* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include <openssl/x509v3.h>
static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
-EXT_IA5STRING(NID_netscape_base_url),
-EXT_IA5STRING(NID_netscape_revocation_url),
-EXT_IA5STRING(NID_netscape_ca_revocation_url),
-EXT_IA5STRING(NID_netscape_renewal_url),
-EXT_IA5STRING(NID_netscape_ca_policy_url),
-EXT_IA5STRING(NID_netscape_ssl_server_name),
-EXT_IA5STRING(NID_netscape_comment),
-EXT_END
-};
+static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
+ EXT_IA5STRING(NID_netscape_base_url),
+ EXT_IA5STRING(NID_netscape_revocation_url),
+ EXT_IA5STRING(NID_netscape_ca_revocation_url),
+ EXT_IA5STRING(NID_netscape_renewal_url),
+ EXT_IA5STRING(NID_netscape_ca_policy_url),
+ EXT_IA5STRING(NID_netscape_ssl_server_name),
+ EXT_IA5STRING(NID_netscape_comment),
+ EXT_END
+};
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- ASN1_IA5STRING *ia5)
+static char *
+i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
{
char *tmp;
- if(!ia5 || !ia5->length) return NULL;
- if(!(tmp = malloc(ia5->length + 1))) {
- X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
+
+ if (!ia5 || !ia5->length)
+ return NULL;
+ if (!(tmp = malloc(ia5->length + 1))) {
+ X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
memcpy(tmp, ia5->data, ia5->length);
return tmp;
}
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
+static ASN1_IA5STRING *
+s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
{
ASN1_IA5STRING *ia5;
- if(!str) {
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT);
+ if (!str) {
+ X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
+ X509V3_R_INVALID_NULL_ARGUMENT);
return NULL;
}
- if(!(ia5 = M_ASN1_IA5STRING_new())) goto err;
- if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
- strlen(str))) {
+ if (!(ia5 = M_ASN1_IA5STRING_new()))
+ goto err;
+ if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
+ strlen(str))) {
M_ASN1_IA5STRING_free(ia5);
goto err;
}
return ia5;
- err:
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
+
+err:
+ X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- AUTHORITY_INFO_ACCESS *ainfo,
- STACK_OF(CONF_VALUE) *ret);
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-const X509V3_EXT_METHOD v3_info =
-{ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
-
-const X509V3_EXT_METHOD v3_sinfo =
-{ NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
+ X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
+ STACK_OF(CONF_VALUE) *ret);
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(
+ X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+const X509V3_EXT_METHOD v3_info = {
+ NID_info_access, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+ 0, 0, 0, 0,
+ 0, 0,
+ (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
+ (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+ 0, 0,
+ NULL
+};
+
+const X509V3_EXT_METHOD v3_sinfo = {
+ NID_sinfo_access, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+ 0, 0, 0, 0,
+ 0, 0,
+ (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
+ (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+ 0, 0,
+ NULL
+};
ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
+ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames,
+ ACCESS_DESCRIPTION)
ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- AUTHORITY_INFO_ACCESS *ainfo,
- STACK_OF(CONF_VALUE) *ret)
+static STACK_OF(CONF_VALUE) *
+i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret)
{
ACCESS_DESCRIPTION *desc;
- int i,nlen;
+ int i, nlen;
char objtmp[80], *ntmp;
CONF_VALUE *vtmp;
- for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
+
+ for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
ret = i2v_GENERAL_NAME(method, desc->location, ret);
- if(!ret) break;
+ if (!ret)
+ break;
vtmp = sk_CONF_VALUE_value(ret, i);
i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
ntmp = malloc(nlen);
- if(!ntmp) {
+ if (!ntmp) {
X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_MALLOC_FAILURE);
return NULL;
}
strlcpy(ntmp, objtmp, nlen);
strlcat(ntmp, vtmp->name, nlen);
free(vtmp->name);
vtmp->name = ntmp;
-
+
}
- if(!ret) return sk_CONF_VALUE_new_null();
+ if (!ret)
+ return sk_CONF_VALUE_new_null();
return ret;
}
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+static AUTHORITY_INFO_ACCESS *
+v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval)
{
AUTHORITY_INFO_ACCESS *ainfo = NULL;
CONF_VALUE *cnf, ctmp;
ACCESS_DESCRIPTION *acc;
int i, objlen;
char *objtmp, *ptmp;
- if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+
+ if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
return NULL;
}
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
cnf = sk_CONF_VALUE_value(nval, i);
- if(!(acc = ACCESS_DESCRIPTION_new())
- || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+ if (!(acc = ACCESS_DESCRIPTION_new()) ||
+ !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
ptmp = strchr(cnf->name, ';');
- if(!ptmp) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX);
+ if (!ptmp) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ X509V3_R_INVALID_SYNTAX);
goto err;
}
objlen = ptmp - cnf->name;
ctmp.name = ptmp + 1;
ctmp.value = cnf->value;
- if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
- goto err;
- if(!(objtmp = malloc(objlen + 1))) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+ if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
+ goto err;
+ if (!(objtmp = malloc(objlen + 1))) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
strlcpy(objtmp, cnf->name, objlen + 1);
acc->method = OBJ_txt2obj(objtmp, 0);
- if(!acc->method) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT);
+ if (!acc->method) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ X509V3_R_BAD_OBJECT);
ERR_add_error_data(2, "value=", objtmp);
free(objtmp);
goto err;
}
return ainfo;
- err:
+
+err:
sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
return NULL;
}
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
- {
+int
+i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
+{
i2a_ASN1_OBJECT(bp, a->method);
#ifdef UNDEF
i2a_GENERAL_NAME(bp, a->location);
