Initial support for Encrypted Data type generation.

[oweals/openssl.git] / crypto / x509v3 / v3_utl.c

diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 9770b516770a6a37126b9abc3428197887ccffc7..6aa54aedfaac9a33e9f1043ec5b53ec4ff7d0a56 100644 (file)
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -63,6 +63,7 @@
 #include "cryptlib.h"
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
+#include <openssl/bn.h>
 
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char * const *a, const char * const *b);
@@ -70,7 +71,6 @@ static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
 static void str_free(void *str);
 static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
 
-static int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 static int ipv4_from_asc(unsigned char *v4, const char *in);
 static int ipv6_from_asc(unsigned char *v6, const char *in);
 static int ipv6_cb(const char *elem, int len, void *usr);
@@ -360,12 +360,12 @@ static char *strip_spaces(char *name)
  * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
  */
 
-char *hex_to_string(unsigned char *buffer, long len)
+char *hex_to_string(const unsigned char *buffer, long len)
 {
        char *tmp, *q;
-       unsigned char *p;
+       const unsigned char *p;
        int i;
-       static char hexdig[] = "0123456789ABCDEF";
+       const static char hexdig[] = "0123456789ABCDEF";
        if(!buffer || !len) return NULL;
        if(!(tmp = OPENSSL_malloc(len * 3 + 1))) {
                X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE);
@@ -389,7 +389,7 @@ char *hex_to_string(unsigned char *buffer, long len)
  * a buffer
  */
 
-unsigned char *string_to_hex(char *str, long *len)
+unsigned char *string_to_hex(const char *str, long *len)
 {
        unsigned char *hexbuf, *q;
        unsigned char ch, cl, *p;
@@ -473,6 +473,30 @@ STACK *X509_get1_email(X509 *x)
        return ret;
 }
 
+STACK *X509_get1_ocsp(X509 *x)
+{
+       AUTHORITY_INFO_ACCESS *info;
+       STACK *ret = NULL;
+       int i;
+       info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
+       if (!info)
+               return NULL;
+       for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++)
+               {
+               ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
+               if (OBJ_obj2nid(ad->method) == NID_ad_OCSP)
+                       {
+                       if (ad->location->type == GEN_URI)
+                               {
+                               if (!append_ia5(&ret, ad->location->d.uniformResourceIdentifier))
+                                       break;
+                               }
+                       }
+               }
+       AUTHORITY_INFO_ACCESS_free(info);
+       return ret;
+}
+
 STACK *X509_REQ_get1_email(X509_REQ *x)
 {
        GENERAL_NAMES *gens;
@@ -614,7 +638,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
        }
        
 
-static int a2i_ipadd(unsigned char *ipout, const char *ipasc)
+int a2i_ipadd(unsigned char *ipout, const char *ipasc)
        {
        /* If string contains a ':' assume IPv6 */
 
@@ -801,7 +825,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
                                                unsigned long chtype)
        {
        CONF_VALUE *v;
-       int i;
+       int i, mval;
        char *p, *type;
        if (!nm)
                return 0;
@@ -824,8 +848,19 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
                                if(*p) type = p;
                                break;
                                }
+#ifndef CHARSET_EBCDIC
+               if (*type == '+')
+#else
+               if (*type == os_toascii['+'])
+#endif
+                       {
+                       mval = -1;
+                       type++;
+                       }
+               else
+                       mval = 0;
                if (!X509_NAME_add_entry_by_txt(nm,type, chtype,
-                               (unsigned char *) v->value,-1,-1,0))
+                               (unsigned char *) v->value,-1,-1,mval))
                                        return 0;
 
                }