diff --git a/include/gmssl/asn1.h b/include/gmssl/asn1.h index 307fc646..49c0b0b7 100644 --- a/include/gmssl/asn1.h +++ b/include/gmssl/asn1.h @@ -69,42 +69,6 @@ enum ASN1_TAG { }; -/* -DER encoding (d, dlen) to_der - - d != NULL && dlen != 0: return 1 on success or -1 on failure - d == NULL && dlen != 0: invalid input, return -1 - d == NULL && dlen == 0: do nothing, return 0 to info OPTIONAL types - d != NULL && dlen == 0: encode an empty type, output tag and length = 0 without value - -解码函数的返回值: - - ret == 0 - 当前剩余的数据数据长度为0 - 或者下一个对象与期待不符,即输入对象的标签不等于输入的tag - 当对象为OPTIONAL时,调用方可以通过判断返回值是否为0进行处理 - ret < 0 - 标签正确但是长度或数据解析出错 - ret == 1 - 解析正确 - - -解码函数的输入: - - *in != NULL - 例如一个SEQUENCE中的属性均为OPTIONAL,解析后指针仍不为空 - 因此不允许输入空的输入数据指针 - - -处理规则 - - 当返回值 ret <= 0 时,*tag, *in, *inlen 的值保持不变 - - 如果一个类型有 DEFAULT 属性,调用方可以将返回数据预先设置为默认值, - 如果该对象未被编码,即返回值为0,那么解码函数不会修改已经设置的默认值 - -*/ - const char *asn1_tag_name(int tag); int asn1_tag_is_cstring(int tag); int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen); @@ -293,8 +257,8 @@ int asn1_sequence_of_int_print(FILE *fp, int fmt, int ind, const char *label, co #define asn1_set_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) #define asn1_set_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) -#define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) -#define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) +#define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) #define asn1_set_of_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) #define asn1_set_of_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) diff --git a/src/x509_cer.c b/src/x509_cer.c index c77ef0b2..5cfe2b48 100644 --- a/src/x509_cer.c +++ b/src/x509_cer.c @@ -647,7 +647,7 @@ int x509_name_add_country_name(uint8_t *d, size_t *dlen, size_t maxlen, const ch { int ret; ret = x509_name_add_rdn(d, dlen, maxlen, - OID_at_country_name, ASN1_TAG_PrintableString, (uint8_t *)val, 2, NULL, 0); + OID_at_country_name, ASN1_TAG_PrintableString, (uint8_t *)val, val ? 2 : 0, NULL, 0); if (ret < 0) error_print(); return ret; } diff --git a/src/x509_ext.c b/src/x509_ext.c index 5aa2700f..f2e1476c 100644 --- a/src/x509_ext.c +++ b/src/x509_ext.c @@ -1762,6 +1762,9 @@ int x509_attributes_print(FILE *fp, int fmt, int ind, const char *label, const u format_print(fp, fmt, ind, "%s\n", label); ind += 4; } + if (!dlen) { + format_print(fp, fmt, ind, "(null)\n"); + } while (dlen) { if (asn1_sequence_from_der(&p, &len, &d, &dlen) != 1) { error_print(); diff --git a/src/x509_req.c b/src/x509_req.c index e39aad53..91fb30ba 100644 --- a/src/x509_req.c +++ b/src/x509_req.c @@ -41,12 +41,12 @@ int x509_request_info_to_der( if (asn1_int_to_der(version, NULL, &len) != 1 || asn1_sequence_to_der(subject, subject_len, NULL, &len) != 1 || x509_public_key_info_to_der(subject_public_key, NULL, &len) != 1 - || asn1_implicit_set_to_der(0, attrs, attrs_len, NULL, &len) < 0 + || asn1_implicit_set_to_der(0, attrs, attrs_len, NULL, &len) != 1 || asn1_sequence_header_to_der(len, out, outlen) != 1 || asn1_int_to_der(version, out, outlen) != 1 || asn1_sequence_to_der(subject, subject_len, out, outlen) != 1 || x509_public_key_info_to_der(subject_public_key, out, outlen) != 1 - || asn1_implicit_set_to_der(0, attrs, attrs_len, out, outlen) < 0) { + || asn1_implicit_set_to_der(0, attrs, attrs_len, out, outlen) != 1) { error_print(); return -1; } diff --git a/tools/reqgen.c b/tools/reqgen.c index 226de63e..2aeffa66 100644 --- a/tools/reqgen.c +++ b/tools/reqgen.c @@ -72,6 +72,10 @@ int reqgen_main(int argc, char **argv) char *org_unit = NULL; char *common_name = NULL; + // Attributs + uint8_t attrs[512]; + size_t attrs_len = 0; + // Private Key FILE *keyfp = NULL; char *pass = NULL; @@ -203,7 +207,7 @@ bad: X509_version_v1, name, namelen, &sm2_key, - NULL, 0, + attrs, attrs_len, OID_sm2sign_with_sm3, &sm2_key, signer_id, signer_id_len, &p, &reqlen) != 1) {