diff options
author | Nikolay Morozov <nmorozoff77@yandex.ru> | 2020-02-14 13:14:30 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-02-28 18:01:16 +0300 |
commit | 6103f39c0d79e86b58ae9437bc4c55a513a5e1dd (patch) | |
tree | 550729c8f67964c225ef70160df18b9e1c3d941e /include | |
parent | 1dfdbd5bf65bc9e7dec728e502f9c7cd9352bb42 (diff) |
x509v3 subjectSignTool extention support
Subject Sign Tool (1.2.643.100.111) The name of the tool used to signs the subject (UTF8String)
This extention is required to obtain the status of a qualified certificate at Russian Federation.
RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5
Russian Federal Law 63 "Digital Sign" is available here: http://www.consultant.ru/document/cons_doc_LAW_112701/
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11093)
Diffstat (limited to 'include')
-rw-r--r-- | include/crypto/x509v3.h | 23 | ||||
-rw-r--r-- | include/openssl/x509v3err.h | 4 |
2 files changed, 26 insertions, 1 deletions
diff --git a/include/crypto/x509v3.h b/include/crypto/x509v3.h new file mode 100644 index 0000000000..4ca85e9a2e --- /dev/null +++ b/include/crypto/x509v3.h @@ -0,0 +1,23 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#ifndef OSSL_CRYPTO_X509V3_H +# define OSSL_CRYPTO_X509V3_H + +#define EXT_UTF8STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_UTF8STRING), \ + 0,0,0,0, \ + (X509V3_EXT_I2S)i2s_ASN1_UTF8STRING, \ + (X509V3_EXT_S2I)s2i_ASN1_UTF8STRING, \ + 0,0,0,0, \ + NULL} + +char *i2s_ASN1_UTF8STRING(X509V3_EXT_METHOD *method, ASN1_UTF8STRING *utf8); +ASN1_UTF8STRING *s2i_ASN1_UTF8STRING(X509V3_EXT_METHOD *method, + X509V3_CTX *ctx, const char *str); + +#endif diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h index 0dab8a2a36..6e73337e3b 100644 --- a/include/openssl/x509v3err.h +++ b/include/openssl/x509v3err.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -44,6 +44,7 @@ int ERR_load_X509V3_strings(void); # define X509V3_F_I2S_ASN1_ENUMERATED 0 # define X509V3_F_I2S_ASN1_IA5STRING 0 # define X509V3_F_I2S_ASN1_INTEGER 0 +# define X509V3_F_I2S_ASN1_UTF8STRING 0 # define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 0 # define X509V3_F_LEVEL_ADD_NODE 0 # define X509V3_F_NOTICE_SECTION 0 @@ -58,6 +59,7 @@ int ERR_load_X509V3_strings(void); # define X509V3_F_S2I_ASN1_IA5STRING 0 # define X509V3_F_S2I_ASN1_INTEGER 0 # define X509V3_F_S2I_ASN1_OCTET_STRING 0 +# define X509V3_F_S2I_ASN1_UTF8STRING 0 # define X509V3_F_S2I_SKEY_ID 0 # define X509V3_F_SET_DIST_POINT_NAME 0 # define X509V3_F_SXNET_ADD_ID_ASC 0 |