Delete obsolete old X509V3 files.

AuthorityKeyIdentifier

	{

	keyIdentifier		[0] OCTET_STRING	OPTIONAL

	authorityCertIssuer	[1] GeneralNames	OPTIONAL

	authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL

	}

SubjectKeyIdentifier	OCTET_STRING

KeyUsage

	{

	BIT_STRING

		digitalSignature	0

		nonRepudiation		1

		keyEncipherment		2

		dataEncipherment	3

		keyAgreement		4

		keyCertSign		5

		cRLSign			6

		encipherOnly		7

		decipherOnly		8

	}

extKeyUsage

	{

	SEQUENCE of OBJECT_IDENTIFIER

	}

privateKeyUsagePeriod

	{

	notBefore	[0]	GeneralizedTime OPTIONAL

	notAfter	[1]	GeneralizedTime OPTIONAL

	}

certificatePoliciesSyntax

	SEQUENCE of PoliciesInformation

PoliciesInformation	XXX

policyMappings		XXX

supportedAlgorithms	XXX

subjectAltName

	GeneralNames sequence of GeneralName

GeneralName

	{

	otherName	[0] INSTANCE OF OTHER-NAME

	rfc882Name	[1] IA5String

	dNSName		[2] IA5String

	x400Address	[3] ORAddress

	directoryName	[4] Name

	ediPartyName	[5] 

				{

				nameAssigner	[0] DirectoryString OPTIONAL

				partyName	[1] DirectoryString

				}

	uniformResourceIdentifier [6] IA5String

	iPAddress	[7] OCTET_STRING

	registeredID	[8] OBJECT_IDENTIFIER

	}

issuerAltName

	GeneralNames sequence of GeneralName

subjectDirectoryAttribute SEQUENCE of Attribute

basicConstraints

	{

	cA 			BOOLEAN default FALSE

	pathLenConstraint	INTEGER OPTIONAL

	}

nameConstraints

	{

	permittedSubtrees [0] sequence of GeneralSubtree OPTIONAL

	excludedSubtrees [1] sequence of GeneralSubtree OPTIONAL

	}

GeneralSubtree

	{

	base	GeneralName

	minimum	[0] BaseDistance DEFAULT 0

	maximum	[1] BaseDistance OPTIONAL

	}

PolicyConstraints

	{

	requiredExplicitPolicy	[0] SkipCerts OPTIONAL

	inhibitPolicyMapping	[1] SkipCerts OPTIONAL

	}

SkipCerts == INTEGER

int		a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size)

int		i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)

int		i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp)

ASN1_INTEGER *	d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,long length)

/* crypto/x509v3/v3_ku.c */

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

 * All rights reserved.

 *

 * This package is an SSL implementation written

 * by Eric Young (eay@cryptsoft.com).

 * The implementation was written so as to conform with Netscapes SSL.

 * 

 * This library is free for commercial and non-commercial use as long as

 * the following conditions are aheared to.  The following conditions

 * apply to all code found in this distribution, be it the RC4, RSA,

 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

 * included with this distribution is covered by the same copyright terms

 * except that the holder is Tim Hudson (tjh@cryptsoft.com).

 * 

 * Copyright remains Eric Young's, and as such any Copyright notices in

 * the code are not to be removed.

 * If this package is used in a product, Eric Young should be given attribution

 * as the author of the parts of the library used.

 * This can be in the form of a textual message at program startup or

 * in documentation (online or textual) provided with the package.

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the copyright

 *    notice, this list of conditions and the following disclaimer.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 3. All advertising materials mentioning features or use of this software

 *    must display the following acknowledgement:

 *    "This product includes cryptographic software written by

 *     Eric Young (eay@cryptsoft.com)"

 *    The word 'cryptographic' can be left out if the rouines from the library

 *    being used are not cryptographic related :-).

 * 4. If you include any Windows specific code (or a derivative thereof) from 

 *    the apps directory (application code) you must include an acknowledgement:

 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

 * 

 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 * 

 * The licence and distribution terms for any publically available version or

 * derivative of this code cannot be changed.  i.e. this code cannot simply be

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

#include <stdio.h>

#include <ctype.h>

#include "stack.h"

#include "cryptlib.h"

#include "bio.h"

#include "asn1.h"

#include "objects.h"

#include "x509.h"

X509_EXTENSION_METHOD X509v3_key_usage_method=

	{

	NID_key_usage,

	ku_clear,

	ex_get_bool,

	ex_set_bool,

	NULL,

	NULL,

	NULL,

	NULL,

	ku_a2i,

	ku_i2a,

	};

static void ku_clear(a)

X509_EXTENSION *a;

	{

	}

static int ku_expand(a)

X509_EXTENSION *a;

