CryptoPkg/BaseCryptLib: Add new API to get organization name

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1401

Implement a common function to get the NID name. And use
this function to get common name and organization name.

Add a null function API X509GetOrganizationName of null
function source file.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Cc: Gang Wei <gang.wei@intel.com>
Cc: Wang Jian J <jian.j.wang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Michael Turner <Michael.Turner@microsoft.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index fda86488e69b980c58513e23c0bf12cacf477750..9b5579e71a7550fedbc2f18ebf546e322ba6cd4e 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -292,10 +292,11 @@ _Exit:
 }\r
 \r
 /**\r
-  Retrieve the common name (CN) string from one X.509 certificate.\r
+  Retrieve a string from one X.509 certificate base on the Request_NID.\r
 \r
   @param[in]      Cert             Pointer to the DER-encoded X509 certificate.\r
   @param[in]      CertSize         Size of the X509 certificate in bytes.\r
+  @param[in]      Request_NID      NID of string to obtain\r
   @param[out]     CommonName       Buffer to contain the retrieved certificate common\r
                                    name string (UTF8). At most CommonNameSize bytes will be\r
                                    written and the string will be null terminated. May be\r
@@ -310,20 +311,21 @@ _Exit:
                                    If CommonNameSize is NULL.\r
                                    If CommonName is not NULL and *CommonNameSize is 0.\r
                                    If Certificate is invalid.\r
-  @retval RETURN_NOT_FOUND         If no CommonName entry exists.\r
+  @retval RETURN_NOT_FOUND         If no NID Name entry exists.\r
   @retval RETURN_BUFFER_TOO_SMALL  If the CommonName is NULL. The required buffer size\r
                                    (including the final null) is returned in the\r
                                    CommonNameSize parameter.\r
   @retval RETURN_UNSUPPORTED       The operation is not supported.\r
 \r
 **/\r
+STATIC\r
 RETURN_STATUS\r
-EFIAPI\r
-X509GetCommonName (\r
-  IN      CONST UINT8  *Cert,\r
-  IN      UINTN        CertSize,\r
-  OUT     CHAR8        *CommonName,  OPTIONAL\r
-  IN OUT  UINTN        *CommonNameSize\r
+InternalX509GetNIDName (\r
+  IN      CONST UINT8   *Cert,\r
+  IN      UINTN         CertSize,\r
+  IN      INT32         Request_NID,\r
+  OUT     CHAR8         *CommonName,  OPTIONAL\r
+  IN OUT  UINTN         *CommonNameSize\r
   )\r
 {\r
   RETURN_STATUS    ReturnStatus;\r
@@ -375,12 +377,12 @@ X509GetCommonName (
   }\r
 \r
   //\r
-  // Retrieve the CommonName information from X.509 Subject\r
+  // Retrive the string from X.509 Subject base on the Request_NID\r
   //\r
-  Index = X509_NAME_get_index_by_NID (X509Name, NID_commonName, -1);\r
+  Index = X509_NAME_get_index_by_NID (X509Name, Request_NID, -1);\r
   if (Index < 0) {\r
     //\r
-    // No CommonName entry exists in X509_NAME object\r
+    // No Request_NID name entry exists in X509_NAME object\r
     //\r
     *CommonNameSize = 0;\r
     ReturnStatus    = RETURN_NOT_FOUND;\r
@@ -402,7 +404,7 @@ X509GetCommonName (
   Length = ASN1_STRING_to_UTF8 (&UTF8Name, EntryData);\r
   if (Length < 0) {\r
     //\r
-    // Fail to convert the commonName string\r
+    // Fail to convert the Name string\r
     //\r
     *CommonNameSize = 0;\r
     ReturnStatus    = RETURN_INVALID_PARAMETER;\r
@@ -433,6 +435,82 @@ _Exit:
   return ReturnStatus;\r
 }\r
 \r
+/**\r
+  Retrieve the common name (CN) string from one X.509 certificate.\r
+\r
+  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.\r
+  @param[in]      CertSize         Size of the X509 certificate in bytes.\r
+  @param[out]     CommonName       Buffer to contain the retrieved certificate common\r
+                                   name string. At most CommonNameSize bytes will be\r
+                                   written and the string will be null terminated. May be\r
+                                   NULL in order to determine the size buffer needed.\r
+  @param[in,out]  CommonNameSize   The size in bytes of the CommonName buffer on input,\r
+                                   and the size of buffer returned CommonName on output.\r
+                                   If CommonName is NULL then the amount of space needed\r
+                                   in buffer (including the final null) is returned.\r
+\r
+  @retval RETURN_SUCCESS           The certificate CommonName retrieved successfully.\r
+  @retval RETURN_INVALID_PARAMETER If Cert is NULL.\r
+                                   If CommonNameSize is NULL.\r
+                                   If CommonName is not NULL and *CommonNameSize is 0.\r
+                                   If Certificate is invalid.\r
+  @retval RETURN_NOT_FOUND         If no CommonName entry exists.\r
+  @retval RETURN_BUFFER_TOO_SMALL  If the CommonName is NULL. The required buffer size\r
+                                   (including the final null) is returned in the\r
+                                   CommonNameSize parameter.\r
+  @retval RETURN_UNSUPPORTED       The operation is not supported.\r
+\r
+**/\r
+RETURN_STATUS\r
+EFIAPI\r
+X509GetCommonName (\r
+  IN      CONST UINT8  *Cert,\r
+  IN      UINTN        CertSize,\r
+  OUT     CHAR8        *CommonName,  OPTIONAL\r
+  IN OUT  UINTN        *CommonNameSize\r
+  )\r
+{\r
+  return InternalX509GetNIDName (Cert, CertSize, NID_commonName, CommonName, CommonNameSize);\r
+}\r
+\r
+/**\r
+  Retrieve the organization name (O) string from one X.509 certificate.\r
+\r
+  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.\r
+  @param[in]      CertSize         Size of the X509 certificate in bytes.\r
+  @param[out]     NameBuffer       Buffer to contain the retrieved certificate organization\r
+                                   name string. At most NameBufferSize bytes will be\r
+                                   written and the string will be null terminated. May be\r
+                                   NULL in order to determine the size buffer needed.\r
+  @param[in,out]  NameBufferSize   The size in bytes of the Name buffer on input,\r
+                                   and the size of buffer returned Name on output.\r
+                                   If NameBuffer is NULL then the amount of space needed\r
+                                   in buffer (including the final null) is returned.\r
+\r
+  @retval RETURN_SUCCESS           The certificate Organization Name retrieved successfully.\r
+  @retval RETURN_INVALID_PARAMETER If Cert is NULL.\r
+                                   If NameBufferSize is NULL.\r
+                                   If NameBuffer is not NULL and *CommonNameSize is 0.\r
+                                   If Certificate is invalid.\r
+  @retval RETURN_NOT_FOUND         If no Organization Name entry exists.\r
+  @retval RETURN_BUFFER_TOO_SMALL  If the NameBuffer is NULL. The required buffer size\r
+                                   (including the final null) is returned in the\r
+                                   CommonNameSize parameter.\r
+  @retval RETURN_UNSUPPORTED       The operation is not supported.\r
+\r
+**/\r
+RETURN_STATUS\r
+EFIAPI\r
+X509GetOrganizationName (\r
+  IN      CONST UINT8   *Cert,\r
+  IN      UINTN         CertSize,\r
+  OUT     CHAR8         *NameBuffer,  OPTIONAL\r
+  IN OUT  UINTN         *NameBufferSize\r
+  )\r
+{\r
+  return InternalX509GetNIDName (Cert, CertSize, NID_organizationName, NameBuffer, NameBufferSize);\r
+}\r
+\r
 /**\r
   Retrieve the RSA Public Key from one DER-encoded X509 certificate.\r
 \r

