118
118
* used and there may be more: so the list is configurable.
121
static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
121
static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
123
123
static int *ext_nids = ext_nid_list;
145
145
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
147
147
X509_ATTRIBUTE *attr;
148
STACK_OF(X509_ATTRIBUTE) *sk;
149
148
ASN1_TYPE *ext = NULL;
151
150
unsigned char *p;
152
if ((req == NULL) || (req->req_info == NULL))
152
if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
154
sk=req->req_info->attributes;
155
if (!sk) return NULL;
156
for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
157
attr = sk_X509_ATTRIBUTE_value(sk, i);
158
if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
159
if(attr->single) ext = attr->value.single;
160
else if(sk_ASN1_TYPE_num(attr->value.set))
161
ext = sk_ASN1_TYPE_value(attr->value.set, 0);
154
for (pnid = ext_nids; *pnid != NID_undef; pnid++)
156
idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
159
attr = X509_REQ_get_attr(req, idx);
160
if(attr->single) ext = attr->value.single;
161
else if(sk_ASN1_TYPE_num(attr->value.set))
162
ext = sk_ASN1_TYPE_value(attr->value.set, 0);
165
if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
165
if(!ext || (ext->type != V_ASN1_SEQUENCE))
166
167
p = ext->value.sequence->data;
167
168
return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
168
169
ext->value.sequence->length,
169
170
d2i_X509_EXTENSION, X509_EXTENSION_free,
170
171
V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
173
174
/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
174
175
* in case we want to create a non standard one.