Added x509 accessors for the SEP build certificate additions.

This commit is contained in:
John Safranek 2013-08-17 09:01:15 -07:00
parent 19f7053f1d
commit 442886a207
4 changed files with 85 additions and 0 deletions

View File

@ -1648,6 +1648,14 @@ struct CYASSL_X509 {
int serialSz;
byte serial[EXTERNAL_SERIAL_SIZE];
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
#ifdef CYASSL_SEP
int deviceTypeSz;
byte deviceType[EXTERNAL_SERIAL_SIZE];
int hwTypeSz;
byte hwType[EXTERNAL_SERIAL_SIZE];
int hwSerialNumSz;
byte hwSerialNum[EXTERNAL_SERIAL_SIZE];
#endif
buffer derCert; /* may need */
DNS_entry* altNames; /* alt names list */
DNS_entry* altNamesNext; /* hint for retrieval */

View File

@ -783,6 +783,15 @@ CYASSL_API int CyaSSL_cmp_peer_cert_to_file(CYASSL*, const char*);
CYASSL_API char* CyaSSL_X509_get_next_altname(CYASSL_X509*);
#ifdef CYASSL_SEP
CYASSL_API
int CyaSSL_X509_get_device_type(CYASSL_X509*, unsigned char*, int*);
CYASSL_API
int CyaSSL_X509_get_hw_type(CYASSL_X509*, unsigned char*, int*);
CYASSL_API
int CyaSSL_X509_get_hw_serial_number(CYASSL_X509*, unsigned char*, int*);
#endif
/* connect enough to get peer cert */
CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);

View File

@ -2925,6 +2925,32 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert)
else
x509->subjectCN[0] = '\0';
#ifdef CYASSL_SEP
{
int minSz = min(dCert->deviceTypeSz, EXTERNAL_SERIAL_SIZE);
if (minSz > 0) {
x509->deviceTypeSz = minSz;
XMEMCPY(x509->deviceType, dCert->deviceType, minSz);
}
else
x509->deviceTypeSz = 0;
minSz = min(dCert->hwTypeSz, EXTERNAL_SERIAL_SIZE);
if (minSz != 0) {
x509->hwTypeSz = minSz;
XMEMCPY(x509->hwType, dCert->hwType, minSz);
}
else
x509->hwTypeSz = 0;
minSz = min(dCert->hwSerialNumSz, EXTERNAL_SERIAL_SIZE);
if (minSz != 0) {
x509->hwSerialNumSz = minSz;
XMEMCPY(x509->hwSerialNum, dCert->hwSerialNum, minSz);
}
else
x509->hwSerialNumSz = 0;
}
#endif /* CYASSL_SEP */
/* store cert for potential retrieval */
x509->derCert.buffer = (byte*)XMALLOC(dCert->maxIdx, NULL,
DYNAMIC_TYPE_CERT);

View File

@ -7011,6 +7011,48 @@ int CyaSSL_set_compression(CYASSL* ssl)
return x509->derCert.buffer;
}
#ifdef CYASSL_SEP
int CyaSSL_X509_get_device_type(CYASSL_X509* x509, byte* in, int *inOutSz)
{
CYASSL_ENTER("CyaSSL_X509_get_dev_type");
if (x509 == NULL || inOutSz == NULL || *inOutSz < x509->deviceTypeSz)
return BAD_FUNC_ARG;
XMEMCPY(in, x509->deviceType, x509->deviceTypeSz);
*inOutSz = x509->deviceTypeSz;
return SSL_SUCCESS;
}
int CyaSSL_X509_get_hw_type(CYASSL_X509* x509, byte* in, int *inOutSz)
{
CYASSL_ENTER("CyaSSL_X509_get_hw_type");
if (x509 == NULL || inOutSz == NULL || *inOutSz < x509->hwTypeSz)
return BAD_FUNC_ARG;
XMEMCPY(in, x509->hwType, x509->hwTypeSz);
*inOutSz = x509->hwTypeSz;
return SSL_SUCCESS;
}
int CyaSSL_X509_get_hw_serial_number(CYASSL_X509* x509, byte* in, int *inOutSz)
{
CYASSL_ENTER("CyaSSL_X509_get_hw_serial_number");
if (x509 == NULL || inOutSz == NULL || *inOutSz < x509->hwSerialNumSz)
return BAD_FUNC_ARG;
XMEMCPY(in, x509->hwSerialNum, x509->hwSerialNumSz);
*inOutSz = x509->hwSerialNumSz;
return SSL_SUCCESS;
}
#endif /* CYASSL_SEP */
#endif /* KEEP_PEER_CERT || SESSION_CERTS */