From c83e523d7f0c095c0fe5851edd5d3c9355e34a3f Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 17 Apr 1999 23:55:39 +0000 Subject: [PATCH] Allow asn1parse to print out VISIBLESTRING and some code needed for certificate policies extension. --- CHANGES | 3 ++- crypto/asn1/a_print.c | 22 ++++++++++++++++++++++ crypto/asn1/asn1.h | 33 +++++++++++++++++++++++++++++++++ crypto/asn1/asn1_par.c | 5 +++-- crypto/objects/obj_dat.h | 23 +++++++++++++++++------ crypto/objects/objects.h | 12 ++++++++++++ crypto/x509v3/x509v3.h | 29 +++++++++++++++++++++++++++++ 7 files changed, 118 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 748f9b0411..597a6f3a17 100644 --- a/CHANGES +++ b/CHANGES @@ -9,7 +9,8 @@ return a const string when you are expecting an allocated buffer. [Ben Laurie] - *) Add support for ASN1 types UTF8String and VISIBLESTRING. + *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE + types DirectoryString and DisplayText. [Steve Henson] *) Add code to allow r2i extensions to access the configuration database, diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c index 3023361dee..9fa75616ae 100644 --- a/crypto/asn1/a_print.c +++ b/crypto/asn1/a_print.c @@ -159,3 +159,25 @@ ASN1_UNIVERSALSTRING *s; return(1); } + +int i2d_DIRECTORYSTRING(a,pp) +ASN1_STRING *a; +unsigned char **pp; + { return(M_i2d_DIRECTORYSTRING(a,pp)); } + +ASN1_STRING *d2i_DIRECTORYSTRING(a,pp,l) +ASN1_STRING **a; +unsigned char **pp; +long l; + { return(M_d2i_DIRECTORYSTRING(a,pp,l)); } + +int i2d_DISPLAYTEXT(a,pp) +ASN1_STRING *a; +unsigned char **pp; + { return(M_i2d_DISPLAYTEXT(a,pp)); } + +ASN1_STRING *d2i_DISPLAYTEXT(a,pp,l) +ASN1_STRING **a; +unsigned char **pp; +long l; + { return(M_d2i_DISPLAYTEXT(a,pp,l)); } diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 5a2cee1b9a..3dc6edaad1 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -315,6 +315,28 @@ typedef struct asn1_header_st B_ASN1_BMPSTRING|\ B_ASN1_UNKNOWN) +#define DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) +#define DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_DIRECTORYSTRING(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ + B_ASN1_PRINTABLESTRING| \ + B_ASN1_TELETEXSTRING|\ + B_ASN1_BMPSTRING|\ + B_ASN1_UNIVERSALSTRING|\ + B_ASN1_UTF8STRING) + +#define DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) +#define DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_DISPLAYTEXT(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ + B_ASN1_VISIBLESTRING| \ + B_ASN1_BMPSTRING|\ + B_ASN1_UTF8STRING) + #define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) #define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) @@ -499,6 +521,13 @@ ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, unsigned char **pp, long l); +int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp); +ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp, + long length); + +int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp); +ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length); + ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp, long l); int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp); @@ -690,6 +719,10 @@ int i2d_ASN1_UTF8STRING(); ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(); int i2d_ASN1_PRINTABLE(); ASN1_STRING *d2i_ASN1_PRINTABLE(); +int i2d_DIRECTORYSTRING(); +ASN1_STRING *d2i_DIRECTORYSTRING(); +int i2d_DISPLAYTEXT(); +ASN1_STRING *d2i_DISPLAYTEXT(); ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(); ASN1_T61STRING *d2i_ASN1_T61STRING(); int i2d_ASN1_IA5STRING(); diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index 9cddfb497b..d62be7dbe2 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -141,8 +141,8 @@ int indent; p="GENERALIZEDTIME"; else if (tag == V_ASN1_GRAPHICSTRING) p="GRAPHICSTRING"; - else if (tag == V_ASN1_ISO64STRING) - p="ISO64STRING"; + else if (tag == V_ASN1_VISIBLESTRING) + p="VISIBLESTRING"; else if (tag == V_ASN1_GENERALSTRING) p="GENERALSTRING"; else if (tag == V_ASN1_UNIVERSALSTRING) @@ -269,6 +269,7 @@ int indent; if ( (tag == V_ASN1_PRINTABLESTRING) || (tag == V_ASN1_T61STRING) || (tag == V_ASN1_IA5STRING) || + (tag == V_ASN1_VISIBLESTRING) || (tag == V_ASN1_UTCTIME) || (tag == V_ASN1_GENERALIZEDTIME)) { diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index de99556e08..10a6304af5 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -61,12 +61,12 @@ * perl obj_dat.pl < objects.h > obj_dat.h */ -#define NUM_NID 164 -#define NUM_SN 115 -#define