#endif
return 2;
- }
+}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include "cryptlib.h"
#include <openssl/x509v3.h>
-const X509V3_EXT_METHOD v3_crl_num = {
+const X509V3_EXT_METHOD v3_crl_num = {
NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
0,
- 0,0,0,0, NULL};
+ 0, 0, 0, 0,
+ NULL
+};
-const X509V3_EXT_METHOD v3_delta_crl = {
+const X509V3_EXT_METHOD v3_delta_crl = {
NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
0,
- 0,0,0,0, NULL};
+ 0, 0, 0, 0,
+ NULL
+};
-static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
- {
+static void *
+s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
+{
return s2i_ASN1_INTEGER(meth, value);
- }
+}
-const X509V3_EXT_METHOD v3_inhibit_anyp = {
+const X509V3_EXT_METHOD v3_inhibit_anyp = {
NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
(X509V3_EXT_S2I)s2i_asn1_int,
- 0,0,0,0, NULL};
-
-
+ 0, 0, 0, 0,
+ NULL
+};
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b);
+ const X509V3_EXT_METHOD * const *b);
static void ext_list_free(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
+int
+X509V3_EXT_add(X509V3_EXT_METHOD *ext)
{
- if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
+ if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
return 0;
}
- if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
+ if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
return 0;
}
return 1;
}
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b)
+static int
+ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
{
return ((*a)->ext_nid - (*b)->ext_nid);
}
-DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *,
- ext);
+DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+ const X509V3_EXT_METHOD *, ext);
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
- const X509V3_EXT_METHOD *, ext);
+ const X509V3_EXT_METHOD *, ext);
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
+const X509V3_EXT_METHOD *
+X509V3_EXT_get_nid(int nid)
{
X509V3_EXT_METHOD tmp;
const X509V3_EXT_METHOD *t = &tmp, * const *ret;
int idx;
- if(nid < 0) return NULL;
+
+ if (nid < 0)
+ return NULL;
tmp.ext_nid = nid;
ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
- if(ret) return *ret;
- if(!ext_list) return NULL;
+ if (ret)
+ return *ret;
+ if (!ext_list)
+ return NULL;
idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
- if(idx == -1) return NULL;
+ if (idx == -1)
+ return NULL;
return sk_X509V3_EXT_METHOD_value(ext_list, idx);
}
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
+const X509V3_EXT_METHOD *
+X509V3_EXT_get(X509_EXTENSION *ext)
{
int nid;
- if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
+
+ if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
+ return NULL;
return X509V3_EXT_get_nid(nid);
}
-
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
+int
+X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
{
- for(;extlist->ext_nid!=-1;extlist++)
- if(!X509V3_EXT_add(extlist)) return 0;
+ for (; extlist->ext_nid!=-1; extlist++)
+ if (!X509V3_EXT_add(extlist))
+ return 0;
return 1;
}
-int X509V3_EXT_add_alias(int nid_to, int nid_from)
+int
+X509V3_EXT_add_alias(int nid_to, int nid_from)
{
const X509V3_EXT_METHOD *ext;
X509V3_EXT_METHOD *tmpext;
- if(!(ext = X509V3_EXT_get_nid(nid_from))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
+ if (!(ext = X509V3_EXT_get_nid(nid_from))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
+ X509V3_R_EXTENSION_NOT_FOUND);
return 0;
}
- if(!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE);
+ if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
return 0;
}
*tmpext = *ext;
return X509V3_EXT_add(tmpext);
}
-void X509V3_EXT_cleanup(void)
+void
+X509V3_EXT_cleanup(void)
{
sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
ext_list = NULL;
}
-static void ext_list_free(X509V3_EXT_METHOD *ext)
+static void
+ext_list_free(X509V3_EXT_METHOD *ext)
{
- if(ext->ext_flags & X509V3_EXT_DYNAMIC) free(ext);
+ if (ext->ext_flags & X509V3_EXT_DYNAMIC)
+ free(ext);
}
/* Legacy function: we don't need to add standard extensions
* any more because they are now kept in ext_dat.h.
*/
-int X509V3_add_standard_extensions(void)
+int
+X509V3_add_standard_extensions(void)
{
return 1;
}
/* Return an extension internal structure */
-void *X509V3_EXT_d2i(X509_EXTENSION *ext)
+void *
+X509V3_EXT_d2i(X509_EXTENSION *ext)
{
const X509V3_EXT_METHOD *method;
const unsigned char *p;
- if(!(method = X509V3_EXT_get(ext))) return NULL;
+ if (!(method = X509V3_EXT_get(ext)))
+ return NULL;
p = ext->value->data;
- if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it));
+ if (method->it)
+ return ASN1_item_d2i(NULL, &p, ext->value->length,
+ ASN1_ITEM_ptr(method->it));
return method->d2i(NULL, &p, ext->value->length);
}
* -2 extension occurs more than once.
*/
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
+void *
+X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
{
int lastpos, i;
X509_EXTENSION *ex, *found_ex = NULL;
- if(!x) {
- if(idx) *idx = -1;
- if(crit) *crit = -1;
+
+ if (!x) {
+ if (idx)
+ *idx = -1;
+ if (crit)
+ *crit = -1;
return NULL;
}
- if(idx) lastpos = *idx + 1;
- else lastpos = 0;
- if(lastpos < 0) lastpos = 0;
- for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++)
- {
+ if (idx)
+ lastpos = *idx + 1;
+ else
+ lastpos = 0;
+ if (lastpos < 0)
+ lastpos = 0;
+ for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
ex = sk_X509_EXTENSION_value(x, i);
- if(OBJ_obj2nid(ex->object) == nid) {
- if(idx) {
+ if (OBJ_obj2nid(ex->object) == nid) {
+ if (idx) {
*idx = i;
found_ex = ex;
break;
- } else if(found_ex) {
+ } else if (found_ex) {
/* Found more than one */
- if(crit) *crit = -2;
+ if (crit)
+ *crit = -2;
return NULL;
}
found_ex = ex;
}
}
- if(found_ex) {
+ if (found_ex) {
/* Found it */
- if(crit) *crit = X509_EXTENSION_get_critical(found_ex);
+ if (crit)
+ *crit = X509_EXTENSION_get_critical(found_ex);
return X509V3_EXT_d2i(found_ex);
}
/* Extension not found */
- if(idx) *idx = -1;
- if(crit) *crit = -1;
+ if (idx)
+ *idx = -1;
+ if (crit)
+ *crit = -1;
return NULL;
}
* 'value' arguments (if relevant) are the extensions internal structure.
