Allow asn1parse to print out VISIBLESTRING and some code needed for certificate
policies extension.
diff --git a/CHANGES b/CHANGES
index 748f9b0..597a6f3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,8 @@
return a const string when you are expecting an allocated buffer.
[Ben Laurie]
- *) Add support for ASN1 types UTF8String and VISIBLESTRING.
+ *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
+ types DirectoryString and DisplayText.
[Steve Henson]
*) Add code to allow r2i extensions to access the configuration database,
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
index 3023361..9fa7561 100644
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -159,3 +159,25 @@
return(1);
}
+
+int i2d_DIRECTORYSTRING(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+ { return(M_i2d_DIRECTORYSTRING(a,pp)); }
+
+ASN1_STRING *d2i_DIRECTORYSTRING(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
+
+int i2d_DISPLAYTEXT(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+ { return(M_i2d_DISPLAYTEXT(a,pp)); }
+
+ASN1_STRING *d2i_DISPLAYTEXT(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_DISPLAYTEXT(a,pp,l)); }
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 5a2cee1..3dc6eda 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -315,6 +315,28 @@
B_ASN1_BMPSTRING|\
B_ASN1_UNKNOWN)
+#define DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+#define DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_DIRECTORYSTRING(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_TELETEXSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UTF8STRING)
+
+#define DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+#define DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_DISPLAYTEXT(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_VISIBLESTRING| \
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING)
+
#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
#define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
@@ -499,6 +521,13 @@
ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
unsigned char **pp, long l);
+int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
+ long length);
+
+int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
+
ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
unsigned char **pp, long l);
int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
@@ -690,6 +719,10 @@
ASN1_UTF8STRING *d2i_ASN1_UTF8STRING();
int i2d_ASN1_PRINTABLE();
ASN1_STRING *d2i_ASN1_PRINTABLE();
+int i2d_DIRECTORYSTRING();
+ASN1_STRING *d2i_DIRECTORYSTRING();
+int i2d_DISPLAYTEXT();
+ASN1_STRING *d2i_DISPLAYTEXT();
ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
ASN1_T61STRING *d2i_ASN1_T61STRING();
int i2d_ASN1_IA5STRING();
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 9cddfb4..d62be7d 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -141,8 +141,8 @@
p="GENERALIZEDTIME";
else if (tag == V_ASN1_GRAPHICSTRING)
p="GRAPHICSTRING";
- else if (tag == V_ASN1_ISO64STRING)
- p="ISO64STRING";
+ else if (tag == V_ASN1_VISIBLESTRING)
+ p="VISIBLESTRING";
else if (tag == V_ASN1_GENERALSTRING)
p="GENERALSTRING";
else if (tag == V_ASN1_UNIVERSALSTRING)
@@ -269,6 +269,7 @@
if ( (tag == V_ASN1_PRINTABLESTRING) ||
(tag == V_ASN1_T61STRING) ||
(tag == V_ASN1_IA5STRING) ||
+ (tag == V_ASN1_VISIBLESTRING) ||
(tag == V_ASN1_UTCTIME) ||
(tag == V_ASN1_GENERALIZEDTIME))
{
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index de99556..10a6304 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -61,12 +61,12 @@
* perl obj_dat.pl < objects.h > obj_dat.h
*/
-#define NUM_NID 164
-#define NUM_SN 115
-#define NUM_LN 160
-#define NUM_OBJ 136
+#define NUM_NID 166
+#define NUM_SN 117
+#define NUM_LN 162
+#define NUM_OBJ 138
-static unsigned char lvalues[940]={
+static unsigned char lvalues[956]={
