Add buffer with raw issuer data to CRL structure

To make use of the X.509 name comparison function based on raw
ASN.1 data that was introduced in the previous commit, this commit
adds an ASN.1 buffer field `issuer_raw_no_hdr` to `mbedtls_x509_crl`
which delimits the raw contents of the CRLs `Issuer` field.

The previous field `issuer_raw` isn't suitable for that because
it includes the ASN.1 header.
This commit is contained in:
Hanno Becker 2019-02-20 13:44:36 +00:00
parent a3a2ca1333
commit a632e3638c
3 changed files with 13 additions and 1 deletions

View file

@ -183,6 +183,15 @@ extern "C" {
* \{
*/
/**
* Basic length-value buffer structure
*/
typedef struct mbedtls_x509_buf_raw
{
unsigned char *p; /*!< The address of the first byte in the buffer. */
size_t len; /*!< The number of Bytes in the buffer. */
} mbedtls_x509_buf_raw;
/**
* Type-length-value structure that allows for ASN1 using DER.
*/

View file

@ -75,7 +75,8 @@ typedef struct mbedtls_x509_crl
int version; /**< CRL version (1=v1, 2=v2) */
mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */
mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */
mbedtls_x509_buf_raw issuer_raw; /**< The raw issuer data (DER). */
mbedtls_x509_buf_raw issuer_raw_no_hdr;
mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */

View file

@ -428,6 +428,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
crl->issuer_raw_no_hdr.p = p;
if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
{
@ -435,6 +436,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
return( ret );
}
crl->issuer_raw_no_hdr.len = p - crl->issuer_raw_no_hdr.p;
crl->issuer_raw.len = p - crl->issuer_raw.p;
/*