From d4af1815931f40f5d742bf82aa141611e42d04e3 Mon Sep 17 00:00:00 2001 From: Kareem Date: Thu, 12 Dec 2024 12:37:32 -0700 Subject: [PATCH] Add support for the RFC822 Mailbox attribute. --- src/ssl.c | 2 ++ src/x509.c | 1 + tests/api.c | 5 +++++ wolfcrypt/src/asn.c | 39 +++++++++++++++++++++++++++++++++++++++ wolfssl/wolfcrypt/asn.h | 4 ++++ 5 files changed, 51 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index b6d287aa4d..d2782ad440 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17504,6 +17504,8 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { "emailAddress"}, { WC_NID_domainComponent, WC_NID_domainComponent, oidCertNameType, "DC", "domainComponent"}, + { WC_NID_rfc822Mailbox, WC_NID_rfc822Mailbox, oidCertNameType, "rfc822Mailbox", + "rfc822Mailbox"}, { WC_NID_favouriteDrink, WC_NID_favouriteDrink, oidCertNameType, "favouriteDrink", "favouriteDrink"}, { WC_NID_businessCategory, WC_NID_businessCategory, oidCertNameType, diff --git a/src/x509.c b/src/x509.c index 1f5dfca0c9..437cc04e32 100644 --- a/src/x509.c +++ b/src/x509.c @@ -11485,6 +11485,7 @@ static int ConvertNIDToWolfSSL(int nid) case WC_NID_businessCategory: return ASN_BUS_CAT; case WC_NID_domainComponent: return ASN_DOMAIN_COMPONENT; case WC_NID_postalCode: return ASN_POSTAL_CODE; + case WC_NID_rfc822Mailbox: return ASN_RFC822_MAILBOX; case WC_NID_favouriteDrink: return ASN_FAVOURITE_DRINK; default: WOLFSSL_MSG("Attribute NID not found"); diff --git a/tests/api.c b/tests/api.c index 7a963c2a5d..d427ca6215 100644 --- a/tests/api.c +++ b/tests/api.c @@ -69680,6 +69680,7 @@ static int test_wolfSSL_X509_NAME_ENTRY(void) #ifdef WOLFSSL_CERT_REQ { unsigned char srv_pkcs9p[] = "Server"; + unsigned char rfc822Mlbx[] = "support@wolfssl.com"; unsigned char fvrtDrnk[] = "tequila"; unsigned char* der = NULL; char* subject = NULL; @@ -69687,6 +69688,9 @@ static int test_wolfSSL_X509_NAME_ENTRY(void) ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_pkcs9_contentType, MBSTRING_ASC, srv_pkcs9p, -1, -1, 0), SSL_SUCCESS); + ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_rfc822Mailbox, + MBSTRING_ASC, rfc822Mlbx, -1, -1, 0), SSL_SUCCESS); + ExpectIntEQ(X509_NAME_add_entry_by_NID(nm, NID_favouriteDrink, MBSTRING_ASC, fvrtDrnk, -1, -1, 0), SSL_SUCCESS); @@ -69695,6 +69699,7 @@ static int test_wolfSSL_X509_NAME_ENTRY(void) ExpectNotNull(der); ExpectNotNull(subject = X509_NAME_oneline(nm, NULL, 0)); + ExpectNotNull(XSTRSTR(subject, "rfc822Mailbox=support@wolfssl.com")); ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila")); ExpectNotNull(XSTRSTR(subject, "contentType=Server")); #ifdef DEBUG_WOLFSSL diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 14843537ce..89b89dea06 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -4601,6 +4601,7 @@ static const byte dnsSRVOid[] = {43, 6, 1, 5, 5, 7, 8, 7}; /* Pilot attribute types (0.9.2342.19200300.100.1.*) */ #define PLT_ATTR_TYPE_OID_BASE(num) {9, 146, 38, 137, 147, 242, 44, 100, 1, num} static const byte uidOid[] = PLT_ATTR_TYPE_OID_BASE(1); /* user id */ +static const byte rfc822Mlbx[] = PLT_ATTR_TYPE_OID_BASE(3); /* RFC822 mailbox */ static const byte fvrtDrk[] = PLT_ATTR_TYPE_OID_BASE(5);/* favourite drink*/ #endif @@ -13887,6 +13888,15 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, *nid = WC_NID_domainComponent; #endif } + else if (oidSz == sizeof(rfc822Mlbx) && XMEMCMP(oid, rfc822Mlbx, oidSz) == 0) { + /* Set the RFC822 mailbox, type string, length and NID. */ + id = ASN_RFC822_MAILBOX; + typeStr = WOLFSSL_RFC822_MAILBOX; + typeStrLen = sizeof(WOLFSSL_RFC822_MAILBOX) - 1; + #ifdef WOLFSSL_X509_NAME_AVAILABLE + *nid = WC_NID_rfc822Mailbox; + #endif + } else if (oidSz == sizeof(fvrtDrk) && XMEMCMP(oid, fvrtDrk, oidSz) == 