From 35f4850ae06b6056dd58cd072d0030b35c4541ad Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 7 Jan 2000 00:55:54 +0000
Subject: [PATCH] More X509_ATTRIBUTE changes.

---
 CHANGES                | 11 +++++++++++
 apps/x509.c            |  4 ++--
 crypto/asn1/a_strnid.c |  5 ++++-
 crypto/asn1/asn1.h     |  1 +
 crypto/asn1/x_x509a.c  |  4 ++--
 crypto/x509/x509.h     | 11 ++++++-----
 crypto/x509/x509_att.c | 27 +++++++++++++++++++++------
 util/libeay.num        |  4 ++--
 8 files changed, 49 insertions(+), 18 deletions(-)

diff --git a/CHANGES b/CHANGES
index 7853e6c7d2..56f1fb4168 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 0.9.4 and 0.9.5  [xx XXX 1999]
 
+  *) Add PKCS#10 attributes to field table: challengePassword, 
+     unstructuredName and unstructuredAddress. These are taken from
+     draft PKCS#9 v2.0 but are compatible with v1.2 provided no 
+     international characters are used.
+
+     More changes to X509_ATTRIBUTE code: allow the setting of types
+     based on strings. Remove the 'loc' parameter when adding
+     attributes because these will be a SET OF encoding which is sorted
+     in ASN1 order.
+     [Steve Henson]
+
   *) Initial changes to the 'req' utility to allow request generation
      automation. This will allow an application to just generate a template
      file containing all the field values and have req construct the
diff --git a/apps/x509.c b/apps/x509.c
index 04cae31481..62982e4227 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -557,7 +557,7 @@ bad:
 			}
 		}
 
-	if(alias) X509_alias_set(x, (unsigned char *)alias, -1);
+	if(alias) X509_alias_rset(x, (unsigned char *)alias, -1);
 
 	if(clrtrust) X509_trust_clear(x);
 	if(clrreject) X509_reject_clear(x);
@@ -601,7 +601,7 @@ bad:
 			else if (aliasout == i)
 				{
 				unsigned char *alstr;
-				alstr = X509_alias_get(x, NULL);
+				alstr = X509_alias_iget(x, NULL);
 				if(alstr) BIO_printf(STDout,"%s\n", alstr);
 				else BIO_puts(STDout,"<No Alias>\n");
 				}
diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index a51ae43d96..0ec6ae28ce 100644
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -163,11 +163,14 @@ static ASN1_STRING_TABLE tbl_standard[] = {
 {NID_organizationName,		1, ub_organization_name, DIRSTRING_TYPE, 0},
 {NID_organizationalUnitName,	1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
 {NID_pkcs9_emailAddress,	1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
+{NID_pkcs9_unstructuredName,	1, -1, PKCS9STRING_TYPE, 0},
+{NID_pkcs9_challengePassword,	1, -1, PKCS9STRING_TYPE, 0},
+{NID_pkcs9_unstructuredAddress,	1, -1, DIRSTRING_TYPE, 0},
 {NID_givenName,			1, ub_name, DIRSTRING_TYPE, 0},
 {NID_surname,			1, ub_name, DIRSTRING_TYPE, 0},
 {NID_initials,			1, ub_name, DIRSTRING_TYPE, 0},
 {NID_name,			1, ub_name, DIRSTRING_TYPE, 0},
-{NID_dnQualifier,		-1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+{NID_dnQualifier,		-1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
 };
 
 static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b)
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index aba0b5fe71..cebbcd3737 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -215,6 +215,7 @@ typedef struct asn1_string_st
 #define STABLE_NO_MASK		0x02
 #define DIRSTRING_TYPE	\
  (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
+#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
 
 typedef struct asn1_string_table_st {
 	int nid;
diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c
index 0535f39d74..6d2ade521c 100644
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -144,7 +144,7 @@ static X509_CERT_AUX *aux_get(X509 *x)
 	return x->aux;
 }
 
-int X509_alias_set(X509 *x, unsigned char *name, int len)
+int X509_alias_rset(X509 *x, unsigned char *name, int len)
 {
 	X509_CERT_AUX *aux;
 	if(!(aux = aux_get(x))) return 0;
@@ -152,7 +152,7 @@ int X509_alias_set(X509 *x, unsigned char *name, int len)
 	return ASN1_STRING_set(aux->alias, name, len);
 }
 
