This Trac instance is not used for development anymore!

We migrated our development workflow to git and Gitea.
To test the future redirection, replace trac by ariadne in the page URL.

source: ps/trunk/build/premake/premake5/contrib/mbedtls/library/x509_create.c

Last change on this file was 20366, checked in by Itms, 7 years ago

Alpha 12 version of Premake 5, including prebuilt binary for Windows.
Directly taken from https://premake.github.io/.

Refs #3729.
File size: 11.3 KB
Line 
1/*
2 * X.509 base functions for creating certificates / CSRs
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
28#if defined(MBEDTLS_X509_CREATE_C)
29
30#include "mbedtls/x509.h"
31#include "mbedtls/asn1write.h"
32#include "mbedtls/oid.h"
33
34#include <string.h>
35
36typedef struct {
37 const char *name;
38 size_t name_len;
39 const char*oid;
40} x509_attr_descriptor_t;
41
42#define ADD_STRLEN( s ) s, sizeof( s ) - 1
43
44static const x509_attr_descriptor_t x509_attrs[] =
45{
46 { ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN },
47 { ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN },
48 { ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY },
49 { ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY },
50 { ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION },
51 { ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION },
52 { ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY },
53 { ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY },
54 { ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL },
55 { ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT },
56 { ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT },
57 { ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE },
58 { ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE },
59 { ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL },
60 { ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER },
61 { ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS },
62 { ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE },
63 { ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER },
64 { ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE },
65 { ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME },
66 { ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME },
67 { ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME },
68 { ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME },
69 { ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS },
70 { ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM },
71 { ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER },
72 { ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT },
73 { ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT },
74 { NULL, 0, NULL }
75};
76
77static const char *x509_at_oid_from_name( const char *name, size_t name_len )
78{
79 const x509_attr_descriptor_t *cur;
80
81 for( cur = x509_attrs; cur->name != NULL; cur++ )
82 if( cur->name_len == name_len &&
83 strncmp( cur->name, name, name_len ) == 0 )
84 break;
85
86 return( cur->oid );
87}
88
89int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
90{
91 int ret = 0;
92 const char *s = name, *c = s;
93 const char *end = s + strlen( s );
94 const char *oid = NULL;
95 int in_tag = 1;
96 char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
97 char *d = data;
98
99 /* Clear existing chain if present */
100 mbedtls_asn1_free_named_data_list( head );
101
102 while( c <= end )
103 {
104 if( in_tag && *c == '=' )
105 {
106 if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL )
107 {
108 ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
109 goto exit;
110 }
111
112 s = c + 1;
113 in_tag = 0;
114 d = data;
115 }
116
117 if( !in_tag && *c == '\\' && c != end )
118 {
119 c++;
120
121 /* Check for valid escaped characters */
122 if( c == end || *c != ',' )
123 {
124 ret = MBEDTLS_ERR_X509_INVALID_NAME;
125 goto exit;
126 }
127 }
128 else if( !in_tag && ( *c == ',' || c == end ) )
129 {
130 if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ),
131 (unsigned char *) data,
132 d - data ) == NULL )
133 {
134 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
135 }
136
137 while( c < end && *(c + 1) == ' ' )
138 c++;
139
140 s = c + 1;
141 in_tag = 1;
142 }
143
144 if( !in_tag && s != c + 1 )
145 {
146 *(d++) = *c;
147
148 if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE )
149 {
150 ret = MBEDTLS_ERR_X509_INVALID_NAME;
151 goto exit;
152 }
153 }
154
155 c++;
156 }
157
158exit:
159
160 return( ret );
161}
162
163/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
164 * to store the critical boolean for us
165 */
166int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
167 int critical, const unsigned char *val, size_t val_len )
168{
169 mbedtls_asn1_named_data *cur;
170
171 if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len,
172 NULL, val_len + 1 ) ) == NULL )
173 {
174 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
175 }
176
177 cur->val.p[0] = critical;
178 memcpy( cur->val.p + 1, val, val_len );
179
180 return( 0 );
181}
182
183/*
184 * RelativeDistinguishedName ::=
185 * SET OF AttributeTypeAndValue
186 *
187 * AttributeTypeAndValue ::= SEQUENCE {
188 * type AttributeType,
189 * value AttributeValue }
190 *
191 * AttributeType ::= OBJECT IDENTIFIER
192 *
193 * AttributeValue ::= ANY DEFINED BY AttributeType
194 */
195static int x509_write_name( unsigned char **p, unsigned char *start,
196 const char *oid, size_t oid_len,
197 const unsigned char *name, size_t name_len )
198{
199 int ret;
200 size_t len = 0;
201
202 // Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL
203 //
204 if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len &&
205 memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 )
206 {
207 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start,
208 (const char *) name,
209 name_len ) );
210 }
211 else
212 {
213 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start,
214 (const char *) name,
215 name_len ) );
216 }
217
218 // Write OID
219 //
220 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
221
222 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
223 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
224 MBEDTLS_ASN1_SEQUENCE ) );
225
226 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
227 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
228 MBEDTLS_ASN1_SET ) );
229
230 return( (int) len );
231}
232
233int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
234 mbedtls_asn1_named_data *first )
235{
236 int ret;
237 size_t len = 0;
238 mbedtls_asn1_named_data *cur = first;
239
240 while( cur != NULL )
241 {
242 MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p,
243 cur->oid.len,
244 cur->val.p, cur->val.len ) );
245 cur = cur->next;
246 }
247
248 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
249 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
250 MBEDTLS_ASN1_SEQUENCE ) );
251
252 return( (int) len );
253}
254
255int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
256 const char *oid, size_t oid_len,
257 unsigned char *sig, size_t size )
258{
259 int ret;
260 size_t len = 0;
261
262 if( *p < start || (size_t)( *p - start ) < size )
263 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
264
265 len = size;
266 (*p) -= len;
267 memcpy( *p, sig, len );
268
269 if( *p - start < 1 )
270 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
271
272 *--(*p) = 0;
273 len += 1;
274
275 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
276 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
277
278 // Write OID
279 //
280 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid,
281 oid_len, 0 ) );
282
283 return( (int) len );
284}
285
286static int x509_write_extension( unsigned char **p, unsigned char *start,
287 mbedtls_asn1_named_data *ext )
288{
289 int ret;
290 size_t len = 0;
291
292 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1,
293 ext->val.len - 1 ) );
294 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) );
295 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
296
297 if( ext->val.p[0] != 0 )
298 {
299 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) );
300 }
301
302 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p,
303 ext->oid.len ) );
304 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) );
305 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
306
307 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
308 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
309 MBEDTLS_ASN1_SEQUENCE ) );
310
311 return( (int) len );
312}
313
314/*
315 * Extension ::= SEQUENCE {
316 * extnID OBJECT IDENTIFIER,
317 * critical BOOLEAN DEFAULT FALSE,
318 * extnValue OCTET STRING
319 * -- contains the DER encoding of an ASN.1 value
320 * -- corresponding to the extension type identified
321 * -- by extnID
322 * }
323 */
324int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
325 mbedtls_asn1_named_data *first )
326{
327 int ret;
328 size_t len = 0;
329 mbedtls_asn1_named_data *cur_ext = first;
330
331 while( cur_ext != NULL )
332 {
333 MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) );
334 cur_ext = cur_ext->next;
335 }
336
337 return( (int) len );
338}
339
340#endif /* MBEDTLS_X509_CREATE_C */
Note: See TracBrowser for help on using the repository browser.