files associated with them. This stuff is all obsoleted by the new X509V3 code.
Changes between 0.9.2b and 0.9.3
+ *) Delete various functions and files that belonged to the (now obsolete)
+ old X509V3 handling code.
+ [Steve Henson]
+
*) New Configure option "rsaref".
[Ulf Möller]
LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
x509_obj.c x509_req.c x509_vfy.c \
x509_set.c x509rset.c $(ERRC).c \
- x509name.c x509_v3.c x509_ext.c x509pack.c \
+ x509name.c x509_v3.c x509_ext.c \
x509type.c x509_lu.c x_all.c x509_txt.c \
- by_file.c by_dir.c \
- v3_net.c v3_x509.c
+ by_file.c by_dir.c
LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
x509_obj.o x509_req.o x509_vfy.o \
x509_set.o x509rset.o $(ERRC).o \
- x509name.o x509_v3.o x509_ext.o x509pack.o \
+ x509name.o x509_v3.o x509_ext.o \
x509type.o x509_lu.o x_all.o x509_txt.o \
- by_file.o by_dir.o \
- v3_net.o v3_x509.o
+ by_file.o by_dir.o
SRC= $(LIBSRC)
by_file.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
by_file.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
by_file.o: ../opensslv.h x509.h x509_vfy.h
-v3_net.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-v3_net.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-v3_net.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-v3_net.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-v3_net.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-v3_net.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-v3_net.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-v3_net.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
-v3_net.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
-v3_net.o: ../opensslv.h x509.h x509_vfy.h
-v3_x509.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-v3_x509.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-v3_x509.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-v3_x509.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-v3_x509.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-v3_x509.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-v3_x509.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-v3_x509.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
-v3_x509.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
-v3_x509.o: ../opensslv.h x509.h x509_vfy.h
x509_cmp.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
x509_cmp.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
x509_cmp.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
x509name.o: ../../include/ripemd.h ../../include/rsa.h
x509name.o: ../../include/safestack.h ../../include/sha.h ../../include/stack.h
x509name.o: ../cryptlib.h ../crypto.h ../opensslv.h x509.h x509_vfy.h
-x509pack.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-x509pack.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-x509pack.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-x509pack.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-x509pack.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-x509pack.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-x509pack.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-x509pack.o: ../../include/ripemd.h ../../include/rsa.h
-x509pack.o: ../../include/safestack.h ../../include/sha.h ../../include/stack.h
-x509pack.o: ../cryptlib.h ../crypto.h ../opensslv.h x509.h x509_vfy.h
x509rset.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
x509rset.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
x509rset.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
+++ /dev/null
-/* crypto/x509/v3_net.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "asn1.h"
-#include "objects.h"
-#include "x509.h"
-
-#define NETSCAPE_X509_EXT_NUM 8
-
-static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
-{NID_netscape_ca_policy_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_ssl_server_name, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_revocation_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
-{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
- };
-
-int X509v3_add_netscape_extensions()
- {
- int i;
-
- for (i=0; i<NETSCAPE_X509_EXT_NUM; i++)
- if (!X509v3_add_extension(&(netscape_x509_ext[i])))
