Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[crypto] Parse X.509 raw public key bit string
OCSP requires direct access to the bit string portion of the subject
public key information.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
  • Loading branch information
mcb30 committed May 13, 2012
1 parent 4855e86 commit e5858c1
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 3 deletions.
10 changes: 8 additions & 2 deletions src/crypto/x509.c
Expand Up @@ -632,13 +632,16 @@ static int x509_parse_public_key ( struct x509_certificate *cert,
const struct asn1_cursor *raw ) {
struct x509_public_key *public_key = &cert->subject.public_key;
struct asn1_algorithm **algorithm = &public_key->algorithm;
struct x509_bit_string *raw_bits = &public_key->raw_bits;
struct asn1_cursor cursor;
int rc;

/* Record raw subjectPublicKeyInfo */
memcpy ( &cursor, raw, sizeof ( cursor ) );
asn1_shrink_any ( &cursor );
memcpy ( &public_key->raw, &cursor, sizeof ( public_key->raw ) );
DBGC2 ( cert, "X509 %p public key is:\n", cert );
DBGC2_HDA ( cert, 0, public_key->raw.data, public_key->raw.len );

/* Enter subjectPublicKeyInfo */
asn1_enter ( &cursor, ASN1_SEQUENCE );
Expand All @@ -649,8 +652,11 @@ static int x509_parse_public_key ( struct x509_certificate *cert,
return rc;
DBGC2 ( cert, "X509 %p public key algorithm is %s\n",
cert, (*algorithm)->name );
DBGC2 ( cert, "X509 %p public key is:\n", cert );
DBGC2_HDA ( cert, 0, public_key->raw.data, public_key->raw.len );
asn1_skip_any ( &cursor );

/* Parse bit string */
if ( ( rc = x509_parse_bit_string ( cert, raw_bits, &cursor ) ) != 0 )
return rc;

return 0;
}
Expand Down
4 changes: 3 additions & 1 deletion src/include/ipxe/x509.h
Expand Up @@ -54,10 +54,12 @@ struct x509_validity {

/** An X.509 certificate public key */
struct x509_public_key {
/** Raw public key */
/** Raw public key information */
struct asn1_cursor raw;
/** Public key algorithm */
struct asn1_algorithm *algorithm;
/** Raw public key bit string */
struct x509_bit_string raw_bits;
};

/** An X.509 certificate subject */
Expand Down

0 comments on commit e5858c1

Please sign in to comment.