yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-05-10 02:12:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix string downcast to PrintableString as issued in #1033

Browse source
This commit is contained in:
Jaeden Amero 2018-05-17 11:46:13 +01:00 committed by tdoe
parent cdd97fd632 11999bb72e
commit 23f954dff9
34 changed files with 173 additions and 171 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
ChangeLog
View file

@ -1730,7 +1730,7 @@ Features
issuer_key_identifier, etc) issuer_key_identifier, etc)
* Optional blinding for RSA, DHM and EC * Optional blinding for RSA, DHM and EC
* Support for multiple active certificate / key pairs in SSL servers for * Support for multiple active certificate / key pairs in SSL servers for
the same host (Not to be confused with SNI!) the same host (Not to be confused with SNI!)
Changes Changes
* Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 * Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2
@ -1961,7 +1961,7 @@ Changes
PKCS#8 private key formats PKCS#8 private key formats
* Added mechanism to provide alternative implementations for all * Added mechanism to provide alternative implementations for all
symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in
config.h) config.h)
* PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated * PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module old PBKDF2 module
@ -1973,7 +1973,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* x509parse_crtpath() is now reentrant and uses more portable stat() * x509parse_crtpath() is now reentrant and uses more portable stat()
* Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
@ -2131,7 +2131,7 @@ Bugfix
* mpi_exp_mod() now correctly handles negative base numbers (Closes ticket * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
#52) #52)
* Handle encryption with private key and decryption with public key as per * Handle encryption with private key and decryption with public key as per
RFC 2313 RFC 2313
* Handle empty certificate subject names * Handle empty certificate subject names
* Prevent reading over buffer boundaries on X509 certificate parsing * Prevent reading over buffer boundaries on X509 certificate parsing
* mpi_add_abs() now correctly handles adding short numbers to long numbers * mpi_add_abs() now correctly handles adding short numbers to long numbers
@ -2162,7 +2162,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
* ssl_write_certificate_request() can handle empty ca_chain * ssl_write_certificate_request() can handle empty ca_chain
@ -2243,16 +2243,16 @@ Bugfix
Features Features
* Added ssl_session_reset() to allow better multi-connection pools of * Added ssl_session_reset() to allow better multi-connection pools of
SSL contexts without needing to set all non-connection-specific SSL contexts without needing to set all non-connection-specific
data and pointers again. Adapted ssl_server to use this functionality. data and pointers again. Adapted ssl_server to use this functionality.
* Added ssl_set_max_version() to allow clients to offer a lower maximum * Added ssl_set_max_version() to allow clients to offer a lower maximum
supported version to a server to help buggy server implementations. supported version to a server to help buggy server implementations.
(Closes ticket #36) (Closes ticket #36)
* Added cipher_get_cipher_mode() and cipher_get_cipher_operation() * Added cipher_get_cipher_mode() and cipher_get_cipher_operation()
introspection functions (Closes ticket #40) introspection functions (Closes ticket #40)
* Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
* Added a generic entropy accumulator that provides support for adding * Added a generic entropy accumulator that provides support for adding
custom entropy sources and added some generic and platform dependent custom entropy sources and added some generic and platform dependent
entropy sources entropy sources
Changes Changes
* Documentation for AES and Camellia in modes CTR and CFB128 clarified. * Documentation for AES and Camellia in modes CTR and CFB128 clarified.
@ -2385,7 +2385,7 @@ Bugfixes
* Corrected parsing of UTCTime dates before 1990 and * Corrected parsing of UTCTime dates before 1990 and
after 1950 after 1950
* Support more exotic OID's when parsing certificates * Support more exotic OID's when parsing certificates
(found by Mads Kiilerich) (found by Mads Kiilerich)
* Support more exotic name representations when parsing * Support more exotic name representations when parsing
certificates (found by Mads Kiilerich) certificates (found by Mads Kiilerich)
* Replaced the expired test certificates * Replaced the expired test certificates
@ -2415,7 +2415,7 @@ Note: Most of these features have been donated by Fox-IT
status, objects and configuration status, objects and configuration
+ Added verification callback on certificate chain + Added verification callback on certificate chain
verification to allow external blacklisting verification to allow external blacklisting
+ Additional example programs to show usage + Additional example programs to show usage
* Added support for PKCS#11 through the use of the * Added support for PKCS#11 through the use of the
libpkcs11-helper library libpkcs11-helper library

