Add ASN.1 API to free linked list representation of ASN.1 sequences

This commit is contained in:
Hanno Becker 2019-05-13 11:56:21 +01:00
parent 7b8e11e724
commit f332a97e1b
4 changed files with 45 additions and 18 deletions

View file

@ -276,13 +276,38 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end
size_t *len ); size_t *len );
/** /**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>" * \brief Free a heap-allocated linked list presentation of
* Updated the pointer to immediately behind the full sequence tag. * an ASN.1 sequence, including the first element.
* *
* \param p The position in the ASN.1 data * \param seq The address of the first sequence component. This may
* \param end End of data * be \c NULL, in which case this functions returns
* \param cur First variable in the chain to fill * immediately.
* \param tag Type of sequence */
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
/**
* \brief This function parses and splits an ASN.1 "SEQUENCE OF <tag>"
* and updates the source buffer pointer to immediately behind
* the full sequence.
*
* \param p The address of the pointer to the beginning of the
* ASN.1 SEQUENCE OF structure, including ASN.1 tag+length header.
* On success, `*p` is advanced to point to the first byte
* following the parsed ASN.1 sequence.
* \param end The end of the ASN.1 input buffer starting at \p p. This is
* used for bounds checking.
* \param cur The address at which to store the first entry in the parsed
* sequence. Further entries are heap-allocated and referenced
* from \p cur.
* \param tag The common tag of the entries in the ASN.1 sequence.
*
* \note Ownership for the heap-allocated elements \c cur->next,
* \c cur->next->next, ..., is passed to the caller. It
* is hence the caller's responsibility to free them when
* no longer needed, and mbedtls_asn1_sequence_free() can
* be used for that, passing \c cur->next as the \c seq
* argument (or \p cur if \p cur itself was heap-allocated
* by the caller).
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */

View file

@ -296,7 +296,10 @@ void mbedtls_x509_name_free( mbedtls_x509_name *name );
* be \c NULL, in which case this functions returns * be \c NULL, in which case this functions returns
* immediately. * immediately.
*/ */
void mbedtls_x509_sequence_free( mbedtls_x509_sequence *seq ); static inline void mbedtls_x509_sequence_free( mbedtls_x509_sequence *seq )
{
mbedtls_asn1_sequence_free( (mbedtls_asn1_sequence*) seq );
}
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)

View file

@ -229,6 +229,16 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end
return( 0 ); return( 0 );
} }
void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq )
{
while( seq != NULL )
{
mbedtls_asn1_sequence *next = seq->next;
mbedtls_platform_zeroize( seq, sizeof( *seq ) );
mbedtls_free( seq );
seq = next;
}
}
/* /*
* Traverse an ASN.1 "SEQUENCE OF <tag>" * Traverse an ASN.1 "SEQUENCE OF <tag>"

View file

@ -1220,17 +1220,6 @@ void mbedtls_x509_name_free( mbedtls_x509_name *name )
} }
} }
void mbedtls_x509_sequence_free( mbedtls_x509_sequence *seq )
{
while( seq != NULL )
{
mbedtls_x509_sequence *next = seq->next;
mbedtls_platform_zeroize( seq, sizeof( *seq ) );
mbedtls_free( seq );
seq = next;
}
}
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"