#define ASN1_F_USERNOTICE_NEW 275
#define ASN1_F_X509_ALGOR_NEW 202
#define ASN1_F_X509_ATTRIBUTE_NEW 203
#define ASN1_F_X509_CINF_NEW 204
......
......@@ -874,6 +874,7 @@ ASN1_STRING *ASN1_pack_string();
#define ASN1_F_D2I_NETSCAPE_RSA_2 142
#define ASN1_F_D2I_NETSCAPE_SPKAC 143
#define ASN1_F_D2I_NETSCAPE_SPKI 144
#define ASN1_F_D2I_NOTICEREF 268
#define ASN1_F_D2I_PBE2PARAM 262
#define ASN1_F_D2I_PBEPARAM 249
#define ASN1_F_D2I_PBKDF2PARAM 263
......@@ -893,12 +894,15 @@ ASN1_STRING *ASN1_pack_string();
#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
#define ASN1_F_D2I_POLICYINFO 269
#define ASN1_F_D2I_POLICYQUALINFO 270
#define ASN1_F_D2I_PRIVATEKEY 155
#define ASN1_F_D2I_PUBLICKEY 156
#define ASN1_F_D2I_RSAPRIVATEKEY 157
#define ASN1_F_D2I_RSAPUBLICKEY 158
#define ASN1_F_D2I_SXNET 241
#define ASN1_F_D2I_SXNETID 243
#define ASN1_F_D2I_USERNOTICE 271
#define ASN1_F_D2I_X509 159
#define ASN1_F_D2I_X509_ALGOR 160
#define ASN1_F_D2I_X509_ATTRIBUTE 161
......@@ -935,6 +939,7 @@ ASN1_STRING *ASN1_pack_string();
#define ASN1_F_NETSCAPE_PKEY_NEW 189
#define ASN1_F_NETSCAPE_SPKAC_NEW 190
#define ASN1_F_NETSCAPE_SPKI_NEW 191
#define ASN1_F_NOTICEREF_NEW 272
#define ASN1_F_PBE2PARAM_NEW 264
#define ASN1_F_PBEPARAM_NEW 251
#define ASN1_F_PBKDF2PARAM_NEW 265
......@@ -954,8 +959,11 @@ ASN1_STRING *ASN1_pack_string();
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
#define ASN1_F_POLICYINFO_NEW 273
#define ASN1_F_POLICYQUALINFO_NEW 274
#define ASN1_F_SXNETID_NEW 244
#define ASN1_F_SXNET_NEW 242
#define ASN1_F_USERNOTICE_NEW 275
#define ASN1_F_X509_ALGOR_NEW 202
#define ASN1_F_X509_ATTRIBUTE_NEW 203
#define ASN1_F_X509_CINF_NEW 204
......
......@@ -129,6 +129,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"},
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"},
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"},
{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "D2I_NOTICEREF"},
{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "D2I_PBE2PARAM"},
{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "D2I_PBEPARAM"},
{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "D2I_PBKDF2PARAM"},
......@@ -148,12 +149,15 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "D2I_PKCS8_PRIV_KEY_INFO"},
{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "D2I_PKEY_USAGE_PERIOD"},
{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "D2I_POLICYINFO"},
{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "D2I_POLICYQUALINFO"},
{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"},
{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "D2I_SXNET"},
{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "D2I_SXNETID"},
{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "D2I_USERNOTICE"},
{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
......@@ -190,6 +194,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_NEW"},
{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_NEW"},
{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_NEW"},
{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_NEW"},
......@@ -209,8 +214,11 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_NEW"},
{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_NEW"},
{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_NEW"},
{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_NEW"},
{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_NEW"},
{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_NEW"},
{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_NEW"},
{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
......
......@@ -24,10 +24,10 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
v3_pku.c v3_int.c v3_enum.c v3_sxnet.c
v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
v3_int.o v3_enum.o v3_sxnet.o
v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o
SRC= $(LIBSRC)
......
