Escape hexpairs characters RFC 4514
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
diff --git a/library/x509.c b/library/x509.c
index 2764ba6..5025d77 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -810,6 +810,12 @@
return 0;
}
+/* Converts only the 4 least significant bits */
+static char x509_int_to_hexdigit(int i)
+{
+ return (i < 10) ? (i | 0x30) : ((i - 9) | 0x40);
+}
+
/*
* Store the name in printable form into buf; no more
* than size characters will be written
@@ -857,9 +863,9 @@
c = name->val.p[i];
// Special characters requiring escaping, RFC 4514 Section 2.4
if (c) {
- if (strchr(",=+<>;\"\\+", c) ||
- ((i == 0) && strchr("# ", c)) ||
- ((i == name->val.len-1 ) && (c == ' '))) {
+ if (strchr(",=+<>;\"\\+", c) ||
+ ((i == 0) && strchr("# ", c)) ||
+ ((i == name->val.len-1) && (c == ' '))) {
if (j + 1 >= sizeof(s) - 1) {
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
@@ -867,7 +873,14 @@
}
}
if (c < 32 || c >= 127) {
- s[j] = '?';
+ if (j + 3 >= sizeof(s) - 1) {
+ return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+ }
+ s[j++] = '\\';
+ char lowbits = (c & 0x0F);
+ char highbits = c>>4;
+ s[j++] = x509_int_to_hexdigit(highbits);
+ s[j] = x509_int_to_hexdigit(lowbits);
} else {
s[j] = c;
}