From 957ca0595d616e40af40b17e378281e8e8807295 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Fri, 11 Aug 2023 14:58:14 +0100
Subject: [PATCH] Accept short name/ber encoded data in DNs

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 library/x509_create.c                  | 25 +++++++++++++++++--------
 tests/suites/test_suite_x509write.data |  5 ++++-
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/library/x509_create.c b/library/x509_create.c
index 99115c450e..6ce15f9fe7 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -289,6 +289,22 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
         }
 
         if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) {
+#if defined(MBEDTLS_ASN1_PARSE_C)
+            if ((parse_ret =
+                        parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len,
+                                                        &tag)) != 0) {
+                if(numericoid) {
+                    return MBEDTLS_ERR_X509_INVALID_NAME;
+                }
+                else {
+                    if ((parse_ret =
+                                parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) {
+                        return parse_ret;
+                    }
+                    tag = attr_descr->default_tag;
+                }
+            }
+#else
             if (!numericoid) {
                 if ((parse_ret =
                          parse_attribute_value_string(s, (int) (c - s), data, &data_len)) != 0) {
@@ -297,16 +313,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
                 tag = attr_descr->default_tag;
             }
             if (numericoid) {
-#if defined(MBEDTLS_ASN1_PARSE_C)
-                if ((parse_ret =
-                         parse_attribute_value_ber_encoded(s, (int) (c - s), data, &data_len,
-                                                           &tag)) != 0) {
-                    return parse_ret;
-                }
-#else
                 return MBEDTLS_ERR_X509_INVALID_NAME;
-#endif
             }
+#endif
             mbedtls_asn1_named_data *cur =
                 mbedtls_asn1_store_named_data(head, oid, strlen(oid),
                                               (unsigned char *) data,
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index 23a05966c6..814f8f70c1 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -218,7 +218,10 @@ X509 String to Names #17 (Odd length hexstring)
 mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
 
 X509 String to Names #18 (Invalid OID)
-mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME
+
+X509 String to Names #18 (short name and hexstring)
+mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0
 
 X509 String to Names #19 (Escape non-ascii hexpairs)
 mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"C=NL, O=Of\\00spark, OU=PolarSSL":0