commit 5a49d3cce370822d9c81f4df4c1a3a3fec6723c2
author Przemek Stekiel <przemyslaw.stekiel@mobica.com> Fri Feb 24 13:12:55 2023 +0100
committer Przemek Stekiel <przemyslaw.stekiel@mobica.com> Fri Mar 03 12:58:11 2023 +0100
tree 2a30001bda44b001dcb417bfd50d8c724faa3cac
parent 3a92593d1e8689d1fd4cd381fb5a493328137226

Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

include/mbedtls/x509_csr.h

diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 2ac5afa..0ac844f 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -83,15 +83,8 @@
 }
 mbedtls_x509write_csr;
 
-typedef struct mbedtls_x509_san_node {
-    int type;                       /**< Subject Alternative Name types */
-    char *name;                     /**< Value, following the syntax allowed bythe type */
-    size_t len;                     /**< Length of the provided value */
-}
-mbedtls_x509_san_node;
-
 typedef struct mbedtls_x509_san_list {
-    mbedtls_x509_san_node node;
+    mbedtls_x509_subject_alternative_name node;
     struct mbedtls_x509_san_list *next;
 }
 mbedtls_x509_san_list;

library/x509write_csr.c

diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index c0fe0a8..a1a1206 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -26,6 +26,7 @@
 
 #if defined(MBEDTLS_X509_CSR_WRITE_C)
 
+#include "mbedtls/x509.h"
 #include "mbedtls/x509_csr.h"
 #include "mbedtls/asn1write.h"
 #include "mbedtls/error.h"
@@ -97,16 +98,23 @@
 
     /* Determine the maximum size of the SubjectAltName list */
     while (cur != NULL) {
-        if (cur->node.len <= 0) {
-            return 0;
+        /* Calculate size of the required buffer */
+        switch(cur->node.type) {
+            case MBEDTLS_X509_SAN_DNS_NAME:
+            case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER:
+            case MBEDTLS_X509_SAN_IP_ADDRESS:
+                /* + length of value for each name entry,
+                 * + maximum 4 bytes for the length field,
+                 * + 1 byte for the tag/type.
+                 */
+                buflen += cur->node.san.unstructured_name.len + 4 + 1;
+                break;
+
+            default:
+                /* Not supported - skip. */
+                break;
         }
 
-        /* Calculate size of the required buffer:
-         * + length of value for each name entry,
-         * + maximum 4 bytes for the length field,
-         * + 1 byte for the tag/type.
-         */
-        buflen += cur->node.len + 4 + 1;
 
         cur = cur->next;
     }
@@ -133,10 +141,9 @@
             case MBEDTLS_X509_SAN_IP_ADDRESS:
                 MBEDTLS_ASN1_CHK_ADD(len,
                                      mbedtls_asn1_write_raw_buffer(&p, buf,
-                                                                   (const unsigned char *) cur->node
-                                                                   .name,
-                                                                   cur->node.len));
-                MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.len));
+                                                                   (const unsigned char *) cur->node.san.unstructured_name.p,
+                                                                   cur->node.san.unstructured_name.len));
+                MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.san.unstructured_name.len));
                 MBEDTLS_ASN1_CHK_ADD(len,
                                      mbedtls_asn1_write_tag(&p, buf,
                                                             MBEDTLS_ASN1_CONTEXT_SPECIFIC |

programs/x509/cert_req.c

diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 23e9844..1588be1 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -252,12 +252,12 @@
                 }
 
                 if (strcmp(q, "IP") == 0) {
-                    cur->node.name = (char *) ip;
-                    cur->node.len = sizeof(ip);
+                    cur->node.san.unstructured_name.p = (unsigned char *) ip;
+                    cur->node.san.unstructured_name.len = sizeof(ip);
                 } else {
                     q = r2;
-                    cur->node.name = q;
-                    cur->node.len = strlen(q);
+                    cur->node.san.unstructured_name.p = (unsigned char *) q;
+                    cur->node.san.unstructured_name.len = strlen(q);
                 }
 
                 if (prev == NULL) {

tests/suites/test_suite_x509write.function

diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index e7fc268..5e8230f 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -161,16 +161,16 @@
     const char *san_uri_name = "http://pki.example.com/";
 
     san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
-    san_uri.node.name = (char *) san_uri_name;
-    san_uri.node.len = strlen(san_uri_name);
+    san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name;
+    san_uri.node.san.unstructured_name.len = strlen(san_uri_name);
     san_uri.next = NULL;
     san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
-    san_ip.node.name = (char *) san_ip_name;
-    san_ip.node.len = sizeof(san_ip_name);
+    san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name;
+    san_ip.node.san.unstructured_name.len = sizeof(san_ip_name);
     san_ip.next = &san_uri;
     san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME;
-    san_dns.node.name = (char *) san_dns_name;
-    san_dns.node.len = strlen(san_dns_name);
+    san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name;
+    san_dns.node.san.unstructured_name.len = strlen(san_dns_name);
     san_dns.next = &san_ip;
     san_list = &san_dns;