Add raw public key buffer bounds to mbedtls_x509_crt struct

This commit adds an ASN.1 buffer field `pk_raw` to `mbedtls_x509_crt`
which stores the bounds of the raw public key data within an X.509 CRT.

This will be useful in subsequent commits to extract the peer's public
key from its certificate chain.
This commit is contained in:
Hanno Becker 2019-02-06 16:13:41 +00:00
parent 2e6d34761f
commit 32c530ece2
2 changed files with 3 additions and 0 deletions

View file

@ -70,6 +70,7 @@ typedef struct mbedtls_x509_crt
mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ mbedtls_x509_time valid_from; /**< Start time of certificate validity. */
mbedtls_x509_time valid_to; /**< End time of certificate validity. */ mbedtls_x509_time valid_to; /**< End time of certificate validity. */
mbedtls_x509_buf pk_raw;
mbedtls_pk_context pk; /**< Container for the public key context. */ mbedtls_pk_context pk; /**< Container for the public key context. */
mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */

View file

@ -990,11 +990,13 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt,
/* /*
* SubjectPublicKeyInfo * SubjectPublicKeyInfo
*/ */
crt->pk_raw.p = p;
if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
{ {
mbedtls_x509_crt_free( crt ); mbedtls_x509_crt_free( crt );
return( ret ); return( ret );
} }
crt->pk_raw.len = p - crt->pk_raw.p;
/* /*
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,