Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
+ X509_*() to X509at_*() on the grounds that they don't handle X509
+ structures and behave in an analagous way to the X509v3 functions:
+ they shouldn't be called directly but wrapper functions should be used
+ instead.
+
+ So we also now have some wrapper functions that call the X509at functions
+ when passed certificate requests. (TO DO: similar things can be done with
+ PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
+ things. Some of these need some d2i or i2d and print functionality
+ because they handle more complex structures. Also need to modify things
+ like 'req' so it actually calls this stuff instead of the evil hacks it
+ currently uses.)
+
+ [Steve Henson]
+
*) Add missing #ifndefs that caused missing symbols when building libssl
as a shared library without RSA. Use #ifndef NO_SSL2 instead of
NO_RSA in ssl/s2*.c.
ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
int lastpos);
-int X509_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
int lastpos);
-X509_ATTRIBUTE *X509_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr, int loc);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+ X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+ ASN1_OBJECT *obj, int type,
+ unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+ int nid, int type,
+ unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+ char *attrname, int type,
+ unsigned char *bytes, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
int atrtype, void *data, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
ASN1_OBJECT *obj, int atrtype, void *data, int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+ char *atrname, int type, unsigned char *bytes, int len);
int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
int atrtype, void *data);
int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx);
+ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx);
int X509_verify_cert(X509_STORE_CTX *ctx);
#define X509_F_X509_ADD_ATTR 135
#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
+#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
#define X509_F_X509_ATTRIBUTE_IGET_DATA 139
#define X509_F_X509_ATTRIBUTE_ISET_DATA 138
#define X509_F_X509_CHECK_PRIVATE_KEY 128
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-int X509_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
{
if (!x) return 0;
return(sk_X509_ATTRIBUTE_num(x));
}
-int X509_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
int lastpos)
{
ASN1_OBJECT *obj;
obj=OBJ_nid2obj(nid);
if (obj == NULL) return(-2);
- return(X509_get_attr_by_OBJ(x,obj,lastpos));
+ return(X509at_get_attr_by_OBJ(x,obj,lastpos));
}
-int X509_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
int lastpos)
{
int n;
return(-1);
}
-X509_ATTRIBUTE *X509_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
{
if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
return NULL;
return sk_X509_ATTRIBUTE_value(x,loc);
}
-X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
{
X509_ATTRIBUTE *ret;
return(ret);
}
-STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
- X509_ATTRIBUTE *attr, int loc)
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
+ X509_ATTRIBUTE *attr)
{
X509_ATTRIBUTE *new_attr=NULL;
int n;
sk= *x;
n=sk_X509_ATTRIBUTE_num(sk);
- if (loc > n) loc=n;
- else if (loc < 0) loc=n;
if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL)
goto err2;
- if (!sk_X509_ATTRIBUTE_insert(sk,new_attr,loc))
+ if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
goto err;
if ((x != NULL) && (*x == NULL))
*x=sk;
return(NULL);
}
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+ ASN1_OBJECT *obj, int type,
+ unsigned char *bytes, int len)
+{
+ X509_ATTRIBUTE *attr;
+ STACK_OF(X509_ATTRIBUTE) *ret;
+ attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
+ if(!attr) return 0;
+ ret = X509at_radd_attr(x, attr);
+ X509_ATTRIBUTE_free(attr);
+ return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+ int nid, int type,
+ unsigned char *bytes, int len)
+{
+ X509_ATTRIBUTE *attr;
+ STACK_OF(X509_ATTRIBUTE) *ret;
+ attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
+ if(!attr) return 0;
+ ret = X509at_radd_attr(x, attr);
