* [including the GNU Public Licence.]
*/
-#define NUM_NID 751
-#define NUM_SN 747
-#define NUM_LN 747
-#define NUM_OBJ 709
+#define NUM_NID 752
+#define NUM_SN 748
+#define NUM_LN 748
+#define NUM_OBJ 710
-static unsigned char lvalues[5002]={
+static unsigned char lvalues[5005]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00, /* [4977] OBJ_id_ppl_anyLanguage */
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01, /* [4985] OBJ_id_ppl_inheritAll */
0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02, /* [4993] OBJ_Independent */
+0x55,0x1D,0x1C, /* [5001] OBJ_issuing_distribution_point */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
&(lvalues[4985]),0},
{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4993]),0},
+{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
+ NID_issuing_distribution_point,3,&(lvalues[5001]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[295]),/* "ipsecTunnel" */
&(nid_objs[296]),/* "ipsecUser" */
&(nid_objs[86]),/* "issuerAltName" */
+&(nid_objs[751]),/* "issuingDistributionPoint" */
&(nid_objs[492]),/* "janetMailbox" */
&(nid_objs[150]),/* "keyBag" */
&(nid_objs[83]),/* "keyUsage" */
&(nid_objs[126]),/* "X509v3 Extended Key Usage" */
&(nid_objs[739]),/* "X509v3 Inhibit Any Policy" */
&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
+&(nid_objs[751]),/* "X509v3 Issuing Distrubution Point" */
&(nid_objs[83]),/* "X509v3 Key Usage" */
&(nid_objs[736]),/* "X509v3 Name Constraints" */
&(nid_objs[403]),/* "X509v3 No Revocation Available" */
&(nid_objs[430]),/* OBJ_hold_instruction_code 2 5 29 23 */
&(nid_objs[142]),/* OBJ_invalidity_date 2 5 29 24 */
&(nid_objs[140]),/* OBJ_delta_crl 2 5 29 27 */
+&(nid_objs[751]),/* OBJ_issuing_distribution_point 2 5 29 28 */
&(nid_objs[736]),/* OBJ_name_constraints 2 5 29 30 */
&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
* project 1999.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999, 2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+
+ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
+ ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
+ ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
+} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
+
+static int i2r_idp(X509V3_EXT_METHOD *method,
+ void *pidp, BIO *out, int indent);
+
+X509V3_EXT_METHOD v3_idp =
+ {
+ NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(ISSUING_DIST_POINT),
+ 0,0,0,0,
+ 0,0,
+ 0,0,
+ i2r_idp,0,
+ NULL
+ };
+
+static const BIT_STRING_BITNAME reason_flags[] = {
+{1, "Key Compromise", "keyCompromise"},
+{2, "CA Compromise", "CACompromise"},
+{3, "Affiliation Changed", "affiliationChanged"},
+{4, "Superseded", "superseded"},
+{5, "Cessation Of Operation", "cessationOfOperation"},
+{6, "Certificate Hold", "certificateHold"},
+{7, "Privilege Withdrawn", "privilegeWithdrawn"},
+{8, "AA Compromise", "AACompromise"},
+{-1, NULL, NULL}
+};
+
+static int print_reasons(BIO *out, const char *rname,
+ ASN1_BIT_STRING *rflags, int indent)
+ {
+ int first = 1;
+ const BIT_STRING_BITNAME *pbn;
+ BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
+ for (pbn = reason_flags; pbn->lname; pbn++)
+ {
+ if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum))
+ {
+ if (first)
+ first = 0;
+ else
+ BIO_puts(out, ",");
+ BIO_puts(out, pbn->lname);
+ }
+ }
+ if (first)
+ BIO_puts(out, "<EMPTY>\n");
+ else
+ BIO_puts(out, "\n");
+ return 1;
+ }
+
+static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
+ {
+ int i;
+ if (dpn->type == 0)
+ {
+ STACK_OF(GENERAL_NAME) *gens;
+ BIO_printf(out, "%*sFull Name:\n", indent, "");
+ gens = dpn->name.fullname;
+ for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
+ {
+ BIO_printf(out, "%*s", indent + 2, "");
+ GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
+ }
+ }
+ else
+ {
+ X509_NAME ntmp;
+ ntmp.entries = dpn->name.relativename;
+ BIO_printf(out, "%*sRelative Name:\n%*s",
+ indent, "", indent + 2, "");
+ X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
+ BIO_puts(out, "\n");
+ }
+ return 1;
+ }
+
+static int i2r_idp(X509V3_EXT_METHOD *method, void *pidp, BIO *out, int indent)
+ {
+ ISSUING_DIST_POINT *idp = pidp;
+ if (idp->distpoint)
+ print_distpoint(out, idp->distpoint, indent);
+ if (idp->onlyuser > 0)
+ BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
+ if (idp->onlyCA > 0)
+ BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
+ if (idp->indirectCRL > 0)
+ BIO_printf(out, "%*sIndirect CRL\n", indent, "");
+ if (idp->onlysomereasons)
+ print_reasons(out, "Only Some Reasons",
+ idp->onlysomereasons, indent);
+ if (idp->onlyattr > 0)
+ BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
+ if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
+ && (idp->indirectCRL <= 0) && !idp->onlysomereasons
+ && (idp->onlyattr <= 0))
+ BIO_printf(out, "%*s<EMPTY>\n", indent, "");
+
+ return 1;
+ }
projects / oweals / openssl.git / commitdiff