libstrongswan: xmppaddr prefix designates an xmppAddr otherName ID type
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 30 May 2018 13:41:01 +0000 (15:41 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 30 May 2018 15:25:28 +0000 (17:25 +0200)
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/tests/suites/test_identification.c
src/libstrongswan/utils/identification.c

index bc3a443..f3d4377 100644 (file)
@@ -369,8 +369,13 @@ static bool parse_otherName(chunk_t *blob, int level0, id_type_t *type)
                                switch (oid)
                                {
                                        case OID_XMPP_ADDR:
-                                               if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
+                                               if (asn1_parse_simple_object(&object, ASN1_UTF8STRING,
                                                                        parser->get_level(parser)+1, "xmppAddr"))
+                                               {       /* we handle xmppAddr as RFC822 addr */
+                                                       *blob = object;
+                                                       *type = ID_RFC822_ADDR;
+                                               }
+                                               else
                                                {
                                                        goto end;
                                                }
@@ -2021,6 +2026,8 @@ chunk_t build_generalName(identification_t *id)
 
        switch (id->get_type(id))
        {
+               case ID_DER_ASN1_GN:
+                       return chunk_clone(id->get_encoding(id));
                case ID_RFC822_ADDR:
                        context = ASN1_CONTEXT_S_1;
                        break;
index c0a21fe..4b22024 100644 (file)
@@ -234,6 +234,12 @@ static struct {
                .data.c = chunk_from_chars(0xc0,0xa8,0x01,0x01) }},
        { "email:tester",                       ID_RFC822_ADDR,                 { .type = ENC_STRING,
                .data.s = "tester" }},
+       {"xmppaddr:bob@strongswan.org", ID_DER_ASN1_GN,         { .type = ENC_CHUNK,
+               .data.c = chunk_from_chars(0xa0,0x20,0x06,0x08,0x2b,0x06,0x01,0x05,
+                                                                  0x05,0x07,0x08,0x05,0xa0,0x14,0x0c,0x12,
+                                                                  0x62,0x6f,0x62,0x40,0x73,0x74,0x72,0x6f,
+                                                                  0x6e,0x67,0x73,0x77,0x61,0x6e,0x2e,0x6f,
+                                                                  0x72,0x67) }},
        { "{1}:#c0a80101",                      ID_IPV4_ADDR,                   { .type = ENC_CHUNK,
                .data.c = chunk_from_chars(0xc0,0xa8,0x01,0x01) }},
        { "{0x02}:tester",                      ID_FQDN,                                { .type = ENC_STRING,
index 56298a6..36c0c9d 100644 (file)
@@ -1222,6 +1222,7 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
                { "dns:",                       ID_FQDN                                 },
                { "asn1dn:",            ID_DER_ASN1_DN                  },
                { "asn1gn:",            ID_DER_ASN1_GN                  },
+               { "xmppaddr:",          ID_DER_ASN1_GN          },
                { "keyid:",                     ID_KEY_ID                               },
        };
        private_identification_t *this;
@@ -1233,6 +1234,7 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
                {
                        this = identification_create(prefixes[i].type);
                        str += strlen(prefixes[i].str);
+
                        if (*str == '#')
                        {
                                this->encoded = chunk_from_hex(chunk_from_str(str + 1), NULL);
@@ -1241,6 +1243,17 @@ static private_identification_t* create_from_string_with_prefix_type(char *str)
                        {
                                this->encoded = chunk_clone(chunk_from_str(str));
                        }
+
+                       if (prefixes[i].type == ID_DER_ASN1_GN &&
+                               strcasepfx(prefixes[i].str, "xmppaddr:"))
+                       {
+                               this->encoded = asn1_wrap(ASN1_CONTEXT_C_0, "mm",
+                                                                       asn1_build_known_oid(OID_XMPP_ADDR),
+                                                                       asn1_wrap(ASN1_CONTEXT_C_0, "m",
+                                                                               asn1_wrap(ASN1_UTF8STRING, "m",
+                                                                                       this->encoded)));
+                       }
+
                        return this;
                }
        }