mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 03:07:29 +02:00
Merge pull request #6561 from lealem47/zd16348
Fix for adding pkcs9 contentType entry name
This commit is contained in:
JacobBarthelmeh
GitHub
@ -10500,6 +10500,7 @@ static int ConvertNIDToWolfSSL(int nid)
|
|||||||
case NID_organizationName: return ASN_ORG_NAME;
|
case NID_organizationName: return ASN_ORG_NAME;
|
||||||
case NID_organizationalUnitName: return ASN_ORGUNIT_NAME;
|
case NID_organizationalUnitName: return ASN_ORGUNIT_NAME;
|
||||||
case NID_emailAddress: return ASN_EMAIL_NAME;
|
case NID_emailAddress: return ASN_EMAIL_NAME;
|
||||||
|
case NID_pkcs9_contentType: return ASN_CONTENT_TYPE;
|
||||||
case NID_serialNumber: return ASN_SERIAL_NUMBER;
|
case NID_serialNumber: return ASN_SERIAL_NUMBER;
|
||||||
case NID_userId: return ASN_USER_ID;
|
case NID_userId: return ASN_USER_ID;
|
||||||
case NID_businessCategory: return ASN_BUS_CAT;
|
case NID_businessCategory: return ASN_BUS_CAT;
|
||||||
@ -12631,6 +12632,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
|
|||||||
str = "DC";
|
str = "DC";
|
||||||
len = 2;
|
len = 2;
|
||||||
break;
|
break;
|
||||||
|
case NID_pkcs9_contentType:
|
||||||
|
str = "contentType";
|
||||||
|
len = 11;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
WOLFSSL_MSG("Attribute type not found");
|
WOLFSSL_MSG("Attribute type not found");
|
||||||
str = NULL;
|
str = NULL;
|
||||||
|
|||||||
21
tests/api.c
21
tests/api.c
@ -39717,6 +39717,7 @@ static int test_wolfSSL_X509_NAME_ENTRY(void)
|
|||||||
|
|
||||||
ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0));
|
ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0));
|
||||||
ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila"));
|
ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila"));
|
||||||
|
ExpectNotNull(XSTRSTR(subject, "contentType=Server"));
|
||||||
#ifdef DEBUG_WOLFSSL
|
#ifdef DEBUG_WOLFSSL
|
||||||
if (subject != NULL) {
|
if (subject != NULL) {
|
||||||
fprintf(stderr, "\n\t%s\n", subject);
|
fprintf(stderr, "\n\t%s\n", subject);
|
||||||
@ -57149,7 +57150,8 @@ static int test_ECDH_compute_key(void)
|
|||||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
|
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
|
||||||
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
|
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
|
||||||
!defined(NO_ASN_TIME)
|
!defined(NO_ASN_TIME)
|
||||||
static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
|
static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey,
|
||||||
|
int expectedDerSz)
|
||||||
{
|
{
|
||||||
EXPECT_DECLS;
|
EXPECT_DECLS;
|
||||||
X509* x509 = NULL;
|
X509* x509 = NULL;
|
||||||
@ -57158,6 +57160,7 @@ static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
|
|||||||
time_t epoch_off = 0;
|
time_t epoch_off = 0;
|
||||||
ASN1_INTEGER* asn1_serial_number;
|
ASN1_INTEGER* asn1_serial_number;
|
||||||
long not_before, not_after;
|
long not_before, not_after;
|
||||||
|
int derSz;
|
||||||
|
|
||||||
ExpectNotNull(x509 = X509_new());
|
ExpectNotNull(x509 = X509_new());
|
||||||
|
|
||||||
@ -57175,6 +57178,8 @@ static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
|
|||||||
|
|
||||||
ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
|
ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
|
||||||
(unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
|
(unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
|
||||||
|
ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_pkcs9_contentType,
|
||||||
|
MBSTRING_UTF8,(unsigned char*)"Server", -1, -1, 0), 0);
|
||||||
|
|
||||||
ExpectIntNE(X509_set_subject_name(x509, name), 0);
|
ExpectIntNE(X509_set_subject_name(x509, name), 0);
|
||||||
ExpectIntNE(X509_set_issuer_name(x509, name), 0);
|
ExpectIntNE(X509_set_issuer_name(x509, name), 0);
|
||||||
@ -57188,6 +57193,9 @@ static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
