diff options
| author | Patrick Monnerat <pm@datasphere.ch> | 2014-10-14 14:58:26 +0200 |
|---|---|---|
| committer | Patrick Monnerat <pm@datasphere.ch> | 2014-10-14 14:58:26 +0200 |
| commit | 473322ec66a0969c3c59e8006f9ac72768b91adf (patch) | |
| tree | 1964192f49e48045e13d4d97f247893ef7e22de5 /lib/x509asn1.c | |
| parent | 89e543f3830bb8d821fedaa6ca4fb6d776e601b8 (diff) | |
| download | curl-473322ec66a0969c3c59e8006f9ac72768b91adf.tar.gz | |
Implement pinned public key in GSKit backend
Diffstat (limited to 'lib/x509asn1.c')
| -rw-r--r-- | lib/x509asn1.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/x509asn1.c b/lib/x509asn1.c index 31ea5de00..e100e07f4 100644 --- a/lib/x509asn1.c +++ b/lib/x509asn1.c @@ -122,6 +122,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, return (const char *) NULL; /* Process header byte. */ + elem->header = beg; b = (unsigned char) *beg++; elem->constructed = (b & 0x20) != 0; elem->class = (b >> 6) & 3; @@ -682,6 +683,7 @@ void Curl_parseX509(curl_X509certificate * cert, Syntax is assumed to have already been checked by the SSL backend. See RFC 5280. */ + cert->certificate.header = NULL; cert->certificate.beg = beg; cert->certificate.end = end; @@ -701,6 +703,7 @@ void Curl_parseX509(curl_X509certificate * cert, beg = tbsCertificate.beg; end = tbsCertificate.end; /* Get optional version, get serialNumber. */ + cert->version.header = NULL; cert->version.beg = &defaultVersion; cert->version.end = &defaultVersion + sizeof defaultVersion;; beg = Curl_getASN1Element(&elem, beg, end); @@ -720,15 +723,19 @@ void Curl_parseX509(curl_X509certificate * cert, /* Get subject. */ beg = Curl_getASN1Element(&cert->subject, beg, end); /* Get subjectPublicKeyAlgorithm and subjectPublicKey. */ - beg = Curl_getASN1Element(&elem, beg, end); + beg = Curl_getASN1Element(&cert->subjectPublicKeyInfo, beg, end); ccp = Curl_getASN1Element(&cert->subjectPublicKeyAlgorithm, - elem.beg, elem.end); - Curl_getASN1Element(&cert->subjectPublicKey, ccp, elem.end); + cert->subjectPublicKeyInfo.beg, + cert->subjectPublicKeyInfo.end); + Curl_getASN1Element(&cert->subjectPublicKey, ccp, + cert->subjectPublicKeyInfo.end); /* Get optional issuerUiqueID, subjectUniqueID and extensions. */ cert->issuerUniqueID.tag = cert->subjectUniqueID.tag = 0; cert->extensions.tag = elem.tag = 0; + cert->issuerUniqueID.header = cert->subjectUniqueID.header = NULL; cert->issuerUniqueID.beg = cert->issuerUniqueID.end = ""; cert->subjectUniqueID.beg = cert->subjectUniqueID.end = ""; + cert->extensions.header = NULL; cert->extensions.beg = cert->extensions.end = ""; if(beg < end) beg = Curl_getASN1Element(&elem, beg, end); @@ -771,6 +778,7 @@ static const char * dumpAlgo(curl_asn1Element * param, /* Get algorithm parameters and return algorithm name. */ beg = Curl_getASN1Element(&oid, beg, end); + param->header = NULL; param->tag = 0; param->beg = param->end = end; if(beg < end) @@ -1140,6 +1148,7 @@ CURLcode Curl_verifyhost(struct connectdata * conn, } /* Process subject. */ + name.header = NULL; name.beg = name.end = ""; q = cert.subject.beg; /* we have to look to the last occurrence of a commonName in the |