mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into ti

Browse Source
This commit is contained in:
toddouska 2014-05-28 08:39:11 -07:00
commit 21ebf9485d
3 changed files with 88 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
ctaocrypt/src/asn.c
View File

@ -1285,6 +1285,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
cert->signature = 0; cert->signature = 0;
cert->subjectCN = 0; cert->subjectCN = 0;
cert->subjectCNLen = 0; cert->subjectCNLen = 0;
cert->subjectCNEnc = CTC_UTF8;
cert->subjectCNStored = 0; cert->subjectCNStored = 0;
cert->altNames = NULL; cert->altNames = NULL;
#ifndef IGNORE_NAME_CONSTRAINTS #ifndef IGNORE_NAME_CONSTRAINTS
@ -1323,16 +1324,22 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
cert->subjectSN = 0; cert->subjectSN = 0;
cert->subjectSNLen = 0; cert->subjectSNLen = 0;
cert->subjectSNEnc = CTC_UTF8;
cert->subjectC = 0; cert->subjectC = 0;
cert->subjectCLen = 0; cert->subjectCLen = 0;
cert->subjectCEnc = CTC_PRINTABLE;
cert->subjectL = 0; cert->subjectL = 0;
cert->subjectLLen = 0; cert->subjectLLen = 0;
cert->subjectLEnc = CTC_UTF8;
cert->subjectST = 0; cert->subjectST = 0;
cert->subjectSTLen = 0; cert->subjectSTLen = 0;
cert->subjectSTEnc = CTC_UTF8;
cert->subjectO = 0; cert->subjectO = 0;
cert->subjectOLen = 0; cert->subjectOLen = 0;
cert->subjectOEnc = CTC_UTF8;
cert->subjectOU = 0; cert->subjectOU = 0;
cert->subjectOULen = 0; cert->subjectOULen = 0;
cert->subjectOUEnc = CTC_UTF8;
cert->subjectEmail = 0; cert->subjectEmail = 0;
cert->subjectEmailLen = 0; cert->subjectEmailLen = 0;
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
@ -1722,8 +1729,7 @@ static int GetName(DecodedCert* cert, int nameType)
cert->srcIdx += 2; cert->srcIdx += 2;
id = cert->source[cert->srcIdx++]; id = cert->source[cert->srcIdx++];
b = cert->source[cert->srcIdx++]; /* strType */ b = cert->source[cert->srcIdx++]; /* encoding */
(void)b; /* may want to validate? */
if (GetLength(cert->source, &cert->srcIdx, &strLen, if (GetLength(cert->source, &cert->srcIdx, &strLen,
cert->maxIdx) < 0) cert->maxIdx) < 0)
@ -1739,6 +1745,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectCN = (char *)&cert->source[cert->srcIdx]; cert->subjectCN = (char *)&cert->source[cert->srcIdx];
cert->subjectCNLen = strLen; cert->subjectCNLen = strLen;
cert->subjectCNEnc = b;
} }
if (!tooBig) { if (!tooBig) {
@ -1761,6 +1768,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectSN = (char*)&cert->source[cert->srcIdx]; cert->subjectSN = (char*)&cert->source[cert->srcIdx];
cert->subjectSNLen = strLen; cert->subjectSNLen = strLen;
cert->subjectSNEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -1778,6 +1786,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectC = (char*)&cert->source[cert->srcIdx]; cert->subjectC = (char*)&cert->source[cert->srcIdx];
cert->subjectCLen = strLen; cert->subjectCLen = strLen;
cert->subjectCEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -1795,6 +1804,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectL = (char*)&cert->source[cert->srcIdx]; cert->subjectL = (char*)&cert->source[cert->srcIdx];
cert->subjectLLen = strLen; cert->subjectLLen = strLen;
cert->subjectLEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -1812,6 +1822,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectST = (char*)&cert->source[cert->srcIdx]; cert->subjectST = (char*)&cert->source[cert->srcIdx];
cert->subjectSTLen = strLen; cert->subjectSTLen = strLen;
cert->subjectSTEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -1829,6 +1840,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectO = (char*)&cert->source[cert->srcIdx]; cert->subjectO = (char*)&cert->source[cert->srcIdx];
cert->subjectOLen = strLen; cert->subjectOLen = strLen;
cert->subjectOEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -1846,6 +1858,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (nameType == SUBJECT) { if (nameType == SUBJECT) {
cert->subjectOU = (char*)&cert->source[cert->srcIdx]; cert->subjectOU = (char*)&cert->source[cert->srcIdx];
cert->subjectOULen = strLen; cert->subjectOULen = strLen;
cert->subjectOUEnc = b;
} }
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
@ -4465,21 +4478,35 @@ void InitCert(Cert* cert)
XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE); XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
cert->issuer.country[0] = '\0'; cert->issuer.country[0] = '\0';
cert->issuer.countryEnc = CTC_PRINTABLE;
cert->issuer.state[0] = '\0'; cert->issuer.state[0] = '\0';
cert->issuer.stateEnc = CTC_UTF8;
cert->issuer.locality[0] = '\0'; cert->issuer.locality[0] = '\0';
cert->issuer.localityEnc = CTC_UTF8;
cert->issuer.sur[0] = '\0'; cert->issuer.sur[0] = '\0';
cert->issuer.surEnc = CTC_UTF8;
