From abcaf42929501a08ede01b043bc7600cccb47e92 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 11 Feb 2004 08:37:54 +0000 Subject: *** empty log message *** --- NEWS | 2 +- lib/pkix.asn | 171 +++++++++++++++++++++++---------------------- lib/pkix_asn1_tab.c | 196 +++++++++++++++++++++++++--------------------------- 3 files changed, 184 insertions(+), 185 deletions(-) diff --git a/NEWS b/NEWS index 2c1053df3c..7aa55560ac 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Version 1.0.5 +Version 1.0.5 (11/02/2004) - Fixed a bug where 'server name' extension was always sent. - Backported several things from the development branch: - Added CRL verification functionality to certtool. diff --git a/lib/pkix.asn b/lib/pkix.asn index 01b1e7e940..5a2f93d73d 100644 --- a/lib/pkix.asn +++ b/lib/pkix.asn @@ -107,6 +107,15 @@ PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE { -- subject alternative name extension OID and syntax +-- Directory string type -- + +DirectoryString ::= CHOICE { + teletexString TeletexString (SIZE (1..MAX)), + printableString PrintableString (SIZE (1..MAX)), + universalString UniversalString (SIZE (1..MAX)), + utf8String UTF8String (SIZE (1..MAX)), + bmpString BMPString (SIZE(1..MAX)) } + id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } SubjectAltName ::= GeneralNames @@ -184,18 +193,25 @@ SkipCerts ::= INTEGER (0..MAX) id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} -CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint +CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, - cRLIssuer [2] GeneralNames OPTIONAL } - -DistributionPointName ::= CHOICE { - fullName [0] GeneralNames, - nameRelativeToCRLIssuer [1] RelativeDistinguishedName } + cRLIssuer [2] GeneralNames OPTIONAL +} +-- original definition: +-- DistributionPointName ::= CHOICE { +-- fullName [0] GeneralNames, +-- nameRelativeToCRLIssuer [1] RelativeDistinguishedName +--} +-- This does not work since it does not tag elements. +DistributionPointName ::= SEQUENCE { + fullName [0] GeneralNames OPTIONAL, + nameRelativeToCRLIssuer [1] RelativeDistinguishedName OPTIONAL +} ReasonFlags ::= BIT STRING { unused (0), @@ -204,7 +220,9 @@ ReasonFlags ::= BIT STRING { affiliationChanged (3), superseded (4), cessationOfOperation (5), - certificateHold (6) } + certificateHold (6), + privilegeWithdrawn (7), + aACompromise (8) } -- extended key usage extension OID and syntax @@ -390,88 +408,38 @@ AttributeTypeAndValue ::= SEQUENCE { id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} -- Attributes of type NameDirectoryString -id-at-name AttributeType ::= {id-at 41} -id-at-surname AttributeType ::= {id-at 4} -id-at-givenName AttributeType ::= {id-at 42} -id-at-initials AttributeType ::= {id-at 43} -id-at-generationQualifier AttributeType ::= {id-at 44} - -X520name ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-name)), - printableString PrintableString (SIZE (1..ub-name)), - universalString UniversalString (SIZE (1..ub-name)), - utf8String UTF8String (SIZE (1..ub-name)), - bmpString BMPString (SIZE(1..ub-name)) } +id-at-initials AttributeType ::= { id-at 43 } +X520initials ::= DirectoryString --- +id-at-generationQualifier AttributeType ::= { id-at 44 } +X520generationQualifier ::= DirectoryString -id-at-commonName AttributeType ::= {id-at 3} +id-at-surname AttributeType ::= { id-at 4 } +X520surName ::= DirectoryString -X520CommonName ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-common-name)), - printableString PrintableString (SIZE (1..ub-common-name)), - universalString UniversalString (SIZE (1..ub-common-name)), - utf8String UTF8String (SIZE (1..ub-common-name)), - bmpString BMPString (SIZE(1..ub-common-name)) } +id-at-givenName AttributeType ::= { id-at 42 } +X520givenName ::= DirectoryString --- - -id-at-localityName AttributeType ::= {id-at 7} +id-at-name AttributeType ::= { id-at 41 } +X520name ::= DirectoryString -X520LocalityName ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-locality-name)), - printableString PrintableString (SIZE (1..ub-locality-name)), - universalString UniversalString (SIZE (1..ub-locality-name)), - utf8String UTF8String (SIZE (1..ub-locality-name)), - bmpString BMPString (SIZE(1..ub-locality-name)) } +id-at-commonName AttributeType ::= {id-at 3} +X520CommonName ::= DirectoryString --- +id-at-localityName AttributeType ::= {id-at 7} +X520LocalityName ::= DirectoryString