-/* $OpenBSD: a_strnid.c,v 1.25 2021/12/13 17:55:53 schwarze Exp $ */
+/* $OpenBSD: a_strnid.c,v 1.26 2023/07/02 17:12:17 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
/* This table must be kept in NID order */
static const ASN1_STRING_TABLE tbl_standard[] = {
- {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
- {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
- {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
- {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
- {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
- {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
- {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
- {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
- {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
- {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
- {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
- {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
- {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
- {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
- {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
- {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
- {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
- {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
- {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
+ {
+ .nid = NID_commonName,
+ .minsize = 1,
+ .maxsize = ub_common_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_countryName,
+ .minsize = 2,
+ .maxsize = 2,
+ .mask = B_ASN1_PRINTABLESTRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_localityName,
+ .minsize = 1,
+ .maxsize = ub_locality_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_stateOrProvinceName,
+ .minsize = 1,
+ .maxsize = ub_state_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_organizationName,
+ .minsize = 1,
+ .maxsize = ub_organization_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_organizationalUnitName,
+ .minsize = 1,
+ .maxsize = ub_organization_unit_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_pkcs9_emailAddress,
+ .minsize = 1,
+ .maxsize = ub_email_address,
+ .mask = B_ASN1_IA5STRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_pkcs9_unstructuredName,
+ .minsize = 1,
+ .maxsize = -1,
+ .mask = PKCS9STRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_pkcs9_challengePassword,
+ .minsize = 1,
+ .maxsize = -1,
+ .mask = PKCS9STRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_pkcs9_unstructuredAddress,
+ .minsize = 1,
+ .maxsize = -1,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_givenName,
+ .minsize = 1,
+ .maxsize = ub_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_surname,
+ .minsize = 1,
+ .maxsize = ub_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_initials,
+ .minsize = 1,
+ .maxsize = ub_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_serialNumber,
+ .minsize = 1,
+ .maxsize = ub_serial_number,
+ .mask = B_ASN1_PRINTABLESTRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_friendlyName,
+ .minsize = -1,
+ .maxsize = -1,
+ .mask = B_ASN1_BMPSTRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_name,
+ .minsize = 1,
+ .maxsize = ub_name,
+ .mask = DIRSTRING_TYPE,
+ .flags = 0,
+ },
+ {
+ .nid = NID_dnQualifier,
+ .minsize = -1,
+ .maxsize = -1,
+ .mask = B_ASN1_PRINTABLESTRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_domainComponent,
+ .minsize = 1,
+ .maxsize = -1,
+ .mask = B_ASN1_IA5STRING,
+ .flags = STABLE_NO_MASK,
+ },
+ {
+ .nid = NID_ms_csp_name,
+ .minsize = -1,
+ .maxsize = -1,
+ .mask = B_ASN1_BMPSTRING,
+ .flags = STABLE_NO_MASK,
+ },
};
static int
return sk_ASN1_STRING_TABLE_value(stable, idx);
}
return OBJ_bsearch_table(&fnd, tbl_standard,
- sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE));
+ sizeof(tbl_standard) / sizeof(tbl_standard[0]));
}
/*
-/* $OpenBSD: x509_purp.c,v 1.27 2023/06/25 13:52:27 tb Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.28 2023/07/02 17:12:17 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
static void xptable_free(X509_PURPOSE *p);
static X509_PURPOSE xstandard[] = {
