mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 10:47:28 +02:00
ASN template: replicate AddAltName change in template code
This commit is contained in:
Sean Parkinson
@ -10415,9 +10415,26 @@ static int SetDNSEntry(DecodedCert* cert, const char* str, int strLen,
|
|||||||
XMEMCPY(dnsEntry->name, str, strLen);
|
XMEMCPY(dnsEntry->name, str, strLen);
|
||||||
dnsEntry->name[strLen] = '\0';
|
dnsEntry->name[strLen] = '\0';
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_ALT_NAMES_NO_REV)
|
||||||
|
dnsEntry->next = NULL;
|
||||||
|
if (*entries == NULL) {
|
||||||
|
/* First on list */
|
||||||
|
*entries = dnsEntry;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
DNS_entry* temp = *entries;
|
||||||
|
|
||||||
|
/* Find end */
|
||||||
|
for (; (temp->next != NULL); temp = temp->next);
|
||||||
|
|
||||||
|
/* Add to end */
|
||||||
|
temp->next = dnsEntry;
|
||||||
|
}
|
||||||
|
#else
|
||||||
/* Prepend entry to linked list. */
|
/* Prepend entry to linked list. */
|
||||||
dnsEntry->next = *entries;
|
dnsEntry->next = *entries;
|
||||||
*entries = dnsEntry;
|
*entries = dnsEntry;
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
@ -13556,6 +13573,31 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
|
|||||||
|
|
||||||
#endif /* IGNORE_NAME_CONSTRAINTS */
|
#endif /* IGNORE_NAME_CONSTRAINTS */
|
||||||
|
|
||||||
|
#ifndef WOLFSSL_ASN_TEMPLATE
|
||||||
|
static void AddAltName(DecodedCert* cert, DNS_entry* dnsEntry)
|
||||||
|
{
|
||||||
|
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_ALT_NAMES_NO_REV)
|
||||||
|
dnsEntry->next = NULL;
|
||||||
|
if (cert->altNames == NULL) {
|
||||||
|
/* First on list */
|
||||||
|
cert->altNames = dnsEntry;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
DNS_entry* temp = cert->altNames;
|
||||||
|
|
||||||
|
/* Find end */
|
||||||
|
for (; (temp->next != NULL); temp = temp->next);
|
||||||
|
|
||||||
|
/* Add to end */
|
||||||
|
temp->next = dnsEntry;
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
dnsEntry->next = cert->altNames;
|
||||||
|
cert->altNames = dnsEntry;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_ASN_TEMPLATE
|
#ifdef WOLFSSL_ASN_TEMPLATE
|
||||||
#ifdef WOLFSSL_SEP
|
#ifdef WOLFSSL_SEP
|
||||||
/* ASN.1 template for OtherName of an X.509 certificate.
|
/* ASN.1 template for OtherName of an X.509 certificate.
|
||||||
@ -13802,29 +13844,6 @@ static const ASNItem altNameASN[] = {
|
|||||||
#define altNameASN_Length (sizeof(altNameASN) / sizeof(ASNItem))
|
#define altNameASN_Length (sizeof(altNameASN) / sizeof(ASNItem))
|
||||||
#endif /* WOLFSSL_ASN_TEMPLATE */
|
#endif /* WOLFSSL_ASN_TEMPLATE */
|
||||||
|
|
||||||
|
|
||||||
static void AddAltName(DecodedCert* cert, DNS_entry* dnsEntry)
|
|
||||||
{
|
|
||||||
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_ALT_NAMES_NO_REV)
|
|
||||||
dnsEntry->next = NULL;
|
|
||||||
if (cert->altNames == NULL) {
|
|
||||||
/* First on list */
|
|
||||||
cert->altNames = dnsEntry;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
DNS_entry* temp = cert->altNames;
|
|
||||||
|
|
||||||
/* Find end */
|
|
||||||
for (; (temp->next != NULL); temp = temp->next);
|
|
||||||
|
|
||||||
/* Add to end */
|
|
||||||
temp->next = dnsEntry;
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
dnsEntry->next = cert->altNames;
|
|
||||||
cert->altNames = dnsEntry;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
/* Decode subject alternative names extension.
|
/* Decode subject alternative names extension.