id-at-stateOrProvinceName AttributeType ::= {id-at 8} - -X520StateOrProvinceName ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-state-name)), - printableString PrintableString (SIZE (1..ub-state-name)), - universalString UniversalString (SIZE (1..ub-state-name)), - utf8String UTF8String (SIZE (1..ub-state-name)), - bmpString BMPString (SIZE(1..ub-state-name)) } - --- +X520StateOrProvinceName ::= DirectoryString id-at-organizationName AttributeType ::= {id-at 10} - -X520OrganizationName ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-organization-name)), - printableString PrintableString (SIZE (1..ub-organization-name)), - universalString UniversalString (SIZE (1..ub-organization-name)), - utf8String UTF8String (SIZE (1..ub-organization-name)), - bmpString BMPString (SIZE(1..ub-organization-name)) } - --- +X520OrganizationName ::= DirectoryString id-at-organizationalUnitName AttributeType ::= {id-at 11} - -X520OrganizationalUnitName ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-organizational-unit-name)), - printableString PrintableString - (SIZE (1..ub-organizational-unit-name)), - universalString UniversalString - (SIZE (1..ub-organizational-unit-name)), - utf8String UTF8String (SIZE (1..ub-organizational-unit-name)), - bmpString BMPString (SIZE(1..ub-organizational-unit-name)) } - --- +X520OrganizationalUnitName ::= DirectoryString id-at-title AttributeType ::= {id-at 12} - -X520Title ::= CHOICE { - teletexString TeletexString (SIZE (1..ub-title)), - printableString PrintableString (SIZE (1..ub-title)), - universalString UniversalString (SIZE (1..ub-title)), - utf8String UTF8String (SIZE (1..ub-title)), - bmpString BMPString (SIZE(1..ub-title)) } - --- +X520Title ::= DirectoryString id-at-dnQualifier AttributeType ::= {id-at 46} X520dnQualifier ::= PrintableString @@ -479,6 +447,18 @@ X520dnQualifier ::= PrintableString id-at-countryName AttributeType ::= {id-at 6} X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes +id-at-pseudonym AttributeType ::= {id-at 65} +X520pseudonym ::= DirectoryString + +id-at-streetAddress AttributeType ::= {id-at 9} +X520streetAddress ::= DirectoryString + +id-at-postalAddress AttributeType ::= {id-at 16} +X520postalAddress ::= PostalAddress + +PostalAddress ::= SEQUENCE OF DirectoryString + + -- Legacy attributes pkcs OBJECT IDENTIFIER ::= @@ -504,14 +484,6 @@ DistinguishedName ::= RDNSequence RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF AttributeTypeAndValue --- Directory string type -- - -DirectoryString ::= CHOICE { - teletexString TeletexString (SIZE (1..MAX)), - printableString PrintableString (SIZE (1..MAX)), - universalString UniversalString (SIZE (1..MAX)), - utf8String UTF8String (SIZE (1..MAX)), - bmpString BMPString (SIZE(1..MAX)) } -- -------------------------------------------------------- @@ -1197,4 +1169,37 @@ pkcs-7-EncryptedContent ::= OCTET STRING pkcs-7-UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute +-- LDAP stuff +-- may not be correct + +id-at-ldap-DC AttributeType ::= { 0 9 2342 19200300 100 1 25 } + +ldap-DC ::= IA5String + +id-at-ldap-UID AttributeType ::= { 0 9 2342 19200300 100 1 1 } + +ldap-UID ::= IA5String + +-- rfc3039 + +id-pda OBJECT IDENTIFIER ::= { id-pkix 9 } + +id-pda-dateOfBirth AttributeType ::= { id-pda 1 } +DateOfBirth ::= GeneralizedTime + +id-pda-placeOfBirth AttributeType ::= { id-pda 2 } +PlaceOfBirth ::= DirectoryString + +id-pda-gender AttributeType ::= { id-pda 3 } +Gender ::= PrintableString (SIZE(1)) + -- "M", "F", "m" or "f" + +id-pda-countryOfCitizenship AttributeType ::= { id-pda 4 } +CountryOfCitizenship ::= PrintableString (SIZE (2)) + -- ISO 3166 Country Code + +id-pda-countryOfResidence AttributeType ::= { id-pda 5 } +CountryOfResidence ::= PrintableString (SIZE (2)) + -- ISO 3166 Country Code + END diff --git a/lib/pkix_asn1_tab.c b/lib/pkix_asn1_tab.c index 26d8ef9942..f2ab0c14e8 100644 --- a/lib/pkix_asn1_tab.c +++ b/lib/pkix_asn1_tab.c @@ -84,6 +84,17 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {0,536870917,0}, {"issuerDomainPolicy",1073741826,"CertPolicyId"}, {"subjectDomainPolicy",2,"CertPolicyId"}, + {"DirectoryString",1610612754,0}, + {"teletexString",1612709890,"TeletexString"}, + {"MAX",524298,"1"}, + {"printableString",1612709890,"PrintableString"}, + {"MAX",524298,"1"}, + {"universalString",1612709890,"UniversalString"}, + {"MAX",524298,"1"}, + {"utf8String",1612709890,"UTF8String"}, + {"MAX",524298,"1"}, + {"bmpString",538968066,"BMPString"}, + {"MAX",524298,"1"}, {"id-ce-subjectAltName",1879048204,0}, {0,1073741825,"id-ce"}, {0,1,"17"}, @@ -171,7 +182,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {"id-ce-cRLDistributionPoints",1879048204,0}, {0,1073741825,"id-ce"}, {0,1,"31"}, - {"CRLDistPointsSyntax",1612709899,0}, + {"CRLDistributionPoints",1612709899,0}, {"MAX",1074266122,"1"}, {0,2,"DistributionPoint"}, {"DistributionPoint",1610612741,0}, @@ -181,10 +192,10 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {0,4104,"1"}, {"cRLIssuer",536895490,"GeneralNames"}, {0,4104,"2"}, - {"DistributionPointName",1610612754,0}, - {"fullName",1610620930,"GeneralNames"}, + {"DistributionPointName",1610612741,0}, + {"fullName",1610637314,"GeneralNames"}, {0,4104,"0"}, - {"nameRelativeToCRLIssuer",536879106,"RelativeDistinguishedName"}, + {"nameRelativeToCRLIssuer",536895490,"RelativeDistinguishedName"}, {0,4104,"1"}, {"ReasonFlags",1610874886,0}, {"unused",1073741825,"0"}, @@ -193,7 +204,9 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {"affiliationChanged",1073741825,"3"}, {"superseded",1073741825,"4"}, {"cessationOfOperation",1073741825,"5"}, - {"certificateHold",1,"6"}, + {"certificateHold",1073741825,"6"}, + {"privilegeWithdrawn",1073741825,"7"}, + {"aACompromise",1,"8"}, {"id-ce-extKeyUsage",1879048204,0}, {0,1073741825,"id-ce"}, {0,1,"37"}, @@ -361,116 +374,50 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {"joint-iso-ccitt",1073741825,"2"}, {"ds",1073741825,"5"}, {0,1,"4"}, - {"id-at-name",1880096780,"AttributeType"}, + {"id-at-initials",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, - {0,1,"41"}, + {0,1,"43"}, + {"X520initials",1073741826,"DirectoryString"}, + {"id-at-generationQualifier",1880096780,"AttributeType"}, + {0,1073741825,"id-at"}, + {0,1,"44"}, + {"X520generationQualifier",1073741826,"DirectoryString"}, {"id-at-surname",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"4"}, + {"X520surName",1073741826,"DirectoryString"}, {"id-at-givenName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"42"}, - {"id-at-initials",1880096780,"AttributeType"}, - {0,1073741825,"id-at"}, - {0,1,"43"}, - {"id-at-generationQualifier",1880096780,"AttributeType"}, + {"X520givenName",1073741826,"DirectoryString"}, + {"id-at-name",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, - {0,1,"44"}, - {"X520name",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-name",524298,"1"}, + {0,1,"41"}, + {"X520name",1073741826,"DirectoryString"}, {"id-at-commonName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"3"}, - {"X520CommonName",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-common-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-common-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-common-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-common-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-common-name",524298,"1"}, + {"X520CommonName",1073741826,"DirectoryString"}, {"id-at-localityName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"7"}, - {"X520LocalityName",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-locality-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-locality-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-locality-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-locality-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-locality-name",524298,"1"}, + {"X520LocalityName",1073741826,"DirectoryString"}, {"id-at-stateOrProvinceName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"8"}, - {"X520StateOrProvinceName",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-state-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-state-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-state-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-state-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-state-name",524298,"1"}, + {"X520StateOrProvinceName",1073741826,"DirectoryString"}, {"id-at-organizationName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"10"}, - {"X520OrganizationName",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-organization-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-organization-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-organization-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-organization-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-organization-name",524298,"1"}, + {"X520OrganizationName",1073741826,"DirectoryString"}, {"id-at-organizationalUnitName",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"11"}, - {"X520OrganizationalUnitName",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-organizational-unit-name",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-organizational-unit-name",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-organizational-unit-name",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-organizational-unit-name",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-organizational-unit-name",524298,"1"}, + {"X520OrganizationalUnitName",1073741826,"DirectoryString"}, {"id-at-title",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"12"}, - {"X520Title",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"ub-title",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"ub-title",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"ub-title",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"ub-title",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"ub-title",524298,"1"}, + {"X520Title",1073741826,"DirectoryString"}, {"id-at-dnQualifier",1880096780,"AttributeType"}, {0,1073741825,"id-at"}, {0,1,"46"}, @@ -480,6 +427,20 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {0,1,"6"}, {"X520countryName",1612709890,"PrintableString"}, {0,1048586,"2"}, + {"id-at-pseudonym",1880096780,"AttributeType"}, + {0,1073741825,"id-at"}, + {0,1,"65"}, + {"X520pseudonym",1073741826,"DirectoryString"}, + {"id-at-streetAddress",1880096780,"AttributeType"}, + {0,1073741825,"id-at"}, + {0,1,"9"}, + {"X520streetAddress",1073741826,"DirectoryString"}, + {"id-at-postalAddress",1880096780,"AttributeType"}, + {0,1073741825,"id-at"}, + {0,1,"16"}, + {"X520postalAddress",1073741826,"PostalAddress"}, + {"PostalAddress",1610612747,0}, + {0,2,"DirectoryString"}, {"pkcs",1879048204,0}, {"iso",1073741825,"1"}, {"member-body",1073741825,"2"}, @@ -502,17 +463,6 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {"RelativeDistinguishedName",1612709903,0}, {"MAX",1074266122,"1"}, {0,2,"AttributeTypeAndValue"}, - {"DirectoryString",1610612754,0}, - {"teletexString",1612709890,"TeletexString"}, - {"MAX",524298,"1"}, - {"printableString",1612709890,"PrintableString"}, - {"MAX",524298,"1"}, - {"universalString",1612709890,"UniversalString"}, - {"MAX",524298,"1"}, - {"utf8String",1612709890,"UTF8String"}, - {"MAX",524298,"1"}, - {"bmpString",538968066,"BMPString"}, - {"MAX",524298,"1"}, {"Certificate",1610612741,0}, {"tbsCertificate",1073741826,"TBSCertificate"}, {"signatureAlgorithm",1073741826,"AlgorithmIdentifier"}, @@ -1069,8 +1019,52 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {0,4104,"0"}, {"pkcs-7-ContentEncryptionAlgorithmIdentifier",1073741826,"AlgorithmIdentifier"}, {"pkcs-7-EncryptedContent",1073741831,0}, - {"pkcs-7-UnprotectedAttributes",538968079,0}, + {"pkcs-7-UnprotectedAttributes",1612709903,0}, {"MAX",1074266122,"1"}, {0,2,"Attribute"}, + {"id-at-ldap-DC",1880096780,"AttributeType"}, + {0,1073741825,"0"}, + {0,1073741825,"9"}, + {0,1073741825,"2342"}, + {0,1073741825,"19200300"}, + {0,1073741825,"100"}, + {0,1073741825,"1"}, + {0,1,"25"}, + {"ldap-DC",1073741826,"IA5String"}, + {"id-at-ldap-UID",1880096780,"AttributeType"}, + {0,1073741825,"0"}, + {0,1073741825,"9"}, + {0,1073741825,"2342"}, + {0,1073741825,"19200300"}, + {0,1073741825,"100"}, + {0,1073741825,"1"}, + {0,1,"1"}, + {"ldap-UID",1073741826,"IA5String"}, + {"id-pda",1879048204,0}, + {0,1073741825,"id-pkix"}, + {0,1,"9"}, + {"id-pda-dateOfBirth",1880096780,"AttributeType"}, + {0,1073741825,"id-pda"}, + {0,1,"1"}, + {"DateOfBirth",1082130449,0}, + {"id-pda-placeOfBirth",1880096780,"AttributeType"}, + {0,1073741825,"id-pda"}, + {0,1,"2"}, + {"PlaceOfBirth",1073741826,"DirectoryString"}, + {"id-pda-gender",1880096780,"AttributeType"}, + {0,1073741825,"id-pda"}, + {0,1,"3"}, + {"Gender",1612709890,"PrintableString"}, + {0,1048586,"1"}, + {"id-pda-countryOfCitizenship",1880096780,"AttributeType"}, + {0,1073741825,"id-pda"}, + {0,1,"4"}, + {"CountryOfCitizenship",1612709890,"PrintableString"}, + {0,1048586,"2"}, + {"id-pda-countryOfResidence",1880096780,"AttributeType"}, + {0,1073741825,"id-pda"}, + {0,1,"5"}, + {"CountryOfResidence",538968066,"PrintableString"}, + {0,1048586,"2"}, {0,0,0} }; -- cgit v1.2.1