include an 'indent' option to V3 stuff.
Changes between 0.9.2b and 0.9.3
+ *) Add a new 'indent' option to some X509V3 extension code. Initial ASN1
+ and display support for Thawte strong extranet extension.
+ [Steve Henson]
+
*) Add LinuxPPC support.
[Jeff Dubrule <igor@pobox.org>]
#define ASN1_F_D2I_PUBLICKEY 156
#define ASN1_F_D2I_RSAPRIVATEKEY 157
#define ASN1_F_D2I_RSAPUBLICKEY 158
+#define ASN1_F_D2I_SXNET 241
+#define ASN1_F_D2I_SXNETID 243
#define ASN1_F_D2I_X509 159
#define ASN1_F_D2I_X509_ALGOR 160
#define ASN1_F_D2I_X509_ATTRIBUTE 161
#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
+#define ASN1_F_SXNETID_NEW 244
+#define ASN1_F_SXNET_NEW 242
#define ASN1_F_X509_ALGOR_NEW 202
#define ASN1_F_X509_ATTRIBUTE_NEW 203
#define ASN1_F_X509_CINF_NEW 204
#define ASN1_F_D2I_PUBLICKEY 156
#define ASN1_F_D2I_RSAPRIVATEKEY 157
#define ASN1_F_D2I_RSAPUBLICKEY 158
+#define ASN1_F_D2I_SXNET 241
+#define ASN1_F_D2I_SXNETID 243
#define ASN1_F_D2I_X509 159
#define ASN1_F_D2I_X509_ALGOR 160
#define ASN1_F_D2I_X509_ATTRIBUTE 161
#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
+#define ASN1_F_SXNETID_NEW 244
+#define ASN1_F_SXNET_NEW 242
#define ASN1_F_X509_ALGOR_NEW 202
#define ASN1_F_X509_ATTRIBUTE_NEW 203
#define ASN1_F_X509_CINF_NEW 204
{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "D2I_SXNET"},
+{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "D2I_SXNETID"},
{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"},
{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_NEW"},
+{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_NEW"},
+{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_NEW"},
{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
obj=X509_EXTENSION_get_object(ex);
i2a_ASN1_OBJECT(out,obj);
j=X509_EXTENSION_get_critical(ex);
- BIO_printf(out, ": %s\n%16s", j ? "critical":"","");
- if(!X509V3_EXT_print(out, ex, 0))
- ASN1_OCTET_STRING_print(out,ex->value);
+ BIO_printf(out, ": %s\n", j ? "critical":"","");
+ if(!X509V3_EXT_print(out, ex, 0, 16)) {
+ BIO_printf(out, "%16s", "");
+ ASN1_OCTET_STRING_print(out,ex->value);
+ }
BIO_write(out,"\n",1);
}
obj=X509_EXTENSION_get_object(ex);
i2a_ASN1_OBJECT(bp,obj);
j=X509_EXTENSION_get_critical(ex);
- if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
+ if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
goto err;
-#if 0
- pack_type=X509v3_pack_type_by_OBJ(obj);
- data_type=X509v3_data_type_by_OBJ(obj);
-
- if (pack_type == X509_EXT_PACK_STRING)
- {
- if (X509v3_unpack_string(
- &str,data_type,
- X509_EXTENSION_get_data(ex)) == NULL)
- {
- /* hmm... */
- goto err;
- }
- if ( (data_type == V_ASN1_IA5STRING) ||
- (data_type == V_ASN1_PRINTABLESTRING) ||
- (data_type == V_ASN1_T61STRING))
- {
- if (BIO_write(bp,(char *)str->data,
- str->length) <= 0)
- goto err;
- }
- else if (data_type == V_ASN1_BIT_STRING)
- {
- BIO_printf(bp,"0x");
- for (j=0; j<str->length; j++)
- {
- BIO_printf(bp,"%02X",
- str->data[j]);
- }
- }
- }
-#endif
- if(!X509V3_EXT_print(bp, ex, 0))
+ if(!X509V3_EXT_print(bp, ex, 0, 16))
{
+ BIO_printf(bp, "%16s", "");
ASN1_OCTET_STRING_print(bp,ex->value);
}
if (BIO_write(bp,"\n",1) <= 0) goto err;
* perl obj_dat.pl < objects.h > obj_dat.h
*/
-#define NUM_NID 143
-#define NUM_SN 114
-#define NUM_LN 139
-#define NUM_OBJ 115
+#define NUM_NID 144
+#define NUM_SN 115
+#define NUM_LN 140
+#define NUM_OBJ 116
-static unsigned char lvalues[735]={
+static unsigned char lvalues[740]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
0x55,0x1D,0x1B, /* [725] OBJ_delta_crl */
