From 18904acc9339189d2bdc0aceab0d50fbfdc3479a Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Tue, 14 Feb 2023 11:54:37 +0100 Subject: [PATCH] Adapt the code to support SAN types: uniformResourceIdentifier, dNSName and IPAddress According to documentation OPCUA requires: uniformResourceIdentifier, dNSName and IPAddress https://reference.opcfoundation.org/Core/Part6/v105/docs/6.2 Signed-off-by: Przemek Stekiel --- library/x509write_csr.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 1d46fdbdc3..68930b627c 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -128,16 +128,25 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct cur = san_list; len = 0; while (cur != NULL) { - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_raw_buffer(&p, buf, - (const unsigned char *) cur->node.name, - cur->node.len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.len)); - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_tag(&p, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - cur->node.type)); - + switch (cur->node.type) { + case MBEDTLS_X509_SAN_DNS_NAME: + case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: + case MBEDTLS_X509_SAN_IP_ADDRESS: + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_raw_buffer(&p, buf, + (const unsigned char *) cur->node + .name, + cur->node.len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + cur->node.type)); + break; + default: + /* Skip unsupported names. */ + break; + } cur = cur->next; }