diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 1999-08-25 16:59:26 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 1999-08-25 16:59:26 +0000 |
| commit | c79b16e11d70488f4de0e766d78f6a5ce77d99af (patch) | |
| tree | fad4e8d20108152d2d0a12229e4d92ad560a0c17 /crypto/x509v3/v3_conf.c | |
| parent | 43ca6c02dc702b8fff20205ec62ec03eed77eb1b (diff) | |
Allow extensions to be added to certificate requests, update the sample
config file (change RAW to DER).
Diffstat (limited to 'crypto/x509v3/v3_conf.c')
| -rw-r--r-- | crypto/x509v3/v3_conf.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index f19bb3ad84..d092fe99fe 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -220,7 +220,7 @@ static int v3_check_generic(char **value) return 1; } -/* Create a generic extension: for now just handle RAW type */ +/* Create a generic extension: for now just handle DER type */ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type) { @@ -302,6 +302,30 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, return 1; } +/* Add extensions to certificate request */ + +int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, + X509_REQ *req) +{ + X509_EXTENSION *ext; + STACK_OF(X509_EXTENSION) *extlist = NULL; + STACK_OF(CONF_VALUE) *nval; + CONF_VALUE *val; + int i; + if(!(nval = CONF_get_section(conf, section))) return 0; + for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { + val = sk_CONF_VALUE_value(nval, i); + if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) + return 0; + if(!extlist) extlist = sk_X509_EXTENSION_new_null(); + sk_X509_EXTENSION_push(extlist, ext); + } + if(req) i = X509_REQ_add_extensions(req, extlist); + else i = 1; + sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free); + return i; +} + /* Config database functions */ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) |