]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 32ce690)
TLS: Store DER encoded version of Subject DN for X.509 certificates
authorJouni Malinen <j@w1.fi>
Thu, 17 Dec 2015 09:27:31 +0000 (11:27 +0200)
committerJouni Malinen <j@w1.fi>
Thu, 17 Dec 2015 09:28:38 +0000 (11:28 +0200)
This is needed for OCSP issuerNameHash matching.

Signed-off-by: Jouni Malinen <j@w1.fi>
src/tls/x509v3.c patch | blob | blame | history
src/tls/x509v3.h patch | blob | blame | history

diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index c8085c904a2526ab9148436cbc97eed0a05fd91d..5521390ad3495eb8af94ec6c690e80e7bf4cbcf9 100644 (file)
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -55,6 +55,7 @@ void x509_certificate_free(struct x509_certificate *cert)
        x509_free_name(&cert->subject);
        os_free(cert->public_key);
        os_free(cert->sign_value);
+       os_free(cert->subject_dn);
        os_free(cert);
 }
 
@@ -1435,8 +1436,15 @@ static int x509_parse_tbs_certificate(const u8 *buf, size_t len,
                return -1;
 
        /* subject Name */
+       const u8 *subject_dn;
+       subject_dn = pos;
        if (x509_parse_name(pos, end - pos, &cert->subject, &pos))
                return -1;
+       cert->subject_dn = os_malloc(pos - subject_dn);
+       if (!cert->subject_dn)
+               return -1;
+       cert->subject_dn_len = pos - subject_dn;
+       os_memcpy(cert->subject_dn, subject_dn, cert->subject_dn_len);
        x509_name_string(&cert->subject, sbuf, sizeof(sbuf));
        wpa_printf(MSG_MSGDUMP, "X509: subject %s", sbuf);
 
diff --git a/src/tls/x509v3.h b/src/tls/x509v3.h
index 3e97313f43f93739ee5f22a59b31d9811355e288..dcdb4a30f0c0f1d04646b731bca7a4166f72f9e3 100644 (file)
--- a/src/tls/x509v3.h
+++ b/src/tls/x509v3.h
@@ -55,6 +55,8 @@ struct x509_certificate {
        struct x509_algorithm_identifier signature;
        struct x509_name issuer;
        struct x509_name subject;
+       u8 *subject_dn;
+       size_t subject_dn_len;
        os_time_t not_before;
        os_time_t not_after;
        struct x509_algorithm_identifier public_key_alg;
Unnamed repository; edit this file 'description' to name the repository.