X.509: Add bits needed for PKCS#7

author David Howells <dhowells@redhat.com>

Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)

committer David Howells <dhowells@redhat.com>

Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)
author David Howells <dhowells@redhat.com>
Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)
committer David Howells <dhowells@redhat.com>
Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)
diff --git a/crypto/asymmetric_keys/x509.asn1 b/crypto/asymmetric_keys/x509.asn1

index bf32b3dff088c98cb97988db442724cddf55e03e..aae0cde414e2d8939c6f1c7ebc4c11117a275ec4 100644 (file)
--- a/crypto/asymmetric_keys/x509.asn1
+++ b/crypto/asymmetric_keys/x509.asn1
@@ -6,7 +6,7 @@ Certificate ::= SEQUENCE {
  
  TBSCertificate ::= SEQUENCE {
         version           [ 0 ] Version DEFAULT,
-       serialNumber            CertificateSerialNumber,
+       serialNumber            CertificateSerialNumber ({ x509_note_serial }),
         signature               AlgorithmIdentifier ({ x509_note_pkey_algo }),
         issuer                  Name ({ x509_note_issuer }),
         validity                Validity,
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c

index 29893162497ca352101b4d2126a0d03590e50ed1..4a8df29ab71379f490ec737334298c33747592a2 100644 (file)
--- a/crypto/asymmetric_keys/x509_cert_parser.c
+++ b/crypto/asymmetric_keys/x509_cert_parser.c
@@ -210,6 +210,19 @@ int x509_note_signature(void *context, size_t hdrlen,
         return 0;
  }
  
+/*
+ * Note the certificate serial number
+ */
+int x509_note_serial(void *context, size_t hdrlen,
+                    unsigned char tag,
+                    const void *value, size_t vlen)
+{
+       struct x509_parse_context *ctx = context;
+       ctx->cert->raw_serial = value;
+       ctx->cert->raw_serial_size = vlen;
+       return 0;
+}
+
  /*
   * Note some of the name segments from which we'll fabricate a name.
   */
@@ -322,6 +335,8 @@ int x509_note_issuer(void *context, size_t hdrlen,
                      const void *value, size_t vlen)
  {
         struct x509_parse_context *ctx = context;
+       ctx->cert->raw_issuer = value;
+       ctx->cert->raw_issuer_size = vlen;
         return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->issuer, vlen);
  }
  
@@ -330,6 +345,8 @@ int x509_note_subject(void *context, size_t hdrlen,
                       const void *value, size_t vlen)
  {
         struct x509_parse_context *ctx = context;
+       ctx->cert->raw_subject = value;
+       ctx->cert->raw_subject_size = vlen;
         return x509_fabricate_name(ctx, hdrlen, tag, &ctx->cert->subject, vlen);
  }
  
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h

index 87d9cc26f630625d7c57e3309456de2a356a46b5..1b76f207c1f3aeb3f8a5ade16979675aecd1c397 100644 (file)
--- a/crypto/asymmetric_keys/x509_parser.h
+++ b/crypto/asymmetric_keys/x509_parser.h
@@ -14,7 +14,9 @@
  
  struct x509_certificate {
         struct x509_certificate *next;
+       struct x509_certificate *signer;        /* Certificate that signed this one */
         struct public_key *pub;                 /* Public key details */
+       struct public_key_signature sig;        /* Signature parameters */
         char            *issuer;                /* Name of certificate issuer */
         char            *subject;               /* Name of certificate subject */
         char            *fingerprint;           /* Key fingerprint as hex */
@@ -25,7 +27,16 @@ struct x509_certificate {
         unsigned        tbs_size;               /* Size of signed data */
         unsigned        raw_sig_size;           /* Size of sigature */
         const void      *raw_sig;               /* Signature data */
-       struct public_key_signature sig;        /* Signature parameters */
+       const void      *raw_serial;            /* Raw serial number in ASN.1 */
+       unsigned        raw_serial_size;
+       unsigned        raw_issuer_size;
+       const void      *raw_issuer;            /* Raw issuer name in ASN.1 */
+       const void      *raw_subject;           /* Raw subject name in ASN.1 */
+       unsigned        raw_subject_size;
+       unsigned        index;
+       bool            seen;                   /* Infinite recursion prevention */
+       bool            verified;
+       bool            trusted;
  };
  
  /*
author	David Howells <dhowells@redhat.com>
	Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)
committer	David Howells <dhowells@redhat.com>
	Tue, 1 Jul 2014 15:40:19 +0000 (16:40 +0100)
crypto/asymmetric_keys/x509.asn1		patch \| blob \| blame \| history
crypto/asymmetric_keys/x509_cert_parser.c		patch \| blob \| blame \| history
crypto/asymmetric_keys/x509_parser.h		patch \| blob \| blame \| history