*/
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
- int crit, unsigned long flags)
+int
+X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+ int crit, unsigned long flags)
{
int extidx = -1;
int errcode;
/* If appending we don't care if it exists, otherwise
* look for existing extension.
*/
- if(ext_op != X509V3_ADD_APPEND)
+ if (ext_op != X509V3_ADD_APPEND)
extidx = X509v3_get_ext_by_NID(*x, nid, -1);
/* See if extension exists */
- if(extidx >= 0) {
+ if (extidx >= 0) {
/* If keep existing, nothing to do */
- if(ext_op == X509V3_ADD_KEEP_EXISTING)
+ if (ext_op == X509V3_ADD_KEEP_EXISTING)
return 1;
/* If default then its an error */
- if(ext_op == X509V3_ADD_DEFAULT) {
+ if (ext_op == X509V3_ADD_DEFAULT) {
errcode = X509V3_R_EXTENSION_EXISTS;
goto err;
}
/* If delete, just delete it */
- if(ext_op == X509V3_ADD_DELETE) {
- if(!sk_X509_EXTENSION_delete(*x, extidx)) return -1;
+ if (ext_op == X509V3_ADD_DELETE) {
+ if (!sk_X509_EXTENSION_delete(*x, extidx))
+ return -1;
return 1;
}
} else {
- /* If replace existing or delete, error since
+ /* If replace existing or delete, error since
* extension must exist
*/
- if((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
- (ext_op == X509V3_ADD_DELETE)) {
+ if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
+ (ext_op == X509V3_ADD_DELETE)) {
errcode = X509V3_R_EXTENSION_NOT_FOUND;
goto err;
}
ext = X509V3_EXT_i2d(nid, crit, value);
- if(!ext) {
- X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION);
+ if (!ext) {
+ X509V3err(X509V3_F_X509V3_ADD1_I2D,
+ X509V3_R_ERROR_CREATING_EXTENSION);
return 0;
}
/* If extension exists replace it.. */
- if(extidx >= 0) {
+ if (extidx >= 0) {
extmp = sk_X509_EXTENSION_value(*x, extidx);
X509_EXTENSION_free(extmp);
- if(!sk_X509_EXTENSION_set(*x, extidx, ext)) return -1;
+ if (!sk_X509_EXTENSION_set(*x, extidx, ext))
+ return -1;
return 1;
}
- if(!*x && !(*x = sk_X509_EXTENSION_new_null())) return -1;
- if(!sk_X509_EXTENSION_push(*x, ext)) return -1;
+ if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
+ return -1;
+ if (!sk_X509_EXTENSION_push(*x, ext))
+ return -1;
return 1;
- err:
- if(!(flags & X509V3_ADD_SILENT))
+err:
+ if (!(flags & X509V3_ADD_SILENT))
X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
return 0;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
/* Test application to add extensions from a config file */
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
{
LHASH *conf;
X509 *cert;
int i;
int count;
X509_EXTENSION *ext;
+
X509V3_add_standard_extensions();
ERR_load_crypto_strings();
- if(!argv[1]) {
+ if (!argv[1]) {
fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
exit(1);
}
conf_file = argv[2];
- if(!conf_file) conf_file = "test.cnf";
+ if (!conf_file)
+ conf_file = "test.cnf";
conf = CONF_load(NULL, "test.cnf", NULL);
- if(!conf) {
+ if (!conf) {
fprintf(stderr, "Error opening Config file %s\n", conf_file);
ERR_print_errors_fp(stderr);
exit(1);
}
inf = fopen(argv[1], "r");
- if(!inf) {
+ if (!inf) {
fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
exit(1);
}
cert = PEM_read_X509(inf, NULL, NULL);
- if(!cert) {
+ if (!cert) {
fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
exit(1);
}
sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
cert->cert_info->extensions = NULL;
- if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
+ if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
fprintf(stderr, "Error adding extensions\n");
ERR_print_errors_fp(stderr);
exit(1);
count = X509_get_ext_count(cert);
printf("%d extensions\n", count);
- for(i = 0; i < count; i++) {
+ for (i = 0; i < count; i++) {
ext = X509_get_ext(cert, i);
printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
- if(ext->critical) printf(",critical:\n");
- else printf(":\n");
+ if (ext->critical)
+ printf(",critical:\n");
+ else
+ printf(":\n");
X509V3_EXT_print_fp(stdout, ext, 0, 0);
printf("\n");
-
+
}
return 0;
}
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-static ERR_STRING_DATA X509V3_str_functs[]=
- {
-{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
-{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
-{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
-{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
-{ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
-{ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
-{ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
-{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
-{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
-{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
-{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
-{ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
-{ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
-{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
-{ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
-{ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
-{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
-{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
-{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
-{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
-{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
-{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
-{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
-{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
-{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
-{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
-{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
-{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
-{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
-{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
-{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
-{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
-{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
-{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
-{ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
-{ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
-{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
-{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
-{0,NULL}
- };
+static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
+ {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
+ {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
+ {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
+ {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
+ {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
+ {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
+ {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
+ {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
+ {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
+ {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
+ {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
+ {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
+ {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
+ {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
+ {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
+ {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
+ {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
+ {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
+ {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
+ {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
+ {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
+ {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
+ {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
+ {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
+ {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
