diff options
author | Jonathan M. Wilbur <jonathan@wilbur.space> | 2024-08-21 01:24:01 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-08-27 16:48:57 +0200 |
commit | 254693280d1a93f5c1ab81f0f8d171b980ac0664 (patch) | |
tree | 3fe9c98e00612993173dc70a67fdce86f238679a | |
parent | fix coding style (diff) | |
download | openssl-254693280d1a93f5c1ab81f0f8d171b980ac0664.tar.xz openssl-254693280d1a93f5c1ab81f0f8d171b980ac0664.zip |
feat: add support for issuedOnBehalfOf X.509v3 extension
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25241)
-rw-r--r-- | crypto/x509/build.info | 2 | ||||
-rw-r--r-- | crypto/x509/ext_dat.h | 1 | ||||
-rw-r--r-- | crypto/x509/standard_exts.h | 1 | ||||
-rw-r--r-- | crypto/x509/v3_iobo.c | 32 |
4 files changed, 35 insertions, 1 deletions
diff --git a/crypto/x509/build.info b/crypto/x509/build.info index 7bcb576bfa..8f3e052846 100644 --- a/crypto/x509/build.info +++ b/crypto/x509/build.info @@ -17,7 +17,7 @@ SOURCE[../../libcrypto]=\ v3_asid.c v3_addr.c v3_tlsf.c v3_admis.c v3_no_rev_avail.c \ v3_soa_id.c v3_no_ass.c v3_group_ac.c v3_single_use.c v3_ind_iss.c \ x509_acert.c x509aset.c t_acert.c x_ietfatt.c v3_ac_tgt.c v3_sda.c \ - v3_usernotice.c v3_battcons.c v3_audit_id.c + v3_usernotice.c v3_battcons.c v3_audit_id.c v3_iobo.c IF[{- !$disabled{'deprecated-3.0'} -}] SOURCE[../../libcrypto]=x509type.c diff --git a/crypto/x509/ext_dat.h b/crypto/x509/ext_dat.h index 8bb4ed6638..7ad8303f7d 100644 --- a/crypto/x509/ext_dat.h +++ b/crypto/x509/ext_dat.h @@ -41,3 +41,4 @@ extern const X509V3_EXT_METHOD ossl_v3_acc_priv_policies; extern const X509V3_EXT_METHOD ossl_v3_user_notice; extern const X509V3_EXT_METHOD ossl_v3_battcons; extern const X509V3_EXT_METHOD ossl_v3_audit_identity; +extern const X509V3_EXT_METHOD ossl_v3_issued_on_behalf_of; diff --git a/crypto/x509/standard_exts.h b/crypto/x509/standard_exts.h index 9c4f38fe35..fc9a4c4495 100644 --- a/crypto/x509/standard_exts.h +++ b/crypto/x509/standard_exts.h @@ -84,6 +84,7 @@ static const X509V3_EXT_METHOD *standard_exts[] = { &ossl_v3_acc_priv_policies, &ossl_v3_indirect_issuer, &ossl_v3_no_assertion, + &ossl_v3_issued_on_behalf_of, &ossl_v3_single_use, &ossl_v3_group_ac, &ossl_v3_holder_name_constraints, diff --git a/crypto/x509/v3_iobo.c b/crypto/x509/v3_iobo.c new file mode 100644 index 0000000000..23f991f6b6 --- /dev/null +++ b/crypto/x509/v3_iobo.c @@ -0,0 +1,32 @@ +/* + * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/x509v3.h> +#include "ext_dat.h" + +static int i2r_ISSUED_ON_BEHALF_OF(X509V3_EXT_METHOD *method, + GENERAL_NAME *gn, BIO *out, + int indent) +{ + if (BIO_printf(out, "%*s", indent, "") <= 0) + return 0; + if (GENERAL_NAME_print(out, gn) <= 0) + return 0; + return BIO_puts(out, "\n") > 0; +} + +const X509V3_EXT_METHOD ossl_v3_issued_on_behalf_of = { + NID_issued_on_behalf_of, 0, ASN1_ITEM_ref(GENERAL_NAME), + 0, 0, 0, 0, + 0, 0, + 0, 0, + (X509V3_EXT_I2R)i2r_ISSUED_ON_BEHALF_OF, + 0, + NULL +}; |