Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
BC
public
external
mbedtls
Commits
6384440b
Commit
6384440b
authored
Apr 30, 2014
by
Paul Bakker
Browse files
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
parent
1a1fbba1
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
76 additions
and
0 deletions
+76
-0
ChangeLog
ChangeLog
+1
-0
include/polarssl/oid.h
include/polarssl/oid.h
+9
-0
library/oid.c
library/oid.c
+32
-0
library/x509_create.c
library/x509_create.c
+34
-0
No files found.
ChangeLog
View file @
6384440b
...
...
@@ -11,6 +11,7 @@ Changes
* POLARSSL_CONFIG_OPTIONS has been removed. All values are individually
checked and filled in the relevant module headers
* Debug module only outputs full lines instead of parts
* Better support for the different Attribute Types from IETF PKIX (RFC 5280)
Bugfix
* Only iterate over actual certificates in ssl_write_certificate_request()
...
...
include/polarssl/oid.h
View file @
6384440b
...
...
@@ -105,14 +105,23 @@
*/
#define OID_AT OID_ISO_CCITT_DS "\x04"
/**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
#define OID_AT_CN OID_AT "\x03"
/**< id-at-commonName AttributeType:= {id-at 3} */
#define OID_AT_SUR_NAME OID_AT "\x04"
/**< id-at-surName AttributeType:= {id-at 4} */
#define OID_AT_SERIAL_NUMBER OID_AT "\x05"
/**< id-at-serialNumber AttributeType:= {id-at 5} */
#define OID_AT_COUNTRY OID_AT "\x06"
/**< id-at-countryName AttributeType:= {id-at 6} */
#define OID_AT_LOCALITY OID_AT "\x07"
/**< id-at-locality AttributeType:= {id-at 7} */
#define OID_AT_STATE OID_AT "\x08"
/**< id-at-state AttributeType:= {id-at 8} */
#define OID_AT_ORGANIZATION OID_AT "\x0A"
/**< id-at-organizationName AttributeType:= {id-at 10} */
#define OID_AT_ORG_UNIT OID_AT "\x0B"
/**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
#define OID_AT_TITLE OID_AT "\x0C"
/**< id-at-title AttributeType:= {id-at 12} */
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10"
/**< id-at-postalAddress AttributeType:= {id-at 16} */
#define OID_AT_POSTAL_CODE OID_AT "\x11"
/**< id-at-postalCode AttributeType:= {id-at 17} */
#define OID_AT_GIVEN_NAME OID_AT "\x2A"
/**< id-at-givenName AttributeType:= {id-at 42} */
#define OID_AT_INITIALS OID_AT "\x2B"
/**< id-at-initials AttributeType:= {id-at 43} */
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C"
/**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define OID_AT_DN_QUALIFIER OID_AT "\x2E"
/**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define OID_AT_PSEUDONYM OID_AT "\x41"
/**< id-at-pseudonym AttributeType:= {id-at 65} */
#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19"
/** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
/*
* OIDs for standard certificate extensions
...
...
library/oid.c
View file @
6384440b
...
...
@@ -195,6 +195,38 @@ static const oid_x520_attr_t oid_x520_attr_type[] =
{
ADD_LEN
(
OID_AT_POSTAL_CODE
),
"id-at-postalCode"
,
"Postal code"
},
"postalCode"
,
},
{
{
ADD_LEN
(
OID_AT_SUR_NAME
),
"id-at-surName"
,
"Surname"
},
"SN"
,
},
{
{
ADD_LEN
(
OID_AT_GIVEN_NAME
),
"id-at-givenName"
,
"Given name"
},
"GN"
,
},
{
{
ADD_LEN
(
OID_AT_INITIALS
),
"id-at-initials"
,
"Initials"
},
"initials"
,
},
{
{
ADD_LEN
(
OID_AT_GENERATION_QUALIFIER
),
"id-at-generationQualifier"
,
"Generation qualifier"
},
"generationQualifier"
,
},
{
{
ADD_LEN
(
OID_AT_TITLE
),
"id-at-title"
,
"Title"
},
"title"
,
},
{
{
ADD_LEN
(
OID_AT_DN_QUALIFIER
),
"id-at-dnQualifier"
,
"Distinguished Name qualifier"
},
"dnQualifier"
,
},
{
{
ADD_LEN
(
OID_AT_PSEUDONYM
),
"id-at-pseudonym"
,
"Pseudonym"
},
"pseudonym"
,
},
{
{
ADD_LEN
(
OID_DOMAIN_COMPONENT
),
"id-domainComponent"
,
"Domain component"
},
"DC"
,
},
{
{
NULL
,
0
,
NULL
,
NULL
},
NULL
,
...
