Allow asn1parse to print out VISIBLESTRING and some code needed for certificate

policies extension.

Allow asn1parse to print out VISIBLESTRING and some code needed for certificate
policies extension.
c83e523d · Dr. Stephen Henson · e778802f · c83e523d · c83e523d · c83e523d
7 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,8 @@
     return a const string when you are expecting an allocated buffer.
     [Ben Laurie]

-  *) Add support for ASN1 types UTF8String and VISIBLESTRING.
+  *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
+     types DirectoryString and DisplayText.
     [Steve Henson]

  *) Add code to allow r2i extensions to access the configuration database,

--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -159,3 +159,25 @@ ASN1_UNIVERSALSTRING *s;
 	return(1);
 	}

+
+int i2d_DIRECTORYSTRING(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+	{ return(M_i2d_DIRECTORYSTRING(a,pp)); }
+
+ASN1_STRING *d2i_DIRECTORYSTRING(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
+
+int i2d_DISPLAYTEXT(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+	{ return(M_i2d_DISPLAYTEXT(a,pp)); }
+
+ASN1_STRING *d2i_DISPLAYTEXT(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+	{ return(M_d2i_DISPLAYTEXT(a,pp,l)); }
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -315,6 +315,28 @@ typedef struct asn1_header_st
 			B_ASN1_BMPSTRING|\
 			B_ASN1_UNKNOWN)

+#define DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+#define DIRECTORYSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+						pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_DIRECTORYSTRING(a,pp,l) \
+		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+			B_ASN1_PRINTABLESTRING| \
+			B_ASN1_TELETEXSTRING|\
+			B_ASN1_BMPSTRING|\
+			B_ASN1_UNIVERSALSTRING|\
+			B_ASN1_UTF8STRING)
+
+#define DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+#define DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+						pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_DISPLAYTEXT(a,pp,l) \
+		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+			B_ASN1_VISIBLESTRING| \
+			B_ASN1_BMPSTRING|\
+			B_ASN1_UTF8STRING)
+
 #define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
 		ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
 #define ASN1_PRINTABLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
@@ -499,6 +521,13 @@ ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
 ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
 	unsigned char **pp, long l);

+int	i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
+								 long length);
+
+int	i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
+
 ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
 	unsigned char **pp, long l);
 int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
@@ -690,6 +719,10 @@ int		i2d_ASN1_UTF8STRING();
 ASN1_UTF8STRING *d2i_ASN1_UTF8STRING();
 int i2d_ASN1_PRINTABLE();
 ASN1_STRING *d2i_ASN1_PRINTABLE();
+int	i2d_DIRECTORYSTRING();
+ASN1_STRING *d2i_DIRECTORYSTRING();
+int	i2d_DISPLAYTEXT();
+ASN1_STRING *d2i_DISPLAYTEXT();
 ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
 ASN1_T61STRING *d2i_ASN1_T61STRING();
 int i2d_ASN1_IA5STRING();

--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -141,8 +141,8 @@ int indent;
 		p="GENERALIZEDTIME";
 	else if (tag == V_ASN1_GRAPHICSTRING)
 		p="GRAPHICSTRING";
-	else if (tag == V_ASN1_ISO64STRING)
-		p="ISO64STRING";
+	else if (tag == V_ASN1_VISIBLESTRING)
+		p="VISIBLESTRING";
 	else if (tag == V_ASN1_GENERALSTRING)
 		p="GENERALSTRING";
 	else if (tag == V_ASN1_UNIVERSALSTRING)
@@ -269,6 +269,7 @@ int indent;
 			if (	(tag == V_ASN1_PRINTABLESTRING) ||
 				(tag == V_ASN1_T61STRING) ||
 				(tag == V_ASN1_IA5STRING) ||
+				(tag == V_ASN1_VISIBLESTRING) ||
 				(tag == V_ASN1_UTCTIME) ||
 				(tag == V_ASN1_GENERALIZEDTIME))
 				{

--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -61,12 +61,12 @@
 * perl obj_dat.pl < objects.h > obj_dat.h
 */

-#define NUM_NID 164
-#define NUM_SN 115
-#define NUM_LN 160
-#define NUM_OBJ 136
+#define NUM_NID 166
+#define NUM_SN 117
+#define NUM_LN 162
+#define NUM_OBJ 138

-static unsigned char lvalues[940]={
+static unsigned char lvalues[956]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -203,6 +203,8 @@ static unsigned char lvalues[940]={
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [913] OBJ_pbes2 */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [922] OBJ_pbmac1 */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [931] OBJ_hmacWithSHA1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [939] OBJ_id_qt_cps */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [947] OBJ_id_qt_unotice */
 };

 static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -434,6 +436,9 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"PBES2","PBES2",NID_pbes2,9,&(lvalues[913]),0},
 {"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[922]),0},
 {"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[931]),0},
+{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[939]),0},
+{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
+	&(lvalues[947]),0},
 };

 static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -526,6 +531,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[132]),/* "emailProtection" */
 &(nid_objs[126]),/* "extendedKeyUsage" */
 &(nid_objs[128]),/* "id-kp" */
+&(nid_objs[164]),/* "id-qt-cps" */
+&(nid_objs[165]),/* "id-qt-unotice" */
 &(nid_objs[142]),/* "invalidityDate" */
 &(nid_objs[86]),/* "issuerAltName" */
 &(nid_objs[83]),/* "keyUsage" */
@@ -579,6 +586,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[139]),/* "Netscape Server Gated Crypto" */
 &(nid_objs[161]),/* "PBES2" */
 &(nid_objs[162]),/* "PBMAC1" */
+&(nid_objs[164]),/* "Policy Qualifier CPS" */
+&(nid_objs[165]),/* "Policy Qualifier User Notice" */
 &(nid_objs[143]),/* "Strong Extranet ID" */
 &(nid_objs[130]),/* "TLS Web Client Authentication" */
 &(nid_objs[129]),/* "TLS Web Server Authentication" */
@@ -752,8 +761,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
 &(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
 &(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
-&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666.2 */
 &(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666.1 */
+&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666.2 */
 &(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
 &(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
 &(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */
@@ -787,6 +796,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[ 5]),/* OBJ_rc4                          1 2 840 113549 3 4 */
 &(nid_objs[44]),/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
 &(nid_objs[120]),/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
+&(nid_objs[164]),/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
+&(nid_objs[165]),/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
 &(nid_objs[129]),/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
 &(nid_objs[130]),/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
 &(nid_objs[131]),/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */

--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -854,6 +854,18 @@ extern "C" {
 #define NID_hmacWithSHA1	163
 #define OBJ_hmacWithSHA1	OBJ_rsadsi,2L,7L

+/* Policy Qualifier Ids */
+
+#define LN_id_qt_cps		"Policy Qualifier CPS"
+#define SN_id_qt_cps		"id-qt-cps"
+#define NID_id_qt_cps		164
+#define OBJ_id_qt_cps		OBJ_id_pkix,2L,1L
+
+#define LN_id_qt_unotice	"Policy Qualifier User Notice"
+#define SN_id_qt_unotice	"id-qt-unotice"
+#define NID_id_qt_unotice	165
+#define OBJ_id_qt_unotice	OBJ_id_pkix,2L,2L
+
 #include "bio.h"
 #include "asn1.h"


--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -197,6 +197,35 @@ typedef struct SXNET_st {
 	STACK_OF(SXNETID) *ids;
 } SXNET;

+typedef struct NOTICEREF_st {
+	ASN1_STRING *organization;
+	STACK *noticenos;
+} NOTICEREF;
+
+typedef struct USERNOTICE_st {
+	NOTICEREF *notref;
+	ASN1_STRING *exptext;
+} USERNOTICE;
+
+typedef struct POLICYQUALINFO_st {
+	ASN1_OBJECT *pqualid;
+	union {
+		ASN1_IA5STRING *cpsuri;
+		USERNOTICE *usernotice;
+		ASN1_TYPE *other;
+	} d;
+} POLICYQUALINFO;
+
+DECLARE_STACK_OF(POLICYQUALINFO)
+
+typedef struct POLICYINFO_st {
+	ASN1_OBJECT *policyid;
+	STACK_OF(POLICYQUALINFO) qualifiers;
+} POLICYINFO;
+
+DECLARE_STACK_OF(POLICYINFO);
+DECLARE_ASN1_SET_OF(POLICYINFO);
+
 #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
 ",name:", val->name, ",value:", val->value);