|
|
@@ -12661,6 +12661,17 @@ static int GetHashId(const byte* id, int length, byte* hash, int hashAlg)
|
|
|
(((id) - 3) >= 0 && ((id) - 3) < certNameSubjectSz && \
|
|
|
(certNameSubject[(id) - 3].strLen > 0))
|
|
|
|
|
|
+/* Set the string for a name component into the issuer name. */
|
|
|
+#define SetCertNameIssuer(cert, id, val) \
|
|
|
+ *((char**)(((byte *)(cert)) + certNameSubject[(id) - 3].dataI)) = (val)
|
|
|
+/* Set the string length for a name component into the issuer name. */
|
|
|
+#define SetCertNameIssuerLen(cert, id, val) \
|
|
|
+ *((int*)(((byte *)(cert)) + certNameSubject[(id) - 3].lenI)) = (int)(val)
|
|
|
+/* Set the encoding for a name component into the issuer name. */
|
|
|
+#define SetCertNameIssuerEnc(cert, id, val) \
|
|
|
+ *((byte*)(((byte *)(cert)) + certNameSubject[(id) - 3].encI)) = (val)
|
|
|
+
|
|
|
+
|
|
|
/* Mapping of certificate name component to useful information. */
|
|
|
typedef struct CertNameData {
|
|
|
/* Type string of name component. */
|
|
|
@@ -12674,6 +12685,14 @@ typedef struct CertNameData {
|
|
|
size_t len;
|
|
|
/* Offset of encoding in subject name component. */
|
|
|
size_t enc;
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ /* Offset of data in subject name component. */
|
|
|
+ size_t dataI;
|
|
|
+ /* Offset of length in subject name component. */
|
|
|
+ size_t lenI;
|
|
|
+ /* Offset of encoding in subject name component. */
|
|
|
+ size_t encI;
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
/* NID of type for subject name component. */
|
|
|
@@ -12690,6 +12709,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectCN),
|
|
|
OFFSETOF(DecodedCert, subjectCNLen),
|
|
|
OFFSETOF(DecodedCert, subjectCNEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerCN),
|
|
|
+ OFFSETOF(DecodedCert, issuerCNLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerCNEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_commonName
|
|
|
@@ -12702,6 +12726,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectSN),
|
|
|
OFFSETOF(DecodedCert, subjectSNLen),
|
|
|
OFFSETOF(DecodedCert, subjectSNEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerSN),
|
|
|
+ OFFSETOF(DecodedCert, issuerSNLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerSNEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_surname
|
|
|
@@ -12714,6 +12743,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectSND),
|
|
|
OFFSETOF(DecodedCert, subjectSNDLen),
|
|
|
OFFSETOF(DecodedCert, subjectSNDEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerSND),
|
|
|
+ OFFSETOF(DecodedCert, issuerSNDLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerSNDEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_serialNumber
|
|
|
@@ -12726,6 +12760,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectC),
|
|
|
OFFSETOF(DecodedCert, subjectCLen),
|
|
|
OFFSETOF(DecodedCert, subjectCEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerC),
|
|
|
+ OFFSETOF(DecodedCert, issuerCLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerCEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_countryName
|
|
|
@@ -12738,6 +12777,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectL),
|
|
|
OFFSETOF(DecodedCert, subjectLLen),
|
|
|
OFFSETOF(DecodedCert, subjectLEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerL),
|
|
|
+ OFFSETOF(DecodedCert, issuerLLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerLEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_localityName
|
|
|
@@ -12750,6 +12794,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectST),
|
|
|
OFFSETOF(DecodedCert, subjectSTLen),
|
|
|
OFFSETOF(DecodedCert, subjectSTEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerST),
|
|
|
+ OFFSETOF(DecodedCert, issuerSTLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerSTEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_stateOrProvinceName
|
|
|
@@ -12762,6 +12811,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectStreet),
|
|
|
OFFSETOF(DecodedCert, subjectStreetLen),
|
|
|
OFFSETOF(DecodedCert, subjectStreetEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_streetAddress
|
|
|
@@ -12774,6 +12828,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectO),
|
|
|
OFFSETOF(DecodedCert, subjectOLen),
|
|
|
OFFSETOF(DecodedCert, subjectOEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerO),
|
|
|
+ OFFSETOF(DecodedCert, issuerOLen),
|
|
|
+ OFFSETOF(DecodedCert, issuerOEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_organizationName
|
|
|
@@ -12786,6 +12845,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectOU),
|
|
|
OFFSETOF(DecodedCert, subjectOULen),
|
|
|
OFFSETOF(DecodedCert, subjectOUEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ OFFSETOF(DecodedCert, issuerOU),
|
|
|
+ OFFSETOF(DecodedCert, issuerOULen),
|
|
|
+ OFFSETOF(DecodedCert, issuerOUEnc),
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_organizationalUnitName
|
|
|