	{

	ASN1_BIT_STRING *bs;

	if (a->argp == NULL)

		{

		bs=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,value);

		if (bs == NULL) return(0);

		a->argp=(char *)bs;

		a->ex_free=ASN1_STRING_free;

		}

	return(1);

	}

static int ku_get_bool(a,num)

X509_EXTENSION *a;

int num;

	{

	int ret;

	ASN1_BIT_STRING *bs;

	if ((a->argp == NULL) && !ku_expand(a))

		return(-1);

	bs=(ASN1_BIT_STRING *)a->argp;

	ret=ASN1_BIT_STRING_get_bit(bs,num);

	return(ret);

	}

static int ku_set_bool(a,num,value)

X509_EXTENSION *a;

int num;

int value;

	{

	ASN1_BIT_STRING *a;

	if ((a->argp == NULL) && !ku_expand(a))

		return(0);

	bs=(ASN1_BIT_STRING *)a->argp;

	ret=ASN1_BIT_STRING_set_bit(bs,num,value);

	}

static int ku_a2i(bio,a,buf,len)

BIO *bio;

X509_EXTENSION *a;

char *buf;

int len;

	{

	get token

	}

static char ku_names[X509v3_N_KU_NUM]={

	X509v3_S_KU_digitalSignature,

	X509v3_S_KU_nonRepudiation,

	X509v3_S_KU_keyEncipherment,

	X509v3_S_KU_dataEncipherment,

	X509v3_S_KU_keyAgreement,

	X509v3_S_KU_keyCertSign,

	X509v3_S_KU_cRLSign,

	X509v3_S_KU_encipherOnly,

	X509v3_S_KU_decipherOnly,

	};

static int ku_i2a(bio,a);

BIO *bio;

X509_EXTENSION *a;

	{

	int i,first=1;

	char *c;

	for (i=0; i<X509v3_N_KU_NUM; i++)

		{

		if (ku_get_bool(a,i) > 0)

			{

			BIO_printf(bio,"%s%s",((first)?"":" "),ku_names[i]);

			first=0;

			}

		}

	}

/***********************/

int X509v3_get_key_usage(x,ret)

STACK *x;

unsigned long *ret;

	{

	X509_EXTENSION *ext;

	ASN1_STRING *st;

	char *p;

	int i;

	i=X509_get_ext_by_NID(x,NID_key_usage,-1);

	if (i < 0) return(X509v3_KU_UNDEF);

	ext=X509_get_ext(x,i);

	st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,

		X509_EXTENSION_get_data(X509_get_ext(x,i)));

	p=ASN1_STRING_data(st);

	if (ASN1_STRING_length(st) == 1)

		i=p[0];

	else if (ASN1_STRING_length(st) == 2)

		i=p[0]|(p[1]<<8);

	else

		i=0;

	return(i);

	}

static struct

	{

	char *name;

	unsigned int value;

	} key_usage_data[] ={

	{"digitalSignature",	X509v3_KU_DIGITAL_SIGNATURE},

	{"nonRepudiation",	X509v3_KU_NON_REPUDIATION},

	{"keyEncipherment",	X509v3_KU_KEY_ENCIPHERMENT},

	{"dataEncipherment",	X509v3_KU_DATA_ENCIPHERMENT},

	{"keyAgreement",	X509v3_KU_KEY_AGREEMENT},

	{"keyCertSign",		X509v3_KU_KEY_CERT_SIGN},

	{"cRLSign",		X509v3_KU_CRL_SIGN},

	{"encipherOnly",	X509v3_KU_ENCIPHER_ONLY},

	{"decipherOnly",	X509v3_KU_DECIPHER_ONLY},

	{NULL,0},

	};

#if 0

static int a2i_key_usage(x,str,len)

X509 *x;

char *str;

int len;

	{

	return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));

	}

static int i2a_key_usage(bp,x)

BIO *bp;

X509 *x;

	{

	return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));

	}

#endif

int i2a_X509v3_key_usage(bp,use)

BIO *bp;

unsigned int use;

	{

	int i=0,first=1;

	for (;;)

		{

		if (use | key_usage_data[i].value)

			{

			BIO_printf(bp,"%s%s",((first)?"":" "),

				key_usage_data[i].name);

			first=0;

			}

		}

	return(1);

	}

unsigned int a2i_X509v3_key_usage(p)

char *p;

	{

	unsigned int ret=0;

	char *q,*s;

	int i,n;

	q=p;

	for (;;)

		{

		while ((*q != '\0') && isalnum(*q))

			q++;

		if (*q == '\0') break;

		s=q++;

		while (isalnum(*q))

			q++;

		n=q-s;

		i=0;

		for (;;)

			{

			if (strncmp(key_usage_data[i].name,s,n) == 0)

