Migrated from x509_req_name to asn1_named_data structure

This commit is contained in:
Paul Bakker 2013-09-09 12:02:36 +02:00
parent c547cc992e
commit 5f45e62afe
4 changed files with 67 additions and 110 deletions

View file

@ -105,10 +105,12 @@ int asn1_write_null( unsigned char **p, unsigned char *start );
* \param p reference to current position pointer * \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking) * \param start start of the buffer (for bounds-checking)
* \param oid the OID to write * \param oid the OID to write
* \param oid_len length of the OID
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid ); int asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len );
/** /**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format * \brief Write an AlgorithmIdentifier sequence in ASN.1 format
@ -118,11 +120,12 @@ int asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid );
* \param p reference to current position pointer * \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking) * \param start start of the buffer (for bounds-checking)
* \param oid the OID of the algorithm * \param oid the OID of the algorithm
* \param oid_len length of the OID
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid ); const char *oid, size_t oid_len );
/** /**
* \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format * \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format
@ -156,11 +159,12 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val );
* \param p reference to current position pointer * \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking) * \param start start of the buffer (for bounds-checking)
* \param text the text to write * \param text the text to write
* \param text_len length of the text
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_printable_string( unsigned char **p, unsigned char *start, int asn1_write_printable_string( unsigned char **p, unsigned char *start,
char *text ); const char *text, size_t text_len );
/** /**
* \brief Write an IA5 string tag (ASN1_IA5_STRING) and * \brief Write an IA5 string tag (ASN1_IA5_STRING) and
@ -170,11 +174,12 @@ int asn1_write_printable_string( unsigned char **p, unsigned char *start,
* \param p reference to current position pointer * \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking) * \param start start of the buffer (for bounds-checking)
* \param text the text to write * \param text the text to write
* \param text_len length of the text
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_ia5_string( unsigned char **p, unsigned char *start, int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
char *text ); const char *text, size_t text_len );
/** /**
* \brief Write a bitstring tag (ASN1_BIT_STRING) and * \brief Write a bitstring tag (ASN1_BIT_STRING) and

View file

@ -60,25 +60,13 @@ extern "C" {
* \{ * \{
*/ */
/**
* Container for CSR named objects
*/
typedef struct _x509_req_name
{
char oid[128];
char name[128];
struct _x509_req_name *next;
}
x509_req_name;
/** /**
* Container for a CSR * Container for a CSR
*/ */
typedef struct _x509_csr typedef struct _x509_csr
{ {
rsa_context *rsa; rsa_context *rsa;
x509_req_name *subject; asn1_named_data *subject;
md_type_t md_alg; md_type_t md_alg;
asn1_named_data *extensions; asn1_named_data *extensions;
} }
@ -100,8 +88,8 @@ typedef struct _x509write_cert
mpi serial; mpi serial;
rsa_context *subject_key; rsa_context *subject_key;
rsa_context *issuer_key; rsa_context *issuer_key;
x509_req_name *subject; asn1_named_data *subject;
x509_req_name *issuer; asn1_named_data *issuer;
md_type_t md_alg; md_type_t md_alg;
char not_before[X509_RFC5280_UTC_TIME_LEN + 1]; char not_before[X509_RFC5280_UTC_TIME_LEN + 1];
char not_after[X509_RFC5280_UTC_TIME_LEN + 1]; char not_after[X509_RFC5280_UTC_TIME_LEN + 1];

View file

@ -143,14 +143,14 @@ int asn1_write_null( unsigned char **p, unsigned char *start )
return( len ); return( len );
} }
int asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid ) int asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) oid, strlen( oid ) ) ); (const unsigned char *) oid, oid_len ) );
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) ); ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) ); ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) );
@ -158,23 +158,20 @@ int asn1_write_oid( unsigned char **p, unsigned char *start, const char *oid )
} }
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid ) const char *oid, size_t oid_len )
{ {
int ret; int ret;
size_t null_len = 0;
size_t oid_len = 0;
size_t len = 0; size_t len = 0;
// Write NULL // Write NULL
// //
ASN1_CHK_ADD( null_len, asn1_write_null( p, start ) ); ASN1_CHK_ADD( len, asn1_write_null( p, start ) );
// Write OID // Write OID
// //
ASN1_CHK_ADD( oid_len, asn1_write_oid( p, start, oid ) ); ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
len = oid_len + null_len; ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, oid_len + null_len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CHK_ADD( len, asn1_write_tag( p, start,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
@ -229,13 +226,13 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val )
} }
int asn1_write_printable_string( unsigned char **p, unsigned char *start, int asn1_write_printable_string( unsigned char **p, unsigned char *start,
char *text ) const char *text, size_t text_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) text, strlen( text ) ) ); (const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) ); ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) );
@ -244,13 +241,13 @@ int asn1_write_printable_string( unsigned char **p, unsigned char *start,
} }
int asn1_write_ia5_string( unsigned char **p, unsigned char *start, int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
char *text ) const char *text, size_t text_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) text, strlen( text ) ) ); (const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) ); ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) );