0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
@@ -203,6 +203,8 @@
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [913] OBJ_pbes2 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [922] OBJ_pbmac1 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07, /* [931] OBJ_hmacWithSHA1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01, /* [939] OBJ_id_qt_cps */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02, /* [947] OBJ_id_qt_unotice */
};
static ASN1_OBJECT nid_objs[NUM_NID]={
@@ -434,6 +436,9 @@
{"PBES2","PBES2",NID_pbes2,9,&(lvalues[913]),0},
{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[922]),0},
{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[931]),0},
+{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[939]),0},
+{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
+ &(lvalues[947]),0},
};
static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -526,6 +531,8 @@
&(nid_objs[132]),/* "emailProtection" */
&(nid_objs[126]),/* "extendedKeyUsage" */
&(nid_objs[128]),/* "id-kp" */
+&(nid_objs[164]),/* "id-qt-cps" */
+&(nid_objs[165]),/* "id-qt-unotice" */
&(nid_objs[142]),/* "invalidityDate" */
&(nid_objs[86]),/* "issuerAltName" */
&(nid_objs[83]),/* "keyUsage" */
@@ -579,6 +586,8 @@
&(nid_objs[139]),/* "Netscape Server Gated Crypto" */
&(nid_objs[161]),/* "PBES2" */
&(nid_objs[162]),/* "PBMAC1" */
+&(nid_objs[164]),/* "Policy Qualifier CPS" */
+&(nid_objs[165]),/* "Policy Qualifier User Notice" */
&(nid_objs[143]),/* "Strong Extranet ID" */
&(nid_objs[130]),/* "TLS Web Client Authentication" */
&(nid_objs[129]),/* "TLS Web Server Authentication" */
@@ -752,8 +761,8 @@
&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
-&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */
&(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666.1 */
+&(nid_objs[125]),/* OBJ_zlib_compression 1 1 1 1 666.2 */
&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
@@ -787,6 +796,8 @@
&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
+&(nid_objs[164]),/* OBJ_id_qt_cps 1 3 6 1 5 5 7 2 1 */
+&(nid_objs[165]),/* OBJ_id_qt_unotice 1 3 6 1 5 5 7 2 2 */
&(nid_objs[129]),/* OBJ_server_auth 1 3 6 1 5 5 7 3 1 */
&(nid_objs[130]),/* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
&(nid_objs[131]),/* OBJ_code_sign 1 3 6 1 5 5 7 3 3 */
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index 5203514..6669f1f 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -854,6 +854,18 @@
#define NID_hmacWithSHA1 163
#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
+/* Policy Qualifier Ids */
+
+#define LN_id_qt_cps "Policy Qualifier CPS"
+#define SN_id_qt_cps "id-qt-cps"
+#define NID_id_qt_cps 164
+#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L
+
+#define LN_id_qt_unotice "Policy Qualifier User Notice"
+#define SN_id_qt_unotice "id-qt-unotice"
+#define NID_id_qt_unotice 165
+#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L
+
#include "bio.h"
#include "asn1.h"
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 63c8574..d44aad7 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -197,6 +197,35 @@
STACK_OF(SXNETID) *ids;
} SXNET;
+typedef struct NOTICEREF_st {
+ ASN1_STRING *organization;
+ STACK *noticenos;
+} NOTICEREF;
+
+typedef struct USERNOTICE_st {
+ NOTICEREF *notref;
+ ASN1_STRING *exptext;
+} USERNOTICE;
+
+typedef struct POLICYQUALINFO_st {
+ ASN1_OBJECT *pqualid;
+ union {
+ ASN1_IA5STRING *cpsuri;
+ USERNOTICE *usernotice;
+ ASN1_TYPE *other;
+ } d;
+} POLICYQUALINFO;
+
+DECLARE_STACK_OF(POLICYQUALINFO)
+
+typedef struct POLICYINFO_st {
+ ASN1_OBJECT *policyid;
+ STACK_OF(POLICYQUALINFO) qualifiers;
+} POLICYINFO;
+
+DECLARE_STACK_OF(POLICYINFO);
+DECLARE_ASN1_SET_OF(POLICYINFO);
+
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