+ {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
+ {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
+ {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
+ {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
+ {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
+ {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
+ {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
+ {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
+ {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
+ {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
+ {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
+ {0, NULL}
+};
-static ERR_STRING_DATA X509V3_str_reasons[]=
- {
-{ERR_REASON(X509V3_R_BAD_IP_ADDRESS) ,"bad ip address"},
-{ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"},
-{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"},
-{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"},
-{ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"},
-{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"},
-{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"},
-{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"},
-{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"},
-{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"},
-{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"},
-{ERR_REASON(X509V3_R_EXTENSION_EXISTS) ,"extension exists"},
-{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"},
-{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"},
-{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"},
-{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"},
-{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"},
-{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"},
-{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"},
-{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"},
-{ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"},
-{ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"},
-{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"},
-{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"},
-{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"},
-{ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"},
-{ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
-{ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"},
-{ERR_REASON(X509V3_R_INVALID_NUMBER) ,"invalid number"},
-{ERR_REASON(X509V3_R_INVALID_NUMBERS) ,"invalid numbers"},
-{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"},
-{ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"},
-{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"},
-{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"},
-{ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"},
-{ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"},
-{ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"},
-{ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"},
-{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"},
-{ERR_REASON(X509V3_R_MISSING_VALUE) ,"missing value"},
-{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"},
-{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"},
-{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"},
-{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) ,"no issuer details"},
-{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"},
-{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"},
-{ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"},
-{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"},
-{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"},
-{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"},
-{ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"},
-{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"},
-{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"},
-{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"},
-{ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"},
-{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) ,"unknown extension"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
-{ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"},
-{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
-{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) ,"unsupported type"},
-{ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"},
-{0,NULL}
- };
+static ERR_STRING_DATA X509V3_str_reasons[] = {
+ {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"},
+ {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"},
+ {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"},
+ {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
+ {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"},
+ {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
+ {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"},
+ {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
+ {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
+ {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
+ {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
+ {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"},
+ {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
+ {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
+ {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
+ {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
+ {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
+ {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"},
+ {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
+ {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
+ {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"},
+ {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"},
+ {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
+ {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
+ {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
+ {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"},
+ {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
+ {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"},
+ {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"},
+ {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
+ {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"},
+ {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
+ {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
+ {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"},
+ {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"},
+ {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"},
+ {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"},
+ {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
+ {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"},
+ {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
+ {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
+ {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
+ {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"},
+ {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
+ {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
+ {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"},
+ {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
+ {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
+ {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
+ {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"},
+ {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
+ {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
+ {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
+ {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"},
+ {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
+ {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
