ref: fb2abc2a0483bc1ffa10f341b6d2f665a5e03bca
parent: 34a9d22ec6c680b2ed871defce357e5650aa0629
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Fri Feb 10 16:36:19 EST 2017
libsec: make X509toECpub() return CN name like X509toRSApub()
--- a/sys/include/ape/libsec.h
+++ b/sys/include/ape/libsec.h
@@ -369,8 +369,8 @@
PEMChain* decodepemchain(char *s, char *type);
uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
-char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk);
+char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
void X509dump(uchar *cert, int ncert);
@@ -540,9 +540,9 @@
int ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
void ecpubfree(ECpub *);
-ECpub* X509toECpub(uchar *cert, int ncert, ECdomain *dom);
-char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
+ECpub* X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
+char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
/* curves */
void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -361,8 +361,8 @@
PEMChain* decodepemchain(char *s, char *type);
uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
-char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk);
+char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk);
void X509dump(uchar *cert, int ncert);
@@ -532,9 +532,9 @@
int ecencodepub(ECdomain *dom, ECpub *, uchar *, int);
void ecpubfree(ECpub *);
-ECpub* X509toECpub(uchar *cert, int ncert, ECdomain *dom);
-char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
+ECpub* X509toECpub(uchar *cert, int ncert, char*, int, ECdomain *dom);
char* X509ecdsaverify(uchar *sig, int siglen, ECdomain *dom, ECpub *pub);
+char* X509ecdsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, ECdomain *dom, ECpub *pub);
/* curves */
void secp256r1(mpint *p, mpint *a, mpint *b, mpint *x, mpint *y, mpint *n, mpint *h);
--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -2822,7 +2822,7 @@
rsapubfree(rsapk);
break;
case 0x03:
- ecpk = X509toECpub(cert->data, cert->len, &dom);
+ ecpk = X509toECpub(cert->data, cert->len, nil, 0, &dom);
if(ecpk == nil)
return "bad certificate";
err = X509ecdsaverifydigest(sig->data, sig->len, digest, digestlen, &dom, ecpk);
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2314,7 +2314,7 @@
}
ECpub*
-X509toECpub(uchar *cert, int ncert, ECdomain *dom)
+X509toECpub(uchar *cert, int ncert, char *name, int nname, ECdomain *dom)
{CertX509 *c;
ECpub *pub;
@@ -2325,6 +2325,12 @@
freebytes(b);
if(c == nil)
return nil;
+ if(name != nil && c->subject != nil){+ char *e = strchr(c->subject, ',');
+ if(e != nil)
+ *e = 0; /* take just CN part of Distinguished Name */
+ strncpy(name, c->subject, nname);
+ }
pub = nil;
if(c->publickey_alg == ALG_ecPublicKey){ecdominit(dom, namedcurves[c->curve]);
@@ -2365,7 +2371,6 @@
RSApub*
X509toRSApub(uchar *cert, int ncert, char *name, int nname)
{- char *e;
Bytes *b;
CertX509 *c;
RSApub *pub;
@@ -2379,7 +2384,7 @@
if(c == nil)
return nil;
if(name != nil && c->subject != nil){- e = strchr(c->subject, ',');
+ char *e = strchr(c->subject, ',');
if(e != nil)
*e = 0; /* take just CN part of Distinguished Name */
strncpy(name, c->subject, nname);