]> granicus.if.org Git - openssl/commitdiff
New config module for string tables. This can be used to add new
authorDr. Stephen Henson <steve@openssl.org>
Mon, 22 Oct 2012 13:05:54 +0000 (13:05 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 22 Oct 2012 13:05:54 +0000 (13:05 +0000)
multi string components (as used in DN fields or request attributes)
or change the values of existing ones.

crypto/asn1/Makefile
crypto/asn1/asn1.h
crypto/asn1/asn1_err.c
crypto/asn1/asn1_gen.c
crypto/conf/conf_mall.c

index c66d9169fb29217331174ffadcc11913c3724fb2..b709c4166ee2a0176510e194aa898362a7f498ac 100644 (file)
@@ -29,7 +29,8 @@ LIBSRC=       a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
        f_int.c f_string.c n_pkey.c \
        f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \
        asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
-       evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
+       evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c \
+       asn_mstbl.c
 LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
        a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
        a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
@@ -42,7 +43,8 @@ LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
        f_int.o f_string.o n_pkey.o \
        f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \
        asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
-       evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
+       evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o \
+       asn_mstbl.o
 
 SRC= $(LIBSRC)
 
index 33a41d79b12777d4bfdf3e3915d14e74f40d4c24..a082c96f844ff7fbb96bbbe3feb4afb9e9da8c24 100644 (file)
@@ -263,6 +263,12 @@ typedef struct ASN1_ENCODING_st
 #define ASN1_LONG_UNDEF        0x7fffffffL
 
 #define STABLE_FLAGS_MALLOC    0x01
+/* A zero passed to ASN1_STRING_TABLE_new_add for the flags is 
+ * interpreted as "don't change" and STABLE_FLAGS_MALLOC is always
+ * set. By setting STABLE_FLAGS_MALLOC only we can clear the existing
+ * value. Use the alias STABLE_FLAGS_CLEAR to reflect this.
+ */
+#define STABLE_FLAGS_CLEAR     STABLE_FLAGS_MALLOC
 #define STABLE_NO_MASK         0x02
 #define DIRSTRING_TYPE \
  (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
@@ -1090,9 +1096,11 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
 int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
 
 void ASN1_add_oid_module(void);
+void ASN1_add_stable_module(void);
 
 ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
 ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
+int ASN1_str2mask(const char *str, unsigned long *pmask);
 
 /* ASN1 Print flags */
 
@@ -1260,6 +1268,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_D2I_X509                                         156
 #define ASN1_F_D2I_X509_CINF                            157
 #define ASN1_F_D2I_X509_PKEY                            159
+#define ASN1_F_DO_TCREATE                               222
 #define ASN1_F_I2D_ASN1_BIO_STREAM                      211
 #define ASN1_F_I2D_ASN1_SET                             188
 #define ASN1_F_I2D_ASN1_TIME                            160
@@ -1278,6 +1287,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_PKCS5_PBKDF2_SET                                 219
 #define ASN1_F_SMIME_READ_ASN1                          212
 #define ASN1_F_SMIME_TEXT                               213
+#define ASN1_F_STBL_MODULE_INIT                                 223
 #define ASN1_F_X509_CINF_NEW                            168
 #define ASN1_F_X509_CRL_ADD0_REVOKED                    169
 #define ASN1_F_X509_INFO_NEW                            170
@@ -1345,9 +1355,11 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_INVALID_NUMBER                           187
 #define ASN1_R_INVALID_OBJECT_ENCODING                  216
 #define ASN1_R_INVALID_SEPARATOR                        131
+#define ASN1_R_INVALID_STRING_TABLE_VALUE               218
 #define ASN1_R_INVALID_TIME_FORMAT                      132
 #define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           133
 #define ASN1_R_INVALID_UTF8STRING                       134
+#define ASN1_R_INVALID_VALUE                            219
 #define ASN1_R_IV_TOO_LARGE                             135
 #define ASN1_R_LENGTH_ERROR                             136
 #define ASN1_R_LIST_ERROR                               188
index 4c042b13c695c5d1295cf5a092c8619170ebfcdc..da8559fbd9679e93882055b88d089e5f32462f1a 100644 (file)
@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2012 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -166,6 +166,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_FUNC(ASN1_F_D2I_X509),    "D2I_X509"},
 {ERR_FUNC(ASN1_F_D2I_X509_CINF),       "D2I_X509_CINF"},
 {ERR_FUNC(ASN1_F_D2I_X509_PKEY),       "d2i_X509_PKEY"},
+{ERR_FUNC(ASN1_F_DO_TCREATE),  "DO_TCREATE"},
 {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
 {ERR_FUNC(ASN1_F_I2D_ASN1_SET),        "i2d_ASN1_SET"},
 {ERR_FUNC(ASN1_F_I2D_ASN1_TIME),       "I2D_ASN1_TIME"},
@@ -184,6 +185,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET),    "PKCS5_pbkdf2_set"},
 {ERR_FUNC(ASN1_F_SMIME_READ_ASN1),     "SMIME_read_ASN1"},
 {ERR_FUNC(ASN1_F_SMIME_TEXT),  "SMIME_text"},
+{ERR_FUNC(ASN1_F_STBL_MODULE_INIT),    "STBL_MODULE_INIT"},
 {ERR_FUNC(ASN1_F_X509_CINF_NEW),       "X509_CINF_NEW"},
 {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED),       "X509_CRL_add0_revoked"},
 {ERR_FUNC(ASN1_F_X509_INFO_NEW),       "X509_INFO_new"},
@@ -254,9 +256,11 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ERR_REASON(ASN1_R_INVALID_NUMBER)       ,"invalid number"},
 {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING),"invalid object encoding"},
 {ERR_REASON(ASN1_R_INVALID_SEPARATOR)    ,"invalid separator"},
+{ERR_REASON(ASN1_R_INVALID_STRING_TABLE_VALUE),"invalid string table value"},
 {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT)  ,"invalid time format"},
 {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"},
 {ERR_REASON(ASN1_R_INVALID_UTF8STRING)   ,"invalid utf8string"},
+{ERR_REASON(ASN1_R_INVALID_VALUE)        ,"invalid value"},
 {ERR_REASON(ASN1_R_IV_TOO_LARGE)         ,"iv too large"},
 {ERR_REASON(ASN1_R_LENGTH_ERROR)         ,"length error"},
 {ERR_REASON(ASN1_R_LIST_ERROR)           ,"list error"},
index 4fc241908f6923b4f99e5e4e8d2ed0c1ba4a17bf..7c2c337a1a6670807521c8ddc35a113e4f3b0726 100644 (file)
@@ -852,3 +852,27 @@ static int bitstr_cb(const char *elem, int len, void *bitstr)
        return 1;
        }
 
+static int mask_cb(const char *elem, int len, void *arg)
+       {
+       unsigned long *pmask = arg, tmpmask;
+       int tag;
+       if (len == 3 && !strncmp(elem, "DIR", 3))
+               {
+               *pmask |= B_ASN1_DIRECTORYSTRING;
+               return 1;
+               }
+       tag = asn1_str2tag(elem, len);
+       if (!tag || (tag & ASN1_GEN_FLAG))
+               return 0;
+       tmpmask = ASN1_tag2bit(tag);
+       if (!tmpmask)
+               return 0;
+       *pmask |= tmpmask;
+       return 1;
+       }
+
+int ASN1_str2mask(const char *str, unsigned long *pmask)
+       {
+       *pmask = 0;
+       return CONF_parse_list(str, '|', 1, mask_cb, pmask);
+       }
index 213890e0c28fd59042ad94679ba22324da284784..ee05d85de63680969aa3f5a7e55cdc6ff693902d 100644 (file)
@@ -73,6 +73,7 @@ void OPENSSL_load_builtin_modules(void)
        {
        /* Add builtin modules here */
        ASN1_add_oid_module();
+       ASN1_add_stable_module();
 #ifndef OPENSSL_NO_ENGINE
        ENGINE_add_conf_module();
 #endif