Merge pull request #6613 from anhu/GENERAL_NAME_set0_value

Adding wolfSSL_GENERAL_NAME_set0_value() compat layer API.
2023-07-14 14:18:58 -06:00
parent 1fe8944363 933dae393e
commit 517138806a
4 changed files with 57 additions and 2 deletions
--- a/src/x509.c
+++ b/src/x509.c
@@ -4426,8 +4426,9 @@ error:
 * @return  WOLFSSL_FAILURE on invalid parameter or memory error,
 *          WOLFSSL_SUCCESS otherwise.
 */
-int wolfSSL_GENERAL_NAME_set0_othername(GENERAL_NAME* gen, ASN1_OBJECT* oid,
-                                        ASN1_TYPE* value) {
+int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
+                                        ASN1_OBJECT* oid, ASN1_TYPE* value)
+{
    WOLFSSL_ASN1_OBJECT *x = NULL;

    if ((gen == NULL) || (oid == NULL) || (value == NULL)) {
@@ -4830,6 +4831,39 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ)
    return ret;
 }

+/* Set the value in a general name. This is a compat layer API.
+ *
+ * @param [out] a       Pointer to the GENERAL_NAME where the othername is set.
+ * @param [in]  type    The type of this general name.
+ * @param [in]  value   The ASN.1 string that is the value.
+ * @return none
+ * @note the set0 indicates we take ownership so the user does NOT free value.
+ */
+void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
+                                     void *value)
+{
+    WOLFSSL_ASN1_STRING *val = (WOLFSSL_ASN1_STRING *)value;
+    if (a == NULL) {
+        WOLFSSL_MSG("a is NULL");
+        return;
+    }
+
+    if (val == NULL) {
+        WOLFSSL_MSG("value is NULL");
+        return;
+    }
+
+    if (type != GEN_DNS) {
+        WOLFSSL_MSG("Only GEN_DNS is supported");
+        return;
+    }
+
+    wolfSSL_GENERAL_NAME_type_free(a);
+    a->type = type;
+    if (type == GEN_DNS) {
+        a->d.dNSName = val;
+    }
+}

 /* Frees GENERAL_NAME objects.
 */
--- a/tests/api.c
+++ b/tests/api.c
@@ -41889,6 +41889,7 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
    X509_EXTENSION* ext = NULL;
    AUTHORITY_INFO_ACCESS* aia = NULL;
    ACCESS_DESCRIPTION* ad = NULL;
+    ASN1_IA5STRING *dnsname = NULL;

    const unsigned char v4Addr[] = {192,168,53,1};
    const unsigned char v6Addr[] =
@@ -41943,6 +41944,18 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
    X509_free(x509);
    x509 = NULL;

+    /* Lets test for setting as well. */
+    ExpectNotNull(gn = GENERAL_NAME_new());
+    ExpectNotNull(dnsname = ASN1_IA5STRING_new());
+    ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1);
+    GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname);
+    dnsname = NULL;
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+    XMEMSET(outbuf, 0, sizeof(outbuf));
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+    GENERAL_NAME_free(gn);
+
    /* test for GEN_URI */

    ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -887,6 +887,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define ASN1_UTF8STRING_free            wolfSSL_ASN1_STRING_free
 #define ASN1_UTF8STRING_set             wolfSSL_ASN1_STRING_set

+#define ASN1_IA5STRING                 WOLFSSL_ASN1_STRING
+#define ASN1_IA5STRING_new             wolfSSL_ASN1_STRING_new
+#define ASN1_IA5STRING_free            wolfSSL_ASN1_STRING_free
+#define ASN1_IA5STRING_set             wolfSSL_ASN1_STRING_set
+
 #define ASN1_PRINTABLE_type(...)        V_ASN1_PRINTABLESTRING

 #define ASN1_UTCTIME_pr                 wolfSSL_ASN1_UTCTIME_pr
@@ -1360,6 +1365,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define GENERAL_NAME_dup                wolfSSL_GENERAL_NAME_dup
 #define GENERAL_NAME_print              wolfSSL_GENERAL_NAME_print
 #define GENERAL_NAME_set0_othername     wolfSSL_GENERAL_NAME_set0_othername
+#define GENERAL_NAME_set0_value         wolfSSL_GENERAL_NAME_set0_value
 #define sk_GENERAL_NAME_push            wolfSSL_sk_GENERAL_NAME_push
 #define sk_GENERAL_NAME_value           wolfSSL_sk_GENERAL_NAME_value

--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -1562,6 +1562,8 @@ WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
 WOLFSSL_API int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
                                                    WOLFSSL_ASN1_OBJECT* oid,
                                                    WOLFSSL_ASN1_TYPE* value);
+WOLFSSL_API void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a,
+                                                 int type, void *value);

 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_GENERAL_NAME_new(void *cmpFunc);
 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,