From 494dd7a6b4eed3c4fd35ad07895346e45ee90da6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 6 Feb 2019 16:13:41 +0000 Subject: [PATCH] Add raw public key buffer bounds to mbedtls_x509_crt struct This commit adds an ASN.1 buffer field `pk_raw` to `mbedtls_x509_crt` which stores the bounds of the raw public key data within an X.509 CRT. This will be useful in subsequent commits to extract the peer's public key from its certificate chain. --- include/mbedtls/x509_crt.h | 1 + library/x509_crt.c | 2 ++ 2 files changed, 3 insertions(+) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 72c39019b..b3f27be93 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -70,6 +70,7 @@ typedef struct mbedtls_x509_crt mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ mbedtls_x509_time valid_to; /**< End time of certificate validity. */ + mbedtls_x509_buf pk_raw; mbedtls_pk_context pk; /**< Container for the public key context. */ mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ diff --git a/library/x509_crt.c b/library/x509_crt.c index e3f169f2c..5d82816f2 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -996,11 +996,13 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, /* * SubjectPublicKeyInfo */ + crt->pk_raw.p = p; if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) { mbedtls_x509_crt_free( crt ); return( ret ); } + crt->pk_raw.len = p - crt->pk_raw.p; /* * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,