|
||||||
*
|
*
|
||||||
* RFC 5280 4.2.1.6. Subject Alternative Name
|
* RFC 5280 4.2.1.6. Subject Alternative Name
|
||||||
@ -21226,6 +21245,9 @@ int FlattenAltNames(byte* output, word32 outputSz, const DNS_entry* names)
|
|||||||
word32 idx;
|
word32 idx;
|
||||||
const DNS_entry* curName;
|
const DNS_entry* curName;
|
||||||
word32 namesSz = 0;
|
word32 namesSz = 0;
|
||||||
|
#ifdef WOLFSSL_ALT_NAMES_NO_REV
|
||||||
|
word32 i;
|
||||||
|
#endif
|
||||||
|
|
||||||
if (output == NULL)
|
if (output == NULL)
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
@ -21245,9 +21267,18 @@ int FlattenAltNames(byte* output, word32 outputSz, const DNS_entry* names)
|
|||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
|
|
||||||
idx = SetSequence(namesSz, output);
|
idx = SetSequence(namesSz, output);
|
||||||
|
#ifdef WOLFSSL_ALT_NAMES_NO_REV
|
||||||
|
namesSz += idx;
|
||||||
|
i = namesSz;
|
||||||
|
#endif
|
||||||
|
|
||||||
curName = names;
|
curName = names;
|
||||||
do {
|
do {
|
||||||
|
#ifdef WOLFSSL_ALT_NAMES_NO_REV
|
||||||
|
word32 len = SetLength(curName->len, NULL);
|
||||||
|
idx = i - curName->len - len - 1;
|
||||||
|
i = idx;
|
||||||
|
#endif
|
||||||
output[idx] = ASN_CONTEXT_SPECIFIC | curName->type;
|
output[idx] = ASN_CONTEXT_SPECIFIC | curName->type;
|
||||||
if (curName->type == ASN_DIR_TYPE) {
|
if (curName->type == ASN_DIR_TYPE) {
|
||||||
output[idx] |= ASN_CONSTRUCTED;
|
output[idx] |= ASN_CONSTRUCTED;
|
||||||
@ -21255,10 +21286,15 @@ int FlattenAltNames(byte* output, word32 outputSz, const DNS_entry* names)
|
|||||||
idx++;
|
idx++;
|
||||||
idx += SetLength(curName->len, output + idx);
|
idx += SetLength(curName->len, output + idx);
|
||||||
XMEMCPY(output + idx, curName->name, curName->len);
|
XMEMCPY(output + idx, curName->name, curName->len);
|
||||||
|
#ifndef WOLFSSL_ALT_NAMES_NO_REV
|
||||||
idx += curName->len;
|
idx += curName->len;
|
||||||
|
#endif
|
||||||
curName = curName->next;
|
curName = curName->next;
|
||||||
} while (curName != NULL);
|
} while (curName != NULL);
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_ALT_NAMES_NO_REV
|
||||||
|
idx = namesSz;
|
||||||
|
#endif
|
||||||
return idx;
|
return idx;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -26816,6 +26852,7 @@ static int DecodeAsymKeyPublic(const byte* input, word32* inOutIdx, word32 inSz,
|
|||||||
int length;
|
int length;
|
||||||
word32 oid;
|
word32 oid;
|
||||||
#else
|
#else
|
||||||
|
word32 len;
|
||||||
DECL_ASNGETDATA(dataASN, edPubKeyASN_Length);
|
DECL_ASNGETDATA(dataASN, edPubKeyASN_Length);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -26849,12 +26886,15 @@ static int DecodeAsymKeyPublic(const byte* input, word32* inOutIdx, word32 inSz,
|
|||||||
*pubKeyLen = inSz - *inOutIdx;
|
*pubKeyLen = inSz - *inOutIdx;
|
||||||
XMEMCPY(pubKey, input + *inOutIdx, *pubKeyLen);
|
XMEMCPY(pubKey, input + *inOutIdx, *pubKeyLen);
|
||||||
#else
|
#else
|
||||||
|
len = inSz - *inOutIdx;
|
||||||
|
|
||||||
CALLOC_ASNGETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
|
CALLOC_ASNGETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
/* Require OID. */
|
/* Require OID. */
|
||||||
word32 oidSz;
|
word32 oidSz;
|
||||||
const byte* oid = OidFromId(keyType, oidKeyType, &oidSz);
|
const byte* oid = OidFromId(keyType, oidKeyType, &oidSz);
|
||||||
|
|
||||||
GetASN_ExpBuffer(&dataASN[2], oid, oidSz);
|
GetASN_ExpBuffer(&dataASN[2], oid, oidSz);
|
||||||
/* Decode Ed25519 private key. */
|
/* Decode Ed25519 private key. */
|
||||||
ret = GetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, 1, input,
|
ret = GetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, 1, input,
|
||||||
@ -26867,6 +26907,10 @@ static int DecodeAsymKeyPublic(const byte* input, word32* inOutIdx, word32 inSz,
|
|||||||
if ((ret == 0) && (dataASN[3].data.ref.length > *pubKeyLen)) {
|
if ((ret == 0) && (dataASN[3].data.ref.length > *pubKeyLen)) {
|
||||||
ret = ASN_PARSE_E;
|
ret = ASN_PARSE_E;
|
||||||
}
|
}
|
||||||
|
/* Check that the all the buffer was used. */
|
||||||
|
if ((ret == 0) && (GetASNItem_Length(dataASN[0], input) != len)) {
|
||||||
|
ret = ASN_PARSE_E;
|
||||||
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
*pubKeyLen = dataASN[3].data.ref.length;
|
*pubKeyLen = dataASN[3].data.ref.length;
|
||||||
XMEMCPY(pubKey, dataASN[3].data.ref.data, *pubKeyLen);
|
XMEMCPY(pubKey, dataASN[3].data.ref.data, *pubKeyLen);
|
||||||
|
|||||||
Reference in New Issue
Block a user