+ {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
+ {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"},
+ {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
+ {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"},
+ {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
+ {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"},
+ {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"},
+ {0, NULL}
+};
#endif
-void ERR_load_X509V3_strings(void)
- {
+void
+ERR_load_X509V3_strings(void)
+{
#ifndef OPENSSL_NO_ERR
-
- if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL)
- {
- ERR_load_strings(0,X509V3_str_functs);
- ERR_load_strings(0,X509V3_str_reasons);
- }
-#endif
+ if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
+ ERR_load_strings(0, X509V3_str_functs);
+ ERR_load_strings(0, X509V3_str_reasons);
}
+#endif
+}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
*
*/
-
-
#include <stdio.h>
#include <openssl/asn1.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
{
X509 *cert;
FILE *inf;
int i, count;
X509_EXTENSION *ext;
+
X509V3_add_standard_extensions();
ERR_load_crypto_strings();
- if(!argv[1]) {
+ if (!argv[1]) {
fprintf(stderr, "Usage v3prin cert.pem\n");
exit(1);
}
- if(!(inf = fopen(argv[1], "r"))) {
+ if (!(inf = fopen(argv[1], "r"))) {
fprintf(stderr, "Can't open %s\n", argv[1]);
exit(1);
}
- if(!(cert = PEM_read_X509(inf, NULL, NULL))) {
+ if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
fprintf(stderr, "Can't read certificate %s\n", argv[1]);
ERR_print_errors_fp(stderr);
exit(1);
fclose(inf);
count = X509_get_ext_count(cert);
printf("%d extensions\n", count);
- for(i = 0; i < count; i++) {
+ for (i = 0; i < count; i++) {
ext = X509_get_ext(cert, i);
printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
- if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
+ if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
+ ERR_print_errors_fp(stderr);
printf("\n");
-
+
}
return 0;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include <openssl/x509v3.h>
static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
-EXT_IA5STRING(NID_netscape_base_url),
-EXT_IA5STRING(NID_netscape_revocation_url),
-EXT_IA5STRING(NID_netscape_ca_revocation_url),
-EXT_IA5STRING(NID_netscape_renewal_url),
-EXT_IA5STRING(NID_netscape_ca_policy_url),
-EXT_IA5STRING(NID_netscape_ssl_server_name),
-EXT_IA5STRING(NID_netscape_comment),
-EXT_END
-};
+static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, char *str);
+const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
+ EXT_IA5STRING(NID_netscape_base_url),
+ EXT_IA5STRING(NID_netscape_revocation_url),
+ EXT_IA5STRING(NID_netscape_ca_revocation_url),
+ EXT_IA5STRING(NID_netscape_renewal_url),
+ EXT_IA5STRING(NID_netscape_ca_policy_url),
+ EXT_IA5STRING(NID_netscape_ssl_server_name),
+ EXT_IA5STRING(NID_netscape_comment),
+ EXT_END
+};
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- ASN1_IA5STRING *ia5)
+static char *
+i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
{
char *tmp;
- if(!ia5 || !ia5->length) return NULL;
- if(!(tmp = malloc(ia5->length + 1))) {
- X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
+
+ if (!ia5 || !ia5->length)
+ return NULL;
+ if (!(tmp = malloc(ia5->length + 1))) {
+ X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
memcpy(tmp, ia5->data, ia5->length);
return tmp;
}
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
+static ASN1_IA5STRING *
+s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
{
ASN1_IA5STRING *ia5;
- if(!str) {
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT);
+ if (!str) {
+ X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
+ X509V3_R_INVALID_NULL_ARGUMENT);
return NULL;
}
- if(!(ia5 = M_ASN1_IA5STRING_new())) goto err;
- if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
- strlen(str))) {
+ if (!(ia5 = M_ASN1_IA5STRING_new()))
+ goto err;
+ if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
+ strlen(str))) {
M_ASN1_IA5STRING_free(ia5);
goto err;
}
return ia5;
- err:
- X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE);
+
+err:
+ X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
return NULL;
}
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- AUTHORITY_INFO_ACCESS *ainfo,
- STACK_OF(CONF_VALUE) *ret);
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-const X509V3_EXT_METHOD v3_info =
-{ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
-
-const X509V3_EXT_METHOD v3_sinfo =
-{ NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-0,0,0,0,
-0,0,
-(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-0,0,
-NULL};
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
+ X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
+ STACK_OF(CONF_VALUE) *ret);
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(
+ X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+const X509V3_EXT_METHOD v3_info = {
+ NID_info_access, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+ 0, 0, 0, 0,
+ 0, 0,
+ (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
+ (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+ 0, 0,
+ NULL
+};
+
+const X509V3_EXT_METHOD v3_sinfo = {
+ NID_sinfo_access, X509V3_EXT_MULTILINE,
+ ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+ 0, 0, 0, 0,
+ 0, 0,
+ (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
+ (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+ 0, 0,
+ NULL
+};
ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
- ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
+ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames,
+ ACCESS_DESCRIPTION)
ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- AUTHORITY_INFO_ACCESS *ainfo,
- STACK_OF(CONF_VALUE) *ret)
+static STACK_OF(CONF_VALUE) *
+i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+ AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret)
{
ACCESS_DESCRIPTION *desc;
- int i,nlen;
+ int i, nlen;
char objtmp[80], *ntmp;
CONF_VALUE *vtmp;
- for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
+
+ for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
ret = i2v_GENERAL_NAME(method, desc->location, ret);
- if(!ret) break;
+ if (!ret)
+ break;
vtmp = sk_CONF_VALUE_value(ret, i);
i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
ntmp = malloc(nlen);
- if(!ntmp) {
+ if (!ntmp) {
X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_MALLOC_FAILURE);
return NULL;
}
strlcpy(ntmp, objtmp, nlen);
strlcat(ntmp, vtmp->name, nlen);
free(vtmp->name);
vtmp->name = ntmp;
-
+
}
- if(!ret) return sk_CONF_VALUE_new_null();
+ if (!ret)
+ return sk_CONF_VALUE_new_null();
return ret;
}
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+static AUTHORITY_INFO_ACCESS *
+v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval)
{
AUTHORITY_INFO_ACCESS *ainfo = NULL;
CONF_VALUE *cnf, ctmp;
ACCESS_DESCRIPTION *acc;
int i, objlen;
char *objtmp, *ptmp;
- if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+
+ if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
return NULL;
}
- for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
cnf = sk_CONF_VALUE_value(nval, i);
- if(!(acc = ACCESS_DESCRIPTION_new())
- || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+ if (!(acc = ACCESS_DESCRIPTION_new()) ||
+ !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
ptmp = strchr(cnf->name, ';');
- if(!ptmp) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_INVALID_SYNTAX);
+ if (!ptmp) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ X509V3_R_INVALID_SYNTAX);
goto err;
}
objlen = ptmp - cnf->name;
ctmp.name = ptmp + 1;
ctmp.value = cnf->value;
- if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
