From 32c530ece2e1433cc0a8ab26c3a4907ccfcfd853 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 6 Feb 2019 16:13:41 +0000 Subject: [PATCH] Add raw public key buffer bounds to mbedtls_x509_crt struct This commit adds an ASN.1 buffer field `pk_raw` to `mbedtls_x509_crt` which stores the bounds of the raw public key data within an X.509 CRT. This will be useful in subsequent commits to extract the peer's public key from its certificate chain. --- include/mbedtls/x509_crt.h | 1 + library/x509_crt.c | 2 ++ 2 files changed, 3 insertions(+) diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index dc3260b87..09ba69f39 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -70,6 +70,7 @@ typedef struct mbedtls_x509_crt mbedtls_x509_time valid_from; /**< Start time of certificate validity. */ mbedtls_x509_time valid_to; /**< End time of certificate validity. */ + mbedtls_x509_buf pk_raw; mbedtls_pk_context pk; /**< Container for the public key context. */ mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ diff --git a/library/x509_crt.c b/library/x509_crt.c index 97d4b9504..e4a35f64d 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -990,11 +990,13 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, /* * SubjectPublicKeyInfo */ + crt->pk_raw.p = p; if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) { mbedtls_x509_crt_free( crt ); return( ret ); } + crt->pk_raw.len = p - crt->pk_raw.p; /* * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,