Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) Add PKCS#10 attributes to field table: challengePassword,
+ unstructuredName and unstructuredAddress. These are taken from
+ draft PKCS#9 v2.0 but are compatible with v1.2 provided no
+ international characters are used.
+
+ More changes to X509_ATTRIBUTE code: allow the setting of types
+ based on strings. Remove the 'loc' parameter when adding
+ attributes because these will be a SET OF encoding which is sorted
+ in ASN1 order.
+ [Steve Henson]
+
*) Initial changes to the 'req' utility to allow request generation
automation. This will allow an application to just generate a template
file containing all the field values and have req construct the
}
}
- if(alias) X509_alias_set(x, (unsigned char *)alias, -1);
+ if(alias) X509_alias_rset(x, (unsigned char *)alias, -1);
if(clrtrust) X509_trust_clear(x);
if(clrreject) X509_reject_clear(x);
else if (aliasout == i)
{
unsigned char *alstr;
- alstr = X509_alias_get(x, NULL);
+ alstr = X509_alias_iget(x, NULL);
if(alstr) BIO_printf(STDout,"%s\n", alstr);
else BIO_puts(STDout,"<No Alias>\n");
}
{NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
{NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
{NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
+{NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
+{NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
+{NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
-{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
};
static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b)
#define STABLE_NO_MASK 0x02
#define DIRSTRING_TYPE \
(B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
+#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
typedef struct asn1_string_table_st {
int nid;
return x->aux;
}
-int X509_alias_set(X509 *x, unsigned char *name, int len)
+int X509_alias_rset(X509 *x, unsigned char *name, int len)
{
X509_CERT_AUX *aux;
if(!(aux = aux_get(x))) return 0;
return ASN1_STRING_set(aux->alias, name, len);
}
-unsigned char *X509_alias_get(X509 *x, int *len)
+unsigned char *X509_alias_iget(X509 *x, int *len)
{
if(!x->aux || !x->aux->alias) return NULL;
if(len) *len = x->aux->alias->length;
int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
long length);
-int X509_alias_set(X509 *x, unsigned char *name, int len);
-unsigned char * X509_alias_get(X509 *x, int *len);
+int X509_alias_rset(X509 *x, unsigned char *name, int len);
+unsigned char * X509_alias_iget(X509 *x, int *len);
int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
int X509_radd_trust_object(X509 *x, ASN1_OBJECT *obj);
int X509_radd_reject_object(X509 *x, ASN1_OBJECT *obj);
STACK_OF(X509_ATTRIBUTE) *X509_radd_attr(STACK_OF(X509_ATTRIBUTE) **x,
X509_ATTRIBUTE *attr, int loc);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data);
+ int atrtype, void *data, int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data);
+ ASN1_OBJECT *obj, int atrtype, void *data, int len);
int X509_ATTRIBUTE_rset_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_iset_data(X509_ATTRIBUTE *attr, int attrtype, void *data);
+int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len);
void *X509_ATTRIBUTE_iget_data(X509_ATTRIBUTE *attr, int idx,
int atrtype, void *data);
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
ASN1_OBJECT *X509_ATTRIBUTE_iget_object(X509_ATTRIBUTE *attr);
ASN1_TYPE *X509_ATTRIBUTE_type_iget(X509_ATTRIBUTE *attr, int idx);
}
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
- int atrtype, void *data)
+ int atrtype, void *data, int len)
{
ASN1_OBJECT *obj;
X509_ATTRIBUTE *ret;
X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID);
return(NULL);
}
- ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data);
+ ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len);
if (ret == NULL) ASN1_OBJECT_free(obj);
return(ret);
}
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
- ASN1_OBJECT *obj, int atrtype, void *data)
+ ASN1_OBJECT *obj, int atrtype, void *data, int len)
{
X509_ATTRIBUTE *ret;
if (!X509_ATTRIBUTE_rset_object(ret,obj))
goto err;
- if (!X509_ATTRIBUTE_iset_data(ret,atrtype,data))
+ if (!X509_ATTRIBUTE_rset_data(ret,atrtype,data,len))
goto err;
if ((attr != NULL) && (*attr == NULL)) *attr=ret;
return(1);
}
-int X509_ATTRIBUTE_iset_data(X509_ATTRIBUTE *attr, int attrtype, void *data)
+int X509_ATTRIBUTE_rset_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len)
{
ASN1_TYPE *ttmp;
+ ASN1_STRING *stmp;
+ int atype;
if (!attr) return 0;
+ if(attrtype & MBSTRING_FLAG) {
+ stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
+ OBJ_obj2nid(attr->object));
+ if(!stmp) {
+ X509err(X509_F_X509_ATTRIBUTE_ISET_DATA, ERR_R_ASN1_LIB);
+ return 0;
+ }
+ atype = stmp->type;
+ } else {
+ if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
+ if(!ASN1_STRING_set(stmp, data, len)) goto err;
+ atype = attrtype;
+ }
if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
if(!(ttmp = ASN1_TYPE_new())) goto err;
if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
attr->set = 1;
- ASN1_TYPE_set(ttmp, attrtype, data);
+ ASN1_TYPE_set(ttmp, atype, data);
return 1;
err:
X509err(X509_F_X509_ATTRIBUTE_ISET_DATA, ERR_R_MALLOC_FAILURE);
sk_X509_PURPOSE_zero 1930
X509_TRUST_add 1931
ASN1_VISIBLESTRING_new 1932
-X509_alias_set 1933
+X509_alias_rset 1933
ASN1_PRINTABLESTRING_free 1934
EVP_PKEY_rget_DSA 1935
ASN1_BMPSTRING_new 1936
X509_NAME_ENTRY_create_by_txt 2071
ASN1_STRING_get_default_mask 2072
sk_X509_TRUST_dup 2073
-X509_alias_get 2074
+X509_alias_iget 2074
ASN1_STRING_data 2075
sk_X509_TRUST_insert 2076
i2d_ACCESS_DESCRIPTION 2077