From 8a13866f6576570676cf5552e9c068509dafaa4b Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Mon, 30 Jan 2023 12:29:11 +0100 Subject: [PATCH] Remove parsing of rfc822Name Signed-off-by: Przemek Stekiel --- include/mbedtls/x509_crt.h | 3 +-- library/x509_crt.c | 25 ------------------------- 2 files changed, 1 insertion(+), 27 deletions(-) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index cd089ce70..f25ccb2a0 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -570,8 +570,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path); * \param san The target structure to populate with the parsed presentation * of the subject alternative name encoded in \p san_raw. * - * \note Only "dnsName" and "otherName" and "rfc822Name" of type hardware_module_name - * as defined in RFC 4180 is supported. + * \note Only "dnsName" and "otherName" as defined in RFC 5280 are supported. * * \note This function should be called on a single raw data of * subject alternative name. For example, after successful diff --git a/library/x509_crt.c b/library/x509_crt.c index 269ccbc4a..5e6409bbb 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1918,31 +1918,6 @@ int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, } break; - /* - * RFC822 Name - */ - case (MBEDTLS_ASN1_SEQUENCE | MBEDTLS_X509_SAN_RFC822_NAME): - { - mbedtls_x509_name rfc822Name; - unsigned char *bufferPointer = san_buf->p; - unsigned char **p = &bufferPointer; - const unsigned char *end = san_buf->p + san_buf->len; - - /* The leading ASN1 tag and length has been processed. Stepping back with 2 bytes, because mbedtls_x509_get_name expects the beginning of the SET tag */ - *p = *p - 2; - - ret = mbedtls_x509_get_name(p, end, &rfc822Name); - if (ret != 0) { - return ret; - } - - memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); - san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy(&san->san.unstructured_name, - &rfc822Name, sizeof(rfc822Name)); - } - break; - /* * Type not supported */