diff options
| author | Nikolay Morozov <nmorozoff77@yandex.ru> | 2020-03-02 10:17:30 +0300 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-03-25 15:33:53 +0300 |
| commit | 71f852802f453db9be24bb83385288c7d7b83ae1 (patch) | |
| tree | 6e25b386a15a51df5e8a8d9e87b9c69dd3fda159 /include | |
| parent | 129c22840ee73c0c6cb1e5ed629fa361b688e537 (diff) | |
Issuer Sign Tool extention support
Issuer Sign Tool (1.2.643.100.112) The name of the tool used to signs the subject (ASN1_SEQUENCE)
This extention is required to obtain the status of a qualified certificate at Russian Federation.
RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5
Russian Federal Law 63 "Digital Sign" is available here: http://www.consultant.ru/document/cons_doc_LAW_112701/
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11216)
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/x509v3.h | 9 | ||||
| -rw-r--r-- | include/openssl/x509v3err.h | 2 |
2 files changed, 11 insertions, 0 deletions
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index 4a96aad69f..63903efb20 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -230,6 +230,13 @@ typedef struct SXNET_st { STACK_OF(SXNETID) *ids; } SXNET; +typedef struct ISSUER_SIGN_TOOL_st { + ASN1_UTF8STRING *signTool; + ASN1_UTF8STRING *cATool; + ASN1_UTF8STRING *signToolCert; + ASN1_UTF8STRING *cAToolCert; +} ISSUER_SIGN_TOOL; + typedef struct NOTICEREF_st { ASN1_STRING *organization; STACK_OF(ASN1_INTEGER) *noticenos; @@ -458,6 +465,8 @@ DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) DECLARE_ASN1_FUNCTIONS(SXNET) DECLARE_ASN1_FUNCTIONS(SXNETID) +DECLARE_ASN1_FUNCTIONS(ISSUER_SIGN_TOOL) + int SXNET_add_id_asc(SXNET **psx, const char *zone, const char *user, int userlen); int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user, int userlen); diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h index 6e73337e3b..4a305853df 100644 --- a/include/openssl/x509v3err.h +++ b/include/openssl/x509v3err.h @@ -41,6 +41,7 @@ int ERR_load_X509V3_strings(void); # define X509V3_F_DO_EXT_I2D 0 # define X509V3_F_DO_EXT_NCONF 0 # define X509V3_F_GNAMES_FROM_SECTNAME 0 +# define X509V3_F_I2R_ISSUER_SIGN_TOOL 0 # define X509V3_F_I2S_ASN1_ENUMERATED 0 # define X509V3_F_I2S_ASN1_IA5STRING 0 # define X509V3_F_I2S_ASN1_INTEGER 0 @@ -80,6 +81,7 @@ int ERR_load_X509V3_strings(void); # define X509V3_F_V2I_IDP 0 # define X509V3_F_V2I_IPADDRBLOCKS 0 # define X509V3_F_V2I_ISSUER_ALT 0 +# define X509V3_F_V2I_ISSUER_SIGN_TOOL 0 # define X509V3_F_V2I_NAME_CONSTRAINTS 0 # define X509V3_F_V2I_POLICY_CONSTRAINTS 0 # define X509V3_F_V2I_POLICY_MAPPINGS 0 |