- {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL},
- {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL},
- {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
- {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL},
- {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
- {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
- {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
- {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
- {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL},
+ {
+ .purpose = X509_PURPOSE_SSL_CLIENT,
+ .trust = X509_TRUST_SSL_CLIENT,
+ .check_purpose = check_purpose_ssl_client,
+ .name = "SSL client",
+ .sname = "sslclient",
+ },
+ {
+ .purpose = X509_PURPOSE_SSL_SERVER,
+ .trust = X509_TRUST_SSL_SERVER,
+ .check_purpose = check_purpose_ssl_server,
+ .name = "SSL server",
+ .sname = "sslserver",
+ },
+ {
+ .purpose = X509_PURPOSE_NS_SSL_SERVER,
+ .trust = X509_TRUST_SSL_SERVER,
+ .check_purpose = check_purpose_ns_ssl_server,
+ .name = "Netscape SSL server",
+ .sname = "nssslserver",
+ },
+ {
+ .purpose = X509_PURPOSE_SMIME_SIGN,
+ .trust = X509_TRUST_EMAIL,
+ .check_purpose = check_purpose_smime_sign,
+ .name = "S/MIME signing",
+ .sname = "smimesign",
+ },
+ {
+ .purpose = X509_PURPOSE_SMIME_ENCRYPT,
+ .trust = X509_TRUST_EMAIL,
+ .check_purpose = check_purpose_smime_encrypt,
+ .name = "S/MIME encryption",
+ .sname = "smimeencrypt",
+ },
+ {
+ .purpose = X509_PURPOSE_CRL_SIGN,
+ .trust = X509_TRUST_COMPAT,
+ .check_purpose = check_purpose_crl_sign,
+ .name = "CRL signing",
+ .sname = "crlsign",
+ },
+ {
+ .purpose = X509_PURPOSE_ANY,
+ .trust = X509_TRUST_DEFAULT,
+ .check_purpose = no_check,
+ .name = "Any Purpose",
+ .sname = "any",
+ },
+ {
+ .purpose = X509_PURPOSE_OCSP_HELPER,
+ .trust = X509_TRUST_COMPAT,
+ .check_purpose = ocsp_helper,
+ .name = "OCSP helper",
+ .sname = "ocsphelper",
+ },
+ {
+ .purpose = X509_PURPOSE_TIMESTAMP_SIGN,
+ .trust = X509_TRUST_TSA,
+ .check_purpose = check_purpose_timestamp_sign,
+ .name = "Time Stamp signing",
+ .sname = "timestampsign",
+ },
};
-#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
+#define X509_PURPOSE_COUNT (sizeof(xstandard) / sizeof(xstandard[0]))
static STACK_OF(X509_PURPOSE) *xptable = NULL;
-/* $OpenBSD: x509_trs.c,v 1.31 2023/02/16 08:38:17 tb Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.32 2023/07/02 17:12:17 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
*/
static X509_TRUST trstandard[] = {
- {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
- {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
- {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
- {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
- {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL},
- {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
- {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL},
- {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
+ {
+ .trust = X509_TRUST_COMPAT,
+ .check_trust = trust_compat,
+ .name = "compatible",
+ },
+ {
+ .trust = X509_TRUST_SSL_CLIENT,
+ .check_trust = trust_1oidany,
+ .name = "SSL Client",
+ .arg1 = NID_client_auth,
+ },
+ {
+ .trust = X509_TRUST_SSL_SERVER,
+ .check_trust = trust_1oidany,
+ .name = "SSL Server",
+ .arg1 = NID_server_auth,
+ },
+ {
+ .trust = X509_TRUST_EMAIL,
+ .check_trust = trust_1oidany,
+ .name = "S/MIME email",
+ .arg1 = NID_email_protect,
+ },
+ {
+ .trust = X509_TRUST_OBJECT_SIGN,
+ .check_trust = trust_1oidany,
+ .name = "Object Signer",
+ .arg1 = NID_code_sign,
+ },
+ {
+ .trust = X509_TRUST_OCSP_SIGN,
+ .check_trust = trust_1oid,
+ .name = "OCSP responder",
+ .arg1 = NID_OCSP_sign,
+ },
+ {
+ .trust = X509_TRUST_OCSP_REQUEST,
+ .check_trust = trust_1oid,
+ .name = "OCSP request",
+ .arg1 = NID_ad_OCSP,
+ },
+ {
+ .trust = X509_TRUST_TSA,
+ .check_trust = trust_1oidany,
+ .name = "TSA server",
+ .arg1 = NID_time_stamp,
+ },
};
-#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST))
+#define X509_TRUST_COUNT (sizeof(trstandard) / sizeof(trstandard[0]))
static STACK_OF(X509_TRUST) *trtable = NULL;
projects / openbsd / commitdiff