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
index 559236820a38b41619c7822f9e7e919fcad5ffb4..5e59cb1634b5f87c42cff401a97f8ef34b956894 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
@@ -153,6 +153,38 @@ X509GetCommonName (
   return RETURN_UNSUPPORTED;\r
 }\r
 \r
+/**\r
+  Retrieve the organization name (ON) string from one X.509 certificate.\r
+\r
+  Return RETURN_UNSUPPORTED to indicate this interface is not supported.\r
+\r
+  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.\r
+  @param[in]      CertSize         Size of the X509 certificate in bytes.\r
+  @param[out]     NameBuffer       Buffer to contain the retrieved certificate organization\r
+                                   name string. At most NameBufferSize bytes will be\r
+                                   written and the string will be null terminated. May be\r
+                                   NULL in order to determine the size buffer needed.\r
+  @param[in,out]  NameBufferSize   The size in bytes of the Name buffer on input,\r
+                                   and the size of buffer returned Name on output.\r
+                                   If NameBuffer is NULL then the amount of space needed\r
+                                   in buffer (including the final null) is returned.\r
+\r
+  @retval RETURN_UNSUPPORTED       The operation is not supported.\r
+\r
+**/\r
+RETURN_STATUS\r
+EFIAPI\r
+X509GetOrganizationName (\r
+  IN      CONST UINT8   *Cert,\r
+  IN      UINTN         CertSize,\r
+  OUT     CHAR8         *NameBuffer,  OPTIONAL\r
+  IN OUT  UINTN         *NameBufferSize\r
+  )\r
+{\r
+  ASSERT (FALSE);\r
+  return RETURN_UNSUPPORTED;\r
+}\r
+\r
 /**\r
   Retrieve the RSA Public Key from one DER-encoded X509 certificate.\r
 \r