30
include/mbedtls/asn1write.h
View file

@ -152,6 +152,21 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolea
*/ */
int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
/**
* \brief Write a given string tag and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param tag the tag to write
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int mbedtls_asn1_write_any_string( unsigned char **p, unsigned char *start,
int tag, const char *text, size_t text_len );
/** /**
* \brief Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and * \brief Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and
* value in ASN.1 format * value in ASN.1 format
@ -167,6 +182,21 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len );
/**
* \brief Write a UTF8 string tag (MBEDTLS_ASN1_UTF8_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len );
/** /**
* \brief Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and * \brief Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and
* value in ASN.1 format * value in ASN.1 format

2
include/mbedtls/entropy.h
View file

@ -166,7 +166,7 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
* \param threshold Minimum required from source before entropy is released * \param threshold Minimum required from source before entropy is released
* ( with mbedtls_entropy_func() ) (in bytes) * ( with mbedtls_entropy_func() ) (in bytes)
* \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or * \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or
* MBEDTSL_ENTROPY_SOURCE_WEAK. * MBEDTLS_ENTROPY_SOURCE_WEAK.
* At least one strong source needs to be added. * At least one strong source needs to be added.
* Weaker sources (such as the cycle counter) can be used as * Weaker sources (such as the cycle counter) can be used as
* a complement. * a complement.

35
library/asn1write.c
View file

@ -232,10 +232,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
int ret; int ret;
size_t len = 0; size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
if( *p - start < 1 ) if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@ -257,34 +253,37 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
return( (int) len ); return( (int) len );
} }
int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_any_string( unsigned char **p, unsigned char *start, int tag,
const char *text, size_t text_len ) const char *text, size_t text_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) ); (const unsigned char *) text, text_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
return( (int) len ); return( (int) len );
} }
int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
return( mbedtls_asn1_write_any_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) );
}
int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
return( mbedtls_asn1_write_any_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) );
}
int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len )
{ {
int ret; return( mbedtls_asn1_write_any_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) );
size_t len = 0;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) );
return( (int) len );
} }
int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,

24
library/ssl_tls.c
View file

@ -6950,30 +6950,6 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
} }
} }
/*
* The logic could be streamlined here. Instead of
* - Manually checking whether ssl->in_offt is NULL
* - Fetching a new record if yes
* - Setting ssl->in_offt if one finds an application record
* - Resetting keep_current_message after handling the application data
* one should
* - Adapt read_record to set ssl->in_offt automatically
* when a new application data record is processed.
* - Always call mbedtls_ssl_read_record here.
* This way, the logic of ssl_read would be much clearer:
* (1) Always call record layer and see what kind of record is on
* and have it ready for consumption (in particular, in_offt
* properly set for application data records).
* (2) If it's application data (either freshly fetched
* or something already being partially processed),
* serve the read request from it.
* (3) If it's something different from application data,
* handle it accordingly, e.g. potentially start a
* renegotiation.
* This will also remove the need to manually reset
* ssl->keep_current_message = 0 below.
*/
/* Loop as long as no application data record is available */ /* Loop as long as no application data record is available */
while( ssl->in_offt == NULL ) while( ssl->in_offt == NULL )
{ {

