shithub: riscv

Download patch

ref: 675ee1db15ca969a4b03718cf71af8d4589f0306
parent: 67158d5b05ee71278d673034f4bc00171d4a98d3
author: cinap_lenrek <[email protected]>
date: Thu May 12 08:41:32 EDT 2016

auth/rsa2x509: generate x509v3 cert as extension field might not otherwise not be expected

--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2673,6 +2673,15 @@
 }
 
 static Elem
+mkcont(Elem e, int num)
+{
+	e = mkseq(mkel(e, nil));
+	e.tag.class = Context;
+	e.tag.num = num;
+	return e;
+}
+
+static Elem
 mkaltname(char *s)
 {
 	Elem e;
@@ -2679,16 +2688,12 @@
 	int i;
 
 	for(i=0; i<nelem(DN_oid); i++){
-		if(strstr(s, DN_oid[i].prefix) != nil){
-			e = mkseq(mkel(mkDN(s),nil));
-			e.tag.class = Context;
-			e.tag.num = 4;	/* DN */
-			return e;
-		}
+		if(strstr(s, DN_oid[i].prefix) != nil)
+			return mkcont(mkDN(s), 4); /* DN */
 	}
 	e = mkstring(s, IA5String);
 	e.tag.class = Context;
-	e.tag.num = strchr(s, '@') != nil ? 1 : 2;	/* email : DNS */
+	e.tag.num = strchr(s, '@') != nil ? 1 : 2; /* email : DNS */
 	return e;
 }
 
@@ -2738,17 +2743,12 @@
 mkextensions(char *alts)
 {
 	Elist *sl, *xl;
-	Elem e;
 
 	xl = nil;
 	if((sl = mkaltnames(alts)) != nil)
 		xl = mkextel(mkseq(sl), (Ints*)&oid_subjectAltName, xl);
-	if(xl != nil){
-		e = mkseq(mkel(mkseq(xl), nil));
-		e.tag.class = Context;
-		e.tag.num = 3;	/* Extensions */
-		return mkel(e, nil);
-	}
+	if(xl != nil)
+		return mkel(mkcont(mkseq(xl), 3), nil);
 	return nil;
 }
 
@@ -2791,6 +2791,7 @@
 	freevalfields(&e.val);
 
 	e = mkseq(
+		mkel(mkcont(mkint(2), 0),
 		mkel(mkint(serial),
 		mkel(mkalg(sigalg),
 		mkel(mkDN(subj),
@@ -2803,7 +2804,7 @@
 			mkel(mkalg(ALG_rsaEncryption),
 			mkel(mkbits(pkbytes->data, pkbytes->len),
 			nil))),
-		mkextensions(alts))))))));
+		mkextensions(alts)))))))));
 	freebytes(pkbytes);
 	if(encode(e, &certinfobytes) != ASN_OK)
 		goto errret;