-unsigned char *X509_alias_get(X509 *x, int *len)
+unsigned char *X509_alias_iget(X509 *x, int *len)
 {
 	if(!x->aux || !x->aux->alias) return NULL;
 	if(len) *len = x->aux->alias->length;
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 9f5f9a1a15..46a95cf263 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -818,8 +818,8 @@ void		X509_CERT_AUX_free(X509_CERT_AUX *a);
 int		i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
 X509_CERT_AUX *	d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
 								long length);
-int X509_alias_set(X509 *x, unsigned char *name, int len);
-unsigned char * X509_alias_get(X509 *x, int *len);
+int X509_alias_rset(X509 *x, unsigned char *name, int len);
+unsigned char * X509_alias_iget(X509 *x, int *len);
 int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
 int X509_radd_trust_object(X509 *x, ASN1_OBJECT *obj);
 int X509_radd_reject_object(X509 *x, ASN1_OBJECT *obj);
@@ -1030,13 +1030,14 @@ X509_ATTRIBUTE *X509_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
 STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
 					 X509_ATTRIBUTE *attr, int loc);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-	     int atrtype, void *data);
+	     int atrtype, void *data, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-	     ASN1_OBJECT *obj, int atrtype, void *data);
+	     ASN1_OBJECT *obj, int atrtype, void *data, int len);
 int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_iset_data(X509_ATTRIBUTE *attr, int attrtype, void *data);
+int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
 void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
 					int atrtype, void *data);
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
 ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr);
 ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx);
 
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index f755ccee85..b5cb2d5a7d 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -154,7 +154,7 @@ err2:
 }
 
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-	     int atrtype, void *data)
+	     int atrtype, void *data, int len)
 {
 	ASN1_OBJECT *obj;
 	X509_ATTRIBUTE *ret;
@@ -165,13 +165,13 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
 		return(NULL);
 		}
-	ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data);
+	ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
 	if (ret == NULL) ASN1_OBJECT_free(obj);
 	return(ret);
 }
 
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-	     ASN1_OBJECT *obj, int atrtype, void *data)
+	     ASN1_OBJECT *obj, int atrtype, void *data, int len)
 {
 	X509_ATTRIBUTE *ret;
 
@@ -188,7 +188,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
 
 	if (!X509_ATTRIBUTE_rset_object(ret,obj))
 		goto err;
-	if (!X509_ATTRIBUTE_iset_data(ret,atrtype,data))
+	if (!X509_ATTRIBUTE_rset_data(ret,atrtype,data,len))
 		goto err;
 	
 	if ((attr != NULL) && (*attr == NULL)) *attr=ret;
@@ -208,15 +208,30 @@ int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj)
 	return(1);
 }
 
-int X509_ATTRIBUTE_iset_data(X509_ATTRIBUTE *attr, int attrtype, void *data)
+int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
 {
 	ASN1_TYPE *ttmp;
+	ASN1_STRING *stmp;
+	int atype;
 	if (!attr) return 0;
+	if(attrtype & MBSTRING_FLAG) {
+		stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
+						OBJ_obj2nid(attr->object));
+		if(!stmp) {
+			X509err(X509_F_X509_ATTRIBUTE_ISET_DATA, ERR_R_ASN1_LIB);
+			return 0;
+		}
+		atype = stmp->type;
+	} else {
+		if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
+		if(!ASN1_STRING_set(stmp, data, len)) goto err;
+		atype = attrtype;
+	}
 	if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
 	if(!(ttmp = ASN1_TYPE_new())) goto err;
 	if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
 	attr->set = 1;
-	ASN1_TYPE_set(ttmp, attrtype, data);
+	ASN1_TYPE_set(ttmp, atype, data);
 	return 1;
 	err:
 	X509err(X509_F_X509_ATTRIBUTE_ISET_DATA, ERR_R_MALLOC_FAILURE);
diff --git a/util/libeay.num b/util/libeay.num
index 263f22741a..7f097dc58d 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1905,7 +1905,7 @@ sk_X509_PURPOSE_value                   1929
 sk_X509_PURPOSE_zero                    1930
 X509_TRUST_add                          1931
 ASN1_VISIBLESTRING_new                  1932
-X509_alias_set                          1933
+X509_alias_rset                         1933
 ASN1_PRINTABLESTRING_free               1934
 EVP_PKEY_rget_DSA                       1935
 ASN1_BMPSTRING_new                      1936
@@ -2046,7 +2046,7 @@ sk_ASN1_STRING_TABLE_set_cmp_func       2070
 X509_NAME_ENTRY_create_by_txt           2071
 ASN1_STRING_get_default_mask            2072
 sk_X509_TRUST_dup                       2073
-X509_alias_get                          2074
+X509_alias_iget                         2074
 ASN1_STRING_data                        2075
 sk_X509_TRUST_insert                    2076
 i2d_ACCESS_DESCRIPTION                  2077
-- 
2.25.1