mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 04:20:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add separate case for ip address

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-06-02 10:11:32 +02:00
parent 63a4cdd1eb
commit 093c97d492
1 changed files with 33 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
library/x509.c
View File

@ -1590,46 +1590,55 @@ int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size,
*/
case MBEDTLS_X509_SAN_DNS_NAME:
case MBEDTLS_X509_SAN_RFC822_NAME:
case MBEDTLS_X509_SAN_IP_ADDRESS:
{
const char *dns_name = "dNSName";
const char *rfc822_name = "rfc822Name";
const char *ip_name = "iPAddress";
const char *name = san.type == MBEDTLS_X509_SAN_DNS_NAME ? dns_name : san.type ==
MBEDTLS_X509_SAN_RFC822_NAME ? rfc822_name : ip_name;
ret = mbedtls_snprintf(p, n,
"\n%s %s : ",
prefix,
name);
san.type ==
MBEDTLS_X509_SAN_DNS_NAME ? dns_name : rfc822_name);
MBEDTLS_X509_SAFE_SNPRINTF;
if (san.san.unstructured_name.len >= n) {
*p = '\0';
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
if (san.type == MBEDTLS_X509_SAN_IP_ADDRESS) {
int len = 0;
unsigned char *ip = san.san.unstructured_name.p;
// Only IPv6 (16 bytes) and IPv4 (4 bytes) types are supported
if (san.san.unstructured_name.len == 4) {
len = sprintf(p, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
} else {
len = sprintf(p, "%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X",
ip[0], ip[1], ip[2], ip[3], ip[4], ip[5], ip[6], ip[7], ip[8],
ip[9], ip[10], ip[11], ip[12], ip[13], ip[14], ip[15]);
}
p += len;
n -= len;
} else {
memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len);
p += san.san.unstructured_name.len;
n -= san.san.unstructured_name.len;
}
memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len);
p += san.san.unstructured_name.len;
n -= san.san.unstructured_name.len;
}
break;
/*
* iPAddress
*/
case MBEDTLS_X509_SAN_IP_ADDRESS:
{
ret = mbedtls_snprintf(p, n, "\n%s %s : ",
prefix, "iPAddress");
MBEDTLS_X509_SAFE_SNPRINTF;
if (san.san.unstructured_name.len >= n) {
*p = '\0';
return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
}
int len = 0;
unsigned char *ip = san.san.unstructured_name.p;
// Only IPv6 (16 bytes) and IPv4 (4 bytes) types are supported
if (san.san.unstructured_name.len == 4) {
len = sprintf(p, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
} else if (san.san.unstructured_name.len == 16) {
len = sprintf(p, "%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X",
ip[0], ip[1], ip[2], ip[3], ip[4], ip[5], ip[6], ip[7], ip[8],
ip[9], ip[10], ip[11], ip[12], ip[13], ip[14], ip[15]);
} else {
return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
}
p += len;
n -= len;
}
break;
/*
* directoryName
*/