View file

@ -47,15 +47,17 @@
#define polarssl_free free #define polarssl_free free
#endif #endif
static int x509write_string_to_names( x509_req_name **head, char *name ) static int x509write_string_to_names( asn1_named_data **head, char *name )
{ {
int ret = 0; int ret = 0;
char *s = name, *c = s; char *s = name, *c = s;
char *end = s + strlen( s ); char *end = s + strlen( s );
char *oid = NULL; char *oid = NULL;
int in_tag = 1; int in_tag = 1;
x509_req_name *cur; asn1_named_data *cur;
// Clear existing chain if present
//
while( *head != NULL ) while( *head != NULL )
{ {
cur = *head; cur = *head;
@ -93,28 +95,13 @@ static int x509write_string_to_names( x509_req_name **head, char *name )
if( !in_tag && ( *c == ',' || c == end ) ) if( !in_tag && ( *c == ',' || c == end ) )
{ {
if( c - s > 127 ) if( ( cur = asn1_store_named_data( head, oid, strlen( oid ),
(unsigned char *) s,
c - s ) ) == NULL )
{ {
ret = POLARSSL_ERR_X509WRITE_BAD_INPUT_DATA; return( POLARSSL_ERR_X509WRITE_MALLOC_FAILED );
goto exit;
} }
cur = polarssl_malloc( sizeof(x509_req_name) );
if( cur == NULL )
{
ret = POLARSSL_ERR_X509WRITE_MALLOC_FAILED;
goto exit;
}
memset( cur, 0, sizeof(x509_req_name) );
cur->next = *head;
*head = cur;
strncpy( cur->oid, oid, strlen( oid ) );
strncpy( cur->name, s, c - s );
s = c + 1; s = c + 1;
in_tag = 1; in_tag = 1;
} }
@ -154,21 +141,8 @@ void x509write_csr_init( x509_csr *ctx )
void x509write_csr_free( x509_csr *ctx ) void x509write_csr_free( x509_csr *ctx )
{ {
x509_req_name *cur; asn1_free_named_data_list( &ctx->subject );
asn1_named_data *cur_ext; asn1_free_named_data_list( &ctx->extensions );
while( ( cur = ctx->subject ) != NULL )
{
ctx->subject = cur->next;
polarssl_free( cur );
}
while( ( cur_ext = ctx->extensions ) != NULL )
{
ctx->extensions = cur_ext->next;
asn1_free_named_data( cur_ext );
polarssl_free( cur_ext );
}
memset( ctx, 0, sizeof(x509_csr) ); memset( ctx, 0, sizeof(x509_csr) );
} }
@ -268,29 +242,11 @@ void x509write_crt_init( x509write_cert *ctx )
void x509write_crt_free( x509write_cert *ctx ) void x509write_crt_free( x509write_cert *ctx )
{ {
x509_req_name *cur;
asn1_named_data *cur_ext;
mpi_free( &ctx->serial ); mpi_free( &ctx->serial );
while( ( cur = ctx->subject ) != NULL ) asn1_free_named_data_list( &ctx->subject );
{ asn1_free_named_data_list( &ctx->issuer );
ctx->subject = cur->next; asn1_free_named_data_list( &ctx->extensions );
polarssl_free( cur );
}
while( ( cur = ctx->issuer ) != NULL )
{
ctx->issuer = cur->next;
polarssl_free( cur );
}
while( ( cur_ext = ctx->extensions ) != NULL )
{
ctx->extensions = cur_ext->next;
asn1_free_named_data( cur_ext );
polarssl_free( cur_ext );
}
memset( ctx, 0, sizeof(x509_csr) ); memset( ctx, 0, sizeof(x509_csr) );
} }
@ -456,7 +412,8 @@ int x509write_pubkey_der( rsa_context *rsa, unsigned char *buf, size_t size )
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, OID_PKCS1_RSA ) ); ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf,
OID_PKCS1_RSA, OID_SIZE( OID_PKCS1_RSA ) ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
@ -521,30 +478,34 @@ int x509write_key_der( rsa_context *rsa, unsigned char *buf, size_t size )
* *
* AttributeValue ::= ANY DEFINED BY AttributeType * AttributeValue ::= ANY DEFINED BY AttributeType
*/ */
static int x509_write_name( unsigned char **p, unsigned char *start, char *oid, static int x509_write_name( unsigned char **p, unsigned char *start,
char *name ) const char *oid, size_t oid_len,
const unsigned char *name, size_t name_len )
{ {
int ret; int ret;
size_t string_len = 0;
size_t oid_len = 0;
size_t len = 0; size_t len = 0;
// Write PrintableString for all except OID_PKCS9_EMAIL // Write PrintableString for all except OID_PKCS9_EMAIL
// //
if( OID_SIZE( OID_PKCS9_EMAIL ) == strlen( oid ) && if( OID_SIZE( OID_PKCS9_EMAIL ) == oid_len &&