- return(0);
- return(1);
- }
+++ /dev/null
-/* crypto/x509/v3_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "bio.h"
-#include "asn1.h"
-#include "objects.h"
-#include "x509.h"
-
-#if 0
-static int i2a_key_usage(BIO *bp, X509 *x);
-static int a2i_key_usage(X509 *x, char *str, int len);
-#endif
-
-int X509v3_get_key_usage(X509 *x);
-int X509v3_set_key_usage(X509 *x,unsigned int use);
-int i2a_X509v3_key_usage(BIO *bp, unsigned int use);
-unsigned int a2i_X509v3_key_usage(char *p);
-
-#define STD_X509_EXT_NUM 9
-
-#if 0
-static X509_OBJECTS std_x509_ext[STD_X509_EXT_NUM]={
-{NID_subject_key_identifier, NULL,NULL},
-{NID_key_usage, a2i_key_usage,i2a_key_usage}, /**/
-{NID_private_key_usage_period, NULL,NULL},
-{NID_subject_alt_name, NULL,NULL},
-{NID_issuer_alt_name, NULL,NULL},
-{NID_basic_constraints, NULL,NULL},
-{NID_crl_number, NULL,NULL},
-{NID_certificate_policies, NULL,NULL},
-{NID_authority_key_identifier, NULL,NULL},
- };
-#endif
-
-int X509v3_add_standard_extensions()
- {
-
-#if 0
- for (i=0; i<STD_X509_EXT_NUM; i++)
- if (!X509v3_add_extension(&(std_x509_ext[i])))
- return(0);
-#endif
- return(1);
- }
-
-int X509v3_get_key_usage(x)
-X509 *x;
- {
- X509_EXTENSION *ext;
- ASN1_STRING *st;
- char *p;
- int i;
-
- i=X509_get_ext_by_NID(x,NID_key_usage,-1);
- if (i < 0) return(X509v3_KU_UNDEF);
- ext=X509_get_ext(x,i);
- st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,
- X509_EXTENSION_get_data(X509_get_ext(x,i)));
-
- p=(char *)ASN1_STRING_data(st);
- if (ASN1_STRING_length(st) == 1)
- i=p[0];
- else if (ASN1_STRING_length(st) == 2)
- i=p[0]|(p[1]<<8);
- else
- i=0;
- return(i);
- }
-
-static struct
- {
- char *name;
- unsigned int value;
- } key_usage_data[] ={
- {"digitalSignature", X509v3_KU_DIGITAL_SIGNATURE},
- {"nonRepudiation", X509v3_KU_NON_REPUDIATION},
- {"keyEncipherment", X509v3_KU_KEY_ENCIPHERMENT},
- {"dataEncipherment", X509v3_KU_DATA_ENCIPHERMENT},
- {"keyAgreement", X509v3_KU_KEY_AGREEMENT},
- {"keyCertSign", X509v3_KU_KEY_CERT_SIGN},
- {"cRLSign", X509v3_KU_CRL_SIGN},
- {"encipherOnly", X509v3_KU_ENCIPHER_ONLY},
- {"decipherOnly", X509v3_KU_DECIPHER_ONLY},
- {NULL,0},
- };
-
-#if 0
-static int a2i_key_usage(x,str,len)
-X509 *x;
-char *str;
-int len;
- {
- return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));
- }
-
-static int i2a_key_usage(bp,x)
-BIO *bp;
-X509 *x;
- {
- return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));
- }
-#endif
-
-int i2a_X509v3_key_usage(bp,use)
-BIO *bp;
-unsigned int use;
- {
- int i=0,first=1;
-
- for (;;)
- {
- if (use | key_usage_data[i].value)
- {
- BIO_printf(bp,"%s%s",((first)?"":" "),
- key_usage_data[i].name);
- first=0;
- }
- break;
- }
- return(1);
- }
-
-unsigned int a2i_X509v3_key_usage(p)
-char *p;
- {
- unsigned int ret=0;
- char *q,*s;
- int i,n;
-
- q=p;
- for (;;)
- {
- while ((*q != '\0') && isalnum(*q))
- q++;
- if (*q == '\0') break;
- s=q++;
- while (isalnum(*q))
- q++;
- n=q-s;
- i=0;
- for (;;)
- {
- if (strncmp(key_usage_data[i].name,s,n) == 0)
- {
- ret|=key_usage_data[i].value;
- break;
- }
- i++;
- if (key_usage_data[i].name == NULL)
- return(X509v3_KU_UNDEF);
- }
- }
- return(ret);
- }
-
-int X509v3_set_key_usage(x,use)
-X509 *x;
-unsigned int use;
- {
- ASN1_OCTET_STRING *os;
- X509_EXTENSION *ext;
- int i;
- unsigned char data[4];
-
- i=X509_get_ext_by_NID(x,NID_key_usage,-1);
- if (i < 0)
- {
- i=X509_get_ext_count(x)+1;
- if ((ext=X509_EXTENSION_new()) == NULL) return(0);
- if (!X509_add_ext(x,ext,i))
- {
- X509_EXTENSION_free(ext);
- return(0);
- }
- }
- else
- ext=X509_get_ext(x,i);
-
- /* fill in 'ext' */
- os=X509_EXTENSION_get_data(ext);
-
- i=0;
- if (use > 0)
- {
- i=1;
- data[0]=use&0xff;
- }
- if (use > 0xff)
- {
- i=2;
- data[1]=(use>>8)&0xff;
- }
- return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);
- }
-
#define X509_F_DIR_CTRL 102
#define X509_F_GET_CERT_BY_SUBJECT 103
#define X509_F_X509V3_ADD_EXT 104
-#define X509_F_X509V3_ADD_EXTENSION 105
-#define X509_F_X509V3_PACK_STRING 106
-#define X509_F_X509V3_UNPACK_STRING 107
#define X509_F_X509_CHECK_PRIVATE_KEY 128
#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