......@@ -149,6 +149,12 @@ char *value; /* Value */
if(!ext_struc) return NULL;
} else if(method->s2i) {
if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
} else if(method->r2i) {
if(!ctx->db) {
X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE);
return NULL;
}
if(!(ext_struc = method->r2i(method, ctx, value))) return NULL;
} else {
X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
......@@ -287,15 +293,6 @@ X509_CRL *crl;
return 1;
}
/* Just check syntax of config file as far as possible */
int X509V3_EXT_check_conf(conf, section)
LHASH *conf;
char *section;
{
static X509V3_CTX ctx_tst = { CTX_TEST, NULL, NULL, NULL, NULL };
return X509V3_EXT_add_conf(conf, &ctx_tst, section, NULL);
}
/* Config database functions */
char * X509V3_get_string(ctx, name, section)
......@@ -317,18 +314,20 @@ char *section;
return NULL;
}
void X509V3_free_string(ctx, str)
void X509V3_string_free(ctx, str)
X509V3_CTX *ctx;
char *str;
{
if(!str) return;
if(ctx->db_meth->free_string)
return ctx->db_meth->free_string(ctx->db, str);
}
void X509V3_free_section(ctx, section)
void X509V3_section_free(ctx, section)
X509V3_CTX *ctx;
STACK *section;
{
if(!section) return;
if(ctx->db_meth->free_section)
return ctx->db_meth->free_section(ctx->db, section);
}
......
/* v3_cpols.c */
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
* project 1999.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include "cryptlib.h"
#include "conf.h"
#include "asn1.h"
#include "asn1_mac.h"
#include "x509v3.h"
/* Certificate policies extension support: this one is a bit complex... */
static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent);
static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
static void print_notice(BIO *out, USERNOTICE *notice, int indent);
static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs);
X509V3_EXT_METHOD v3_cpols = {
NID_certificate_policies, 0,
(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
CERTIFICATEPOLICIES_free,
(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
i2d_CERTIFICATEPOLICIES,
NULL, NULL,
NULL, NULL,
(X509V3_EXT_I2R)i2r_certpol,
(X509V3_EXT_R2I)r2i_certpol,
NULL
};
/*
* ASN1err(ASN1_F_POLICYINFO_NEW,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_D2I_POLICYINFO,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_POLICYQUALINFO_NEW,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_D2I_POLICYQUALINFO,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_USERNOTICE_NEW,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_D2I_USERNOTICE,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_NOTICEREF_NEW,ERR_R_MALLOC_FAILURE);
* ASN1err(ASN1_F_D2I_NOTICEREF,ERR_R_MALLOC_FAILURE);
*/
static STACK_OF(POLICYINFO) *r2i_certpol(method, ctx, value)
X509V3_EXT_METHOD *method;
X509V3_CTX *ctx;
char *value;
{
STACK_OF(POLICYINFO) *pols = NULL;
char *pstr;
POLICYINFO *pol;
ASN1_OBJECT *pobj;
STACK *vals;
CONF_VALUE *cnf;
int i;
pols = sk_POLICYINFO_new_null();
vals = X509V3_parse_list(value);
for(i = 0; i < sk_num(vals); i++) {
cnf = (CONF_VALUE *)sk_value(vals, i);
if(cnf->value || !cnf->name ) {
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
X509V3_conf_err(cnf);
goto err;
}
pstr = cnf->name;
if(*pstr == '@') {
STACK *polsect;
polsect = X509V3_get_section(ctx, pstr + 1);
if(!polsect) {
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
X509V3_conf_err(cnf);
goto err;
}
pol = policy_section(ctx, polsect);
X509V3_section_free(ctx, polsect);
if(!pol) goto err;
} else {
if(!(pobj = OBJ_txt2obj(cnf->name, 0))) {
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER);
X509V3_conf_err(cnf);
goto err;
}
pol = POLICYINFO_new();
pol->policyid = pobj;
}
sk_POLICYINFO_push(pols, pol);
}
sk_pop_free(vals, X509V3_conf_free);
return pols;
err:
sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
return NULL;
}
static POLICYINFO *policy_section(ctx, polstrs)
X509V3_CTX *ctx;
STACK *polstrs;
