Accept short name/ber encoded data in DNs

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2025-02-05 09:40:32 +00:00 · 2023-08-11 14:58:14 +01:00 · 2023-08-11 14:58:14 +01:00 · 957ca0595d
commit 957ca0595d
parent 17984874af
2 changed files with 21 additions and 9 deletions
--- a/library/x509_create.c
+++ b/library/x509_create.c
@ -289,6 +289,22 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
        }

        if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) {
+#if defined(MBEDTLS_ASN1_PARSE_C)
+            if ((parse_ret =
+                        parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len,
+                                                        &tag)) != 0) {
+                if(numericoid) {
+                    return MBEDTLS_ERR_X509_INVALID_NAME;
+                }
+                else {
+                    if ((parse_ret =
+                                parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) {
+                        return parse_ret;
+                    }
+                    tag = attr_descr->default_tag;
+                }
+            }
+#else
            if (!numericoid) {
                if ((parse_ret =
                         parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) {
@ -297,16 +313,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
                tag = attr_descr->default_tag;
            }
            if (numericoid) {
-#if defined(MBEDTLS_ASN1_PARSE_C)
-                if ((parse_ret =
-                         parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len,
-                                                           &tag)) != 0) {
-                    return parse_ret;
-                }
-#else
                return MBEDTLS_ERR_X509_INVALID_NAME;
-#endif
            }
+#endif
            mbedtls_asn1_named_data *cur =
                mbedtls_asn1_store_named_data(head, oid, strlen(oid),
                                              (unsigned char *) data,
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@ -218,7 +218,10 @@ X509 String to Names #17 (Odd length hexstring)
 mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME

 X509 String to Names #18 (Invalid OID)
-mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+X509 String to Names #18 (short name and hexstring)
+mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0

 X509 String to Names #19 (Escape non-ascii hexpairs)
 mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0