memcmp( oid, OID_PKCS9_EMAIL, strlen( oid ) ) == 0 ) memcmp( oid, OID_PKCS9_EMAIL, oid_len ) == 0 )
{ {
ASN1_CHK_ADD( string_len, asn1_write_ia5_string( p, start, name ) ); ASN1_CHK_ADD( len, asn1_write_ia5_string( p, start,
(const char *) name,
name_len ) );
} }
else else
ASN1_CHK_ADD( string_len, asn1_write_printable_string( p, start, name ) ); {
ASN1_CHK_ADD( len, asn1_write_printable_string( p, start,
(const char *) name,
name_len ) );
}
// Write OID // Write OID
// //
ASN1_CHK_ADD( oid_len, asn1_write_oid( p, start, oid ) ); ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
len = oid_len + string_len; ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, oid_len + string_len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
@ -554,15 +515,17 @@ static int x509_write_name( unsigned char **p, unsigned char *start, char *oid,
} }
static int x509_write_names( unsigned char **p, unsigned char *start, static int x509_write_names( unsigned char **p, unsigned char *start,
x509_req_name *first ) asn1_named_data *first )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
x509_req_name *cur = first; asn1_named_data *cur = first;
while( cur != NULL ) while( cur != NULL )
{ {
ASN1_CHK_ADD( len, x509_write_name( p, start, cur->oid, cur->name ) ); ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p,
cur->oid.len,
cur->val.p, cur->val.len ) );
cur = cur->next; cur = cur->next;
} }
@ -593,7 +556,8 @@ static int x509_write_sig( unsigned char **p, unsigned char *start,
// Write OID // Write OID
// //
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid ) ); ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid,
strlen( oid ) ) );
return( len ); return( len );
} }
@ -703,7 +667,8 @@ int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size )
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SET ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SET ) );
ASN1_CHK_ADD( len, asn1_write_oid( &c, tmp_buf, OID_PKCS9_CSR_EXT_REQ ) ); ASN1_CHK_ADD( len, asn1_write_oid( &c, tmp_buf, OID_PKCS9_CSR_EXT_REQ,
OID_SIZE( OID_PKCS9_CSR_EXT_REQ ) ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
@ -732,7 +697,8 @@ int x509write_csr_der( x509_csr *ctx, unsigned char *buf, size_t size )
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) ); ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) );
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_BIT_STRING ) ); ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_BIT_STRING ) );
ASN1_CHK_ADD( pub_len, asn1_write_algorithm_identifier( &c, tmp_buf, OID_PKCS1_RSA ) ); ASN1_CHK_ADD( pub_len, asn1_write_algorithm_identifier( &c, tmp_buf,
OID_PKCS1_RSA, OID_SIZE( OID_PKCS1_RSA ) ) );
len += pub_len; len += pub_len;
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, pub_len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, pub_len ) );
@ -820,7 +786,8 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) ); ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) );
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_BIT_STRING ) ); ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_BIT_STRING ) );
ASN1_CHK_ADD( pub_len, asn1_write_algorithm_identifier( &c, tmp_buf, OID_PKCS1_RSA ) ); ASN1_CHK_ADD( pub_len, asn1_write_algorithm_identifier( &c, tmp_buf,
OID_PKCS1_RSA, OID_SIZE( OID_PKCS1_RSA ) ) );
len += pub_len; len += pub_len;
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, pub_len ) ); ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, pub_len ) );
@ -857,7 +824,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
* Signature ::= AlgorithmIdentifier * Signature ::= AlgorithmIdentifier
*/ */
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, tmp_buf, ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, tmp_buf,
sig_oid ) ); sig_oid, strlen( sig_oid ) ) );
/* /*
* Serial ::= INTEGER * Serial ::= INTEGER