{
int i;
CONF_VALUE *cnf;
for(i = 0; i < sk_num(polstrs); i++) {
cnf = (CONF_VALUE *)sk_value(polstrs, i);
}
return NULL;
}
static int i2r_certpol(method, pol, out, indent)
X509V3_EXT_METHOD *method;
STACK_OF(POLICYINFO) *pol;
BIO *out;
int indent;
{
int i;
POLICYINFO *pinfo;
/* First print out the policy OIDs */
for(i = 0; i < sk_POLICYINFO_num(pol); i++) {
pinfo = sk_POLICYINFO_value(pol, i);
BIO_printf(out, "%*sPolicy: ", indent, "");
i2a_ASN1_OBJECT(out, pinfo->policyid);
BIO_puts(out, "\n");
if(pinfo->qualifiers)
print_qualifiers(out, pinfo->qualifiers, indent + 2);
}
return 1;
}
int i2d_CERTIFICATEPOLICIES(a, pp)
STACK_OF(POLICYINFO) *a;
unsigned char **pp;
{
return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
V_ASN1_UNIVERSAL, IS_SEQUENCE);}
STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new()
{
return sk_POLICYINFO_new_null();
}
void CERTIFICATEPOLICIES_free(a)
STACK_OF(POLICYINFO) *a;
{
sk_POLICYINFO_pop_free(a, POLICYINFO_free);
}
STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(a,pp,length)
STACK_OF(POLICYINFO) **a;
unsigned char **pp;
long length;
{
return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
}
IMPLEMENT_STACK_OF(POLICYINFO)
IMPLEMENT_ASN1_SET_OF(POLICYINFO)
int i2d_POLICYINFO(a,pp)
POLICYINFO *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
i2d_POLICYQUALINFO);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
i2d_POLICYQUALINFO);
M_ASN1_I2D_finish();
}
POLICYINFO *POLICYINFO_new()
{
POLICYINFO *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret, POLICYINFO);
ret->policyid = NULL;
ret->qualifiers = NULL;
return (ret);
M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
}
POLICYINFO *d2i_POLICYINFO(a,pp,length)
POLICYINFO **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
if(!M_ASN1_D2I_end_sequence()) {
M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
d2i_POLICYQUALINFO, POLICYQUALINFO_free);
}
M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
}
void POLICYINFO_free(a)
POLICYINFO *a;
{
if (a == NULL) return;
ASN1_OBJECT_free(a->policyid);
sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
Free (a);
}
static void print_qualifiers(out, quals, indent)
BIO *out;
STACK_OF(POLICYQUALINFO) *quals;
int indent;
{
POLICYQUALINFO *qualinfo;
int i;
for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
qualinfo = sk_POLICYQUALINFO_value(quals, i);
switch(OBJ_obj2nid(qualinfo->pqualid))
{
case NID_id_qt_cps:
BIO_printf(out, "%*sCPS: %s\n", indent, "",
qualinfo->d.cpsuri->data);
break;
case NID_id_qt_unotice:
BIO_printf(out, "%*sUser Notice:\n", indent, "");
print_notice(out, qualinfo->d.usernotice, indent + 2);
break;
default:
BIO_printf(out, "%*sUnknown Qualifier: ",
indent + 2, "");
i2a_ASN1_OBJECT(out, qualinfo->pqualid);
BIO_puts(out, "\n");
break;
}
}
}
static void print_notice(out, notice, indent)
BIO *out;
USERNOTICE *notice;
int indent;
{
int i;
if(notice->noticeref) {
NOTICEREF *ref;
ref = notice->noticeref;
BIO_printf(out, "%*sOrganization: %s\n", indent, "",
ref->organization->data);
BIO_printf(out, "%*sNumber%s: ", indent, "",
(sk_num(ref->noticenos) > 1) ? "s" : "");
for(i = 0; i < sk_num(ref->noticenos); i++) {
ASN1_INTEGER *num;
char *tmp;
num = (ASN1_INTEGER *)sk_value(ref->noticenos, i);
if(i) BIO_puts(out, ", ");
tmp = i2s_ASN1_INTEGER(NULL, num);
BIO_puts(out, tmp);
Free(tmp);
}
BIO_puts(out, "\n");
}
if(notice->exptext)
BIO_printf(out, "%*sNotice Reference: %s\n", indent, "",
notice->exptext->data);
}
int i2d_POLICYQUALINFO(a,pp)
POLICYQUALINFO *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
switch(OBJ_obj2nid(a->pqualid)) {
case NID_id_qt_cps:
M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
break;
case NID_id_qt_unotice:
M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
break;
default:
M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
break;
}
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
switch(OBJ_obj2nid(a->pqualid)) {
