xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

libsec: make X509toECpub() return CN name like X509toRSApub()

Browse source
This commit is contained in:
cinap_lenrek 2017-02-10 21:36:19 +01:00
parent 34a9d22ec6
commit fb2abc2a04
4 changed files with 15 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

6
sys/include/ape/libsec.h
View file

@ -369,8 +369,8 @@ uchar* decodePEM(char *s, char *type, int *len, char **new_s);
PEMChain* decodepemchain(char *s, char *type); PEMChain* decodepemchain(char *s, char *type);
uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen); uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen); uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk); char* X509rsaverify(uchar *cert, int ncert, RSApub *pk);
char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
void X509dump(uchar *cert, int ncert); void X509dump(uchar *cert, int ncert);
@ -540,9 +540,9 @@ ECpub* ecdecodepub(ECdomain *dom, uchar *, int);
int ecencodepub(ECdomain *dom, ECpub *, uchar *, int); int ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
void ecpubfree(ECpub *); void ecpubfree(ECpub *);
ECpub* X509toECpub(uchar *cert, int ncert, ECdomain *dom); ECpub* X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub); char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
/* curves */ /* curves */
void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h); void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);

6
sys/include/libsec.h
View file

@ -361,8 +361,8 @@ uchar* decodePEM(char *s, char *type, int *len, char **new_s);
PEMChain* decodepemchain(char *s, char *type); PEMChain* decodepemchain(char *s, char *type);
uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen); uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen); uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk); char* X509rsaverify(uchar *cert, int ncert, RSApub *pk);
char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
void X509dump(uchar *cert, int ncert); void X509dump(uchar *cert, int ncert);
@ -532,9 +532,9 @@ ECpub* ecdecodepub(ECdomain *dom, uchar *, int);
int ecencodepub(ECdomain *dom, ECpub *, uchar *, int); int ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
void ecpubfree(ECpub *); void ecpubfree(ECpub *);
ECpub* X509toECpub(uchar *cert, int ncert, ECdomain *dom); ECpub* X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub); char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
/* curves */ /* curves */
void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h); void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);

2
sys/src/libsec/port/tlshand.c
View file

@ -2822,7 +2822,7 @@ verifyDHparams(TlsSec *sec, Bytes *par, Bytes *cert, Bytes *sig, int sigalg)
rsapubfree(rsapk); rsapubfree(rsapk);
break; break;
case 0x03: case 0x03:
ecpk = X509toECpub(cert->data, cert->len, &dom); ecpk = X509toECpub(cert->data, cert->len, nil, 0, &dom);
if(ecpk == nil) if(ecpk == nil)
return "bad certificate"; return "bad certificate";
err = X509ecdsaverifydigest(sig->data, sig->len, digest, digestlen, &dom, ecpk); err = X509ecdsaverifydigest(sig->data, sig->len, digest, digestlen, &dom, ecpk);

11
sys/src/libsec/port/x509.c
View file

@ -2314,7 +2314,7 @@ end:
} }
ECpub* ECpub*
X509toECpub(uchar *cert, int ncert, ECdomain *dom) X509toECpub(uchar *cert, int ncert, char *name, int nname, ECdomain *dom)
{ {
CertX509 *c; CertX509 *c;
ECpub *pub; ECpub *pub;
@ -2325,6 +2325,12 @@ X509toECpub(uchar *cert, int ncert, ECdomain *dom)
freebytes(b); freebytes(b);
if(c == nil) if(c == nil)
return nil; return nil;
if(name != nil && c->subject != nil){
char *e = strchr(c->subject, ',');
if(e != nil)
*e = 0; /* take just CN part of Distinguished Name */
strncpy(name, c->subject, nname);
}
pub = nil; pub = nil;
if(c->publickey_alg == ALG_ecPublicKey){ if(c->publickey_alg == ALG_ecPublicKey){
ecdominit(dom, namedcurves[c->curve]); ecdominit(dom, namedcurves[c->curve]);
@ -2365,7 +2371,6 @@ X509ecdsaverify(uchar *cert, int ncert, ECdomain *dom, ECpub *pk)
RSApub* RSApub*
X509toRSApub(uchar *cert, int ncert, char *name, int nname) X509toRSApub(uchar *cert, int ncert, char *name, int nname)
{ {
char *e;
Bytes *b; Bytes *b;
CertX509 *c; CertX509 *c;
RSApub *pub; RSApub *pub;
@ -2379,7 +2384,7 @@ X509toRSApub(uchar *cert, int ncert, char *name, int nname)
if(c == nil) if(c == nil)
return nil; return nil;
if(name != nil && c->subject != nil){ if(name != nil && c->subject != nil){
e = strchr(c->subject, ','); char *e = strchr(c->subject, ',');
if(e != nil) if(e != nil)
*e = 0; /* take just CN part of Distinguished Name */ *e = 0; /* take just CN part of Distinguished Name */
strncpy(name, c->subject, nname); strncpy(name, c->subject, nname);