Better support for the different Attribute Types from IETF PKIX (RFC 5280)
This commit is contained in:
parent
1a1fbba1ae
commit
6384440b13
@ -11,6 +11,7 @@ Changes
|
|||||||
* POLARSSL_CONFIG_OPTIONS has been removed. All values are individually
|
* POLARSSL_CONFIG_OPTIONS has been removed. All values are individually
|
||||||
checked and filled in the relevant module headers
|
checked and filled in the relevant module headers
|
||||||
* Debug module only outputs full lines instead of parts
|
* Debug module only outputs full lines instead of parts
|
||||||
|
* Better support for the different Attribute Types from IETF PKIX (RFC 5280)
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Only iterate over actual certificates in ssl_write_certificate_request()
|
* Only iterate over actual certificates in ssl_write_certificate_request()
|
||||||
|
@ -105,14 +105,23 @@
|
|||||||
*/
|
*/
|
||||||
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
|
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
|
||||||
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
|
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
|
||||||
|
#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
|
||||||
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
|
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
|
||||||
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
|
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
|
||||||
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
|
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
|
||||||
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
|
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
|
||||||
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
|
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
|
||||||
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
|
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
|
||||||
|
#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
|
||||||
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
|
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
|
||||||
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
|
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
|
||||||
|
#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
|
||||||
|
#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
|
||||||
|
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
|
||||||
|
#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
|
||||||
|
#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
|
||||||
|
|
||||||
|
#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* OIDs for standard certificate extensions
|
* OIDs for standard certificate extensions
|
||||||
|
@ -195,6 +195,38 @@ static const oid_x520_attr_t oid_x520_attr_type[] =
|
|||||||
{ ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
|
{ ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
|
||||||
"postalCode",
|
"postalCode",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
|
||||||
|
"SN",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
|
||||||
|
"GN",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" },
|
||||||
|
"initials",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
|
||||||
|
"generationQualifier",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" },
|
||||||
|
"title",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
|
||||||
|
"dnQualifier",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
|
||||||
|
"pseudonym",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
{ ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
|
||||||
|
"DC",
|
||||||
|
},
|
||||||
{
|
{
|
||||||
{ NULL, 0, NULL, NULL },
|
{ NULL, 0, NULL, NULL },
|
||||||
NULL,
|
NULL,
|
||||||
|
@ -53,18 +53,30 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
|
|||||||
{
|
{
|
||||||
if( c - s == 2 && strncasecmp( s, "CN", 2 ) == 0 )
|
if( c - s == 2 && strncasecmp( s, "CN", 2 ) == 0 )
