aboutsummaryrefslogtreecommitdiff
path: root/tools/cert_create/src/ext.c
diff options
context:
space:
mode:
Diffstat (limited to 'tools/cert_create/src/ext.c')
-rw-r--r--tools/cert_create/src/ext.c80
1 files changed, 53 insertions, 27 deletions
diff --git a/tools/cert_create/src/ext.c b/tools/cert_create/src/ext.c
index d9a92bb101..acf57a4763 100644
--- a/tools/cert_create/src/ext.c
+++ b/tools/cert_create/src/ext.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,8 +13,12 @@
#include <openssl/x509v3.h>
#include "cmd_opt.h"
+#include "debug.h"
#include "ext.h"
+ext_t *extensions;
+unsigned int num_extensions;
+
DECLARE_ASN1_ITEM(ASN1_INTEGER)
DECLARE_ASN1_ITEM(X509_ALGOR)
DECLARE_ASN1_ITEM(ASN1_OCTET_STRING)
@@ -51,6 +55,26 @@ int ext_init(void)
int nid, ret;
unsigned int i;
+ extensions = malloc((num_def_extensions * sizeof(def_extensions[0]))
+#ifdef PDEF_EXTS
+ + (num_pdef_extensions * sizeof(pdef_extensions[0]))
+#endif
+ );
+ if (extensions == NULL) {
+ ERROR("%s:%d Failed to allocate memory.\n", __func__, __LINE__);
+ return 1;
+ }
+
+ memcpy(&extensions[0], &def_extensions[0],
+ (num_def_extensions * sizeof(def_extensions[0])));
+#ifdef PDEF_EXTS
+ memcpy(&extensions[num_def_extensions], &pdef_extensions[0],
+ (num_pdef_extensions * sizeof(pdef_extensions[0])));
+ num_extensions = num_def_extensions + num_pdef_extensions;
+#else
+ num_extensions = num_def_extensions;
+#endif
+
for (i = 0; i < num_extensions; i++) {
ext = &extensions[i];
/* Register command line option */
@@ -158,51 +182,36 @@ X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md,
unsigned char *buf, size_t len)
{
X509_EXTENSION *ex;
- ASN1_OCTET_STRING *octet;
HASH *hash;
ASN1_OBJECT *algorithm;
- X509_ALGOR *x509_algor;
unsigned char *p = NULL;
int sz;
+ /* HASH structure containing algorithm + hash */
+ hash = HASH_new();
+ if (hash == NULL) {
+ return NULL;
+ }
+
/* OBJECT_IDENTIFIER with hash algorithm */
algorithm = OBJ_nid2obj(EVP_MD_type(md));
if (algorithm == NULL) {
+ HASH_free(hash);
return NULL;
}
/* Create X509_ALGOR */
- x509_algor = X509_ALGOR_new();
- if (x509_algor == NULL) {
- return NULL;
- }
- x509_algor->algorithm = algorithm;
- x509_algor->parameter = ASN1_TYPE_new();
- ASN1_TYPE_set(x509_algor->parameter, V_ASN1_NULL, NULL);
+ hash->hashAlgorithm->algorithm = algorithm;
+ hash->hashAlgorithm->parameter = ASN1_TYPE_new();
+ ASN1_TYPE_set(hash->hashAlgorithm->parameter, V_ASN1_NULL, NULL);
/* OCTET_STRING with the actual hash */
- octet = ASN1_OCTET_STRING_new();
- if (octet == NULL) {
- X509_ALGOR_free(x509_algor);
- return NULL;
- }
- ASN1_OCTET_STRING_set(octet, buf, len);
-
- /* HASH structure containing algorithm + hash */
- hash = HASH_new();
- if (hash == NULL) {
- ASN1_OCTET_STRING_free(octet);
- X509_ALGOR_free(x509_algor);
- return NULL;
- }
- hash->hashAlgorithm = x509_algor;
- hash->dataHash = octet;
+ ASN1_OCTET_STRING_set(hash->dataHash, buf, len);
/* DER encoded HASH */
sz = i2d_HASH(hash, &p);
if ((sz <= 0) || (p == NULL)) {
HASH_free(hash);
- X509_ALGOR_free(x509_algor);
return NULL;
}
@@ -306,3 +315,20 @@ ext_t *ext_get_by_opt(const char *opt)
return NULL;
}
+
+void ext_cleanup(void)
+{
+ unsigned int i;
+
+ for (i = 0; i < num_extensions; i++) {
+ if (extensions[i].arg != NULL) {
+ void *ptr = (void *)extensions[i].arg;
+
+ extensions[i].arg = NULL;
+ free(ptr);
+ }
+ }
+ free(extensions);
+ X509V3_EXT_cleanup();
+}
+