109
library/x509_create.c
View file

@ -37,44 +37,46 @@ typedef struct {
const char *name; const char *name;
size_t name_len; size_t name_len;
const char*oid; const char*oid;
int tag;
} x509_attr_descriptor_t; } x509_attr_descriptor_t;
#define ADD_STRLEN( s ) s, sizeof( s ) - 1 #define ADD_STRLEN( s ) s, sizeof( s ) - 1
// note: preset tag types as proposed in rfc3280 and widely used
static const x509_attr_descriptor_t x509_attrs[] = static const x509_attr_descriptor_t x509_attrs[] =
{ {
{ ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN }, { ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN }, { ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY }, { ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY }, { ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION }, { ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION }, { ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY }, { ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY }, { ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL }, { ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING},
{ ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT }, { ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT }, { ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE }, { ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE }, { ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL }, { ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING },
{ ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER }, { ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS }, { ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE }, { ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER }, { ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING },
{ ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE }, { ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME }, { ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME }, { ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME }, { ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME }, { ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS }, { ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM }, { ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER }, { ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING },
{ ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT }, { ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING },
{ ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT }, { ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING },
{ NULL, 0, NULL } { NULL, 0, NULL }
}; };
static const char *x509_at_oid_from_name( const char *name, size_t name_len ) static const x509_attr_descriptor_t *x509_at_oid_from_name( const char *name, size_t name_len )
{ {
const x509_attr_descriptor_t *cur; const x509_attr_descriptor_t *cur;
@ -83,7 +85,7 @@ static const char *x509_at_oid_from_name( const char *name, size_t name_len )
strncmp( cur->name, name, name_len ) == 0 ) strncmp( cur->name, name, name_len ) == 0 )
break; break;
return( cur->oid ); return( cur );
} }
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
@ -92,6 +94,7 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na
const char *s = name, *c = s; const char *s = name, *c = s;
const char *end = s + strlen( s ); const char *end = s + strlen( s );
const char *oid = NULL; const char *oid = NULL;
const x509_attr_descriptor_t* oid_attr = NULL;
int in_tag = 1; int in_tag = 1;
char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
char *d = data; char *d = data;
@ -103,12 +106,13 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na
{ {
if( in_tag && *c == '=' ) if( in_tag && *c == '=' )
{ {
if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL ) if( ( oid_attr = x509_at_oid_from_name( s, c - s ) ) == NULL )
{ {
ret = MBEDTLS_ERR_X509_UNKNOWN_OID; ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
goto exit; goto exit;
} }
oid = oid_attr->oid;
s = c + 1; s = c + 1;
in_tag = 0; in_tag = 0;
d = data; d = data;
@ -127,13 +131,18 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na
} }
else if( !in_tag && ( *c == ',' || c == end ) ) else if( !in_tag && ( *c == ',' || c == end ) )
{ {
if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ), mbedtls_asn1_named_data* cur = mbedtls_asn1_store_named_data( head, oid, strlen( oid ),
(unsigned char *) data, (unsigned char *) data,
d - data ) == NULL ) d - data );
if(cur == NULL )
{ {
return( MBEDTLS_ERR_X509_ALLOC_FAILED ); return( MBEDTLS_ERR_X509_ALLOC_FAILED );
} }
// set tagType
cur->val.tag = oid_attr->tag;
while( c < end && *(c + 1) == ' ' ) while( c < end && *(c + 1) == ' ' )
c++; c++;
@ -192,29 +201,19 @@ int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid,
* *
* AttributeValue ::= ANY DEFINED BY AttributeType * AttributeValue ::= ANY DEFINED BY AttributeType
*/ */
static int x509_write_name( unsigned char **p, unsigned char *start, static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name)
const char *oid, size_t oid_len,
const unsigned char *name, size_t name_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
const char *oid = (const char*)cur_name->oid.p;
size_t oid_len = cur_name->oid.len;
const unsigned char *name = cur_name->val.p;
size_t name_len = cur_name->val.len;
// Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL // Write correct string tag and value
// MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_any_string( p, start, cur_name->val.tag,
if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len && (const char *) name,
memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 ) name_len ) );
{
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start,
(const char *) name,
name_len ) );
}
else
{
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start,
(const char *) name,
name_len ) );
}
// Write OID // Write OID
// //
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
@ -239,9 +238,7 @@ int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
while( cur != NULL ) while( cur != NULL )
{ {
MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p, MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) );
cur->oid.len,
cur->val.p, cur->val.len ) );
cur = cur->next; cur = cur->next;
} }

8
yotta/data/example-authcrypt/README.md
View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-benchmark/README.md
View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-hashing/README.md
View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-selftest/README.md
View file

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.