abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix REQ format bug

Browse Source 
Attributes not OPTIONAL
This commit is contained in:
Zhi Guan
2023-02-06 17:07:08 +08:00
parent 97e33d4b9a
commit 8a62b91da9
5 changed files with 13 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
include/gmssl/asn1.h
View File

@@ -69,42 +69,6 @@ enum ASN1_TAG {
}; };
/*
DER encoding (d, dlen) to_der
d != NULL && dlen != 0: return 1 on success or -1 on failure
d == NULL && dlen != 0: invalid input, return -1
d == NULL && dlen == 0: do nothing, return 0 to info OPTIONAL types
d != NULL && dlen == 0: encode an empty type, output tag and length = 0 without value
解码函数的返回值:
ret == 0
当前剩余的数据数据长度为0
或者下一个对象与期待不符即输入对象的标签不等于输入的tag
当对象为OPTIONAL时调用方可以通过判断返回值是否为0进行处理
ret < 0
标签正确但是长度或数据解析出错
ret == 1
解析正确
解码函数的输入:
*in != NULL
例如一个SEQUENCE中的属性均为OPTIONAL解析后指针仍不为空
因此不允许输入空的输入数据指针
处理规则
当返回值 ret <= 0 时,*tag, *in, *inlen 的值保持不变
如果一个类型有 DEFAULT 属性,调用方可以将返回数据预先设置为默认值,
如果该对象未被编码即返回值为0那么解码函数不会修改已经设置的默认值
*/
const char *asn1_tag_name(int tag); const char *asn1_tag_name(int tag);
int asn1_tag_is_cstring(int tag); int asn1_tag_is_cstring(int tag);
int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen); int asn1_tag_to_der(int tag, uint8_t **out, size_t *outlen);
@@ -293,8 +257,8 @@ int asn1_sequence_of_int_print(FILE *fp, int fmt, int ind, const char *label, co
#define asn1_set_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) #define asn1_set_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen)
#define asn1_set_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) #define asn1_set_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen)
#define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) #define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen)
#define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) #define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen)
#define asn1_set_of_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) #define asn1_set_of_to_der(d,dlen,out,outlen) asn1_nonempty_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen)
#define asn1_set_of_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) #define asn1_set_of_from_der(d,dlen,in,inlen) asn1_nonempty_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen)

2
src/x509_cer.c
View File

@@ -647,7 +647,7 @@ int x509_name_add_country_name(uint8_t *d, size_t *dlen, size_t maxlen, const ch
{ {
int ret; int ret;
ret = x509_name_add_rdn(d, dlen, maxlen, ret = x509_name_add_rdn(d, dlen, maxlen,
OID_at_country_name, ASN1_TAG_PrintableString, (uint8_t *)val, 2, NULL, 0); OID_at_country_name, ASN1_TAG_PrintableString, (uint8_t *)val, val ? 2 : 0, NULL, 0);
if (ret < 0) error_print(); if (ret < 0) error_print();
return ret; return ret;
} }

3
src/x509_ext.c
View File

@@ -1762,6 +1762,9 @@ int x509_attributes_print(FILE *fp, int fmt, int ind, const char *label, const u
format_print(fp, fmt, ind, "%s\n", label); format_print(fp, fmt, ind, "%s\n", label);
ind += 4; ind += 4;
} }
if (!dlen) {
format_print(fp, fmt, ind, "(null)\n");
}
while (dlen) { while (dlen) {
if (asn1_sequence_from_der(&p, &len, &d, &dlen) != 1) { if (asn1_sequence_from_der(&p, &len, &d, &dlen) != 1) {
error_print(); error_print();

4
src/x509_req.c
View File

@@ -41,12 +41,12 @@ int x509_request_info_to_der(
if (asn1_int_to_der(version, NULL, &len) != 1 if (asn1_int_to_der(version, NULL, &len) != 1
|| asn1_sequence_to_der(subject, subject_len, NULL, &len) != 1 || asn1_sequence_to_der(subject, subject_len, NULL, &len) != 1
|| x509_public_key_info_to_der(subject_public_key, NULL, &len) != 1 || x509_public_key_info_to_der(subject_public_key, NULL, &len) != 1
|| asn1_implicit_set_to_der(0, attrs, attrs_len, NULL, &len) < 0 || asn1_implicit_set_to_der(0, attrs, attrs_len, NULL, &len) != 1
|| asn1_sequence_header_to_der(len, out, outlen) != 1 || asn1_sequence_header_to_der(len, out, outlen) != 1
|| asn1_int_to_der(version, out, outlen) != 1 || asn1_int_to_der(version, out, outlen) != 1
|| asn1_sequence_to_der(subject, subject_len, out, outlen) != 1 || asn1_sequence_to_der(subject, subject_len, out, outlen) != 1
|| x509_public_key_info_to_der(subject_public_key, out, outlen) != 1 || x509_public_key_info_to_der(subject_public_key, out, outlen) != 1
|| asn1_implicit_set_to_der(0, attrs, attrs_len, out, outlen) < 0) { || asn1_implicit_set_to_der(0, attrs, attrs_len, out, outlen) != 1) {
error_print(); error_print();
return -1; return -1;
} }

6
tools/reqgen.c
View File

@@ -72,6 +72,10 @@ int reqgen_main(int argc, char **argv)
char *org_unit = NULL; char *org_unit = NULL;
char *common_name = NULL; char *common_name = NULL;
// Attributs
uint8_t attrs[512];
size_t attrs_len = 0;
// Private Key // Private Key
FILE *keyfp = NULL; FILE *keyfp = NULL;
char *pass = NULL; char *pass = NULL;
@@ -203,7 +207,7 @@ bad:
X509_version_v1, X509_version_v1,
name, namelen, name, namelen,
&sm2_key, &sm2_key,
NULL, 0, attrs, attrs_len,
OID_sm2sign_with_sm3, OID_sm2sign_with_sm3,
&sm2_key, signer_id, signer_id_len, &sm2_key, signer_id, signer_id_len,
&p, &reqlen) != 1) { &p, &reqlen) != 1) {