- goto err;
- if(!(objtmp = malloc(objlen + 1))) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
+ if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
+ goto err;
+ if (!(objtmp = malloc(objlen + 1))) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
strlcpy(objtmp, cnf->name, objlen + 1);
acc->method = OBJ_txt2obj(objtmp, 0);
- if(!acc->method) {
- X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT);
+ if (!acc->method) {
+ X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+ X509V3_R_BAD_OBJECT);
ERR_add_error_data(2, "value=", objtmp);
free(objtmp);
goto err;
}
return ainfo;
- err:
+
+err:
sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
return NULL;
}
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
- {
+int
+i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
+{
i2a_ASN1_OBJECT(bp, a->method);
#ifdef UNDEF
i2a_GENERAL_NAME(bp, a->location);
#endif
return 2;
- }
+}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include "cryptlib.h"
#include <openssl/x509v3.h>
-const X509V3_EXT_METHOD v3_crl_num = {
+const X509V3_EXT_METHOD v3_crl_num = {
NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
0,
- 0,0,0,0, NULL};
+ 0, 0, 0, 0,
+ NULL
+};
-const X509V3_EXT_METHOD v3_delta_crl = {
+const X509V3_EXT_METHOD v3_delta_crl = {
NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
0,
- 0,0,0,0, NULL};
+ 0, 0, 0, 0,
+ NULL
+};
-static void * s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
- {
+static void *
+s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
+{
return s2i_ASN1_INTEGER(meth, value);
- }
+}
-const X509V3_EXT_METHOD v3_inhibit_anyp = {
+const X509V3_EXT_METHOD v3_inhibit_anyp = {
NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
- 0,0,0,0,
+ 0, 0, 0, 0,
(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
(X509V3_EXT_S2I)s2i_asn1_int,
- 0,0,0,0, NULL};
-
-
+ 0, 0, 0, 0,
+ NULL
+};
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b);
+ const X509V3_EXT_METHOD * const *b);
static void ext_list_free(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
+int
+X509V3_EXT_add(X509V3_EXT_METHOD *ext)
{
- if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
+ if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
return 0;
}
- if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
- X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE);
+ if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
return 0;
}
return 1;
}
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
- const X509V3_EXT_METHOD * const *b)
+static int
+ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
{
return ((*a)->ext_nid - (*b)->ext_nid);
}
-DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *, const X509V3_EXT_METHOD *,
- ext);
+DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+ const X509V3_EXT_METHOD *, ext);
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
- const X509V3_EXT_METHOD *, ext);
+ const X509V3_EXT_METHOD *, ext);
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
+const X509V3_EXT_METHOD *
+X509V3_EXT_get_nid(int nid)
{
X509V3_EXT_METHOD tmp;
const X509V3_EXT_METHOD *t = &tmp, * const *ret;
int idx;
- if(nid < 0) return NULL;
+
+ if (nid < 0)
+ return NULL;
tmp.ext_nid = nid;
ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
- if(ret) return *ret;
- if(!ext_list) return NULL;
+ if (ret)
+ return *ret;
+ if (!ext_list)
+ return NULL;
idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
- if(idx == -1) return NULL;
+ if (idx == -1)
+ return NULL;
return sk_X509V3_EXT_METHOD_value(ext_list, idx);
}
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
+const X509V3_EXT_METHOD *
+X509V3_EXT_get(X509_EXTENSION *ext)
{
int nid;
- if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL;
+
+ if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
+ return NULL;
return X509V3_EXT_get_nid(nid);
}
-
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
+int
+X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
{
- for(;extlist->ext_nid!=-1;extlist++)
- if(!X509V3_EXT_add(extlist)) return 0;
+ for (; extlist->ext_nid!=-1; extlist++)
+ if (!X509V3_EXT_add(extlist))
+ return 0;
return 1;
}
-int X509V3_EXT_add_alias(int nid_to, int nid_from)
+int
+X509V3_EXT_add_alias(int nid_to, int nid_from)
{
const X509V3_EXT_METHOD *ext;
X509V3_EXT_METHOD *tmpext;
- if(!(ext = X509V3_EXT_get_nid(nid_from))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND);
+ if (!(ext = X509V3_EXT_get_nid(nid_from))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
+ X509V3_R_EXTENSION_NOT_FOUND);
return 0;
}
- if(!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
- X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE);
+ if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
+ X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
return 0;
}
*tmpext = *ext;
return X509V3_EXT_add(tmpext);
}
-void X509V3_EXT_cleanup(void)
+void
+X509V3_EXT_cleanup(void)
{
sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
ext_list = NULL;
}
-static void ext_list_free(X509V3_EXT_METHOD *ext)
+static void
+ext_list_free(X509V3_EXT_METHOD *ext)
{
- if(ext->ext_flags & X509V3_EXT_DYNAMIC) free(ext);
+ if (ext->ext_flags & X509V3_EXT_DYNAMIC)
+ free(ext);
}
/* Legacy function: we don't need to add standard extensions
* any more because they are now kept in ext_dat.h.
*/
-int X509V3_add_standard_extensions(void)
+int
+X509V3_add_standard_extensions(void)
{
return 1;
}
/* Return an extension internal structure */
-void *X509V3_EXT_d2i(X509_EXTENSION *ext)
+void *
+X509V3_EXT_d2i(X509_EXTENSION *ext)
{
const X509V3_EXT_METHOD *method;
const unsigned char *p;
- if(!(method = X509V3_EXT_get(ext))) return NULL;
+ if (!(method = X509V3_EXT_get(ext)))
+ return NULL;
p = ext->value->data;
- if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it));
+ if (method->it)
+ return ASN1_item_d2i(NULL, &p, ext->value->length,
+ ASN1_ITEM_ptr(method->it));
return method->d2i(NULL, &p, ext->value->length);
}
* -2 extension occurs more than once.
*/
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
+void *
+X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
{
int lastpos, i;
X509_EXTENSION *ex, *found_ex = NULL;
- if(!x) {
- if(idx) *idx = -1;
- if(crit) *crit = -1;
+
+ if (!x) {
+ if (idx)
+ *idx = -1;
+ if (crit)
+ *crit = -1;
return NULL;
}
- if(idx) lastpos = *idx + 1;
- else lastpos = 0;
- if(lastpos < 0) lastpos = 0;
- for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++)
- {
+ if (idx)
+ lastpos = *idx + 1;
+ else
+ lastpos = 0;
+ if (lastpos < 0)
+ lastpos = 0;
+ for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
ex = sk_X509_EXTENSION_value(x, i);
- if(OBJ_obj2nid(ex->object) == nid) {
- if(idx) {
+ if (OBJ_obj2nid(ex->object) == nid) {
+ if (idx) {
*idx = i;
found_ex = ex;
break;
- } else if(found_ex) {
+ } else if (found_ex) {
/* Found more than one */
- if(crit) *crit = -2;
+ if (crit)
+ *crit = -2;
return NULL;
}
found_ex = ex;
}
}
- if(found_ex) {
+ if (found_ex) {
/* Found it */
- if(crit) *crit = X509_EXTENSION_get_critical(found_ex);
+ if (crit)
+ *crit = X509_EXTENSION_get_critical(found_ex);
return X509V3_EXT_d2i(found_ex);
}
/* Extension not found */
- if(idx) *idx = -1;
- if(crit) *crit = -1;
+ if (idx)
+ *idx = -1;
+ if (crit)
+ *crit = -1;
return NULL;
}
* 'value' arguments (if relevant) are the extensions internal structure.
*/
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
- int crit, unsigned long flags)
+int
+X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+ int crit, unsigned long flags)
{
int extidx = -1;
int errcode;
/* If appending we don't care if it exists, otherwise
* look for existing extension.
