Continuing adding X509 V3 support. This starts to integrate the code with
authorDr. Stephen Henson <steve@openssl.org>
Sun, 24 Jan 1999 17:50:32 +0000 (17:50 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 24 Jan 1999 17:50:32 +0000 (17:50 +0000)
the main library, but only with printing at present. To see this try:
openssl x509 -in cert.pem -text
on a certificate with some extensions in it.

13 files changed:
CHANGES
Makefile.org
apps/x509.c
crypto/Makefile.ssl
crypto/asn1/asn1.err
crypto/asn1/asn1.h
crypto/asn1/asn1_err.c
crypto/asn1/t_x509.c
crypto/err/err.c
crypto/err/err.h
crypto/err/err_all.c
crypto/err/ssleay.ec
crypto/objects/obj_dat.h

diff --git a/CHANGES b/CHANGES
index 07321a2..8f567ff 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,9 @@
 
  Changes between 0.9.1c and 0.9.2
 
+  *) Continued X509 V3 changes. Add to other makefiles, integrate with the
+     error code, add initial support to X509_print() and x509 application.
+
   *) Takes a deep breath and start addding X509 V3 extension support code. Add
      files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
      stuff is currently isolated and isn't even compiled yet.
index c415184..090481f 100644 (file)
@@ -157,7 +157,7 @@ SDIRS=  \
        des rc2 rc4 rc5 idea bf cast \
        bn rsa dsa dh \
        buffer bio stack lhash rand pem err objects \
-       evp asn1 x509 conf txt_db pkcs7 comp
+       evp asn1 x509 x509v3 conf txt_db pkcs7 comp
 
 # If you change the INSTALLTOP, make sure to also change the values
 # in crypto/location.h
index fa8537e..b375ffe 100644 (file)
@@ -69,6 +69,7 @@
 #include "bn.h"
 #include "evp.h"
 #include "x509.h"
+#include "x509v3.h"
 #include "objects.h"
 #include "pem.h"
 
@@ -305,7 +306,7 @@ bad:
                }
 
        ERR_load_crypto_strings();
-       X509v3_add_netscape_extensions();
+       X509V3_add_standard_extensions();
 
        if (!X509_STORE_set_default_paths(ctx))
                {
index b62558f..1253286 100644 (file)
@@ -29,7 +29,7 @@ SDIRS=        md2 md5 sha mdc2 hmac ripemd \
        des rc2 rc4 rc5 idea bf cast \
        bn rsa dsa dh \
        buffer bio stack lhash rand err objects \
-       evp pem x509 \
+       evp pem x509 x509v3 \
        asn1 conf txt_db pkcs7 comp
 
 GENERAL=Makefile README
index aacd076..4bd71a1 100644 (file)
@@ -24,6 +24,7 @@
 #define ASN1_F_ASN1_TYPE_NEW                            119
 #define ASN1_F_ASN1_UTCTIME_NEW                                 120
 #define ASN1_F_ASN1_VERIFY                              121
+#define ASN1_F_BASIC_CONSTRAINTS_NEW                    226
 #define ASN1_F_BN_TO_ASN1_INTEGER                       122
 #define ASN1_F_D2I_ASN1_BIT_STRING                      123
 #define ASN1_F_D2I_ASN1_BMPSTRING                       124
@@ -40,6 +41,7 @@
 #define ASN1_F_D2I_ASN1_TYPE                            133
 #define ASN1_F_D2I_ASN1_TYPE_BYTES                      134
 #define ASN1_F_D2I_ASN1_UTCTIME                                 135
+#define ASN1_F_D2I_BASIC_CONSTRAINTS                    227
 #define ASN1_F_D2I_DHPARAMS                             136
 #define ASN1_F_D2I_DSAPARAMS                            137
 #define ASN1_F_D2I_DSAPRIVATEKEY                        138
index 7d925a6..c3cd627 100644 (file)
@@ -678,6 +678,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
 #define ASN1_F_ASN1_TYPE_NEW                            119
 #define ASN1_F_ASN1_UTCTIME_NEW                                 120
 #define ASN1_F_ASN1_VERIFY                              121
+#define ASN1_F_BASIC_CONSTRAINTS_NEW                    226
 #define ASN1_F_BN_TO_ASN1_INTEGER                       122
 #define ASN1_F_D2I_ASN1_BIT_STRING                      123
 #define ASN1_F_D2I_ASN1_BMPSTRING                       124
@@ -694,6 +695,7 @@ ASN1_BMPSTRING *d2i_ASN1_BMPSTRING();
 #define ASN1_F_D2I_ASN1_TYPE                            133
 #define ASN1_F_D2I_ASN1_TYPE_BYTES                      134
 #define ASN1_F_D2I_ASN1_UTCTIME                                 135
+#define ASN1_F_D2I_BASIC_CONSTRAINTS                    227
 #define ASN1_F_D2I_DHPARAMS                             136
 #define ASN1_F_D2I_DSAPARAMS                            137
 #define ASN1_F_D2I_DSAPRIVATEKEY                        138
index e36e0ed..061ee31 100644 (file)
@@ -86,6 +86,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0),   "ASN1_TYPE_new"},
 {ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0),        "ASN1_UTCTIME_NEW"},
 {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0),     "ASN1_VERIFY"},
+{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0),   "BASIC_CONSTRAINTS_NEW"},
 {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0),      "BN_to_ASN1_INTEGER"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0),     "d2i_ASN1_BIT_STRING"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0),      "d2i_ASN1_BMPSTRING"},
@@ -102,6 +103,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0),   "d2i_ASN1_TYPE"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0),     "d2i_ASN1_type_bytes"},
 {ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0),        "d2i_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0),   "D2I_BASIC_CONSTRAINTS"},
 {ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0),    "D2I_DHPARAMS"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0),   "D2I_DSAPARAMS"},
 {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0),       "D2I_DSAPRIVATEKEY"},
index 060f99d..f0534ef 100644 (file)
@@ -68,6 +68,7 @@
 #endif
 #include "objects.h"
 #include "x509.h"
+#include "x509v3.h"
 
