diff options
Diffstat (limited to 'tools/cert_create/src/ext.c')
-rw-r--r-- | tools/cert_create/src/ext.c | 80 |
1 files changed, 53 insertions, 27 deletions
diff --git a/tools/cert_create/src/ext.c b/tools/cert_create/src/ext.c index d9a92bb101..acf57a4763 100644 --- a/tools/cert_create/src/ext.c +++ b/tools/cert_create/src/ext.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -13,8 +13,12 @@ #include <openssl/x509v3.h> #include "cmd_opt.h" +#include "debug.h" #include "ext.h" +ext_t *extensions; +unsigned int num_extensions; + DECLARE_ASN1_ITEM(ASN1_INTEGER) DECLARE_ASN1_ITEM(X509_ALGOR) DECLARE_ASN1_ITEM(ASN1_OCTET_STRING) @@ -51,6 +55,26 @@ int ext_init(void) int nid, ret; unsigned int i; + extensions = malloc((num_def_extensions * sizeof(def_extensions[0])) +#ifdef PDEF_EXTS + + (num_pdef_extensions * sizeof(pdef_extensions[0])) +#endif + ); + if (extensions == NULL) { + ERROR("%s:%d Failed to allocate memory.\n", __func__, __LINE__); + return 1; + } + + memcpy(&extensions[0], &def_extensions[0], + (num_def_extensions * sizeof(def_extensions[0]))); +#ifdef PDEF_EXTS + memcpy(&extensions[num_def_extensions], &pdef_extensions[0], + (num_pdef_extensions * sizeof(pdef_extensions[0]))); + num_extensions = num_def_extensions + num_pdef_extensions; +#else + num_extensions = num_def_extensions; +#endif + for (i = 0; i < num_extensions; i++) { ext = &extensions[i]; /* Register command line option */ @@ -158,51 +182,36 @@ X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md, unsigned char *buf, size_t len) { X509_EXTENSION *ex; - ASN1_OCTET_STRING *octet; HASH *hash; ASN1_OBJECT *algorithm; - X509_ALGOR *x509_algor; unsigned char *p = NULL; int sz; + /* HASH structure containing algorithm + hash */ + hash = HASH_new(); + if (hash == NULL) { + return NULL; + } + /* OBJECT_IDENTIFIER with hash algorithm */ algorithm = OBJ_nid2obj(EVP_MD_type(md)); if (algorithm == NULL) { + HASH_free(hash); return NULL; } /* Create X509_ALGOR */ - x509_algor = X509_ALGOR_new(); - if (x509_algor == NULL) { - return NULL; - } - x509_algor->algorithm = algorithm; - x509_algor->parameter = ASN1_TYPE_new(); - ASN1_TYPE_set(x509_algor->parameter, V_ASN1_NULL, NULL); + hash->hashAlgorithm->algorithm = algorithm; + hash->hashAlgorithm->parameter = ASN1_TYPE_new(); + ASN1_TYPE_set(hash->hashAlgorithm->parameter, V_ASN1_NULL, NULL); /* OCTET_STRING with the actual hash */ - octet = ASN1_OCTET_STRING_new(); - if (octet == NULL) { - X509_ALGOR_free(x509_algor); - return NULL; - } - ASN1_OCTET_STRING_set(octet, buf, len); - - /* HASH structure containing algorithm + hash */ - hash = HASH_new(); - if (hash == NULL) { - ASN1_OCTET_STRING_free(octet); - X509_ALGOR_free(x509_algor); - return NULL; - } - hash->hashAlgorithm = x509_algor; - hash->dataHash = octet; + ASN1_OCTET_STRING_set(hash->dataHash, buf, len); /* DER encoded HASH */ sz = i2d_HASH(hash, &p); if ((sz <= 0) || (p == NULL)) { HASH_free(hash); - X509_ALGOR_free(x509_algor); return NULL; } @@ -306,3 +315,20 @@ ext_t *ext_get_by_opt(const char *opt) return NULL; } + +void ext_cleanup(void) +{ + unsigned int i; + + for (i = 0; i < num_extensions; i++) { + if (extensions[i].arg != NULL) { + void *ptr = (void *)extensions[i].arg; + + extensions[i].arg = NULL; + free(ptr); + } + } + free(extensions); + X509V3_EXT_cleanup(); +} + |