Fix so EVP_PKEY_rset_*() check return codes.
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) Support for the authority information access extension. Not
+ very well tested yet.
+ [Steve Henson]
+
*) Modify RSA and DSA PEM read routines to transparently handle
PKCS#8 format private keys. New *_PUBKEY_* functions that handle
public keys in a format compatible with certificate
#define ASN1_F_A2I_ASN1_ENUMERATED 236
#define ASN1_F_A2I_ASN1_INTEGER 101
#define ASN1_F_A2I_ASN1_STRING 102
+#define ASN1_F_ACCESS_DESCRIPTION_NEW 291
#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103
#define ASN1_F_ASN1_D2I_BIO 104
#define ASN1_F_ASN1_D2I_FP 105
#define ASN1_F_BASIC_CONSTRAINTS_NEW 226
#define ASN1_F_BN_TO_ASN1_ENUMERATED 234
#define ASN1_F_BN_TO_ASN1_INTEGER 122
+#define ASN1_F_D2I_ACCESS_DESCRIPTION 292
#define ASN1_F_D2I_ASN1_BIT_STRING 123
#define ASN1_F_D2I_ASN1_BMPSTRING 124
#define ASN1_F_D2I_ASN1_BOOLEAN 125
{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
+{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"},
{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
#define EVP_F_EVP_PKEY_DECRYPT 104
#define EVP_F_EVP_PKEY_ENCRYPT 105
-#define EVP_F_EVP_PKEY_GET_DH 119
-#define EVP_F_EVP_PKEY_GET_DSA 120
-#define EVP_F_EVP_PKEY_GET_RSA 121
#define EVP_F_EVP_PKEY_NEW 106
+#define EVP_F_EVP_PKEY_RGET_DH 119
+#define EVP_F_EVP_PKEY_RGET_DSA 120
+#define EVP_F_EVP_PKEY_RGET_RSA 121
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET_DH,0), "EVP_PKEY_get_DH"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET_DSA,0), "EVP_PKEY_get_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET_RSA,0), "EVP_PKEY_get_RSA"},
{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_DH,0), "EVP_PKEY_rget_DH"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_DSA,0), "EVP_PKEY_rget_DSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_RGET_RSA,0), "EVP_PKEY_rget_RSA"},
{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"},
#ifndef NO_RSA
int EVP_PKEY_rset_RSA(EVP_PKEY *pkey, RSA *key)
{
- CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
- return EVP_PKEY_assign_RSA(pkey, key);
+ int ret = EVP_PKEY_assign_RSA(pkey, key);
+ if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA);
+ return ret;
}
RSA *EVP_PKEY_rget_RSA(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_RSA) {
- EVPerr(EVP_F_EVP_PKEY_GET_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+ EVPerr(EVP_F_EVP_PKEY_RGET_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA);
#ifndef NO_DSA
int EVP_PKEY_rset_DSA(EVP_PKEY *pkey, DSA *key)
{
- CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
- return EVP_PKEY_assign_DSA(pkey, key);
+ int ret = EVP_PKEY_assign_DSA(pkey, key);
+ if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA);
+ return ret;
}
DSA *EVP_PKEY_rget_DSA(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_DSA) {
- EVPerr(EVP_F_EVP_PKEY_GET_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+ EVPerr(EVP_F_EVP_PKEY_RGET_DSA, EVP_R_EXPECTING_A_DSA_KEY);
return NULL;
}
CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA);
int EVP_PKEY_rset_DH(EVP_PKEY *pkey, DH *key)
{
- CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
- return EVP_PKEY_assign_DH(pkey, key);
+ int ret = EVP_PKEY_assign_DH(pkey, key);
+ if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH);
+ return ret;
}
DH *EVP_PKEY_rget_DH(EVP_PKEY *pkey)
{
if(pkey->type != EVP_PKEY_DH) {
- EVPerr(EVP_F_EVP_PKEY_GET_DH, EVP_R_EXPECTING_A_DH_KEY);
+ EVPerr(EVP_F_EVP_PKEY_RGET_DH, EVP_R_EXPECTING_A_DH_KEY);
return NULL;
}
CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH);
* perl obj_dat.pl objects.h obj_dat.h
*/
-#define NUM_NID 175
-#define NUM_SN 123
-#define NUM_LN 171
-#define NUM_OBJ 146
+#define NUM_NID 180
+#define NUM_SN 128
+#define NUM_LN 174
+#define NUM_OBJ 151
-static unsigned char lvalues[1011]={
+static unsigned char lvalues[1049]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [995] OBJ_ext_req */
0x55,0x04,0x29, /* [1004] OBJ_name */
0x55,0x04,0x2E, /* [1007] OBJ_dnQualifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01, /* [1010] OBJ_id_pe */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30, /* [1017] OBJ_id_ad */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01, /* [1024] OBJ_info_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01, /* [1032] OBJ_ad_OCSP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02, /* [1040] OBJ_ad_ca_issuers */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