@@ -12798,6 +12862,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
0,
|
|
|
0,
|
|
|
0,
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
0,
|
|
|
@@ -12810,6 +12879,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
0,
|
|
|
0,
|
|
|
0,
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
0,
|
|
|
@@ -12822,6 +12896,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
0,
|
|
|
0,
|
|
|
0,
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
0,
|
|
|
@@ -12834,6 +12913,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectBC),
|
|
|
OFFSETOF(DecodedCert, subjectBCLen),
|
|
|
OFFSETOF(DecodedCert, subjectBCEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_businessCategory
|
|
|
@@ -12846,6 +12930,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
0,
|
|
|
0,
|
|
|
0,
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
0,
|
|
|
@@ -12858,6 +12947,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectPC),
|
|
|
OFFSETOF(DecodedCert, subjectPCLen),
|
|
|
OFFSETOF(DecodedCert, subjectPCEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_postalCode
|
|
|
@@ -12870,6 +12964,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectUID),
|
|
|
OFFSETOF(DecodedCert, subjectUIDLen),
|
|
|
OFFSETOF(DecodedCert, subjectUIDEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_userId
|
|
|
@@ -12883,6 +12982,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectN),
|
|
|
OFFSETOF(DecodedCert, subjectNLen),
|
|
|
OFFSETOF(DecodedCert, subjectNEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_name
|
|
|
@@ -12895,6 +12999,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectGN),
|
|
|
OFFSETOF(DecodedCert, subjectGNLen),
|
|
|
OFFSETOF(DecodedCert, subjectGNEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_givenName
|
|
|
@@ -12907,6 +13016,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectI),
|
|
|
OFFSETOF(DecodedCert, subjectILen),
|
|
|
OFFSETOF(DecodedCert, subjectIEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_initials
|
|
|
@@ -12919,6 +13033,11 @@ static const CertNameData certNameSubject[] = {
|
|
|
OFFSETOF(DecodedCert, subjectDNQ),
|
|
|
OFFSETOF(DecodedCert, subjectDNQLen),
|
|
|
OFFSETOF(DecodedCert, subjectDNQEnc),
|
|
|
+#ifdef WOLFSSL_HAVE_ISSUER_NAMES
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+ 0,
|
|
|
+#endif
|
|
|
#endif
|
|
|
#ifdef WOLFSSL_X509_NAME_AVAILABLE
|
|
|
NID_dnQualifier
|
|
|
@@ -12930,6 +13049,7 @@ static const CertNameData certNameSubject[] = {
|
|
|
static const int certNameSubjectSz =
|
|
|
(int) (sizeof(certNameSubject) / sizeof(CertNameData));
|
|
|
|
|
|
+
|
|
|
/* ASN.1 template for an RDN.
|
|
|
* X.509: RFC 5280, 4.1.2.4 - RelativeDistinguishedName
|
|
|
*/
|
|
|
@@ -13270,6 +13390,43 @@ static int SetSubject(DecodedCert* cert, int id, byte* str, int strLen,
|
|
|
return ret;
|
|
|
}
|
|
|
|
|
|
+#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)) && \
|
|
|
+ defined(WOLFSSL_HAVE_ISSUER_NAMES)
|
|
|
+/* Set the details of an issuer name component into a certificate.
|
|
|
+ *
|
|
|
+ * @param [in, out] cert Certificate object.
|
|
|
+ * @param [in] id Id of component.
|
|
|
+ * @param [in] str String for component.
|
|
|
+ * @param [in] strLen Length of string.
|
|
|
+ * @param [in] tag BER tag representing encoding of string.
|
|
|
+ * @return 0 on success, negative values on failure.
|
|
|
+ */
|
|
|
+static int SetIssuer(DecodedCert* cert, int id, byte* str, int strLen,
|
|
|
+ byte tag)
|
|
|
+{
|
|
|
+ int ret = 0;
|
|
|
+
|
|
|
+ /* Put string and encoding into certificate. */
|
|
|
+ if (id == ASN_COMMON_NAME) {
|
|
|
+ cert->issuerCN = (char *)str;
|
|
|
+ cert->issuerCNLen = (int)strLen;
|
|
|
+ cert->issuerCNEnc = (char)tag;
|
|
|
+ }
|
|
|
+ else if (id > ASN_COMMON_NAME && id <= ASN_USER_ID) {
|
|
|
+ /* Use table and offsets to put data into appropriate fields. */
|
|
|
+ SetCertNameIssuer(cert, id, (char*)str);
|
|
|
+ SetCertNameIssuerLen(cert, id, strLen);
|
|
|
+ SetCertNameIssuerEnc(cert, id, tag);
|
|
|
+ }
|
|
|
+ else if (id == ASN_EMAIL) {
|
|
|
+ cert->issuerEmail = (char*)str;
|
|
|
+ cert->issuerEmailLen = strLen;
|
|
|
+ }
|
|
|
+
|
|
|
+ return ret;
|
|
|
+}
|
|
|
+#endif
|
|
|
+
|
|
|
/* Get a RelativeDistinguishedName from the encoding and put in certificate.
|
|
|
*
|
|
|
* @param [in, out] cert Certificate object.
|
|
|
@@ -13402,6 +13559,13 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
|
|
|
/* Store subject field components. */
|
|
|
ret = SetSubject(cert, id, str, (int)strLen, tag);
|
|
|
}
|
|
|
+ #if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_CERT_EXT)) && \
|
|
|
+ defined(WOLFSSL_HAVE_ISSUER_NAMES)
|
|
|
+ /* Put issuer common name string and encoding into certificate. */
|
|
|
+ else {
|
|
|
+ ret = SetIssuer(cert, id, str, (int)strLen, tag);
|
|
|
+ }
|
|
|
+ #endif
|
|
|
if (ret == 0) {
|
|
|
/* Check there is space for this in the full name string and
|
|
|
* terminating NUL character. */
|
Sean Parkinson