summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509v3/v3_conf.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509v3/v3_conf.c')
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c34
1 files changed, 29 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
index f19bb3ad84..b2f03010cc 100644
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ b/src/lib/libcrypto/x509v3/v3_conf.c
@@ -170,13 +170,13 @@ static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
170 if(!(ext_der = Malloc(ext_len))) goto merr; 170 if(!(ext_der = Malloc(ext_len))) goto merr;
171 p = ext_der; 171 p = ext_der;
172 method->i2d(ext_struc, &p); 172 method->i2d(ext_struc, &p);
173 if(!(ext_oct = ASN1_OCTET_STRING_new())) goto merr; 173 if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
174 ext_oct->data = ext_der; 174 ext_oct->data = ext_der;
175 ext_oct->length = ext_len; 175 ext_oct->length = ext_len;
176 176
177 ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); 177 ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
178 if(!ext) goto merr; 178 if(!ext) goto merr;
179 ASN1_OCTET_STRING_free(ext_oct); 179 M_ASN1_OCTET_STRING_free(ext_oct);
180 180
181 return ext; 181 return ext;
182 182
@@ -220,7 +220,7 @@ static int v3_check_generic(char **value)
220 return 1; 220 return 1;
221} 221}
222 222
223/* Create a generic extension: for now just handle RAW type */ 223/* Create a generic extension: for now just handle DER type */
224static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, 224static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
225 int crit, int type) 225 int crit, int type)
226{ 226{
@@ -241,7 +241,7 @@ if(!(ext_der = string_to_hex(value, &ext_len))) {
241 goto err; 241 goto err;
242} 242}
243 243
244if(!(oct = ASN1_OCTET_STRING_new())) { 244if(!(oct = M_ASN1_OCTET_STRING_new())) {
245 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE); 245 X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE);
246 goto err; 246 goto err;
247} 247}
@@ -254,7 +254,7 @@ extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
254 254
255err: 255err:
256ASN1_OBJECT_free(obj); 256ASN1_OBJECT_free(obj);
257ASN1_OCTET_STRING_free(oct); 257M_ASN1_OCTET_STRING_free(oct);
258if(ext_der) Free(ext_der); 258if(ext_der) Free(ext_der);
259return extension; 259return extension;
260} 260}
@@ -302,6 +302,30 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
302 return 1; 302 return 1;
303} 303}
304 304
305/* Add extensions to certificate request */
306
307int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
308 X509_REQ *req)
309{
310 X509_EXTENSION *ext;
311 STACK_OF(X509_EXTENSION) *extlist = NULL;
312 STACK_OF(CONF_VALUE) *nval;
313 CONF_VALUE *val;
314 int i;
315 if(!(nval = CONF_get_section(conf, section))) return 0;
316 for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
317 val = sk_CONF_VALUE_value(nval, i);
318 if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
319 return 0;
320 if(!extlist) extlist = sk_X509_EXTENSION_new_null();
321 sk_X509_EXTENSION_push(extlist, ext);
322 }
323 if(req) i = X509_REQ_add_extensions(req, extlist);
324 else i = 1;
325 sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
326 return i;
327}
328
305/* Config database functions */ 329/* Config database functions */
306 330
307char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) 331char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-23 19:33:29 +0000