{"extReq","Extension Request",NID_ext_req,9,&(lvalues[995]),0},
{"name","name",NID_name,3,&(lvalues[1004]),0},
{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1007]),0},
+{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1010]),0},
+{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1017]),0},
+{"authorityInfoAccess","Authority Information Access",NID_info_access,
+ 8,&(lvalues[1024]),0},
+{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1032]),0},
+{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1040]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[95]),/* "MDC2" */
&(nid_objs[57]),/* "Netscape" */
&(nid_objs[17]),/* "O" */
+&(nid_objs[178]),/* "OCSP" */
&(nid_objs[18]),/* "OU" */
&(nid_objs[127]),/* "PKIX" */
&(nid_objs[98]),/* "RC2-40-CBC" */
&(nid_objs[102]),/* "UID" */
&(nid_objs[ 0]),/* "UNDEF" */
&(nid_objs[125]),/* "ZLIB" */
+&(nid_objs[177]),/* "authorityInfoAccess" */
&(nid_objs[90]),/* "authorityKeyIdentifier" */
&(nid_objs[87]),/* "basicConstraints" */
+&(nid_objs[179]),/* "caIssuers" */
&(nid_objs[89]),/* "certificatePolicies" */
&(nid_objs[130]),/* "clientAuth" */
&(nid_objs[131]),/* "codeSigning" */
&(nid_objs[132]),/* "emailProtection" */
&(nid_objs[172]),/* "extReq" */
&(nid_objs[126]),/* "extendedKeyUsage" */
+&(nid_objs[176]),/* "id-ad" */
&(nid_objs[128]),/* "id-kp" */
+&(nid_objs[175]),/* "id-pe" */
&(nid_objs[164]),/* "id-qt-cps" */
&(nid_objs[165]),/* "id-qt-unotice" */
&(nid_objs[142]),/* "invalidityDate" */
};
static ASN1_OBJECT *ln_objs[NUM_LN]={
+&(nid_objs[177]),/* "Authority Information Access" */
+&(nid_objs[179]),/* "CA Issuers" */
&(nid_objs[141]),/* "CRL Reason Code" */
&(nid_objs[131]),/* "Code Signing" */
&(nid_objs[132]),/* "E-mail Protection" */
&(nid_objs[73]),/* "Netscape Revocation Url" */
&(nid_objs[77]),/* "Netscape SSL Server Name" */
&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
+&(nid_objs[178]),/* "OCSP" */
&(nid_objs[161]),/* "PBES2" */
&(nid_objs[69]),/* "PBKDF2" */
&(nid_objs[162]),/* "PBMAC1" */
&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
+&(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */
&(nid_objs[128]),/* OBJ_id_kp 1 3 6 1 5 5 7 3 */
+&(nid_objs[176]),/* OBJ_id_ad 1 3 6 1 5 5 7 48 */
&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
+&(nid_objs[177]),/* OBJ_info_access 1 3 6 1 5 5 7 1 1 */
&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
&(nid_objs[132]),/* OBJ_email_protect 1 3 6 1 5 5 7 3 4 */
&(nid_objs[133]),/* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
+&(nid_objs[178]),/* OBJ_ad_OCSP 1 3 6 1 5 5 7 48 1 */
+&(nid_objs[179]),/* OBJ_ad_ca_issuers 1 3 6 1 5 5 7 48 2 */
&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
#define NID_dnQualifier 174
#define OBJ_dnQualifier OBJ_X509,46L
+#define SN_id_pe "id-pe"
+#define NID_id_pe 175
+#define OBJ_id_pe OBJ_id_pkix,1L
+
+#define SN_id_ad "id-ad"
+#define NID_id_ad 176
+#define OBJ_id_ad OBJ_id_pkix,48L
+
+#define SN_info_access "authorityInfoAccess"
+#define LN_info_access "Authority Information Access"
+#define NID_info_access 177
+#define OBJ_info_access OBJ_id_pe,1L
+
+#define SN_ad_OCSP "OCSP"
+#define LN_ad_OCSP "OCSP"
+#define NID_ad_OCSP 178
+#define OBJ_ad_OCSP OBJ_id_ad,1L
+
+#define SN_ad_ca_issuers "caIssuers"
+#define LN_ad_ca_issuers "CA Issuers"
+#define NID_ad_ca_issuers 179
+#define OBJ_ad_ca_issuers OBJ_id_ad,2L
+
#include <openssl/bio.h>
#include <openssl/asn1.h>
LIB=$(TOP)/libcrypto.a
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
-v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c
+v3_pku.c v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o
+v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o
SRC= $(LIBSRC)
v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h
+v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+v3_info.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
+v3_info.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
+v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+v3_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+v3_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_info.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
+v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_info.o: ../cryptlib.h
v3_int.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
v3_int.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
--- /dev/null