+ X509_ATTRIBUTE_free(attr);
+ return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_radd_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+ char *attrname, int type,
+ unsigned char *bytes, int len)
+{
+ X509_ATTRIBUTE *attr;
+ STACK_OF(X509_ATTRIBUTE) *ret;
+ attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
+ if(!attr) return 0;
+ ret = X509at_radd_attr(x, attr);
+ X509_ATTRIBUTE_free(attr);
+ return ret;
+}
+
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
int atrtype, void *data, int len)
{
return(NULL);
}
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+ char *atrname, int type, unsigned char *bytes, int len)
+ {
+ ASN1_OBJECT *obj;
+ X509_ATTRIBUTE *nattr;
+
+ obj=OBJ_txt2obj(atrname, 0);
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
+ X509_R_INVALID_FIELD_NAME);
+ return(NULL);
+ }
+ nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len);
+ ASN1_OBJECT_free(obj);
+ return nattr;
+ }
+
int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
{
if ((attr == NULL) || (obj == NULL))
int atrtype, void *data)
{
ASN1_TYPE *ttmp;
- ttmp = X509_ATTRIBUTE_type_iget(attr, idx);
+ ttmp = X509_ATTRIBUTE_iget_type(attr, idx);
if(!ttmp) return NULL;
if(atrtype != ASN1_TYPE_get(ttmp)){
X509err(X509_F_X509_ATTRIBUTE_IGET_DATA, X509_R_WRONG_TYPE);
return ttmp->value.ptr;
}
-ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx)
+ASN1_TYPE *X509_ATTRIBUTE_iget_type(X509_ATTRIBUTE *attr, int idx)
{
if (attr == NULL) return(NULL);
if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
{ERR_PACK(0,X509_F_X509_ADD_ATTR,0), "X509_ADD_ATTR"},
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"},
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0), "X509_ATTRIBUTE_CREATE_BY_TXT"},
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_IGET_DATA,0), "X509_ATTRIBUTE_iget_data"},
{ERR_PACK(0,X509_F_X509_ATTRIBUTE_ISET_DATA,0), "X509_ATTRIBUTE_ISET_DATA"},
{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
{
return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
}
+
+/* Request attribute functions */
+
+int X509_REQ_get_attr_count(const X509_REQ *req)
+{
+ return X509at_get_attr_count(req->req_info->attributes);
+}
+
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
+ int lastpos)
+{
+ return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
+}
+
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+ int lastpos)
+{
+ return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
+}
+
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
+{
+ return X509at_get_attr(req->req_info->attributes, loc);
+}
+
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
+{
+ return X509at_delete_attr(req->req_info->attributes, loc);
+}
+
+int X509_REQ_radd_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
+{
+ if(X509at_radd_attr(&req->req_info->attributes, attr)) return 1;
+ return 0;
+}
+
+int X509_REQ_radd_attr_by_OBJ(X509_REQ *req,
+ ASN1_OBJECT *obj, int type,
+ unsigned char *bytes, int len)
+{
+ if(X509at_radd_attr_by_OBJ(&req->req_info->attributes, obj,
+ type, bytes, len)) return 1;
+ return 0;
+}
+
+int X509_REQ_radd_attr_by_NID(X509_REQ *req,
+ int nid, int type,
+ unsigned char *bytes, int len)
+{
+ if(X509at_radd_attr_by_NID(&req->req_info->attributes, nid,
+ type, bytes, len)) return 1;
+ return 0;
+}
+
+int X509_REQ_radd_attr_by_txt(X509_REQ *req,
+ char *attrname, int type,
+ unsigned char *bytes, int len)
+{
+ if(X509at_radd_attr_by_txt(&req->req_info->attributes, attrname,
+ type, bytes, len)) return 1;
+ return 0;
+}
X509_reject_clear 2184
X509_TRUST_set_default 2185
d2i_AutoPrivateKey 2186
-X509_ATTRIBUTE_type_iget 2187
+X509_ATTRIBUTE_iget_type 2187
X509_ATTRIBUTE_rset_data 2188
-X509_get_attr 2189
-X509_get_attr_count 2190
+X509at_get_attr 2189
+X509at_get_attr_count 2190
X509_ATTRIBUTE_create_by_NID 2191
X509_ATTRIBUTE_rset_object 2192
X509_ATTRIBUTE_count 2193
X509_ATTRIBUTE_create_by_OBJ 2194
X509_ATTRIBUTE_iget_object 2195
-X509_get_attr_by_NID 2196
-X509_radd_attr 2197
+X509at_get_attr_by_NID 2196
+X509at_radd_attr 2197
X509_ATTRIBUTE_iget_data 2198
-X509_delete_attr 2199
-X509_get_attr_by_OBJ 2200
+X509at_delete_attr 2199
+X509at_get_attr_by_OBJ 2200
RAND_add 2201
BIO_number_written 2202
BIO_number_read 2203