case NID_id_qt_cps:
M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
break;
case NID_id_qt_unotice:
M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
break;
default:
M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
break;
}
M_ASN1_I2D_finish();
}
POLICYQUALINFO *POLICYQUALINFO_new()
{
POLICYQUALINFO *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret, POLICYQUALINFO);
ret->pqualid = NULL;
ret->d.other = NULL;
return (ret);
M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
}
POLICYQUALINFO *d2i_POLICYQUALINFO(a,pp,length)
POLICYQUALINFO **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
switch(OBJ_obj2nid(ret->pqualid)) {
case NID_id_qt_cps:
M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
break;
case NID_id_qt_unotice:
M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
break;
default:
M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
break;
}
M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
}
void POLICYQUALINFO_free(a)
POLICYQUALINFO *a;
{
if (a == NULL) return;
switch(OBJ_obj2nid(a->pqualid)) {
case NID_id_qt_cps:
ASN1_IA5STRING_free(a->d.cpsuri);
break;
case NID_id_qt_unotice:
USERNOTICE_free(a->d.usernotice);
break;
default:
ASN1_TYPE_free(a->d.other);
break;
}
ASN1_OBJECT_free(a->pqualid);
Free (a);
}
int i2d_USERNOTICE(a,pp)
USERNOTICE *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
M_ASN1_I2D_finish();
}
USERNOTICE *USERNOTICE_new()
{
USERNOTICE *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret, USERNOTICE);
ret->noticeref = NULL;
ret->exptext = NULL;
return (ret);
M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
}
USERNOTICE *d2i_USERNOTICE(a,pp,length)
USERNOTICE **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
if (!M_ASN1_D2I_end_sequence()) {
M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
}
M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
}
void USERNOTICE_free(a)
USERNOTICE *a;
{
if (a == NULL) return;
NOTICEREF_free(a->noticeref);
DISPLAYTEXT_free(a->exptext);
Free (a);
}
int i2d_NOTICEREF(a,pp)
NOTICEREF *a;
unsigned char **pp;
{
M_ASN1_I2D_vars(a);
M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
M_ASN1_I2D_len_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER);
M_ASN1_I2D_seq_total();
M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
M_ASN1_I2D_put_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER);
M_ASN1_I2D_finish();
}
NOTICEREF *NOTICEREF_new()
{
NOTICEREF *ret=NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret, NOTICEREF);
ret->organization = NULL;
ret->noticenos = NULL;
return (ret);
M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
}
NOTICEREF *d2i_NOTICEREF(a,pp,length)
NOTICEREF **a;
unsigned char **pp;
long length;
{
M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
M_ASN1_D2I_Init();
M_ASN1_D2I_start_sequence();
/* This is to cope with some broken encodings that use IA5STRING for
* the organization field
*/
M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
V_ASN1_IA5STRING);
if(!ret->organization) {
M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
}
M_ASN1_D2I_get_seq(ret->noticenos, d2i_ASN1_INTEGER, ASN1_STRING_free);
M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
}
void NOTICEREF_free(a)
NOTICEREF *a;
{
if (a == NULL) return;
DISPLAYTEXT_free(a->organization);
sk_pop_free(a->noticenos, ASN1_STRING_free);
Free (a);
}
IMPLEMENT_STACK_OF(POLICYQUALINFO)
IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
......@@ -149,7 +149,7 @@ extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet;
extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason;
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols;
int X509V3_add_standard_extensions()
{
......@@ -165,6 +165,7 @@ int X509V3_add_standard_extensions()
X509V3_EXT_add(&v3_crl_num);
X509V3_EXT_add(&v3_sxnet);
X509V3_EXT_add(&v3_crl_reason);
X509V3_EXT_add(&v3_cpols);
return 1;
}
......