+/* v3_info.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509v3.h>
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+ STACK_OF(CONF_VALUE) *ret);
+static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+X509V3_EXT_METHOD v3_info =
+{ NID_info_access, X509V3_EXT_MULTILINE,
+(X509V3_EXT_NEW)AUTHORITY_INFO_ACCESS_new,
+(X509V3_EXT_FREE)AUTHORITY_INFO_ACCESS_free,
+(X509V3_EXT_D2I)d2i_AUTHORITY_INFO_ACCESS,
+(X509V3_EXT_I2D)i2d_AUTHORITY_INFO_ACCESS,
+NULL, NULL,
+(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
+(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+NULL, NULL, NULL};
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+ STACK_OF(CONF_VALUE) *ret)
+{
+ ACCESS_DESCRIPTION *desc;
+ int i;
+ char objtmp[80], *ntmp;
+ CONF_VALUE *vtmp;
+ for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
+ desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
+ ret = i2v_GENERAL_NAME(method, desc->location, ret);
+ if(!ret) break;
+ vtmp = sk_CONF_VALUE_value(ret, i);
+ i2t_ASN1_OBJECT(objtmp, 80, desc->method);
+ ntmp = Malloc(strlen(objtmp) + strlen(vtmp->name) + 5);
+ if(!ntmp) {
+ X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ strcpy(ntmp, objtmp);
+ strcat(ntmp, " - ");
+ strcat(ntmp, vtmp->name);
+ Free(vtmp->name);
+ vtmp->name = ntmp;
+
+ }
+ if(!ret) return sk_CONF_VALUE_new_null();
+ return ret;
+}
+
+static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
+ STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL;
+ CONF_VALUE *cnf, ctmp;
+ ACCESS_DESCRIPTION *acc;
+ int i, objlen;
+ char *objtmp, *ptmp;
+ if(!(ainfo = sk_ACCESS_DESCRIPTION_new(NULL))) {
+ X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ cnf = sk_CONF_VALUE_value(nval, i);
+ if(!(acc = ACCESS_DESCRIPTION_new())
+ || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+ X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ ptmp = strchr(cnf->name, ';');
+ if(!ptmp) {
+ X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX);
+ goto err;
+ }
+ objlen = ptmp - cnf->name;
+ ctmp.name = ptmp + 1;
+ ctmp.value = cnf->value;
+ if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp)))
+ goto err;
+ if(!(objtmp = Malloc(objlen + 1))) {
+ X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strncpy(objtmp, cnf->name, objlen);
+ objtmp[objlen] = 0;
+ acc->method = OBJ_txt2obj(objtmp, 0);
+ if(!acc->method) {
+ X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT);
+ ERR_add_error_data(2, "value=", objtmp);
+ Free(objtmp);
+ goto err;
+ }
+ Free(objtmp);
+
+ }
+ return ainfo;
+ err:
+ sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
+ return NULL;
+}
+
+int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp)
+{
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT);
+ M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT);
+ M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME);
+
+ M_ASN1_I2D_finish();
+}
+
+ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void)
+{
+ ACCESS_DESCRIPTION *ret=NULL;
+ ASN1_CTX c;
+ M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION);
+ ret->method = OBJ_nid2obj(NID_undef);
+ ret->location = NULL;
+ return (ret);
+ M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW);
+}
+
+ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
+ long length)
+{
+ M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new);
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT);
+ M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME);
+ M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION);
+}
+
+void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
+{
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->method);
+ GENERAL_NAME_free(a->location);
+ Free ((char *)a);
+}
+
+STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new()
+{
+ return sk_ACCESS_DESCRIPTION_new(NULL);
+}
+
+void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a)
+{
+ sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free);
+}
+
+STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
+ unsigned char **pp, long length)
+{
+return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION,
+ ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+}
+
+int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp)
+{
+return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL, IS_SEQUENCE);
+}
+
+IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION)
+IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION)
