commit d07614c529a1432c6d7ddcc6f75a0205a213fe75
author Hanno Becker <hanno.becker@arm.com> Tue Jun 25 10:19:58 2019 +0100
committer Hanno Becker <hanno.becker@arm.com> Thu Jul 04 14:04:03 2019 +0100
tree 3eb025297fb2f31cd5b4a5e3243053df6931f7db
parent 843b71a1df1f826090b1c92a2f167b6d9081e0fa

Introduce MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID removing IDs

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index eb746de..4e5ff43 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -235,8 +235,10 @@
     x509_buf_to_buf_raw( &frame->pubkey_raw, &crt->pk_raw );
     x509_buf_to_buf_raw( &frame->issuer_raw, &crt->issuer_raw );
     x509_buf_to_buf_raw( &frame->subject_raw, &crt->subject_raw );
+#if !defined(MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID)
     x509_buf_to_buf_raw( &frame->subject_id, &crt->subject_id );
     x509_buf_to_buf_raw( &frame->issuer_id, &crt->issuer_id );
+#endif /* !MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
     x509_buf_to_buf_raw( &frame->sig, &crt->sig );
     x509_buf_to_buf_raw( &frame->v3_ext, &crt->v3_ext );
 
@@ -751,6 +753,7 @@
 }
 #endif /* MBEDTLS_X509_CRT_REMOVE_TIME */
 
+#if !defined(MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID)
 /*
  * X.509 v2/v3 unique identifier (not parsed)
  */
@@ -777,6 +780,30 @@
 
     return( 0 );
 }
+#else /* !MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
+static int x509_skip_uid( unsigned char **p,
+                          const unsigned char *end,
+                          int n )
+{
+    int ret;
+    size_t len;
+
+    if( *p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( 0 );
+
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    *p += len;
+    return( 0 );
+}
+#endif /* MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
 
 static int x509_get_basic_constraints( unsigned char **p,
                                        const unsigned char *end,
@@ -1365,6 +1392,7 @@
 
     if( frame->version != 1 )
     {
+#if !defined(MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID)
         /*
          *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
          *                       -- If present, version shall be v2 or v3
@@ -1380,6 +1408,14 @@
         ret = x509_get_uid( &p, end, &frame->subject_id, 2 /* implicit tag */ );
         if( ret != 0 )
             return( ret );
+#else /* !MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
+        ret = x509_skip_uid( &p, end, 1 /* implicit tag */ );
+        if( ret != 0 )
+            return( ret );
+        ret = x509_skip_uid( &p, end, 2 /* implicit tag */ );
+        if( ret != 0 )
+            return( ret );
+#endif /* MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
     }
 
     /*
@@ -1562,8 +1598,10 @@
     x509_buf_raw_to_buf( &crt->serial, &frame->serial );
     x509_buf_raw_to_buf( &crt->issuer_raw, &frame->issuer_raw );
     x509_buf_raw_to_buf( &crt->subject_raw, &frame->subject_raw );
+#if !defined(MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID)
     x509_buf_raw_to_buf( &crt->issuer_id, &frame->issuer_id );
     x509_buf_raw_to_buf( &crt->subject_id, &frame->subject_id );
+#endif /* !MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID */
     x509_buf_raw_to_buf( &crt->pk_raw, &frame->pubkey_raw );
     x509_buf_raw_to_buf( &crt->sig, &frame->sig );
     x509_buf_raw_to_buf( &crt->v3_ext, &frame->v3_ext );