Add OCSP service locator extension. (6546fdfa) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/x509v3/ext_dat.h

+3 −2

Original line number	Diff line number	Diff line
		@@ -62,7 +62,7 @@ extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info;
		extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
		extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld;
		extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
		extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck;
		extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;

		/* This table will be searched using OBJ_bsearch so it must kept in
		* order of the ext_nid values.
		@@ -95,7 +95,8 @@ static X509V3_EXT_METHOD *standard_exts[] = {
		&v3_ocsp_crlid,
		&v3_ocsp_accresp,
		&v3_ocsp_nocheck,
		&v3_ocsp_acutoff
		&v3_ocsp_acutoff,
		&v3_ocsp_serviceloc
		};

		/* Number of standard extensions */

crypto/x509v3/v3_alt.c

+3 −4

Original line number	Diff line number	Diff line
		@@ -97,8 +97,8 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAMES(X509V3_EXT_METHOD method,
		STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,
		GENERAL_NAME gen, STACK_OF(CONF_VALUE) ret)
		{
		char oline[256];
		unsigned char *p;
		char oline[256];
		switch (gen->type)
		{
		case GEN_OTHERNAME:
		@@ -151,7 +151,6 @@ STACK_OF(CONF_VALUE) i2v_GENERAL_NAME(X509V3_EXT_METHOD method,

		int GENERAL_NAME_print(BIO out, GENERAL_NAME gen)
		{
		char oline[256];
		unsigned char *p;
		switch (gen->type)
		{
		@@ -181,8 +180,8 @@ int GENERAL_NAME_print(BIO out, GENERAL_NAME gen)
		break;

		case GEN_DIRNAME:
		X509_NAME_oneline(gen->d.dirn, oline, 256);
		BIO_printf(out, "DirName:%s",oline);
		BIO_printf(out, "DirName: ");
		X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
		break;

		case GEN_IPADD:

crypto/x509v3/v3_ocsp.c

+32 −0

Original line number	Diff line number	Diff line
		@@ -77,6 +77,7 @@ static int i2r_ocsp_nonce(X509V3_EXT_METHOD method, void nonce, BIO *out, int

		static int i2r_ocsp_nocheck(X509V3_EXT_METHOD method, void nocheck, BIO *out, int indent);
		static void s2i_ocsp_nocheck(X509V3_EXT_METHOD method, X509V3_CTX ctx, char str);
		static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD method, void in, BIO *bp, int ind);

		X509V3_EXT_METHOD v3_ocsp_crlid = {
		NID_id_pkix_OCSP_CrlID, 0, &OCSP_CRLID_it,
		@@ -117,6 +118,15 @@ X509V3_EXT_METHOD v3_ocsp_nocheck = {
		NULL
		};

		X509V3_EXT_METHOD v3_ocsp_serviceloc = {
		NID_id_pkix_OCSP_serviceLocator, 0, &OCSP_SERVICELOC_it,
		0,0,0,0,
		0,0,
		0,0,
		i2r_ocsp_serviceloc,0,
		NULL
		};

		static int i2r_ocsp_crlid(X509V3_EXT_METHOD method, void in, BIO *bp, int ind)
		{
		OCSP_CRLID *a = in;
		@@ -212,3 +222,25 @@ static void s2i_ocsp_nocheck(X509V3_EXT_METHOD method, X509V3_CTX ctx, char
		{
		return ASN1_NULL_new();
		}

		static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD method, void in, BIO *bp, int ind)
		{
		int i;
		OCSP_SERVICELOC *a = in;
		ACCESS_DESCRIPTION *ad;

		if (BIO_printf(bp, "%*ssIissuer: ", ind, "") <= 0) goto err;
		if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) goto err;
		for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++)
		{
		ad = sk_ACCESS_DESCRIPTION_value(a->locator,i);
		if (BIO_printf(bp, "\n%s", (2ind), "") <= 0)
		goto err;
		if(i2a_ASN1_OBJECT(bp, ad->method) <= 0) goto err;
		if(BIO_puts(bp, " - ") <= 0) goto err;
		if(GENERAL_NAME_print(bp, ad->location) <= 0) goto err;
		}
		return 1;
		err:
		return 0;
		}