...
library/x509_create.c
View file @
6384440b
...
...
@@ -53,18 +53,30 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
{
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"CN"
,
2
)
==
0
)
oid
=
OID_AT_CN
;
else
if
(
c
-
s
==
10
&&
strncasecmp
(
s
,
"commonName"
,
10
)
==
0
)
oid
=
OID_AT_CN
;
else
if
(
c
-
s
==
1
&&
strncasecmp
(
s
,
"C"
,
1
)
==
0
)
oid
=
OID_AT_COUNTRY
;
else
if
(
c
-
s
==
11
&&
strncasecmp
(
s
,
"countryName"
,
11
)
==
0
)
oid
=
OID_AT_COUNTRY
;
else
if
(
c
-
s
==
1
&&
strncasecmp
(
s
,
"O"
,
1
)
==
0
)
oid
=
OID_AT_ORGANIZATION
;
else
if
(
c
-
s
==
16
&&
strncasecmp
(
s
,
"organizationName"
,
16
)
==
0
)
oid
=
OID_AT_ORGANIZATION
;
else
if
(
c
-
s
==
1
&&
strncasecmp
(
s
,
"L"
,
1
)
==
0
)
oid
=
OID_AT_LOCALITY
;
else
if
(
c
-
s
==
8
&&
strncasecmp
(
s
,
"locality"
,
8
)
==
0
)
oid
=
OID_AT_LOCALITY
;
else
if
(
c
-
s
==
1
&&
strncasecmp
(
s
,
"R"
,
1
)
==
0
)
oid
=
OID_PKCS9_EMAIL
;
else
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"OU"
,
2
)
==
0
)
oid
=
OID_AT_ORG_UNIT
;
else
if
(
c
-
s
==
22
&&
strncasecmp
(
s
,
"organizationalUnitName"
,
22
)
==
0
)
oid
=
OID_AT_ORG_UNIT
;
else
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"ST"
,
2
)
==
0
)
oid
=
OID_AT_STATE
;
else
if
(
c
-
s
==
19
&&
strncasecmp
(
s
,
"stateOrProvinceName"
,
19
)
==
0
)
oid
=
OID_AT_STATE
;
else
if
(
c
-
s
==
12
&&
strncasecmp
(
s
,
"emailAddress"
,
12
)
==
0
)
oid
=
OID_PKCS9_EMAIL
;
else
if
(
c
-
s
==
12
&&
strncasecmp
(
s
,
"serialNumber"
,
12
)
==
0
)
...
...
@@ -73,6 +85,28 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
oid
=
OID_AT_POSTAL_ADDRESS
;
else
if
(
c
-
s
==
10
&&
strncasecmp
(
s
,
"postalCode"
,
10
)
==
0
)
oid
=
OID_AT_POSTAL_CODE
;
else
if
(
c
-
s
==
11
&&
strncasecmp
(
s
,
"dnQualifier"
,
11
)
==
0
)
oid
=
OID_AT_DN_QUALIFIER
;
else
if
(
c
-
s
==
5
&&
strncasecmp
(
s
,
"title"
,
5
)
==
0
)
oid
=
OID_AT_TITLE
;
else
if
(
c
-
s
==
7
&&
strncasecmp
(
s
,
"surName"
,
7
)
==
0
)
oid
=
OID_AT_SUR_NAME
;
else
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"SN"
,
2
)
==
0
)
oid
=
OID_AT_SUR_NAME
;
else
if
(
c
-
s
==
9
&&
strncasecmp
(
s
,
"givenName"
,
9
)
==
0
)
oid
=
OID_AT_GIVEN_NAME
;
else
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"GN"
,
2
)
==
0
)
oid
=
OID_AT_GIVEN_NAME
;
else
if
(
c
-
s
==
8
&&
strncasecmp
(
s
,
"initials"
,
8
)
==
0
)
oid
=
OID_AT_INITIALS
;
else
if
(
c
-
s
==
9
&&
strncasecmp
(
s
,
"pseudonym"
,
9
)
==
0
)
oid
=
OID_AT_PSEUDONYM
;
else
if
(
c
-
s
==
19
&&
strncasecmp
(
s
,
"generationQualifier"
,
19
)
==
0
)
oid
=
OID_AT_GENERATION_QUALIFIER
;
else
if
(
c
-
s
==
15
&&
strncasecmp
(
s
,
"domainComponent"
,
15
)
==
0
)
oid
=
OID_DOMAIN_COMPONENT
;
else
if
(
c
-
s
==
2
&&
strncasecmp
(
s
,
"DC"
,
2
)
==
0
)
oid
=
OID_DOMAIN_COMPONENT
;
else
{
ret
=
POLARSSL_ERR_X509_UNKNOWN_OID
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment