From 0cd5a293cabd6b52ff1c1194ca6a5d15a799d8a3 Mon Sep 17 00:00:00 2001
From: Lealem Amedie <lealem47@github.com>
Date: Fri, 21 Jul 2023 11:36:40 -0600
Subject: [PATCH] Fix for parsing pkcs9_contentType

---
 src/x509.c              |  4 ++++
 wolfcrypt/src/asn.c     | 35 +++++++++++++++++++++++++++++++++--
 wolfssl/wolfcrypt/asn.h |  7 ++++---
 3 files changed, 41 insertions(+), 5 deletions(-)

diff --git a/src/x509.c b/src/x509.c
index 5cdb53cdb..5ce7f3a10 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -12632,6 +12632,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
             str = "DC";
             len = 2;
             break;
+        case NID_pkcs9_contentType:
+            str = "contentType";
+            len = 11;
+            break;
         default:
             WOLFSSL_MSG("Attribute type not found");
             str = NULL;
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 62206bb22..b4292a9ca 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -13194,6 +13194,16 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
         *nid = NID_favouriteDrink;
     #endif
     }
+    else if (oidSz == sizeof(attrPkcs9ContentTypeOid) &&
+             XMEMCMP(oid, attrPkcs9ContentTypeOid, oidSz) == 0) {
+        /* Set the pkcs9_contentType, type string, length and NID. */
+        id = ASN_CONTENT_TYPE;
+        typeStr = WOLFSSL_CONTENT_TYPE;
+        typeStrLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+    #ifdef WOLFSSL_X509_NAME_AVAILABLE
+        *nid = NID_pkcs9_contentType;
+    #endif
+    }
     /* Other OIDs that start with the same values. */
     else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz-1) == 0) {
         WOLFSSL_MSG("Unknown pilot attribute type");
@@ -13845,7 +13855,6 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                         nid = NID_userId;
                     #endif /* OPENSSL_EXTRA */
                         break;
-
                     case ASN_DOMAIN_COMPONENT:
                         copy = WOLFSSL_DOMAIN_COMPONENT;
                         copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
@@ -13864,7 +13873,15 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                         nid = NID_favouriteDrink;
                     #endif /* OPENSSL_EXTRA */
                         break;
-
+                    case ASN_CONTENT_TYPE:
+                        copy = WOLFSSL_CONTENT_TYPE;
+                        copyLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+                    #if (defined(OPENSSL_EXTRA) || \
+                        defined(OPENSSL_EXTRA_X509_SMALL)) \
+                        && !defined(WOLFCRYPT_ONLY)
+                        nid = NID_pkcs9_contentType;
+                    #endif /* OPENSSL_EXTRA */
+                        break;
                     default:
                         WOLFSSL_MSG("Unknown pilot attribute type");
                     #if (defined(OPENSSL_EXTRA) || \
@@ -26458,6 +26475,9 @@ static int EncodeName(EncodedName* name, const char* nameStr,
             firstSz = cname->custom.oidSz;
             break;
     #endif
+        case ASN_CONTENT_TYPE:
+            thisLen += (int)sizeof(attrPkcs9ContentTypeOid);
+            firstSz  = (int)sizeof(attrPkcs9ContentTypeOid);
         default:
             thisLen += DN_OID_SZ;
             firstSz  = DN_OID_SZ;
@@ -26522,6 +26542,13 @@ static int EncodeName(EncodedName* name, const char* nameStr,
             name->encoded[idx++] = nameTag;
             break;
     #endif
+        case ASN_CONTENT_TYPE:
+            XMEMCPY(name->encoded + idx, attrPkcs9ContentTypeOid,
+                    sizeof(attrPkcs9ContentTypeOid));
+            idx += (int)sizeof(attrPkcs9ContentTypeOid);
+            /* str type */
+            name->encoded[idx++] = nameTag;
+            break;
         default:
             name->encoded[idx++] = 0x55;
             name->encoded[idx++] = 0x04;
@@ -26594,6 +26621,10 @@ static int EncodeName(EncodedName* name, const char* nameStr,
                 oidSz = cname->custom.oidSz;
                 break;
         #endif
+            case ASN_CONTENT_TYPE:
+                oid = attrPkcs9ContentTypeOid;
+                oidSz = sizeof(attrPkcs9ContentTypeOid);
+                break;
             default:
                 /* Construct OID using type. */
                 dnOid[2] = type;
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 7a63559f0..0a386d454 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -710,10 +710,10 @@ enum DN_Tags {
     ASN_DNQUALIFIER   = 0x2e,   /* dnQualifier */
 #endif /* WOLFSSL_CERT_NAME_ALL */
 
-    ASN_CONTENT_TYPE  = 0x03,   /* pkcs9_contentType */
 
-    ASN_EMAIL_NAME    = 0x98,   /* not actual OID (see attrEmailOid) */
-    ASN_CUSTOM_NAME   = 0x99,   /* not actual OID (see CertOidField) */
+    ASN_CONTENT_TYPE  = 0x97, /* not actual OID (see attrPkcs9ContentTypeOid) */
+    ASN_EMAIL_NAME    = 0x98, /* not actual OID (see attrEmailOid) */
+    ASN_CUSTOM_NAME   = 0x99, /* not actual OID (see CertOidField) */
 
     /* pilot attribute types
      * OID values of 0.9.2342.19200300.100.1.* */
@@ -770,6 +770,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
 #define WOLFSSL_USER_ID          "/UID="
 #define WOLFSSL_DOMAIN_COMPONENT "/DC="
 #define WOLFSSL_FAVOURITE_DRINK  "/favouriteDrink="
+#define WOLFSSL_CONTENT_TYPE     "/contentType="
 
 #if defined(WOLFSSL_APACHE_HTTPD)
     /* otherName strings */