Merge pull request #5954 from wernerlewis/x509_next_merged
Add mbedtls_x509_dn_get_next function
This commit is contained in:
commit
93a7f7d7f8
5 changed files with 106 additions and 0 deletions
3
ChangeLog.d/add_dn_get_next.txt
Normal file
3
ChangeLog.d/add_dn_get_next.txt
Normal file
|
@ -0,0 +1,3 @@
|
|||
Bugfix
|
||||
* Add mbedtls_x509_dn_get_next function to return the next relative DN in
|
||||
an X509 name, to allow walking the name list. Fixes #5431.
|
|
@ -266,6 +266,16 @@ mbedtls_x509_time;
|
|||
*/
|
||||
int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
|
||||
|
||||
/**
|
||||
* \brief Return the next relative DN in an X509 name.
|
||||
*
|
||||
* \param dn Current node in the X509 name
|
||||
*
|
||||
* \return Pointer to the first attribute-value pair of the
|
||||
* next RDN in sequence, or NULL if end is reached.
|
||||
*/
|
||||
mbedtls_x509_name * mbedtls_x509_dn_get_next( mbedtls_x509_name *dn );
|
||||
|
||||
/**
|
||||
* \brief Store the certificate serial in printable form into buf;
|
||||
* no more than size characters will be written.
|
||||
|
|
|
@ -796,6 +796,15 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
|
|||
return( (int) ( size - n ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Return the next relative DN in an X509 name.
|
||||
*/
|
||||
mbedtls_x509_name * mbedtls_x509_dn_get_next( mbedtls_x509_name * dn )
|
||||
{
|
||||
for( ; dn->next != NULL && dn->next_merged; dn = dn->next );
|
||||
return( dn->next );
|
||||
}
|
||||
|
||||
/*
|
||||
* Store the serial in printable form into buf; no more
|
||||
* than size characters will be written
|
||||
|
|
|
@ -375,6 +375,18 @@ X509 Get Distinguished Name #4
|
|||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
|
||||
mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
||||
|
||||
X509 Get Next DN #1 No Multivalue RDNs
|
||||
mbedtls_x509_dn_get_next:"C=NL, O=PolarSSL, CN=PolarSSL Server 1":0:"C O CN":3:"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
||||
X509 Get Next DN #2 Initial Multivalue RDN
|
||||
mbedtls_x509_dn_get_next:"C=NL, O=PolarSSL, CN=PolarSSL Server 1":0x01:"C CN":2:"C=NL + O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
||||
X509 Get Next DN #3 Single Multivalue RDN
|
||||
mbedtls_x509_dn_get_next:"C=NL, O=PolarSSL, CN=PolarSSL Server 1":0x03:"C":1:"C=NL + O=PolarSSL + CN=PolarSSL Server 1"
|
||||
|
||||
X509 Get Next DN #4 Consecutive Multivalue RDNs
|
||||
mbedtls_x509_dn_get_next:"C=NL, O=PolarSSL, title=Example, CN=PolarSSL Server 1":0x05:"C title":2:"C=NL + O=PolarSSL, title=Example + CN=PolarSSL Server 1"
|
||||
|
||||
X509 Time Expired #1
|
||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C
|
||||
mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1
|
||||
|
|
|
@ -785,6 +785,78 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */
|
||||
void mbedtls_x509_dn_get_next( char * name_str, int next_merged, char * expected_oids, int exp_count, char * exp_dn_gets )
|
||||
{
|
||||
int ret = 0, i;
|
||||
size_t len = 0, out_size;
|
||||
mbedtls_asn1_named_data *names = NULL;
|
||||
mbedtls_x509_name parsed, *parsed_cur, *parsed_prv;
|
||||
// Size of buf is maximum required for test cases
|
||||
unsigned char buf[80], *out = NULL, *c;
|
||||
const char *short_name;
|
||||
|
||||
memset( &parsed, 0, sizeof( parsed ) );
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
c = buf + sizeof( buf );
|
||||
// Additional size required for trailing space
|
||||
out_size = strlen( expected_oids ) + 2;
|
||||
ASSERT_ALLOC( out, out_size );
|
||||
|
||||
TEST_EQUAL( mbedtls_x509_string_to_names( &names, name_str ), 0 );
|
||||
|
||||
ret = mbedtls_x509_write_names( &c, buf, names );
|
||||
TEST_LE_S( 0, ret );
|
||||
|
||||
TEST_EQUAL( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len,
|
||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ), 0 );
|
||||
TEST_EQUAL( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ), 0 );
|
||||
|
||||
// Iterate over names and set next_merged nodes
|
||||
parsed_cur = &parsed;
|
||||
for( ; next_merged != 0 && parsed_cur != NULL; next_merged = next_merged >> 1 )
|
||||
{
|
||||
parsed_cur->next_merged = next_merged & 0x01;
|
||||
parsed_cur = parsed_cur->next;
|
||||
}
|
||||
|
||||
// Iterate over RDN nodes and print OID of first element to buffer
|
||||
parsed_cur = &parsed;
|
||||
len = 0;
|
||||
for( i = 0; parsed_cur != NULL; i++ )
|
||||
{
|
||||
TEST_EQUAL( mbedtls_oid_get_attr_short_name( &parsed_cur->oid,
|
||||
&short_name ), 0 );
|
||||
len += mbedtls_snprintf( (char*) out + len, out_size - len, "%s ", short_name );
|
||||
parsed_cur = mbedtls_x509_dn_get_next( parsed_cur );
|
||||
}
|
||||
out[len-1] = 0;
|
||||
|
||||
TEST_EQUAL( exp_count, i );
|
||||
TEST_EQUAL( strcmp( (char *) out, expected_oids ), 0 );
|
||||
mbedtls_free( out );
|
||||
out = NULL;
|
||||
|
||||
out_size = strlen( exp_dn_gets ) + 1;
|
||||
ASSERT_ALLOC( out, out_size );
|
||||
|
||||
TEST_LE_S( 0, mbedtls_x509_dn_gets( (char *) out, out_size, &parsed ) );
|
||||
TEST_EQUAL( strcmp( (char *) out, exp_dn_gets ), 0 );
|
||||
exit:
|
||||
mbedtls_free( out );
|
||||
mbedtls_asn1_free_named_data_list( &names );
|
||||
|
||||
parsed_cur = parsed.next;
|
||||
while( parsed_cur != 0 )
|
||||
{
|
||||
parsed_prv = parsed_cur;
|
||||
parsed_cur = parsed_cur->next;
|
||||
mbedtls_free( parsed_prv );
|
||||
}
|
||||
}
|
||||
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
|
||||
void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result )
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue