sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CryptoPkg: Add new API to retrieve commonName of X.509 certificate

Browse Source 
v3: Add extra CommonNameSize check since OpenSSL didn't check this
    input parameter. (One openssl issue was filed to address this risk:
    https://github.com/openssl/openssl/issues/4392)
v2: Update function interface to return RETURN_STATUS to represent
    different error cases.

Add one new API (X509GetCommonName()) to retrieve the subject commonName
string from one X.509 certificate.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ting Ye <ting.ye@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
Qin Long
2017-09-24 23:42:16 +08:00
parent fc8be1ad9a
commit 5b7c224505
5 changed files with 234 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
CryptoPkg/Application/Cryptest/RsaVerify2.c
View File

@@ -204,13 +204,17 @@ ValidateCryptRsa2 (
VOID
)
{
BOOLEAN Status;
VOID *RsaPrivKey;
VOID *RsaPubKey;
UINT8 *Signature;
UINTN SigSize;
UINT8 *Subject;
UINTN SubjectSize;
BOOLEAN Status;
VOID *RsaPrivKey;
VOID *RsaPubKey;
UINT8 *Signature;
UINTN SigSize;
UINT8 *Subject;
UINTN SubjectSize;
RETURN_STATUS ReturnStatus;
CHAR8 CommonName[64];
CHAR16 CommonNameUnicode[64];
UINTN CommonNameSize;
Print (L"\nUEFI-OpenSSL RSA Key Retrieving Testing: ");
@@ -286,6 +290,20 @@ ValidateCryptRsa2 (
Print (L"[Pass]");
}
//
// Get CommonName from X509 Certificate Subject
//
CommonNameSize = 64;
ZeroMem (CommonName, CommonNameSize);
ReturnStatus = X509GetCommonName (TestCert, sizeof (TestCert), CommonName, &CommonNameSize);
if (RETURN_ERROR (ReturnStatus)) {
Print (L"\n - Retrieving Common Name - [Fail]");
return EFI_ABORTED;
} else {
AsciiStrToUnicodeStrS (CommonName, CommonNameUnicode, CommonNameSize);
Print (L"\n - Retrieving Common Name = \"%s\" (Size = %d)", CommonNameUnicode, CommonNameSize);
}
//
// X509 Certificate Verification.
//