summaryrefslogtreecommitdiff
path: root/lib/x509asn1.c
diff options
context:
space:
mode:
authorPatrick Monnerat <pm@datasphere.ch>2014-10-14 14:58:26 +0200
committerPatrick Monnerat <pm@datasphere.ch>2014-10-14 14:58:26 +0200
commit473322ec66a0969c3c59e8006f9ac72768b91adf (patch)
tree1964192f49e48045e13d4d97f247893ef7e22de5 /lib/x509asn1.c
parent89e543f3830bb8d821fedaa6ca4fb6d776e601b8 (diff)
downloadcurl-473322ec66a0969c3c59e8006f9ac72768b91adf.tar.gz
Implement pinned public key in GSKit backend
Diffstat (limited to 'lib/x509asn1.c')
-rw-r--r--lib/x509asn1.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/x509asn1.c b/lib/x509asn1.c
index 31ea5de00..e100e07f4 100644
--- a/lib/x509asn1.c
+++ b/lib/x509asn1.c
@@ -122,6 +122,7 @@ const char * Curl_getASN1Element(curl_asn1Element * elem,
return (const char *) NULL;
/* Process header byte. */
+ elem->header = beg;
b = (unsigned char) *beg++;
elem->constructed = (b & 0x20) != 0;
elem->class = (b >> 6) & 3;
@@ -682,6 +683,7 @@ void Curl_parseX509(curl_X509certificate * cert,
Syntax is assumed to have already been checked by the SSL backend.
See RFC 5280. */
+ cert->certificate.header = NULL;
cert->certificate.beg = beg;
cert->certificate.end = end;
@@ -701,6 +703,7 @@ void Curl_parseX509(curl_X509certificate * cert,
beg = tbsCertificate.beg;
end = tbsCertificate.end;
/* Get optional version, get serialNumber. */
+ cert->version.header = NULL;
cert->version.beg = &defaultVersion;
cert->version.end = &defaultVersion + sizeof defaultVersion;;
beg = Curl_getASN1Element(&elem, beg, end);
@@ -720,15 +723,19 @@ void Curl_parseX509(curl_X509certificate * cert,
/* Get subject. */
beg = Curl_getASN1Element(&cert->subject, beg, end);
/* Get subjectPublicKeyAlgorithm and subjectPublicKey. */
- beg = Curl_getASN1Element(&elem, beg, end);
+ beg = Curl_getASN1Element(&cert->subjectPublicKeyInfo, beg, end);
ccp = Curl_getASN1Element(&cert->subjectPublicKeyAlgorithm,
- elem.beg, elem.end);
- Curl_getASN1Element(&cert->subjectPublicKey, ccp, elem.end);
+ cert->subjectPublicKeyInfo.beg,
+ cert->subjectPublicKeyInfo.end);
+ Curl_getASN1Element(&cert->subjectPublicKey, ccp,
+ cert->subjectPublicKeyInfo.end);
/* Get optional issuerUiqueID, subjectUniqueID and extensions. */
cert->issuerUniqueID.tag = cert->subjectUniqueID.tag = 0;
cert->extensions.tag = elem.tag = 0;
+ cert->issuerUniqueID.header = cert->subjectUniqueID.header = NULL;
cert->issuerUniqueID.beg = cert->issuerUniqueID.end = "";
cert->subjectUniqueID.beg = cert->subjectUniqueID.end = "";
+ cert->extensions.header = NULL;
cert->extensions.beg = cert->extensions.end = "";
if(beg < end)
beg = Curl_getASN1Element(&elem, beg, end);
@@ -771,6 +778,7 @@ static const char * dumpAlgo(curl_asn1Element * param,
/* Get algorithm parameters and return algorithm name. */
beg = Curl_getASN1Element(&oid, beg, end);
+ param->header = NULL;
param->tag = 0;
param->beg = param->end = end;
if(beg < end)
@@ -1140,6 +1148,7 @@ CURLcode Curl_verifyhost(struct connectdata * conn,
}
/* Process subject. */
+ name.header = NULL;
name.beg = name.end = "";
q = cert.subject.beg;
/* we have to look to the last occurrence of a commonName in the