Allow ca to certify requests containing BMPStrings and UTF8Strings.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 27 Oct 2001 17:04:47 +0000 (17:04 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 27 Oct 2001 17:04:47 +0000 (17:04 +0000)
apps/ca.c

index a6e6976..4421070 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1909,14 +1909,17 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
                        BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
                        goto err;
                        }
-               j=ASN1_PRINTABLE_type(str->data,str->length);
-               if (    ((j == V_ASN1_T61STRING) &&
-                        (str->type != V_ASN1_T61STRING)) ||
-                       ((j == V_ASN1_IA5STRING) &&
-                        (str->type == V_ASN1_PRINTABLESTRING)))
+               if ((str->type != V_ASN1_BMPSTRING) && (str->type != V_ASN1_UTF8STRING))
                        {
-                       BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
-                       goto err;
+                       j=ASN1_PRINTABLE_type(str->data,str->length);
+                       if (    ((j == V_ASN1_T61STRING) &&
+                                (str->type != V_ASN1_T61STRING)) ||
+                               ((j == V_ASN1_IA5STRING) &&
+                                (str->type == V_ASN1_PRINTABLESTRING)))
+                               {
+                               BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
+                               goto err;
+                               }
                        }
 
                if (default_op)