*/
- if(ext_op != X509V3_ADD_APPEND)
+ if (ext_op != X509V3_ADD_APPEND)
extidx = X509v3_get_ext_by_NID(*x, nid, -1);
/* See if extension exists */
- if(extidx >= 0) {
+ if (extidx >= 0) {
/* If keep existing, nothing to do */
- if(ext_op == X509V3_ADD_KEEP_EXISTING)
+ if (ext_op == X509V3_ADD_KEEP_EXISTING)
return 1;
/* If default then its an error */
- if(ext_op == X509V3_ADD_DEFAULT) {
+ if (ext_op == X509V3_ADD_DEFAULT) {
errcode = X509V3_R_EXTENSION_EXISTS;
goto err;
}
/* If delete, just delete it */
- if(ext_op == X509V3_ADD_DELETE) {
- if(!sk_X509_EXTENSION_delete(*x, extidx)) return -1;
+ if (ext_op == X509V3_ADD_DELETE) {
+ if (!sk_X509_EXTENSION_delete(*x, extidx))
+ return -1;
return 1;
}
} else {
- /* If replace existing or delete, error since
+ /* If replace existing or delete, error since
* extension must exist
*/
- if((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
- (ext_op == X509V3_ADD_DELETE)) {
+ if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
+ (ext_op == X509V3_ADD_DELETE)) {
errcode = X509V3_R_EXTENSION_NOT_FOUND;
goto err;
}
ext = X509V3_EXT_i2d(nid, crit, value);
- if(!ext) {
- X509V3err(X509V3_F_X509V3_ADD1_I2D, X509V3_R_ERROR_CREATING_EXTENSION);
+ if (!ext) {
+ X509V3err(X509V3_F_X509V3_ADD1_I2D,
+ X509V3_R_ERROR_CREATING_EXTENSION);
return 0;
}
/* If extension exists replace it.. */
- if(extidx >= 0) {
+ if (extidx >= 0) {
extmp = sk_X509_EXTENSION_value(*x, extidx);
X509_EXTENSION_free(extmp);
- if(!sk_X509_EXTENSION_set(*x, extidx, ext)) return -1;
+ if (!sk_X509_EXTENSION_set(*x, extidx, ext))
+ return -1;
return 1;
}
- if(!*x && !(*x = sk_X509_EXTENSION_new_null())) return -1;
- if(!sk_X509_EXTENSION_push(*x, ext)) return -1;
+ if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
+ return -1;
+ if (!sk_X509_EXTENSION_push(*x, ext))
+ return -1;
return 1;
- err:
- if(!(flags & X509V3_ADD_SILENT))
+err:
+ if (!(flags & X509V3_ADD_SILENT))
X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
return 0;
}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
/* Test application to add extensions from a config file */
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
{
LHASH *conf;
X509 *cert;
int i;
int count;
X509_EXTENSION *ext;
+
X509V3_add_standard_extensions();
ERR_load_crypto_strings();
- if(!argv[1]) {
+ if (!argv[1]) {
fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
exit(1);
}
conf_file = argv[2];
- if(!conf_file) conf_file = "test.cnf";
+ if (!conf_file)
+ conf_file = "test.cnf";
conf = CONF_load(NULL, "test.cnf", NULL);
- if(!conf) {
+ if (!conf) {
fprintf(stderr, "Error opening Config file %s\n", conf_file);
ERR_print_errors_fp(stderr);
exit(1);
}
inf = fopen(argv[1], "r");
- if(!inf) {
+ if (!inf) {
fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
exit(1);
}
cert = PEM_read_X509(inf, NULL, NULL);
- if(!cert) {
+ if (!cert) {
fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
exit(1);
}
sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
cert->cert_info->extensions = NULL;
- if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
+ if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
fprintf(stderr, "Error adding extensions\n");
ERR_print_errors_fp(stderr);
exit(1);
count = X509_get_ext_count(cert);
printf("%d extensions\n", count);
- for(i = 0; i < count; i++) {
+ for (i = 0; i < count; i++) {
ext = X509_get_ext(cert, i);
printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
- if(ext->critical) printf(",critical:\n");
- else printf(":\n");
+ if (ext->critical)
+ printf(",critical:\n");
+ else
+ printf(":\n");
X509V3_EXT_print_fp(stdout, ext, 0, 0);
printf("\n");
-
+
}
return 0;
}
-
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-static ERR_STRING_DATA X509V3_str_functs[]=
- {
-{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
-{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
-{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
-{ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
-{ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
-{ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
-{ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
-{ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
-{ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
-{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
-{ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
-{ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
-{ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
-{ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
-{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
-{ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
-{ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
-{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
-{ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
-{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
-{ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
-{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
-{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
-{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
-{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
-{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
-{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
-{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
-{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
-{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
-{ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
-{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
-{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
-{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
-{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
-{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
-{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
-{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
-{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
-{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
-{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
-{ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
-{ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
-{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
-{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
-{ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
-{0,NULL}
- };
+static ERR_STRING_DATA X509V3_str_functs[] = {
+ {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "A2I_GENERAL_NAME"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE), "ASIDENTIFIERCHOICE_CANONIZE"},
+ {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL), "ASIDENTIFIERCHOICE_IS_CANONICAL"},
+ {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
+ {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
+ {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
+ {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
+ {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
+ {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
+ {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
+ {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
+ {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
+ {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS), "I2V_AUTHORITY_INFO_ACCESS"},
+ {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
+ {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
+ {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
+ {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
+ {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
+ {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
+ {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
+ {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
+ {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
+ {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
+ {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
+ {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
+ {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
+ {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
+ {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS), "V2I_AUTHORITY_INFO_ACCESS"},
+ {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
+ {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
+ {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
+ {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
+ {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
+ {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
+ {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
+ {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
+ {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
+ {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
+ {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
+ {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL), "V3_ADDR_VALIDATE_PATH_INTERNAL"},
+ {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
+ {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
+ {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
+ {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
+ {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
+ {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
+ {0, NULL}
+};
-static ERR_STRING_DATA X509V3_str_reasons[]=
- {
-{ERR_REASON(X509V3_R_BAD_IP_ADDRESS) ,"bad ip address"},
-{ERR_REASON(X509V3_R_BAD_OBJECT) ,"bad object"},
-{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) ,"bn dec2bn error"},
-{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),"bn to asn1 integer error"},
-{ERR_REASON(X509V3_R_DIRNAME_ERROR) ,"dirname error"},
-{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET),"distpoint already set"},
-{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) ,"duplicate zone id"},
-{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE),"error converting zone"},
-{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),"error creating extension"},