NUM_LN 160 -#define NUM_OBJ 136 +#define NUM_NID 166 +#define NUM_SN 117 +#define NUM_LN 162 +#define NUM_OBJ 138 -static unsigned char lvalues[940]={ +static unsigned char lvalues[956]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -203,6 +203,8 @@ static unsigned char lvalues[940]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [913] OBJ_pbes2 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [922] OBJ_pbmac1 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [931] OBJ_hmacWithSHA1 */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [939] OBJ_id_qt_cps */ +0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [947] OBJ_id_qt_unotice */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -434,6 +436,9 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ {"PBES2","PBES2",NID_pbes2,9,&(lvalues[913]),0}, {"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[922]),0}, {"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[931]),0}, +{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[939]),0}, +{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8, + &(lvalues[947]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -526,6 +531,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[132]),/* "emailProtection" */ &(nid_objs[126]),/* "extendedKeyUsage" */ &(nid_objs[128]),/* "id-kp" */ +&(nid_objs[164]),/* "id-qt-cps" */ +&(nid_objs[165]),/* "id-qt-unotice" */ &(nid_objs[142]),/* "invalidityDate" */ &(nid_objs[86]),/* "issuerAltName" */ &(nid_objs[83]),/* "keyUsage" */ @@ -579,6 +586,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[139]),/* "Netscape Server Gated Crypto" */ &(nid_objs[161]),/* "PBES2" */ &(nid_objs[162]),/* "PBMAC1" */ +&(nid_objs[164]),/* "Policy Qualifier CPS" */ +&(nid_objs[165]),/* "Policy Qualifier User Notice" */ &(nid_objs[143]),/* "Strong Extranet ID" */ &(nid_objs[130]),/* "TLS Web Client Authentication" */ &(nid_objs[129]),/* "TLS Web Server Authentication" */ @@ -752,8 +761,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */ &(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */ &(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */ -&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */ &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */ +&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */ &(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */ &(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */ &(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */ @@ -787,6 +796,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ &(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */ +&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */ +&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */ &(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */ &(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */ &(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */ diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h index 5203514f18..6669f1f544 100644 --- a/crypto/objects/objects.h +++ b/crypto/objects/objects.h @@ -854,6 +854,18 @@ extern "C" { #define NID_hmacWithSHA1 163 #define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L +/* Policy Qualifier Ids */ + +#define LN_id_qt_cps "Policy Qualifier CPS" +#define SN_id_qt_cps "id-qt-cps" +#define NID_id_qt_cps 164 +#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L + +#define LN_id_qt_unotice "Policy Qualifier User Notice" +#define SN_id_qt_unotice "id-qt-unotice" +#define NID_id_qt_unotice 165 +#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L + #include "bio.h" #include "asn1.h" diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 63c8574220..d44aad7be4 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -197,6 +197,35 @@ typedef struct SXNET_st { STACK_OF(SXNETID) *ids; } SXNET; +typedef struct NOTICEREF_st { + ASN1_STRING *organization; + STACK *noticenos; +} NOTICEREF; + +typedef struct USERNOTICE_st { + NOTICEREF *notref; + ASN1_STRING *exptext; +} USERNOTICE; + +typedef struct POLICYQUALINFO_st { + ASN1_OBJECT *pqualid; + union { + ASN1_IA5STRING *cpsuri; + USERNOTICE *usernotice; + ASN1_TYPE *other; + } d; +} POLICYQUALINFO; + +DECLARE_STACK_OF(POLICYQUALINFO) + +typedef struct POLICYINFO_st { + ASN1_OBJECT *policyid; + STACK_OF(POLICYQUALINFO) qualifiers; +} POLICYINFO; + +DECLARE_STACK_OF(POLICYINFO); +DECLARE_ASN1_SET_OF(POLICYINFO); + #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ ",name:", val->name, ",value:", val->value); -- GitLab