Skip to content

Commit

Permalink
Add the ASN.1 structures and functions for CertificatePair, which is
Browse files Browse the repository at this point in the history 
defined as follows (according to X.509_4thEditionDraftV6.pdf):

CertificatePair ::= SEQUENCE {
	forward		[0]	Certificate OPTIONAL,
	reverse		[1]	Certificate OPTIONAL,
	-- at least one of the pair shall be present -- }

The only thing I'm not sure about is if it's implicit or explicit tags
that I should count on.  For now, I'm thinking explicit, but will
gladly stand corrected.

Also implement the PEM functions to read and write certificate pairs,
and defined the PEM tag as "CERTIFICATE PAIR".

This needed to be defined, mostly for the sake of the LDAP attribute
crossCertificatePair, but may prove useful elsewhere as well.
  • Loading branch information
@levitte
levitte committed Nov 18, 2002
1 parent a1d8530 commit 711f1a3
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 0 deletions.
6 changes: 6 additions & 0 deletions crypto/asn1/x_x509a.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -172,3 +172,9 @@ void X509_reject_clear(X509 *x)
}
}

ASN1_SEQUENCE(X509_CERT_PAIR) = {
ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
} ASN1_SEQUENCE_END(X509_CERT_PAIR);

IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
3 changes: 3 additions & 0 deletions crypto/pem/pem.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ extern "C" {

#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
#define PEM_STRING_X509 "CERTIFICATE"
#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
Expand Down Expand Up @@ -548,6 +549,8 @@ DECLARE_PEM_rw(X509, X509)

DECLARE_PEM_rw(X509_AUX, X509)

DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)

DECLARE_PEM_rw(X509_REQ, X509_REQ)
DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)

Expand Down
1 change: 1 addition & 0 deletions crypto/pem/pem_xaux.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,4 @@
#include <openssl/pem.h>

IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR, X509_CERT_PAIR)
7 changes: 7 additions & 0 deletions crypto/x509/x509.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,11 @@ typedef struct x509_trust_st {

DECLARE_STACK_OF(X509_TRUST)

typedef struct x509_cert_pair_st {
X509 *forward;
X509 *reverse;
} X509_CERT_PAIR;

/* standard trust ids */

#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */
Expand Down Expand Up @@ -920,6 +925,8 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF)
DECLARE_ASN1_FUNCTIONS(X509)
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)

DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)

int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int X509_set_ex_data(X509 *r, int idx, void *arg);
Expand Down

0 comments on commit 711f1a3

Please sign in to comment.