-{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) ,"error in extension"},
-{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME),"expected a section name"},
-{ERR_REASON(X509V3_R_EXTENSION_EXISTS) ,"extension exists"},
-{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR),"extension name error"},
-{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND),"extension not found"},
-{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),"extension setting not supported"},
-{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR),"extension value error"},
-{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION),"illegal empty extension"},
-{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) ,"illegal hex digit"},
-{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),"incorrect policy syntax tag"},
-{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS),"invalid multiple rdns"},
-{ERR_REASON(X509V3_R_INVALID_ASNUMBER) ,"invalid asnumber"},
-{ERR_REASON(X509V3_R_INVALID_ASRANGE) ,"invalid asrange"},
-{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING),"invalid boolean string"},
-{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),"invalid extension string"},
-{ERR_REASON(X509V3_R_INVALID_INHERITANCE),"invalid inheritance"},
-{ERR_REASON(X509V3_R_INVALID_IPADDRESS) ,"invalid ipaddress"},
-{ERR_REASON(X509V3_R_INVALID_NAME) ,"invalid name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT),"invalid null argument"},
-{ERR_REASON(X509V3_R_INVALID_NULL_NAME) ,"invalid null name"},
-{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) ,"invalid null value"},
-{ERR_REASON(X509V3_R_INVALID_NUMBER) ,"invalid number"},
-{ERR_REASON(X509V3_R_INVALID_NUMBERS) ,"invalid numbers"},
-{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),"invalid object identifier"},
-{ERR_REASON(X509V3_R_INVALID_OPTION) ,"invalid option"},
-{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),"invalid policy identifier"},
-{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),"invalid proxy policy setting"},
-{ERR_REASON(X509V3_R_INVALID_PURPOSE) ,"invalid purpose"},
-{ERR_REASON(X509V3_R_INVALID_SAFI) ,"invalid safi"},
-{ERR_REASON(X509V3_R_INVALID_SECTION) ,"invalid section"},
-{ERR_REASON(X509V3_R_INVALID_SYNTAX) ,"invalid syntax"},
-{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR),"issuer decode error"},
-{ERR_REASON(X509V3_R_MISSING_VALUE) ,"missing value"},
-{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),"need organization and numbers"},
-{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) ,"no config database"},
-{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE),"no issuer certificate"},
-{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) ,"no issuer details"},
-{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER),"no policy identifier"},
-{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),"no proxy cert policy language defined"},
-{ERR_REASON(X509V3_R_NO_PUBLIC_KEY) ,"no public key"},
-{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) ,"no subject details"},
-{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS),"odd number of digits"},
-{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED),"operation not defined"},
-{ERR_REASON(X509V3_R_OTHERNAME_ERROR) ,"othername error"},
-{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),"policy language already defined"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) ,"policy path length"},
-{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),"policy path length already defined"},
-{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),"policy syntax not currently supported"},
-{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),"policy when proxy language requires no policy"},
-{ERR_REASON(X509V3_R_SECTION_NOT_FOUND) ,"section not found"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),"unable to get issuer details"},
-{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),"unable to get issuer keyid"},
-{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),"unknown bit string argument"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) ,"unknown extension"},
-{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME),"unknown extension name"},
-{ERR_REASON(X509V3_R_UNKNOWN_OPTION) ,"unknown option"},
-{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) ,"unsupported option"},
-{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) ,"unsupported type"},
-{ERR_REASON(X509V3_R_USER_TOO_LONG) ,"user too long"},
-{0,NULL}
- };
+static ERR_STRING_DATA X509V3_str_reasons[] = {
+ {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"},
+ {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"},
+ {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"},
+ {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
+ {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"},
+ {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
+ {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"},
+ {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
+ {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
+ {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
+ {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
+ {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"},
+ {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
+ {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
+ {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
+ {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
+ {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
+ {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"},
+ {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
+ {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
+ {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"},
+ {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"},
+ {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
+ {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
+ {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
+ {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"},
+ {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"},
+ {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
+ {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"},
+ {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"},
+ {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
+ {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"},
+ {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
+ {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
+ {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"},
+ {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"},
+ {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"},
+ {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"},
+ {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
+ {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"},
+ {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
+ {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
+ {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
+ {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"},
+ {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
+ {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
+ {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"},
+ {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
+ {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
+ {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
+ {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"},
+ {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
+ {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
+ {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
+ {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
+ {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"},
+ {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
+ {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
+ {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
+ {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"},
+ {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
+ {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"},
+ {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
+ {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"},
+ {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"},
+ {0, NULL}
+};
#endif
-void ERR_load_X509V3_strings(void)
- {
+void
+ERR_load_X509V3_strings(void)
+{
#ifndef OPENSSL_NO_ERR
-
- if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL)
- {
- ERR_load_strings(0,X509V3_str_functs);
- ERR_load_strings(0,X509V3_str_reasons);
- }
-#endif
+ if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
+ ERR_load_strings(0, X509V3_str_functs);
+ ERR_load_strings(0, X509V3_str_reasons);
}
+#endif
+}
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
*
*/
-
-
#include <stdio.h>
#include <openssl/asn1.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
{
X509 *cert;
FILE *inf;
int i, count;
X509_EXTENSION *ext;
+
X509V3_add_standard_extensions();
ERR_load_crypto_strings();
- if(!argv[1]) {
+ if (!argv[1]) {
fprintf(stderr, "Usage v3prin cert.pem\n");
exit(1);
}
- if(!(inf = fopen(argv[1], "r"))) {
+ if (!(inf = fopen(argv[1], "r"))) {
fprintf(stderr, "Can't open %s\n", argv[1]);
exit(1);
}
- if(!(cert = PEM_read_X509(inf, NULL, NULL))) {
+ if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
fprintf(stderr, "Can't read certificate %s\n", argv[1]);
ERR_print_errors_fp(stderr);
exit(1);
fclose(inf);
count = X509_get_ext_count(cert);
printf("%d extensions\n", count);
- for(i = 0; i < count; i++) {
+ for (i = 0; i < count; i++) {
ext = X509_get_ext(cert, i);
printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
- if(!X509V3_EXT_print_fp(stdout, ext, 0, 0)) ERR_print_errors_fp(stderr);
+ if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
+ ERR_print_errors_fp(stderr);
printf("\n");
-
+
}
return 0;
}
projects / openbsd / commitdiff