 #ifndef NO_FP_API
 int X509_print_fp(fp,x)
@@ -190,7 +191,9 @@ X509 *x;
                BIO_printf(bp,"%8sX509v3 extensions:\n","");
                for (i=0; i<n; i++)
                        {
+#if 0
                        int data_type,pack_type;
+#endif
                        ASN1_OBJECT *obj;
 
                        ex=X509_get_ext(x,i);
@@ -200,7 +203,7 @@ X509 *x;
                        j=X509_EXTENSION_get_critical(ex);
                        if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
                                goto err;
-
+#if 0
                        pack_type=X509v3_pack_type_by_OBJ(obj);
                        data_type=X509v3_data_type_by_OBJ(obj);
                        
@@ -231,7 +234,8 @@ X509 *x;
                                                }
                                        }
                                }
-                       else
+#endif
+                       if(!X509V3_EXT_print(bp, ex, 0))
                                {
                                ASN1_OCTET_STRING_print(bp,ex->value);
                                }
index 39c997a..fcd9228 100644 (file)
@@ -108,6 +108,7 @@ static ERR_STRING_DATA ERR_str_libraries[]=
 {ERR_PACK(ERR_LIB_PROXY,0,0)           ,"Proxy routines"},
 {ERR_PACK(ERR_LIB_BIO,0,0)             ,"BIO routines"},
 {ERR_PACK(ERR_LIB_PKCS7,0,0)           ,"PKCS7 routines"},
+{ERR_PACK(ERR_LIB_X509V3,0,0)          ,"X509 V3 routines"},
 {0,NULL},
        };
 
index c81dedd..fe03710 100644 (file)
@@ -116,6 +116,7 @@ typedef struct err_state_st
 #define ERR_LIB_PROXY          31
 #define ERR_LIB_BIO            32
 #define ERR_LIB_PKCS7          33
+#define ERR_LIB_X509V3         34
 
 #define ERR_LIB_USER           128
 
@@ -141,6 +142,7 @@ typedef struct err_state_st
 #define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
 #define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
 #define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
+#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
index f874268..423216e 100644 (file)
@@ -77,6 +77,7 @@
 #include "objects.h"
 #include "pem.h"
 #include "x509.h"
+#include "x509v3.h"
 #include "conf.h"
 #include "err.h"
 
@@ -110,6 +111,7 @@ void ERR_load_crypto_strings()
        ERR_load_OBJ_strings();
        ERR_load_PEM_strings();
        ERR_load_X509_strings();
+       ERR_load_X509V3_strings();
        ERR_load_CRYPTO_strings();
        ERR_load_PKCS7_strings();
 #endif
index 12cb343..fa2df26 100644 (file)
@@ -10,6 +10,7 @@ L BIO         bio/bio.err
 L OBJ          objects/objects.err
 L PEM          pem/pem.err
 L X509         x509/x509.err
+L X509V3       x509v3/x509v3.err
 L METH         meth/meth.err
 L ASN1         asn1/asn1.err
 L CONF         conf/conf.err
index eac4d68..2b57b8b 100644 (file)
@@ -602,8 +602,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[19]),/* OBJ_rsa                          2 5 8 1 1 */
 &(nid_objs[96]),/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
 &(nid_objs[95]),/* OBJ_mdc2                         2 5 8 3 101 */
-&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666.2 */
 &(nid_objs[124]),/* OBJ_rle_compression              1 1 1 1 666.1 */
+&(nid_objs[125]),/* OBJ_zlib_compression             1 1 1 1 666.2 */
 &(nid_objs[104]),/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
 &(nid_objs[29]),/* OBJ_des_ecb                      1 3 14 3 2 6 */
 &(nid_objs[31]),/* OBJ_des_cbc                      1 3 14 3 2 7 */