ref: 2898cba929c748aa6ad2af6daa3879ce24aba2c7
parent: f56e4344c5d01b0336724d58702502e03bb65f55
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Sun Feb 5 20:01:34 EST 2017
libsec: need PKCS#9 "Extension Request" attribute (rsareq())
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2741,9 +2741,10 @@
}
static Ints15 oid_subjectAltName = {4, 2, 5, 29, 17 };+static Ints15 oid_extensionRequest = { 7, 1, 2, 840, 113549, 1, 9, 14};static Elist*
-mkextensions(char *alts)
+mkextensions(char *alts, int req)
{Elist *sl, *xl;
@@ -2750,8 +2751,12 @@
xl = nil;
if((sl = mkaltnames(alts)) != nil)
xl = mkextel(mkseq(sl), (Ints*)&oid_subjectAltName, xl);
- if(xl != nil)
+ if(xl != nil){+ if(req) return mkel(mkcont(mkseq(
+ mkel(mkoid((Ints*)&oid_extensionRequest),
+ mkel(mkset(mkel(mkseq(xl), nil)), nil))), 0), nil);
return mkel(mkcont(mkseq(xl), 3), nil);
+ }
return nil;
}
@@ -2807,7 +2812,7 @@
mkel(mkalg(ALG_rsaEncryption),
mkel(mkbits(pkbytes->data, pkbytes->len),
nil))),
- mkextensions(alts)))))))));
+ mkextensions(alts, 0)))))))));
freebytes(pkbytes);
if(encode(e, &certinfobytes) != ASN_OK)
goto errret;
@@ -2875,7 +2880,7 @@
mkel(mkalg(ALG_rsaEncryption),
mkel(mkbits(pkbytes->data, pkbytes->len),
nil))),
- mkextensions(alts)))));
+ mkextensions(alts, 1)))));
freebytes(pkbytes);
if(encode(e, &certinfobytes) != ASN_OK)
goto errret;
--
⑨