mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 19:24:42 +02:00
Implement DomainComponent in wolfSSL_X509_NAME_get_index_by_NID() and wolfSSL_X509_NAME_get_entry().
This commit is contained in:
Go Hosohara
committed by
Jacob Barthelmeh
Jacob Barthelmeh
parent
aa99031346
commit
a3ad8c5bae
43
src/ssl.c
43
src/ssl.c
@@ -15106,8 +15106,8 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
||||
textSz = name->fullName.ouLen;
|
||||
break;
|
||||
case ASN_DOMAIN_COMPONENT:
|
||||
text = name->fullName.fullName + name->fullName.dcIdx;
|
||||
textSz = name->fullName.dcLen;
|
||||
//text = name->fullName.fullName + name->fullName.dcIdx;
|
||||
//textSz = name->fullName.dcLen;
|
||||
break;
|
||||
default:
|
||||
WOLFSSL_MSG("Entry type not found");
|
||||
@@ -15145,14 +15145,19 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
||||
/* these index values are already stored in DecodedName
|
||||
use those when available */
|
||||
if (name->fullName.fullName && name->fullName.fullNameLen > 0) {
|
||||
name->fullName.dcMode = 0;
|
||||
switch (nid) {
|
||||
case ASN_COMMON_NAME:
|
||||
if (pos != name->fullName.cnIdx)
|
||||
ret = name->fullName.cnIdx;
|
||||
break;
|
||||
case ASN_DOMAIN_COMPONENT:
|
||||
if (pos != name->fullName.dcIdx)
|
||||
ret = name->fullName.dcIdx;
|
||||
name->fullName.dcMode = 1;
|
||||
if (pos < name->fullName.dcNum - 1){
|
||||
ret = pos + 1;
|
||||
} else {
|
||||
ret = -1;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
WOLFSSL_MSG("NID not yet implemented");
|
||||
@@ -29460,21 +29465,31 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* common name index case */
|
||||
if (loc == name->fullName.cnIdx) {
|
||||
/* DC component */
|
||||
if (name->fullName.dcMode){
|
||||
if (name->fullName.fullName != NULL){
|
||||
if (loc == name->fullName.dcNum){
|
||||
name->cnEntry.data.data = &name->fullName.fullName[name->fullName.cIdx];
|
||||
name->cnEntry.data.length = name->fullName.cLen;
|
||||
name->cnEntry.nid = ASN_COUNTRY_NAME;
|
||||
} else {
|
||||
name->cnEntry.data.data = &name->fullName.fullName[name->fullName.dcIdx[loc]];
|
||||
name->cnEntry.data.length = name->fullName.dcLen[loc];
|
||||
name->cnEntry.nid = ASN_DOMAIN_COMPONENT;
|
||||
}
|
||||
}
|
||||
name->cnEntry.data.type = CTC_UTF8;
|
||||
name->cnEntry.set = 1;
|
||||
return &(name->cnEntry);
|
||||
|
||||
/* common name index case */
|
||||
} else if (loc == name->fullName.cnIdx) {
|
||||
/* get CN shortcut from x509 since it has null terminator */
|
||||
name->cnEntry.data.data = name->x509->subjectCN;
|
||||
name->cnEntry.data.length = name->fullName.cnLen;
|
||||
name->cnEntry.data.type = CTC_UTF8;
|
||||
name->cnEntry.nid = ASN_COMMON_NAME;
|
||||
name->cnEntry.set = 1;
|
||||
return &(name->cnEntry);
|
||||
} else if (loc == name->fullName.dcIdx){
|
||||
name->cnEntry.data.data = name->x509->subjectCN;
|
||||
name->cnEntry.data.length = name->fullName.dcLen;
|
||||
name->cnEntry.data.type = CTC_UTF8;
|
||||
name->cnEntry.nid = ASN_DOMAIN_COMPONENT;
|
||||
name->cnEntry.set = 1;
|
||||
name->cnEntry.set = 1;
|
||||
return &(name->cnEntry);
|
||||
}
|
||||
|
||||
|
||||
@@ -3666,6 +3666,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
DecodedName* dName =
|
||||
(nameType == ISSUER) ? &cert->issuerName : &cert->subjectName;
|
||||
int dcnum = 0;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
WOLFSSL_MSG("Getting Cert Name");
|
||||
@@ -4003,8 +4004,10 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
XMEMCPY(&full[idx], "/DC=", 4);
|
||||
idx += 4;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
dName->dcIdx = cert->srcIdx;
|
||||
dName->dcLen = adv;
|
||||
dName->dcIdx[dcnum] = cert->srcIdx;
|
||||
dName->dcLen[dcnum] = adv;
|
||||
dName->dcNum = dcnum + 1;
|
||||
dcnum++;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
break;
|
||||
|
||||
@@ -4025,6 +4028,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
#ifdef OPENSSL_EXTRA
|
||||
{
|
||||
int totalLen = 0;
|
||||
int i = 0;
|
||||
|
||||
if (dName->cnLen != 0)
|
||||
totalLen += dName->cnLen + 4;
|
||||
@@ -4046,8 +4050,10 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
totalLen += dName->uidLen + 5;
|
||||
if (dName->serialLen != 0)
|
||||
totalLen += dName->serialLen + 14;
|
||||
if (dName->dcLen != 0)
|
||||
totalLen += dName->dcLen + 4;
|
||||
if (dName->dcNum != 0){
|
||||
for (i = 0;i < dName->dcNum;i++)
|
||||
totalLen += dName->dcLen[i] + 4;
|
||||
}
|
||||
|
||||
dName->fullName = (char*)XMALLOC(totalLen + 1, cert->heap,
|
||||
DYNAMIC_TYPE_X509);
|
||||
@@ -4126,14 +4132,16 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
dName->emailIdx = idx;
|
||||
idx += dName->emailLen;
|
||||
}
|
||||
if (dName->dcLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/DC=", 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->dcIdx], dName->dcLen);
|
||||
dName->dcIdx = idx;
|
||||
idx += dName->dcLen;
|
||||
for (i = 0;i < dName->dcNum;i++){
|
||||
if (dName->dcLen[i] != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/DC=", 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->dcIdx[i]], dName->dcLen[i]);
|
||||
dName->dcIdx[i] = idx;
|
||||
idx += dName->dcLen[i];
|
||||
}
|
||||
}
|
||||
if (dName->uidLen != 0) {
|
||||
dName->entryCount++;
|
||||
|
||||
@@ -422,6 +422,7 @@ struct Base_entry {
|
||||
byte type; /* Name base type (DNS or RFC822) */
|
||||
};
|
||||
|
||||
#define DOMAIN_COMPONENT_MAX 10
|
||||
|
||||
struct DecodedName {
|
||||
char* fullName;
|
||||
@@ -447,8 +448,10 @@ struct DecodedName {
|
||||
int uidLen;
|
||||
int serialIdx;
|
||||
int serialLen;
|
||||
int dcIdx;
|
||||
int dcLen;
|
||||
int dcIdx[DOMAIN_COMPONENT_MAX];
|
||||
int dcLen[DOMAIN_COMPONENT_MAX];
|
||||
int dcNum;
|
||||
int dcMode;
|
||||
};
|
||||
|
||||
enum SignatureState {
|
||||
|
||||
Reference in New Issue
Block a user