From c3c7b11cfc100e61b9b7a2beaf2bcb47b49ae124 Mon Sep 17 00:00:00 2001 From: effbiae Date: Thu, 2 Oct 2025 15:36:03 +1000 Subject: [PATCH] refactor X509PrintSubjAltName --- src/x509.c | 175 ++++++----------------------------------------------- 1 file changed, 17 insertions(+), 158 deletions(-) diff --git a/src/x509.c b/src/x509.c index 739c53deb43..74efb78c385 100644 --- a/src/x509.c +++ b/src/x509.c @@ -6099,7 +6099,6 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) #define MAX_WIDTH 80 #endif -#if defined(WOLFSSL_ACERT) #define ACERT_NUM_DIR_TAGS 4 /* Convenience struct and function for printing the Holder sub fields @@ -6209,9 +6208,8 @@ static int X509PrintDirType(char * dst, int max_len, const DNS_entry * entry) return total_len; } - -static int X509_ACERT_print_name_entry(WOLFSSL_BIO* bio, - const DNS_entry* entry, int indent) +static int X509_print_name_entry(WOLFSSL_BIO* bio, + const DNS_entry* entry, int indent) { int ret = WOLFSSL_SUCCESS; int nameCount = 0; @@ -6242,68 +6240,43 @@ static int X509_ACERT_print_name_entry(WOLFSSL_BIO* bio, if (entry->type == ASN_DNS_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "DNS:%s", entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) else if (entry->type == ASN_IP_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "IP Address:%s", entry->ipString); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ else if (entry->type == ASN_RFC822_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "email:%s", entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } else if (entry->type == ASN_DIR_TYPE) { len = X509PrintDirType(scratch, MAX_WIDTH, entry); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } else if (entry->type == ASN_URI_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "URI:%s", entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } #if defined(OPENSSL_ALL) else if (entry->type == ASN_RID_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "Registered ID:%s", entry->ridString); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } #endif else if (entry->type == ASN_OTHER_TYPE) { len = XSNPRINTF(scratch, MAX_WIDTH, "othername "); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } } else { WOLFSSL_MSG("Bad alt name type."); ret = WOLFSSL_FAILURE; break; } - + if (len >= MAX_WIDTH) { + ret = WOLFSSL_FAILURE; + break; + } if (wolfSSL_BIO_write(bio, scratch, (int)XSTRLEN(scratch)) <= 0) { ret = WOLFSSL_FAILURE; @@ -6320,128 +6293,6 @@ static int X509_ACERT_print_name_entry(WOLFSSL_BIO* bio, return ret; } -#endif /* if WOLFSSL_ACERT*/ - -static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, - int indent) -{ - int ret = WOLFSSL_SUCCESS; - DNS_entry* entry; - - if (bio == NULL || x509 == NULL) { - ret = WOLFSSL_FAILURE; - } - - if (ret == WOLFSSL_SUCCESS && x509->subjAltNameSet && - x509->altNames != NULL) { - char scratch[MAX_WIDTH]; - int len; - - len = XSNPRINTF(scratch, MAX_WIDTH, "%*s", indent, ""); - if (len >= MAX_WIDTH) - ret = WOLFSSL_FAILURE; - if (ret == WOLFSSL_SUCCESS) { - if (wolfSSL_BIO_write(bio, scratch, (int)XSTRLEN(scratch)) <= 0) { - ret = WOLFSSL_FAILURE; - } - } - if (ret == WOLFSSL_SUCCESS) { - int nameCount = 0; - - entry = x509->altNames; - while (entry != NULL) { - ++nameCount; - if (nameCount > 1) { - if (wolfSSL_BIO_write(bio, ", ", 2) <= 0) { - ret = WOLFSSL_FAILURE; - break; - } - } - - if (entry->type == ASN_DNS_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "DNS:%s", entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - #ifdef WOLFSSL_IP_ALT_NAME - else if (entry->type == ASN_IP_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "IP Address:%s", - entry->ipString); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */ - else if (entry->type == ASN_RFC822_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "email:%s", - entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - else if (entry->type == ASN_DIR_TYPE) { - /* @TODO entry->name in ASN1 syntax */ - len = XSNPRINTF(scratch, MAX_WIDTH, - "DirName:"); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - else if (entry->type == ASN_URI_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "URI:%s", - entry->name); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - #if defined(OPENSSL_ALL) - else if (entry->type == ASN_RID_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, "Registered ID:%s", - entry->ridString); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - #endif - else if (entry->type == ASN_OTHER_TYPE) { - len = XSNPRINTF(scratch, MAX_WIDTH, - "othername "); - if (len >= MAX_WIDTH) { - ret = WOLFSSL_FAILURE; - break; - } - } - else { - WOLFSSL_MSG("Bad alt name type."); - ret = WOLFSSL_FAILURE; - break; - } - - if (wolfSSL_BIO_write(bio, scratch, (int)XSTRLEN(scratch)) - <= 0) { - ret = WOLFSSL_FAILURE; - break; - } - - entry = entry->next; - } - } - - if (ret == WOLFSSL_SUCCESS && wolfSSL_BIO_write(bio, "\n", 1) <= 0) { - ret = WOLFSSL_FAILURE; - } - } - - return ret; -} - #ifdef XSNPRINTF static int X509PrintKeyUsage(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent) { @@ -6711,6 +6562,14 @@ static int X509PrintValidity(WOLFSSL_BIO* bio, WOLFSSL_ASN1_TIME * notBefore, } #endif /* ifndef NO_ASN_TIME */ +static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, + int indent) +{ + if (!x509 || !x509->altNames || !x509->subjAltNameSet) + return WOLFSSL_FAILURE; + return X509_print_name_entry(bio, x509->altNames, indent); +} + /* iterate through certificate extensions printing them out in human readable * form * return WOLFSSL_SUCCESS on success @@ -7586,7 +7445,7 @@ int wolfSSL_X509_ACERT_print(WOLFSSL_BIO* bio, WOLFSSL_X509_ACERT* x509) return WOLFSSL_FAILURE; } - if (X509_ACERT_print_name_entry(bio, x509->holderEntityName, 1) + if (X509_print_name_entry(bio, x509->holderEntityName, 1) != WOLFSSL_SUCCESS) { return WOLFSSL_FAILURE; } @@ -7599,7 +7458,7 @@ int wolfSSL_X509_ACERT_print(WOLFSSL_BIO* bio, WOLFSSL_X509_ACERT* x509) return WOLFSSL_FAILURE; } - if (X509_ACERT_print_name_entry(bio, x509->holderIssuerName, 1) + if (X509_print_name_entry(bio, x509->holderIssuerName, 1) != WOLFSSL_SUCCESS) { return WOLFSSL_FAILURE; } @@ -7617,7 +7476,7 @@ int wolfSSL_X509_ACERT_print(WOLFSSL_BIO* bio, WOLFSSL_X509_ACERT* x509) } if (x509->AttCertIssuerName != NULL) { - if (X509_ACERT_print_name_entry(bio, x509->AttCertIssuerName, 1) + if (X509_print_name_entry(bio, x509->AttCertIssuerName, 1) != WOLFSSL_SUCCESS) { return WOLFSSL_FAILURE; }