0x55,0x1D,0x15, /* [728] OBJ_crl_reason */
0x55,0x1D,0x18, /* [731] OBJ_invalidity_date */
+0x2B,0x65,0x01,0x04,0x01, /* [734] OBJ_sxnet */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
{"CRLReason","CRL Reason Code",NID_crl_reason,3,&(lvalues[728]),0},
{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
&(lvalues[731]),0},
+{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[734]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
&(nid_objs[64]),/* "SHA1" */
&(nid_objs[105]),/* "SN" */
&(nid_objs[16]),/* "ST" */
+&(nid_objs[143]),/* "SXNetID" */
&(nid_objs[106]),/* "T" */
&(nid_objs[102]),/* "UID" */
&(nid_objs[ 0]),/* "UNDEF" */
&(nid_objs[73]),/* "Netscape Revocation Url" */
&(nid_objs[77]),/* "Netscape SSL Server Name" */
&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
+&(nid_objs[143]),/* "Strong Extranet ID" */
&(nid_objs[130]),/* "TLS Web Client Authentication" */
&(nid_objs[129]),/* "TLS Web Server Authentication" */
&(nid_objs[133]),/* "Time Stamping" */
&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
+&(nid_objs[143]),/* OBJ_sxnet 1 3 101 1 4 1 */
&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
&(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */
&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
#define NID_invalidity_date 142
#define OBJ_invalidity_date OBJ_ld_ce,24L
+#define SN_sxnet "SXNetID"
+#define LN_sxnet "Strong Extranet ID"
+#define NID_sxnet 143
+#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
+
#include "bio.h"
#include "asn1.h"
LIB=$(TOP)/libcrypto.a
LIBSRC= v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c \
v3_lib.c v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c \
-v3_pku.c v3_int.c v3_enum.c
+v3_pku.c v3_int.c v3_enum.c v3_sxnet.c
LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
-v3_int.o v3_enum.o
+v3_int.o v3_enum.o v3_sxnet.o
SRC= $(LIBSRC)
#endif
X509V3_EXT_METHOD v3_akey_id = {
-NID_authority_key_identifier, 0,
+NID_authority_key_identifier, X509V3_EXT_MULTILINE,
(X509V3_EXT_NEW)AUTHORITY_KEYID_new,
AUTHORITY_KEYID_free,
(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
}
extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period;
+extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet;
extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason;
X509V3_EXT_add(&v3_akey_id);
X509V3_EXT_add(&v3_pkey_usage_period);
X509V3_EXT_add(&v3_crl_num);
+ X509V3_EXT_add(&v3_sxnet);
X509V3_EXT_add(&v3_crl_reason);
return 1;
}
#include "x509v3.h"
#ifndef NOPROTO
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out);
+static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
/*
static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
*/
Free ((char *)a);
}
-static int i2r_PKEY_USAGE_PERIOD(method, usage, out)
+static int i2r_PKEY_USAGE_PERIOD(method, usage, out, indent)
X509V3_EXT_METHOD *method;
PKEY_USAGE_PERIOD *usage;
BIO *out;
+int indent;
{
+ BIO_printf(out, "%*s", indent, "");
if(usage->notBefore) {
BIO_write(out, "Not Before: ", 12);
ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
/* Print out a name+value stack */
-void X509V3_EXT_val_prn(out, val)
+void X509V3_EXT_val_prn(out, val, indent, ml)
BIO *out;
STACK *val;
+int indent;
+int ml;
{
int i;
CONF_VALUE *nval;
if(!val) return;
+ if(!ml) BIO_printf(out, "%*s", indent, "");
for(i = 0; i < sk_num(val); i++) {
- if(i > 0) BIO_printf(out, ", ");
+ if(ml) BIO_printf(out, "%*s", indent, "");
+ else if(i > 0) BIO_printf(out, ", ");
nval = (CONF_VALUE *)sk_value(val, i);