|
|||||||
|
|
||||||
ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
|
ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
|
||||||
|
|
||||||
|
ExpectNotNull(wolfSSL_X509_get_der(x509, &derSz));
|
||||||
|
ExpectIntGE(derSz, expectedDerSz);
|
||||||
|
|
||||||
BN_free(serial_number);
|
BN_free(serial_number);
|
||||||
X509_NAME_free(name);
|
X509_NAME_free(name);
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
@ -57205,6 +57213,7 @@ static int test_openssl_generate_key_and_cert(void)
|
|||||||
EC_KEY* ec_key = NULL;
|
EC_KEY* ec_key = NULL;
|
||||||
#endif
|
#endif
|
||||||
#if !defined(NO_RSA)
|
#if !defined(NO_RSA)
|
||||||
|
int expectedDerSz;
|
||||||
int key_length = 2048;
|
int key_length = 2048;
|
||||||
BIGNUM* exponent = NULL;
|
BIGNUM* exponent = NULL;
|
||||||
RSA* rsa = NULL;
|
RSA* rsa = NULL;
|
||||||
@ -57243,11 +57252,13 @@ static int test_openssl_generate_key_and_cert(void)
|
|||||||
|
|
||||||
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
|
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
|
||||||
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
|
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
|
||||||
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey),
|
expectedDerSz = 743;
|
||||||
TEST_SUCCESS);
|
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey,
|
||||||
|
expectedDerSz), TEST_SUCCESS);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
(void)expectedDerSz;
|
||||||
EVP_PKEY_free(pkey);
|
EVP_PKEY_free(pkey);
|
||||||
pkey = NULL;
|
pkey = NULL;
|
||||||
BN_free(exponent);
|
BN_free(exponent);
|
||||||
@ -57269,7 +57280,9 @@ static int test_openssl_generate_key_and_cert(void)
|
|||||||
|
|
||||||
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
|
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
|
||||||
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
|
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
|
||||||
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey), TEST_SUCCESS);
|
expectedDerSz = 345;
|
||||||
|
ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz),
|
||||||
|
TEST_SUCCESS);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
EVP_PKEY_free(pkey);
|
EVP_PKEY_free(pkey);
|
||||||
|
|||||||
@ -13194,6 +13194,18 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
|
|||||||
*nid = NID_favouriteDrink;
|
*nid = NID_favouriteDrink;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
else if (oidSz == sizeof(attrPkcs9ContentTypeOid) &&
|
||||||
|
XMEMCMP(oid, attrPkcs9ContentTypeOid, oidSz) == 0) {
|
||||||
|
/* Set the pkcs9_contentType, type string, length and NID. */
|
||||||
|
id = ASN_CONTENT_TYPE;
|
||||||
|
typeStr = WOLFSSL_CONTENT_TYPE;
|
||||||
|
typeStrLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
|
||||||
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
||||||
|
*nid = NID_pkcs9_contentType;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
#endif
|
||||||
/* Other OIDs that start with the same values. */
|
/* Other OIDs that start with the same values. */
|
||||||
else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz-1) == 0) {
|
else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz-1) == 0) {
|
||||||
WOLFSSL_MSG("Unknown pilot attribute type");
|
WOLFSSL_MSG("Unknown pilot attribute type");
|
||||||
@ -13845,7 +13857,6 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
|
|||||||
nid = NID_userId;
|
nid = NID_userId;
|
||||||
#endif /* OPENSSL_EXTRA */
|
#endif /* OPENSSL_EXTRA */
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case ASN_DOMAIN_COMPONENT:
|
case ASN_DOMAIN_COMPONENT:
|
||||||
copy = WOLFSSL_DOMAIN_COMPONENT;
|
copy = WOLFSSL_DOMAIN_COMPONENT;
|
||||||
copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
|
copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
|
||||||
@ -13864,7 +13875,15 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
|