				{

				ret|=key_usage_data[i].value;

				break;

				}

			i++;

			if (key_usage_data[i].name == NULL)

				return(X509v3_KU_UNDEF);

			}

		}

	return(ret);

	}

int X509v3_set_key_usage(x,use)

X509 *x;

unsigned int use;

	{

	ASN1_OCTET_STRING *os;

	X509_EXTENSION *ext;

	int i;

	unsigned char data[4];

	i=X509_get_ext_by_NID(x,NID_key_usage,-1);

	if (i < 0)

		{

		i=X509_get_ext_count(x)+1;

		if ((ext=X509_EXTENSION_new()) == NULL) return(0);

		if (!X509_add_ext(x,ext,i))

			{

			X509_EXTENSION_free(ext);

			return(0);

			}

		}

	else

		ext=X509_get_ext(x,i);

	/* fill in 'ext' */

	os=X509_EXTENSION_get_data(ext);

	i=0;

	if (use > 0)

		{

		i=1;

		data[0]=use&0xff;

		}

	if (use > 0xff)

		{

		i=2;

		data[1]=(use>>8)&0xff;

		}

	return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);

	}

/* crypto/x509v3/x509v3.h */

/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

 * All rights reserved.

 *

 * This package is an SSL implementation written

 * by Eric Young (eay@cryptsoft.com).

 * The implementation was written so as to conform with Netscapes SSL.

 * 

 * This library is free for commercial and non-commercial use as long as

 * the following conditions are aheared to.  The following conditions

 * apply to all code found in this distribution, be it the RC4, RSA,

 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

 * included with this distribution is covered by the same copyright terms

 * except that the holder is Tim Hudson (tjh@cryptsoft.com).

 * 

 * Copyright remains Eric Young's, and as such any Copyright notices in

 * the code are not to be removed.

 * If this package is used in a product, Eric Young should be given attribution

 * as the author of the parts of the library used.

 * This can be in the form of a textual message at program startup or

 * in documentation (online or textual) provided with the package.

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 * 1. Redistributions of source code must retain the copyright

 *    notice, this list of conditions and the following disclaimer.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 3. All advertising materials mentioning features or use of this software

 *    must display the following acknowledgement:

 *    "This product includes cryptographic software written by

 *     Eric Young (eay@cryptsoft.com)"

 *    The word 'cryptographic' can be left out if the rouines from the library

 *    being used are not cryptographic related :-).

 * 4. If you include any Windows specific code (or a derivative thereof) from 

 *    the apps directory (application code) you must include an acknowledgement:

 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

 * 

 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 * 

 * The licence and distribution terms for any publically available version or

 * derivative of this code cannot be changed.  i.e. this code cannot simply be

 * copied and put under another distribution licence

 * [including the GNU Public Licence.]

 */

#define X509v3_N_KU_digitalSignature	0

#define X509v3_N_KU_nonRepudiation	1

#define X509v3_N_KU_keyEncipherment	2

#define X509v3_N_KU_dataEncipherment	3

#define X509v3_N_KU_keyAgreement	4

#define X509v3_N_KU_keyCertSign		5

#define X509v3_N_KU_cRLSign		6

#define X509v3_N_KU_encipherOnly	7

#define X509v3_N_KU_decipherOnly	8

#define X509v3_N_KU_NUM			9

#define X509v3_S_KU_digitalSignature	"digitalSignature"

#define X509v3_S_KU_nonRepudiation	"nonRepudiation"

#define X509v3_S_KU_keyEncipherment	"keyEncipherment"

#define X509v3_S_KU_dataEncipherment	"dataEncipherment"

#define X509v3_S_KU_keyAgreement	"keyAgreement"

#define X509v3_S_KU_keyCertSign		"keyCertSign"

#define X509v3_S_KU_cRLSign		"cRLSign"

#define X509v3_S_KU_encipherOnly	"encipherOnly"

#define X509v3_S_KU_decipherOnly	"decipherOnly"

void X509_ex_clear(X509_EXTENSION *a);

int X509_ex_get_bool(X509_EXTENSION *a,int num);

int X509_ex_set_bool(X509_EXTENSION *a,int num,int value);

int X509_ex_get_str(X509_EXTENSION *a,int index,char **p,int *len);

int X509_ex_set_str(X509_EXTENSION *a,int oid,int index,char *p,int len);

char *X509_ex_get_struct(X509_EXTENSION *a,int oid,int index,char **p);

int X509_ex_set_struct(X509_EXTENSION *a,int index,char *p);

int a2i_X509_EXTENSION(BIO *bp,X509_EXTENSION *a,char *buf,int len);

int i2a_X509_EXTENSION(BIO *bp,X509_EXTENSION *a);