cert->issuer.org[0] = '\0'; cert->issuer.org[0] = '\0';
cert->issuer.orgEnc = CTC_UTF8;
cert->issuer.unit[0] = '\0'; cert->issuer.unit[0] = '\0';
cert->issuer.unitEnc = CTC_UTF8;
cert->issuer.commonName[0] = '\0'; cert->issuer.commonName[0] = '\0';
cert->issuer.commonNameEnc = CTC_UTF8;
cert->issuer.email[0] = '\0'; cert->issuer.email[0] = '\0';
cert->subject.country[0] = '\0'; cert->subject.country[0] = '\0';
cert->subject.countryEnc = CTC_PRINTABLE;
cert->subject.state[0] = '\0'; cert->subject.state[0] = '\0';
cert->subject.stateEnc = CTC_UTF8;
cert->subject.locality[0] = '\0'; cert->subject.locality[0] = '\0';
cert->subject.localityEnc = CTC_UTF8;
cert->subject.sur[0] = '\0'; cert->subject.sur[0] = '\0';
cert->subject.surEnc = CTC_UTF8;
cert->subject.org[0] = '\0'; cert->subject.org[0] = '\0';
cert->subject.orgEnc = CTC_UTF8;
cert->subject.unit[0] = '\0'; cert->subject.unit[0] = '\0';
cert->subject.unitEnc = CTC_UTF8;
cert->subject.commonName[0] = '\0'; cert->subject.commonName[0] = '\0';
cert->subject.commonNameEnc = CTC_UTF8;
cert->subject.email[0] = '\0'; cert->subject.email[0] = '\0';
#ifdef CYASSL_CERT_REQ #ifdef CYASSL_CERT_REQ
@ -4838,6 +4865,37 @@ static const char* GetOneName(CertName* name, int idx)
} }
/* Get Which Name Encoding from index */
static char GetNameType(CertName* name, int idx)
{
switch (idx) {
case 0:
return name->countryEnc;
case 1:
return name->stateEnc;
case 2:
return name->localityEnc;
case 3:
return name->surEnc;
case 4:
return name->orgEnc;
case 5:
return name->unitEnc;
case 6:
return name->commonNameEnc;
default:
return 0;
}
}
/* Get ASN Name from index */ /* Get ASN Name from index */
static byte GetNameId(int idx) static byte GetNameId(int idx)
{ {
@ -4987,10 +5045,7 @@ static int SetName(byte* output, CertName* name)
/* id type */ /* id type */
names[i].encoded[idx++] = bType; names[i].encoded[idx++] = bType;
/* str type */ /* str type */
if (bType == ASN_COUNTRY_NAME) names[i].encoded[idx++] = GetNameType(name, i);
names[i].encoded[idx++] = 0x13; /* printable */
else
names[i].encoded[idx++] = 0x0c; /* utf8 */
} }
/* second length */ /* second length */
XMEMCPY(names[i].encoded + idx, secondLen, secondSz); XMEMCPY(names[i].encoded + idx, secondLen, secondSz);
@ -5714,42 +5769,49 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->commonName, decoded.subjectCN, CTC_NAME_SIZE); strncpy(cn->commonName, decoded.subjectCN, CTC_NAME_SIZE);
cn->commonName[sz] = 0; cn->commonName[sz] = 0;
cn->commonNameEnc = decoded.subjectCNEnc;
} }
if (decoded.subjectC) { if (decoded.subjectC) {
sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen : sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->country, decoded.subjectC, CTC_NAME_SIZE); strncpy(cn->country, decoded.subjectC, CTC_NAME_SIZE);
cn->country[sz] = 0; cn->country[sz] = 0;
cn->countryEnc = decoded.subjectCEnc;
} }
if (decoded.subjectST) { if (decoded.subjectST) {
sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen : sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->state, decoded.subjectST, CTC_NAME_SIZE); strncpy(cn->state, decoded.subjectST, CTC_NAME_SIZE);
cn->state[sz] = 0; cn->state[sz] = 0;
cn->stateEnc = decoded.subjectSTEnc;
} }
if (decoded.subjectL) { if (decoded.subjectL) {
sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen : sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->locality, decoded.subjectL, CTC_NAME_SIZE); strncpy(cn->locality, decoded.subjectL, CTC_NAME_SIZE);
cn->locality[sz] = 0; cn->locality[sz] = 0;
cn->localityEnc = decoded.subjectLEnc;
} }
if (decoded.subjectO) { if (decoded.subjectO) {
sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen : sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->org, decoded.subjectO, CTC_NAME_SIZE); strncpy(cn->org, decoded.subjectO, CTC_NAME_SIZE);
cn->org[sz] = 0; cn->org[sz] = 0;
cn->orgEnc = decoded.subjectOEnc;
} }
if (decoded.subjectOU) { if (decoded.subjectOU) {
sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen : sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->unit, decoded.subjectOU, CTC_NAME_SIZE); strncpy(cn->unit, decoded.subjectOU, CTC_NAME_SIZE);
cn->unit[sz] = 0; cn->unit[sz] = 0;
cn->unitEnc = decoded.subjectOUEnc;
} }
if (decoded.subjectSN) { if (decoded.subjectSN) {
sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen : sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen :
CTC_NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cn->sur, decoded.subjectSN, CTC_NAME_SIZE); strncpy(cn->sur, decoded.subjectSN, CTC_NAME_SIZE);
cn->sur[sz] = 0; cn->sur[sz] = 0;
cn->surEnc = decoded.subjectSNEnc;
} }
if (decoded.subjectEmail) { if (decoded.subjectEmail) {
sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ? sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ?