if(!nval->name) BIO_printf(out, "%s", nval->value);
else if(!nval->value) BIO_printf(out, "%s", nval->name);
else BIO_printf(out, "%s:%s", nval->name, nval->value);
+ if(ml) BIO_puts(out, "\n");
}
}
/* Main routine: print out a general extension */
-int X509V3_EXT_print(out, ext, flag)
+int X509V3_EXT_print(out, ext, flag, indent)
BIO *out;
X509_EXTENSION *ext;
int flag;
+int indent;
{
char *ext_str = NULL, *p, *value = NULL;
X509V3_EXT_METHOD *method;
ok = 0;
goto err;
}
- BIO_printf(out, value);
+ BIO_printf(out, "%*s%s", indent, "", value);
} else if(method->i2v) {
if(!(nval = method->i2v(method, ext_str, NULL))) {
ok = 0;
goto err;
}
- X509V3_EXT_val_prn(out, nval);
+ X509V3_EXT_val_prn(out, nval, indent,
+ method->ext_flags & X509V3_EXT_MULTILINE);
} else if(method->i2r) {
- if(!method->i2r(method, ext_str, out)) ok = 0;
+ if(!method->i2r(method, ext_str, out, indent)) ok = 0;
} else ok = 0;
err:
return ok;
}
-int X509V3_EXT_print_fp(fp, ext, flag)
+int X509V3_EXT_print_fp(fp, ext, flag, indent)
FILE *fp;
X509_EXTENSION *ext;
int flag;
+int indent;
{
BIO *bio_tmp;
int ret;
if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0;
- ret = X509V3_EXT_print(bio_tmp, ext, flag);
+ ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
BIO_free(bio_tmp);
return ret;
}
for(i = 0; i < count; i++) {
ext = X509_get_ext(cert, i);
printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
- if(!X509V3_EXT_print_fp(stdout, ext, 0)) ERR_print_errors_fp(stderr);
+ if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
printf("\n");
}
typedef char * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values);
typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, char *ext);
typedef char * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out);
+typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, char *ext, BIO *out, int indent);
typedef char *(*X509V3_EXT_R2I)(struct v3_ext_method *method, char *db, char *value);
/* V3 extension structure */
typedef struct v3_ext_ctx X509V3_CTX;
/* ext_flags values */
-#define X509V3_EXT_DYNAMIC 0x1
-#define X509V3_EXT_CTX_DEP 0x2
+#define X509V3_EXT_DYNAMIC 0x1
+#define X509V3_EXT_CTX_DEP 0x2
+#define X509V3_EXT_MULTILINE 0x4
typedef struct {
int bitnum;
} d;
} GENERAL_NAME;
+/* Strong extranet structures */
+typedef struct {
+ ASN1_INTEGER *version;
+ STACK /* SXNETID */ *ids;
+} SXNET;
+typedef struct {
+ ASN1_INTEGER *zone;
+ ASN1_OCTET_STRING *user;
+} SXNETID;
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
void GENERAL_NAME_free(GENERAL_NAME *a);
STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK *ret);
+int i2d_SXNET(SXNET *a, unsigned char **pp);
+SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
+SXNET *SXNET_new(void);
+void SXNET_free(SXNET *a);
+
+int i2d_SXNETID(SXNETID *a, unsigned char **pp);
+SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
+SXNETID *SXNETID_new(void);
+void SXNETID_free(SXNETID *a);
+
int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
unsigned char *string_to_hex(char *str, long *len);
int name_cmp(char *name, char *cmp);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag);
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
#else
STACK *i2v_GENERAL_NAME();
GENERAL_NAME *v2i_GENERAL_NAME();
+int i2d_SXNET();
+SXNET *d2i_SXNET();
+SXNET *SXNET_new();
+void SXNET_free();
+
+int i2d_SXNETID();
+SXNETID *d2i_SXNETID();
+SXNETID *SXNETID_new();
+void SXNETID_free();
+
int i2d_AUTHORITY_KEYID();
AUTHORITY_KEYID *d2i_AUTHORITY_KEYID();
AUTHORITY_KEYID *AUTHORITY_KEYID_new();