......@@ -69,6 +69,7 @@ static ERR_STRING_DATA X509V3_str_functs[]=
{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"},
{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"},
......@@ -87,12 +88,12 @@ static ERR_STRING_DATA X509V3_str_functs[]=
{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"},
{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"},
{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"},
{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"},
{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"},
{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"},
{0,NULL},
};
......@@ -117,8 +118,11 @@ static ERR_STRING_DATA X509V3_str_reasons[]=
{X509V3_R_INVALID_NULL_NAME ,"invalid null name"},
{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"},
{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"},
{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
{X509V3_R_INVALID_SECTION ,"invalid section"},
{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"},
{X509V3_R_MISSING_VALUE ,"missing value"},
{X509V3_R_NO_CONFIG_DATABASE ,"no config database"},
{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"},
{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"},
{X509V3_R_NO_PUBLIC_KEY ,"no public key"},
......
......@@ -7,6 +7,7 @@
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
#define X509V3_F_I2S_ASN1_INTEGER 120
#define X509V3_F_R2I_CERTPOL 130
#define X509V3_F_S2I_ASN1_IA5STRING 100
#define X509V3_F_S2I_ASN1_INTEGER 108
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
......@@ -25,12 +26,12 @@
#define X509V3_F_V2I_GENERAL_NAME 117
#define X509V3_F_V2I_GENERAL_NAMES 118
#define X509V3_F_V3_GENERIC_EXTENSION 116
#define X509V3_F_X509V3_EXT_ADD 104
#define X509V3_F_X509V3_ADD_VALUE 105
#define X509V3_F_X509V3_EXT_ADD 104
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
#define X509V3_F_X509V3_EXT_CONF 107
#define X509V3_F_X509V3_PARSE_LIST 109
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_F_X509V3_PARSE_LIST 109
/* Reason codes. */
#define X509V3_R_BAD_IP_ADDRESS 118
......@@ -52,8 +53,11 @@
#define X509V3_R_INVALID_NULL_NAME 108
#define X509V3_R_INVALID_NULL_VALUE 109
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
#define X509V3_R_INVALID_SECTION 135
#define X509V3_R_ISSUER_DECODE_ERROR 126
#define X509V3_R_MISSING_VALUE 124
#define X509V3_R_NO_CONFIG_DATABASE 136
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
#define X509V3_R_NO_ISSUER_DETAILS 127
#define X509V3_R_NO_PUBLIC_KEY 114
......
......@@ -203,7 +203,7 @@ typedef struct NOTICEREF_st {
} NOTICEREF;
typedef struct USERNOTICE_st {
NOTICEREF *notref;
NOTICEREF *noticeref;
ASN1_STRING *exptext;
} USERNOTICE;
......@@ -217,10 +217,11 @@ typedef struct POLICYQUALINFO_st {
} POLICYQUALINFO;
DECLARE_STACK_OF(POLICYQUALINFO)
DECLARE_ASN1_SET_OF(POLICYQUALINFO)
typedef struct POLICYINFO_st {
ASN1_OBJECT *policyid;
STACK_OF(POLICYQUALINFO) qualifiers;
STACK_OF(POLICYQUALINFO) *qualifiers;
} POLICYINFO;
DECLARE_STACK_OF(POLICYINFO);
......@@ -229,6 +230,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO);
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
#define X509V3_set_ctx_test(ctx) \
X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
#define EXT_BITSTRING(nid, table) { nid, 0, \
(X509V3_EXT_NEW)asn1_bit_string_new, ASN1_STRING_free, \
(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
......@@ -308,6 +313,32 @@ STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length);
void ext_ku_free(STACK *a);
STACK *ext_ku_new(void);
int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
POLICYINFO *POLICYINFO_new(void);
POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
void POLICYINFO_free(POLICYINFO *a);
int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