#define X509_R_UNKNOWN_KEY_TYPE 117
#define X509_R_UNKNOWN_NID 109
-#define X509_R_UNKNOWN_STRING_TYPE 110
#define X509_R_UNSUPPORTED_ALGORITHM 111
#define X509_R_WRONG_LOOKUP_TYPE 112
void (*ex_free)(); /* clear argp stuff */
} X509_EXTENSION;
-/* #if 1 */
-typedef struct x509_extension_method_st
- {
- int nid;
- int data_type;
- int pack_type;
- void (*ex_clear)();
- int (*ex_get_bool)();
- int (*ex_set_bool)();
- int (*ex_get_str)();
- int (*ex_set_str)();
- char *(*ex_get_struct)();
- int (*ex_set_struct)();
- int (*a2i)();
- int (*i2a)();
- } X509_EXTENSION_METHOD;
-/* #endif */
-
typedef struct X509_req_info_st
{
ASN1_INTEGER *version;
X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);
-int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
-int X509v3_data_type_by_NID(int nid);
-int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
-int X509v3_pack_type_by_NID(int nid);
-
int X509_get_ext_count(X509 *x);
int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
X509_EXTENSION *X509v3_delete_ext();
STACK * X509v3_add_ext();
-int X509v3_data_type_by_OBJ();
-int X509v3_data_type_by_NID();
-int X509v3_pack_type_by_OBJ();
-int X509v3_pack_type_by_NID();
-
int X509_get_ext_count();
int X509_get_ext_by_NID();
int X509_get_ext_by_OBJ();
#define X509_F_DIR_CTRL 102
#define X509_F_GET_CERT_BY_SUBJECT 103
#define X509_F_X509V3_ADD_EXT 104
-#define X509_F_X509V3_ADD_EXTENSION 105
-#define X509_F_X509V3_PACK_STRING 106
-#define X509_F_X509V3_UNPACK_STRING 107
#define X509_F_X509_CHECK_PRIVATE_KEY 128
#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
#define X509_R_UNKNOWN_KEY_TYPE 117
#define X509_R_UNKNOWN_NID 109
-#define X509_R_UNKNOWN_STRING_TYPE 110
#define X509_R_UNSUPPORTED_ALGORITHM 111
#define X509_R_WRONG_LOOKUP_TYPE 112
{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
-{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"},
-{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"},
-{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"},
{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"},
{X509_R_UNKNOWN_NID ,"unknown nid"},
-{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"},
{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"},
{0,NULL},
#include "evp.h"
#include "x509.h"
-#ifndef NOPROTO
-static X509_EXTENSION_METHOD *find_by_nid(int nid);
-static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
-#else
-static X509_EXTENSION_METHOD *find_by_nid();
-static int xem_cmp();
-#endif
-
-static STACK *extensions=NULL;
-
int X509v3_get_ext_count(x)
STACK *x;
{
if (ex == NULL) return(0);
return(ex->critical);
}
-
-int X509v3_data_type_by_OBJ(obj)
-ASN1_OBJECT *obj;
- {
- int nid;
-
- nid=OBJ_obj2nid(obj);
- if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
- return(X509v3_data_type_by_NID(nid));
- }
-
-int X509v3_data_type_by_NID(nid)
-int nid;
- {
- X509_EXTENSION_METHOD *x;
-
- x=find_by_nid(nid);
- if (x == NULL)
- return(V_ASN1_UNDEF);
- else
- return(x->data_type);
- }
-
-int X509v3_pack_type_by_OBJ(obj)
-ASN1_OBJECT *obj;
- {
- int nid;
-
- nid=OBJ_obj2nid(obj);
- if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
- return(X509v3_pack_type_by_NID(nid));
- }
-
-int X509v3_pack_type_by_NID(nid)
-int nid;
- {
- X509_EXTENSION_METHOD *x;
-
- x=find_by_nid(nid);
- if (x == NULL)
- return(X509_EXT_PACK_UNKNOWN);
- else
- return(x->pack_type);
- }
-
-static X509_EXTENSION_METHOD *find_by_nid(nid)
-int nid;
- {
- X509_EXTENSION_METHOD x;
- int i;
-
- x.nid=nid;
- if (extensions == NULL) return(NULL);
- i=sk_find(extensions,(char *)&x);
- if (i < 0)
- return(NULL);
- else
- return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
- }
-
-static int xem_cmp(a,b)
-X509_EXTENSION_METHOD **a,**b;
- {
- return((*a)->nid-(*b)->nid);
- }
-
-void X509v3_cleanup_extensions()
- {
- int i;
-
- if (extensions != NULL)
- {
- for (i=0; i<sk_num(extensions); i++)
- Free(sk_value(extensions,i));
- sk_free(extensions);
- extensions=NULL;
- }
- }
-
-int X509v3_add_extension(x)
-X509_EXTENSION_METHOD *x;
- {
- X509_EXTENSION_METHOD *newx;
-
- if (extensions == NULL)
- {
- extensions=sk_new(xem_cmp);
- if (extensions == NULL) goto err;
- }
- newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
- if (newx == NULL) goto err;
- newx->nid=x->nid;
- newx->data_type=x->data_type;
- newx->pack_type=x->pack_type;
- if (!sk_push(extensions,(char *)newx))
- {
- Free(newx);
- goto err;
- }
- return(1);
-err:
- X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
- return(0);
- }
-
int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type);
#endif
-void X509v3_cleanup_extensions(void );
-int X509v3_add_extension(X509_EXTENSION_METHOD *x);
-int X509v3_add_netscape_extensions(void );
-int X509v3_add_standard_extensions(void );
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
void X509_LOOKUP_free(X509_LOOKUP *ctx);
int X509_load_crl_file();
#endif
-void X509v3_cleanup_extensions();
-int X509v3_add_extension();
-int X509v3_add_netscape_extensions();
-int X509v3_add_standard_extensions();
-
X509_LOOKUP *X509_LOOKUP_new();
void X509_LOOKUP_free();
int X509_LOOKUP_init();
+++ /dev/null
-/* crypto/x509/x509pack.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "asn1.h"
-#include "objects.h"
-#include "evp.h"
-#include "x509.h"
-
-ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len)
-ASN1_OCTET_STRING **ex;
-int type;
-unsigned char *bytes;
-int len;
- {
- ASN1_OCTET_STRING *os;
- ASN1_STRING str;
- unsigned char *p;
- int i;
-
- if ((ex == NULL) || (*ex == NULL))
- os=ASN1_OCTET_STRING_new();
- else
- os= *ex;
-
- if (len < 0) len=strlen((char *)bytes);
- str.length=len;
- str.type=type;
- str.data=bytes;
-
- /* str now holds the data, we just have to copy it into ->value */
-
- switch (type)
- {
- case V_ASN1_BIT_STRING:
- i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL);
- if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
- goto err;
- p=(unsigned char *)os->data;
- i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p);
- break;
- case V_ASN1_OCTET_STRING:
- i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL);
- if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
- goto err;
- p=(unsigned char *)os->data;
- i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p);
- break;
- case V_ASN1_IA5STRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL);
- if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
- goto err;
- p=(unsigned char *)os->data;
- i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL);
- break;
- default:
- X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
- goto err;
- }
- os->length=i;
-
- if ((ex != NULL) && (os != *ex))
- *ex=os;
- return(os);
-err:
- return(NULL);
- }
-
-ASN1_STRING *X509v3_unpack_string(ex,type,os)
-ASN1_STRING **ex;
-int type;
-ASN1_OCTET_STRING *os;
- {
- unsigned char *p;
- ASN1_STRING *ret=NULL;
-
- p=os->data;
- switch (type)
- {
- case V_ASN1_BIT_STRING:
- ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
- (ASN1_BIT_STRING **)ex,&p,os->length);
- break;
- case V_ASN1_OCTET_STRING:
- ret=(ASN1_STRING *)d2i_ASN1_OCTET_STRING(
- (ASN1_BIT_STRING **)ex,&p,os->length);
- break;
- case V_ASN1_IA5STRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length);
- break;
- default:
- X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
- }
- return(ret);
- }
-
#define X509V3_EXT_CTX_DEP 0x2
#define X509V3_EXT_MULTILINE 0x4
-typedef struct {
+typedef struct BIT_STRING_BITNAME_st {
int bitnum;
char *lname;
char *sname;
typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-typedef struct {
+typedef struct BASIC_CONSTRAINTS_st {
int ca;
ASN1_INTEGER *pathlen;
} BASIC_CONSTRAINTS;
-typedef struct {
+typedef struct AUTHORITY_KEYID_st {
ASN1_OCTET_STRING *keyid;
STACK *issuer;
ASN1_INTEGER *serial;
} AUTHORITY_KEYID;
-typedef struct {
+typedef struct PKEY_USAGE_PERIOD_st {
ASN1_GENERALIZEDTIME *notBefore;
ASN1_GENERALIZEDTIME *notAfter;
} PKEY_USAGE_PERIOD;
-typedef struct {
+typedef struct GENERAL_NAME_st {
#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC)
#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC)
/* Strong extranet structures */
-typedef struct {
+typedef struct SXNET_st {
ASN1_INTEGER *version;
STACK /* SXNETID */ *ids;
} SXNET;
-typedef struct {
+typedef struct SXNET_ID_st {
ASN1_INTEGER *zone;
ASN1_OCTET_STRING *user;
} SXNETID;