From fb2abc2a0483bc1ffa10f341b6d2f665a5e03bca Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Fri, 10 Feb 2017 21:36:19 +0100
Subject: [PATCH] libsec: make X509toECpub() return CN name like X509toRSApub()

---
 sys/include/ape/libsec.h      |  6 +++---
 sys/include/libsec.h          |  6 +++---
 sys/src/libsec/port/tlshand.c |  2 +-
 sys/src/libsec/port/x509.c    | 11 ++++++++---
 4 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/sys/include/ape/libsec.h b/sys/include/ape/libsec.h
index 96007de48..b55cf8ec0 100644
--- a/sys/include/ape/libsec.h
+++ b/sys/include/ape/libsec.h
@@ -369,8 +369,8 @@ uchar*		decodePEM(char *s, char *type, int *len, char **new_s);
 PEMChain*	decodepemchain(char *s, char *type);
 uchar*		X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
 uchar*		X509rsareq(RSApriv *priv, char *subj, int *certlen);
-char*		X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
 char*		X509rsaverify(uchar *cert, int ncert, RSApub *pk);
+char*		X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
 
 void		X509dump(uchar *cert, int ncert);
 
@@ -540,9 +540,9 @@ ECpub*	ecdecodepub(ECdomain *dom, uchar *, int);
 int	ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
 void	ecpubfree(ECpub *);
 
-ECpub*	X509toECpub(uchar *cert, int ncert, ECdomain *dom);
-char*	X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
+ECpub*	X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
 char*	X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
+char*	X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
 
 /* curves */
 void	secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
diff --git a/sys/include/libsec.h b/sys/include/libsec.h
index 030faac8c..fa81c7621 100644
--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -361,8 +361,8 @@ uchar*		decodePEM(char *s, char *type, int *len, char **new_s);
 PEMChain*	decodepemchain(char *s, char *type);
 uchar*		X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
 uchar*		X509rsareq(RSApriv *priv, char *subj, int *certlen);
-char*		X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
 char*		X509rsaverify(uchar *cert, int ncert, RSApub *pk);
+char*		X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
 
 void		X509dump(uchar *cert, int ncert);
 
@@ -532,9 +532,9 @@ ECpub*	ecdecodepub(ECdomain *dom, uchar *, int);
 int	ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
 void	ecpubfree(ECpub *);
 
-ECpub*	X509toECpub(uchar *cert, int ncert, ECdomain *dom);
-char*	X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
+ECpub*	X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
 char*	X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
+char*	X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
 
 /* curves */
 void	secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
diff --git a/sys/src/libsec/port/tlshand.c b/sys/src/libsec/port/tlshand.c
index 9aec9fb63..a34a43106 100644
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -2822,7 +2822,7 @@ verifyDHparams(TlsSec *sec, Bytes *par, Bytes *cert, Bytes *sig, int sigalg)
 		rsapubfree(rsapk);
 		break;
 	case 0x03:
-		ecpk = X509toECpub(cert->data, cert->len, &dom);
+		ecpk = X509toECpub(cert->data, cert->len, nil, 0, &dom);
 		if(ecpk == nil)
 			return "bad certificate";
 		err = X509ecdsaverifydigest(sig->data, sig->len, digest, digestlen, &dom, ecpk);
diff --git a/sys/src/libsec/port/x509.c b/sys/src/libsec/port/x509.c
index da09b978d..a05d63159 100644
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2314,7 +2314,7 @@ end:
 }
 
 ECpub*
-X509toECpub(uchar *cert, int ncert, ECdomain *dom)
+X509toECpub(uchar *cert, int ncert, char *name, int nname, ECdomain *dom)
 {
 	CertX509 *c;
 	ECpub *pub;
@@ -2325,6 +2325,12 @@ X509toECpub(uchar *cert, int ncert, ECdomain *dom)
 	freebytes(b);
 	if(c == nil)
 		return nil;
+	if(name != nil && c->subject != nil){
+		char *e = strchr(c->subject, ',');
+		if(e != nil)
+			*e = 0;	/* take just CN part of Distinguished Name */
+		strncpy(name, c->subject, nname);
+	}
 	pub = nil;
 	if(c->publickey_alg == ALG_ecPublicKey){
 		ecdominit(dom, namedcurves[c->curve]);
@@ -2365,7 +2371,6 @@ X509ecdsaverify(uchar *cert, int ncert, ECdomain *dom, ECpub *pk)
 RSApub*
 X509toRSApub(uchar *cert, int ncert, char *name, int nname)
 {
-	char *e;
 	Bytes *b;
 	CertX509 *c;
 	RSApub *pub;
@@ -2379,7 +2384,7 @@ X509toRSApub(uchar *cert, int ncert, char *name, int nname)
 	if(c == nil)
 		return nil;
 	if(name != nil && c->subject != nil){
-		e = strchr(c->subject, ',');
+		char *e = strchr(c->subject, ',');
 		if(e != nil)
 			*e = 0;	/* take just CN part of Distinguished Name */
 		strncpy(name, c->subject, nname);