+
+
}
extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet;
+extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
X509V3_EXT_add(&v3_pkey_usage_period);
X509V3_EXT_add(&v3_crl_num);
X509V3_EXT_add(&v3_sxnet);
+ X509V3_EXT_add(&v3_info);
X509V3_EXT_add(&v3_crl_reason);
X509V3_EXT_add(&v3_cpols);
X509V3_EXT_add(&v3_crld);
{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"},
{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"},
+{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"},
{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"},
{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"},
{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"},
{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"},
{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"},
{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"},
+{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"},
{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"},
{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"},
{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"},
{X509V3_R_INVALID_OPTION ,"invalid option"},
{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"},
{X509V3_R_INVALID_SECTION ,"invalid section"},
+{X509V3_R_INVALID_SYNTAX ,"invalid syntax"},
{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"},
{X509V3_R_MISSING_VALUE ,"missing value"},
{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"},
} d;
} GENERAL_NAME;
+typedef struct ACCESS_DESCRIPTION_st {
+ASN1_OBJECT *method;
+GENERAL_NAME *location;
+} ACCESS_DESCRIPTION;
+
DECLARE_STACK_OF(GENERAL_NAME)
DECLARE_ASN1_SET_OF(GENERAL_NAME)
+DECLARE_STACK_OF(ACCESS_DESCRIPTION)
+DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
+
typedef struct DIST_POINT_NAME_st {
/* NB: this is a CHOICE type and only one of these should be set */
STACK_OF(GENERAL_NAME) *fullname;
DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
long length);
+int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
+ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
+void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
+ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
+ long length);
+
+STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new();
+void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
+STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
+ unsigned char **pp, long length);
+int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
+
+
+
#ifdef HEADER_CONF_H
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
void X509V3_conf_free(CONF_VALUE *val);
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
#define X509V3_F_I2S_ASN1_INTEGER 120
+#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
#define X509V3_F_NOTICE_SECTION 132
#define X509V3_F_NREF_NOS 133
#define X509V3_F_POLICY_SECTION 131
#define X509V3_F_SXNET_ADD_ID_ULONG 127
#define X509V3_F_SXNET_GET_ID_ASC 128
#define X509V3_F_SXNET_GET_ID_ULONG 129
+#define X509V3_F_V2I_ACCESS_DESCRIPTION 139
#define X509V3_F_V2I_ASN1_BIT_STRING 101
#define X509V3_F_V2I_AUTHORITY_KEYID 119
#define X509V3_F_V2I_BASIC_CONSTRAINTS 102
#define X509V3_R_INVALID_OPTION 138
#define X509V3_R_INVALID_POLICY_IDENTIFIER 134
#define X509V3_R_INVALID_SECTION 135
+#define X509V3_R_INVALID_SYNTAX 143
#define X509V3_R_ISSUER_DECODE_ERROR 126
#define X509V3_R_MISSING_VALUE 124
#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
EVP_PKEY_rset_DH 2073
i2d_RSA_PUBKEY_fp 2074
PEM_write_bio_PUBKEY 2075
+sk_ACCESS_DESCRIPTION_shift 2076
+d2i_AUTHORITY_INFO_ACCESS 2077
+sk_ACCESS_DESCRIPTION_delete 2078
+ACCESS_DESCRIPTION_new 2079
+d2i_ACCESS_DESCRIPTION 2080
+sk_ACCESS_DESCRIPTION_set 2081
+i2d_ASN1_SET_OF_ACCESS_DESCRIPTION 2082
+sk_ACCESS_DESCRIPTION_free 2083
+sk_ACCESS_DESCRIPTION_value 2084
+sk_ACCESS_DESCRIPTION_unshift 2085
+sk_ACCESS_DESCRIPTION_pop_free 2086
+ACCESS_DESCRIPTION_free 2087
+sk_ACCESS_DESCRIPTION_dup 2088
+sk_ACCESS_DESCRIPTION_zero 2089
+sk_ACCESS_DESCRIPTION_new 2090
+sk_ACCESS_DESCRIPTION_push 2091
+d2i_ASN1_SET_OF_ACCESS_DESCRIPTION 2092
+sk_ACCESS_DESCRIPTION_find 2093
+AUTHORITY_INFO_ACCESS_free 2094
+sk_ACCESS_DESCRIPTION_pop 2095
+i2d_AUTHORITY_INFO_ACCESS 2096
+sk_ACCESS_DESCRIPTION_num 2097
+i2d_ACCESS_DESCRIPTION 2098
+sk_ACCESS_DESCRIPTION_new_null 2099
+sk_ACCESS_DESCRIPTION_delete_ptr 2100
+sk_ACCESS_DESCRIPTION_insert 2101
+sk_ACCESS_DESCRIPTION_sort 2102
+sk_ACCESS_DESCRIPTION_set_cmp_func 2103