|||||||
nid = NID_favouriteDrink;
|
nid = NID_favouriteDrink;
|
||||||
#endif /* OPENSSL_EXTRA */
|
#endif /* OPENSSL_EXTRA */
|
||||||
break;
|
break;
|
||||||
|
case ASN_CONTENT_TYPE:
|
||||||
|
copy = WOLFSSL_CONTENT_TYPE;
|
||||||
|
copyLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
|
||||||
|
#if (defined(OPENSSL_EXTRA) || \
|
||||||
|
defined(OPENSSL_EXTRA_X509_SMALL)) \
|
||||||
|
&& !defined(WOLFCRYPT_ONLY)
|
||||||
|
nid = NID_pkcs9_contentType;
|
||||||
|
#endif /* OPENSSL_EXTRA */
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
WOLFSSL_MSG("Unknown pilot attribute type");
|
WOLFSSL_MSG("Unknown pilot attribute type");
|
||||||
#if (defined(OPENSSL_EXTRA) || \
|
#if (defined(OPENSSL_EXTRA) || \
|
||||||
@ -26457,6 +26476,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
|
|||||||
thisLen += cname->custom.oidSz;
|
thisLen += cname->custom.oidSz;
|
||||||
firstSz = cname->custom.oidSz;
|
firstSz = cname->custom.oidSz;
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
case ASN_CONTENT_TYPE:
|
||||||
|
thisLen += (int)sizeof(attrPkcs9ContentTypeOid);
|
||||||
|
firstSz = (int)sizeof(attrPkcs9ContentTypeOid);
|
||||||
|
break;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default:
|
||||||
thisLen += DN_OID_SZ;
|
thisLen += DN_OID_SZ;
|
||||||
@ -26521,6 +26546,15 @@ static int EncodeName(EncodedName* name, const char* nameStr,
|
|||||||
/* str type */
|
/* str type */
|
||||||
name->encoded[idx++] = nameTag;
|
name->encoded[idx++] = nameTag;
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
case ASN_CONTENT_TYPE:
|
||||||
|
XMEMCPY(name->encoded + idx, attrPkcs9ContentTypeOid,
|
||||||
|
sizeof(attrPkcs9ContentTypeOid));
|
||||||
|
idx += (int)sizeof(attrPkcs9ContentTypeOid);
|
||||||
|
/* str type */
|
||||||
|
name->encoded[idx++] = nameTag;
|
||||||
|
break;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default:
|
||||||
name->encoded[idx++] = 0x55;
|
name->encoded[idx++] = 0x55;
|
||||||
@ -26593,6 +26627,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
|
|||||||
oid = cname->custom.oid;
|
oid = cname->custom.oid;
|
||||||
oidSz = cname->custom.oidSz;
|
oidSz = cname->custom.oidSz;
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
case ASN_CONTENT_TYPE:
|
||||||
|
oid = attrPkcs9ContentTypeOid;
|
||||||
|
oidSz = sizeof(attrPkcs9ContentTypeOid);
|
||||||
|
break;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default:
|
||||||
/* Construct OID using type. */
|
/* Construct OID using type. */
|
||||||
|
|||||||
@ -710,8 +710,10 @@ enum DN_Tags {
|
|||||||
ASN_DNQUALIFIER = 0x2e, /* dnQualifier */
|
ASN_DNQUALIFIER = 0x2e, /* dnQualifier */
|
||||||
#endif /* WOLFSSL_CERT_NAME_ALL */
|
#endif /* WOLFSSL_CERT_NAME_ALL */
|
||||||
|
|
||||||
ASN_EMAIL_NAME = 0x98, /* not actual OID (see attrEmailOid) */
|
|
||||||
ASN_CUSTOM_NAME = 0x99, /* not actual OID (see CertOidField) */
|
ASN_CONTENT_TYPE = 0x97, /* not actual OID (see attrPkcs9ContentTypeOid) */
|
||||||
|
ASN_EMAIL_NAME = 0x98, /* not actual OID (see attrEmailOid) */
|
||||||
|
ASN_CUSTOM_NAME = 0x99, /* not actual OID (see CertOidField) */
|
||||||
|
|
||||||
/* pilot attribute types
|
/* pilot attribute types
|
||||||
* OID values of 0.9.2342.19200300.100.1.* */
|
* OID values of 0.9.2342.19200300.100.1.* */
|
||||||
@ -768,6 +770,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
|
|||||||
#define WOLFSSL_USER_ID "/UID="
|
#define WOLFSSL_USER_ID "/UID="
|
||||||
#define WOLFSSL_DOMAIN_COMPONENT "/DC="
|
#define WOLFSSL_DOMAIN_COMPONENT "/DC="
|
||||||
#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink="
|
#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink="
|
||||||
|
#define WOLFSSL_CONTENT_TYPE "/contentType="
|
||||||
|
|
||||||
#if defined(WOLFSSL_APACHE_HTTPD)
|
#if defined(WOLFSSL_APACHE_HTTPD)
|
||||||
/* otherName strings */
|
/* otherName strings */
|
||||||
|
|||||||
Reference in New Issue
Block a user