POLICYQUALINFO *POLICYQUALINFO_new(void);
POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
long length);
void POLICYQUALINFO_free(POLICYQUALINFO *a);
int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
USERNOTICE *USERNOTICE_new(void);
USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
void USERNOTICE_free(USERNOTICE *a);
int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
NOTICEREF *NOTICEREF_new(void);
NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
void NOTICEREF_free(NOTICEREF *a);
#ifdef HEADER_CONF_H
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
void X509V3_conf_free(CONF_VALUE *val);
......@@ -315,7 +346,6 @@ X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, c
X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
int X509V3_EXT_check_conf(LHASH *conf, char *section);
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
......@@ -323,8 +353,8 @@ void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
STACK * X509V3_get_section(X509V3_CTX *ctx, char *section);
void X509V3_free_string(X509V3_CTX *ctx, char *str);
void X509V3_free_section( X509V3_CTX *ctx, STACK *section);
void X509V3_string_free(X509V3_CTX *ctx, char *str);
void X509V3_section_free( X509V3_CTX *ctx, STACK *section);
void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
X509_REQ *req, X509_CRL *crl, int flags);
......@@ -413,16 +443,40 @@ void X509V3_conf_free();
X509_EXTENSION *X509V3_EXT_conf_nid();
X509_EXTENSION *X509V3_EXT_conf();
int X509V3_EXT_add_conf();
int X509V3_EXT_check_conf();
int X509V3_get_value_bool();
int X509V3_get_value_int();
void X509V3_set_conf_lhash();
#endif
int i2d_CERTIFICATEPOLICIES();
STACK *CERTIFICATEPOLICIES_new();
void CERTIFICATEPOLICIES_free();
STACK *d2i_CERTIFICATEPOLICIES();
int i2d_POLICYINFO();
POLICYINFO *POLICYINFO_new();
POLICYINFO *d2i_POLICYINFO();
void POLICYINFO_free();
int i2d_POLICYQUALINFO();
POLICYQUALINFO *POLICYQUALINFO_new();
POLICYQUALINFO *d2i_POLICYQUALINFO();
void POLICYQUALINFO_free();
int i2d_USERNOTICE();
USERNOTICE *USERNOTICE_new();
USERNOTICE *d2i_USERNOTICE();
void USERNOTICE_free();
int i2d_NOTICEREF();
NOTICEREF *NOTICEREF_new();
NOTICEREF *d2i_NOTICEREF();
void NOTICEREF_free();
char * X509V3_get_string();
STACK * X509V3_get_section();
void X509V3_free_string();
void X509V3_free_section();
void X509V3_string_free();
void X509V3_section_free();
void X509V3_set_ctx();
int X509V3_add_value();
......@@ -461,6 +515,7 @@ int X509V3_EXT_print_fp();
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
#define X509V3_F_I2S_ASN1_INTEGER 120
#define X509V3_F_R2I_CERTPOL 130
#define X509V3_F_S2I_ASN1_IA5STRING 100
#define X509V3_F_S2I_ASN1_INTEGER 108
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
......@@ -479,12 +534,12 @@ int X509V3_EXT_print_fp();
#define X509V3_F_V2I_GENERAL_NAME 117
#define X509V3_F_V2I_GENERAL_NAMES 118
#define X509V3_F_V3_GENERIC_EXTENSION 116
#define X509V3_F_X509V3_EXT_ADD 104
#define X509V3_F_X509V3_ADD_VALUE 105
#define X509V3_F_X509V3_EXT_ADD 104
#define X509V3_F_X509V3_EXT_ADD_ALIAS 106
#define X509V3_F_X509V3_EXT_CONF 107
#define X509V3_F_X509V3_PARSE_LIST 109
#define X509V3_F_X509V3_GET_VALUE_BOOL 110
#define X509V3_F_X509V3_PARSE_LIST 109
/* Reason codes. */
#define X509V3_R_BAD_IP_ADDRESS 118
......@@ -506,8 +561,11 @@ int X509V3_EXT_print_fp();
#define X509V3_R_INVALID_NULL_NAME 108
#define X509V3_R_INVALID_NULL_VALUE 109
#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
#define X509V3_R_INVALID_SECTION 135
#define X509V3_R_ISSUER_DECODE_ERROR 126
#define X509V3_R_MISSING_VALUE 124
#define X509V3_R_NO_CONFIG_DATABASE 136
#define X509V3_R_NO_ISSUER_CERTIFICATE 121
#define X509V3_R_NO_ISSUER_DETAILS 127
#define X509V3_R_NO_PUBLIC_KEY 114
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册