|
||||||
oid = OID_AT_CN;
|
oid = OID_AT_CN;
|
||||||
|
else if( c - s == 10 && strncasecmp( s, "commonName", 10 ) == 0 )
|
||||||
|
oid = OID_AT_CN;
|
||||||
else if( c - s == 1 && strncasecmp( s, "C", 1 ) == 0 )
|
else if( c - s == 1 && strncasecmp( s, "C", 1 ) == 0 )
|
||||||
oid = OID_AT_COUNTRY;
|
oid = OID_AT_COUNTRY;
|
||||||
|
else if( c - s == 11 && strncasecmp( s, "countryName", 11 ) == 0 )
|
||||||
|
oid = OID_AT_COUNTRY;
|
||||||
else if( c - s == 1 && strncasecmp( s, "O", 1 ) == 0 )
|
else if( c - s == 1 && strncasecmp( s, "O", 1 ) == 0 )
|
||||||
oid = OID_AT_ORGANIZATION;
|
oid = OID_AT_ORGANIZATION;
|
||||||
|
else if( c - s == 16 && strncasecmp( s, "organizationName", 16 ) == 0 )
|
||||||
|
oid = OID_AT_ORGANIZATION;
|
||||||
else if( c - s == 1 && strncasecmp( s, "L", 1 ) == 0 )
|
else if( c - s == 1 && strncasecmp( s, "L", 1 ) == 0 )
|
||||||
oid = OID_AT_LOCALITY;
|
oid = OID_AT_LOCALITY;
|
||||||
|
else if( c - s == 8 && strncasecmp( s, "locality", 8 ) == 0 )
|
||||||
|
oid = OID_AT_LOCALITY;
|
||||||
else if( c - s == 1 && strncasecmp( s, "R", 1 ) == 0 )
|
else if( c - s == 1 && strncasecmp( s, "R", 1 ) == 0 )
|
||||||
oid = OID_PKCS9_EMAIL;
|
oid = OID_PKCS9_EMAIL;
|
||||||
else if( c - s == 2 && strncasecmp( s, "OU", 2 ) == 0 )
|
else if( c - s == 2 && strncasecmp( s, "OU", 2 ) == 0 )
|
||||||
oid = OID_AT_ORG_UNIT;
|
oid = OID_AT_ORG_UNIT;
|
||||||
|
else if( c - s == 22 && strncasecmp( s, "organizationalUnitName", 22 ) == 0 )
|
||||||
|
oid = OID_AT_ORG_UNIT;
|
||||||
else if( c - s == 2 && strncasecmp( s, "ST", 2 ) == 0 )
|
else if( c - s == 2 && strncasecmp( s, "ST", 2 ) == 0 )
|
||||||
oid = OID_AT_STATE;
|
oid = OID_AT_STATE;
|
||||||
|
else if( c - s == 19 && strncasecmp( s, "stateOrProvinceName", 19 ) == 0 )
|
||||||
|
oid = OID_AT_STATE;
|
||||||
else if( c - s == 12 && strncasecmp( s, "emailAddress", 12 ) == 0 )
|
else if( c - s == 12 && strncasecmp( s, "emailAddress", 12 ) == 0 )
|
||||||
oid = OID_PKCS9_EMAIL;
|
oid = OID_PKCS9_EMAIL;
|
||||||
else if( c - s == 12 && strncasecmp( s, "serialNumber", 12 ) == 0 )
|
else if( c - s == 12 && strncasecmp( s, "serialNumber", 12 ) == 0 )
|
||||||
@ -73,6 +85,28 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
|
|||||||
oid = OID_AT_POSTAL_ADDRESS;
|
oid = OID_AT_POSTAL_ADDRESS;
|
||||||
else if( c - s == 10 && strncasecmp( s, "postalCode", 10 ) == 0 )
|
else if( c - s == 10 && strncasecmp( s, "postalCode", 10 ) == 0 )
|
||||||
oid = OID_AT_POSTAL_CODE;
|
oid = OID_AT_POSTAL_CODE;
|
||||||
|
else if( c - s == 11 && strncasecmp( s, "dnQualifier", 11 ) == 0 )
|
||||||
|
oid = OID_AT_DN_QUALIFIER;
|
||||||
|
else if( c - s == 5 && strncasecmp( s, "title", 5 ) == 0 )
|
||||||
|
oid = OID_AT_TITLE;
|
||||||
|
else if( c - s == 7 && strncasecmp( s, "surName", 7 ) == 0 )
|
||||||
|
oid = OID_AT_SUR_NAME;
|
||||||
|
else if( c - s == 2 && strncasecmp( s, "SN", 2 ) == 0 )
|
||||||
|
oid = OID_AT_SUR_NAME;
|
||||||
|
else if( c - s == 9 && strncasecmp( s, "givenName", 9 ) == 0 )
|
||||||
|
oid = OID_AT_GIVEN_NAME;
|
||||||
|
else if( c - s == 2 && strncasecmp( s, "GN", 2 ) == 0 )
|
||||||
|
oid = OID_AT_GIVEN_NAME;
|
||||||
|
else if( c - s == 8 && strncasecmp( s, "initials", 8 ) == 0 )
|
||||||
|
oid = OID_AT_INITIALS;
|
||||||
|
else if( c - s == 9 && strncasecmp( s, "pseudonym", 9 ) == 0 )
|
||||||
|
oid = OID_AT_PSEUDONYM;
|
||||||
|
else if( c - s == 19 && strncasecmp( s, "generationQualifier", 19 ) == 0 )
|
||||||
|
oid = OID_AT_GENERATION_QUALIFIER;
|
||||||
|
else if( c - s == 15 && strncasecmp( s, "domainComponent", 15 ) == 0 )
|
||||||
|
oid = OID_DOMAIN_COMPONENT;
|
||||||
|
else if( c - s == 2 && strncasecmp( s, "DC", 2 ) == 0 )
|
||||||
|
oid = OID_DOMAIN_COMPONENT;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ret = POLARSSL_ERR_X509_UNKNOWN_OID;
|
ret = POLARSSL_ERR_X509_UNKNOWN_OID;
|
||||||
|
Loading…
Reference in New Issue
Block a user