new oid in subject alt name

Wed, 17 Apr 2002 00:40:39 -0700

Title: new oid in subject alt name

Hi
I want to add a new oid in the subject altname and I can't do it.
I have look at sources (v3.alt.c) and i have seen the function which returns an error :
----------------------
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
CONF_VALUE *cnf)
{
char is_string = 0;
int type;
GENERAL_NAME *gen = NULL;
char *name, *value;
name = cnf->name;
value = cnf->value;
if(!value) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE);
return NULL;
}
if(!(gen = GENERAL_NAME_new())) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
return NULL;
}
if(!name_cmp(name, "email")) {
is_string = 1;
type = GEN_EMAIL;
} else if(!name_cmp(name, "URI")) {
is_string = 1;
type = GEN_URI;
} else if(!name_cmp(name, "DNS")) {
is_string = 1;
type = GEN_DNS;
} else if(!name_cmp(name, "RID")) {
ASN1_OBJECT *obj;
if(!(obj = OBJ_txt2obj(value,0))) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT);
ERR_add_error_data(2, "value=", value);
goto err;
}
gen->d.rid = obj;
type = GEN_RID;
} else if(!name_cmp(name, "IP")) {
int i1,i2,i3,i4;
unsigned char ip[4];
if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) ||
(i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) ||
(i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS);
ERR_add_error_data(2, "value=", value);
goto err;
}
ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4;
if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) ||
!ASN1_STRING_set(gen->d.ip, ip, 4)) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
goto err;
}
type = GEN_IPADD;
} else {
X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION);
ERR_add_error_data(2, "name=", name);
goto err;
}
if(is_string) {
if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
!ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
strlen(value))) {
X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE);
goto err;
}
}
gen->type = type;
return gen;
err:
GENERAL_NAME_free(gen);
return NULL;
}
---------------------------------------
Now, i understand why i cannot add a new oid in the subject altname.
But, i don't understand theses restrictions about oids accepted for subject alt name (email,ip,...)? What are the reasons?

Thank you very much.
ps : i have alreeady sent this mail in openssl-users mailing list but i haven't received any answer.



Reply via email to