0) { /* Set the favourite drink, type string, length and NID. */ id = ASN_FAVOURITE_DRINK; @@ -14591,6 +14601,15 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, nid = WC_NID_domainComponent; #endif /* OPENSSL_EXTRA */ break; + case ASN_RFC822_MAILBOX: + copy = WOLFSSL_RFC822_MAILBOX; + copyLen = sizeof(WOLFSSL_RFC822_MAILBOX) - 1; + #if (defined(OPENSSL_EXTRA) || \ + defined(OPENSSL_EXTRA_X509_SMALL)) \ + && !defined(WOLFCRYPT_ONLY) + nid = WC_NID_rfc822Mailbox; + #endif /* OPENSSL_EXTRA */ + break; case ASN_FAVOURITE_DRINK: copy = WOLFSSL_FAVOURITE_DRINK; copyLen = sizeof(WOLFSSL_FAVOURITE_DRINK) - 1; @@ -28094,6 +28113,10 @@ static int EncodeName(EncodedName* name, const char* nameStr, thisLen += (int)sizeof(uidOid); firstSz = (int)sizeof(uidOid); break; + case ASN_RFC822_MAILBOX: + thisLen += (int)sizeof(rfc822Mlbx); + firstSz = (int)sizeof(rfc822Mlbx); + break; case ASN_FAVOURITE_DRINK: thisLen += (int)sizeof(fvrtDrk); firstSz = (int)sizeof(fvrtDrk); @@ -28159,6 +28182,12 @@ static int EncodeName(EncodedName* name, const char* nameStr, /* str type */ name->encoded[idx++] = nameTag; break; + case ASN_RFC822_MAILBOX: + XMEMCPY(name->encoded + idx, rfc822Mlbx, sizeof(rfc822Mlbx)); + idx += (int)sizeof(rfc822Mlbx); + /* str type */ + name->encoded[idx++] = nameTag; + break; case ASN_FAVOURITE_DRINK: XMEMCPY(name->encoded + idx, fvrtDrk, sizeof(fvrtDrk)); idx += (int)sizeof(fvrtDrk); @@ -28255,6 +28284,10 @@ static int EncodeName(EncodedName* name, const char* nameStr, oid = uidOid; oidSz = sizeof(uidOid); break; + case ASN_RFC822_MAILBOX: + oid = rfc822Mlbx; + oidSz = sizeof(rfc822Mlbx); + break; case ASN_FAVOURITE_DRINK: oid = fvrtDrk; oidSz = sizeof(fvrtDrk); @@ -28578,6 +28611,12 @@ static int SetNameRdnItems(ASNSetData* dataASN, ASNItem* namesASN, sizeof(uidOid), (byte)GetNameType(name, i), (const byte*)GetOneCertName(name, i), nameLen[i]); } + else if (type == ASN_RFC822_MAILBOX) { + /* Copy RFC822 mailbox data into dynamic vars. */ + SetRdnItems(namesASN + idx, dataASN + idx, rfc822Mlbx, + sizeof(rfc822Mlbx), (byte)GetNameType(name, i), + (const byte*)GetOneCertName(name, i), nameLen[i]); + } else if (type == ASN_FAVOURITE_DRINK) { /* Copy favourite drink data into dynamic vars. */ SetRdnItems(namesASN + idx, dataASN + idx, fvrtDrk, diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index ba9b969661..12a602383a 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -729,6 +729,7 @@ enum DN_Tags { /* pilot attribute types * OID values of 0.9.2342.19200300.100.1.* */ ASN_FAVOURITE_DRINK = 0x13, /* favouriteDrink */ + ASN_RFC822_MAILBOX = 0x14, /* rfc822Mailbox */ ASN_DOMAIN_COMPONENT = 0x19 /* DC */ }; @@ -780,6 +781,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WOLFSSL_USER_ID "/UID=" #define WOLFSSL_DOMAIN_COMPONENT "/DC=" +#define WOLFSSL_RFC822_MAILBOX "/rfc822Mailbox=" #define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink=" #define WOLFSSL_CONTENT_TYPE "/contentType=" @@ -912,6 +914,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define WC_NID_businessCategory ASN_BUS_CAT #define WC_NID_domainComponent ASN_DOMAIN_COMPONENT #define WC_NID_postalCode ASN_POSTAL_CODE /* postalCode */ +#define WC_NID_rfc822Mailbox 460 #define WC_NID_favouriteDrink 462 #define WC_NID_userId 458 #define WC_NID_registeredAddress 870 @@ -985,6 +988,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[]; #define NID_businessCategory WC_NID_businessCategory #define NID_domainComponent WC_NID_domainComponent #define NID_postalCode WC_NID_postalCode +#define NID_rfc822Mailbox WC_NID_rfc822Mailbox #define NID_favouriteDrink WC_NID_favouriteDrink #define NID_userId WC_NID_userId #define NID_emailAddress WC_NID_emailAddress