9
cyassl/ctaocrypt/asn.h
View File

@ -340,7 +340,8 @@ struct DecodedCert {
#endif /* HAVE_OCSP */ #endif /* HAVE_OCSP */
byte* signature; /* not owned, points into raw cert */ byte* signature; /* not owned, points into raw cert */
char* subjectCN; /* CommonName */ char* subjectCN; /* CommonName */
int subjectCNLen; int subjectCNLen; /* CommonName Length */
char subjectCNEnc; /* CommonName Encoding */
int subjectCNStored; /* have we saved a copy we own */ int subjectCNStored; /* have we saved a copy we own */
char issuer[ASN_NAME_MAX]; /* full name including common name */ char issuer[ASN_NAME_MAX]; /* full name including common name */
char subject[ASN_NAME_MAX]; /* full name including common name */ char subject[ASN_NAME_MAX]; /* full name including common name */
@ -411,16 +412,22 @@ struct DecodedCert {
/* easy access to subject info for other sign */ /* easy access to subject info for other sign */
char* subjectSN; char* subjectSN;
int subjectSNLen; int subjectSNLen;
char subjectSNEnc;
char* subjectC; char* subjectC;
int subjectCLen; int subjectCLen;
char subjectCEnc;
char* subjectL; char* subjectL;
int subjectLLen; int subjectLLen;
char subjectLEnc;
char* subjectST; char* subjectST;
int subjectSTLen; int subjectSTLen;
char subjectSTEnc;
char* subjectO; char* subjectO;
int subjectOLen; int subjectOLen;
char subjectOEnc;
char* subjectOU; char* subjectOU;
int subjectOULen; int subjectOULen;
char subjectOUEnc;
char* subjectEmail; char* subjectEmail;
int subjectEmailLen; int subjectEmailLen;
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */

12
cyassl/ctaocrypt/asn_public.h
View File

@ -62,6 +62,11 @@ enum Ctc_SigType {
CTC_SHA512wECDSA = 526 CTC_SHA512wECDSA = 526
}; };
enum Ctc_Encoding {
CTC_UTF8 = 0x0c, /* utf8 */
CTC_PRINTABLE = 0x13 /* printable */
};
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
@ -78,12 +83,19 @@ enum Ctc_Misc {
typedef struct CertName { typedef struct CertName {
char country[CTC_NAME_SIZE]; char country[CTC_NAME_SIZE];
char countryEnc;
char state[CTC_NAME_SIZE]; char state[CTC_NAME_SIZE];
char stateEnc;
char locality[CTC_NAME_SIZE]; char locality[CTC_NAME_SIZE];
char localityEnc;
char sur[CTC_NAME_SIZE]; char sur[CTC_NAME_SIZE];
char surEnc;
char org[CTC_NAME_SIZE]; char org[CTC_NAME_SIZE];
char orgEnc;
char unit[CTC_NAME_SIZE]; char unit[CTC_NAME_SIZE];
char unitEnc;
char commonName[CTC_NAME_SIZE]; char commonName[CTC_NAME_SIZE];
char commonNameEnc;
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
} CertName; } CertName;