Added the uniformResourceIdentifier subtype for the subjectAltName.
Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/library/x509.c b/library/x509.c
index 2865c2e..9f0dc62 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -1227,8 +1227,8 @@
* nameAssigner [0] DirectoryString OPTIONAL,
* partyName [1] DirectoryString }
*
- * NOTE: we list all types, but only use dNSName and otherName
- * of type HwModuleName, as defined in RFC 4108, at this point.
+ * NOTE: we list all types, but only use "dnsName", "otherName" and
+ * "uniformResourceIdentifier", as defined in RFC 5280, at this point.
*/
int mbedtls_x509_get_subject_alt_name(unsigned char **p,
const unsigned char *end,
@@ -1397,7 +1397,19 @@
}
break;
+ /*
+ * uniformResourceIdentifier
+ */
+ case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER):
+ {
+ memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name));
+ san->type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
+ memcpy(&san->san.unstructured_name,
+ san_buf, sizeof(*san_buf));
+
+ }
+ break;
/*
* dNSName
*/
@@ -1488,7 +1500,23 @@
}/* MBEDTLS_OID_ON_HW_MODULE_NAME */
}
break;
+ /*
+ * uniformResourceIdentifier
+ */
+ case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER:
+ {
+ ret = mbedtls_snprintf(p, n, "\n%s uniformResourceIdentifier : ", prefix);
+ MBEDTLS_X509_SAFE_SNPRINTF;
+ if (san.san.unstructured_name.len >= n) {
+ *p = '\0';
+ return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+ }
+ memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len);
+ p += san.san.unstructured_name.len;
+ n -= san.san.unstructured_name.len;
+ }
+ break;
/*
* dNSName
*/