CryptoPkg/BaseCryptLib: Add new API to get organization name

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1401 Implement a common function to get the NID name. And use this function to get common name and organization name. Add a null function API X509GetOrganizationName of null function source file. Signed-off-by: Zhichao Gao <zhichao.gao@intel.com> Cc: Ting Ye <ting.ye@intel.com> Cc: Gang Wei <gang.wei@intel.com> Cc: Wang Jian J <jian.j.wang@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Michael Turner <Michael.Turner@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2025-07-31 01:24:12 +02:00 · 2019-03-25 12:01:09 +08:00 · 2019-03-25 12:01:09 +08:00 · 912e1e1ee2
commit 912e1e1ee2
parent e2a673b853
2 changed files with 122 additions and 12 deletions
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@ -292,10 +292,11 @@ _Exit:
 }
 /**
-  Retrieve the common name (CN) string from one X.509 certificate.
+  Retrieve a string from one X.509 certificate base on the Request_NID.
  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.
  @param[in]      CertSize         Size of the X509 certificate in bytes.
  @param[in]      Request_NID      NID of string to obtain
  @param[out]     CommonName       Buffer to contain the retrieved certificate common
                                   name string (UTF8). At most CommonNameSize bytes will be
                                   written and the string will be null terminated. May be
@ -310,20 +311,21 @@ _Exit:
                                   If CommonNameSize is NULL.
                                   If CommonName is not NULL and *CommonNameSize is 0.
                                   If Certificate is invalid.
-  @retval RETURN_NOT_FOUND         If no CommonName entry exists.
+  @retval RETURN_NOT_FOUND         If no NID Name entry exists.
  @retval RETURN_BUFFER_TOO_SMALL  If the CommonName is NULL. The required buffer size
                                   (including the final null) is returned in the
                                   CommonNameSize parameter.
  @retval RETURN_UNSUPPORTED       The operation is not supported.
 **/
 STATIC
 RETURN_STATUS
-EFIAPI
+InternalX509GetNIDName (
-X509GetCommonName (
+  IN      CONST UINT8   *Cert,
-  IN      CONST UINT8  *Cert,
+  IN      UINTN         CertSize,
-  IN      UINTN        CertSize,
+  IN      INT32         Request_NID,
-  OUT     CHAR8        *CommonName,  OPTIONAL
+  OUT     CHAR8         *CommonName,  OPTIONAL
-  IN OUT  UINTN        *CommonNameSize
+  IN OUT  UINTN         *CommonNameSize
  )
 {
  RETURN_STATUS    ReturnStatus;
@ -375,12 +377,12 @@ X509GetCommonName (
  }
  //
-  // Retrieve the CommonName information from X.509 Subject
+  // Retrive the string from X.509 Subject base on the Request_NID
  //
-  Index = X509_NAME_get_index_by_NID (X509Name, NID_commonName, -1);
+  Index = X509_NAME_get_index_by_NID (X509Name, Request_NID, -1);
  if (Index < 0) {
    //
-    // No CommonName entry exists in X509_NAME object
+    // No Request_NID name entry exists in X509_NAME object
    //
    *CommonNameSize = 0;
    ReturnStatus    = RETURN_NOT_FOUND;
@ -402,7 +404,7 @@ X509GetCommonName (
  Length = ASN1_STRING_to_UTF8 (&UTF8Name, EntryData);
  if (Length < 0) {
    //
-    // Fail to convert the commonName string
+    // Fail to convert the Name string
    //
    *CommonNameSize = 0;
    ReturnStatus    = RETURN_INVALID_PARAMETER;
@ -433,6 +435,82 @@ _Exit:
  return ReturnStatus;
 }
 /**
  Retrieve the common name (CN) string from one X.509 certificate.
  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.
  @param[in]      CertSize         Size of the X509 certificate in bytes.
  @param[out]     CommonName       Buffer to contain the retrieved certificate common
                                   name string. At most CommonNameSize bytes will be
                                   written and the string will be null terminated. May be
                                   NULL in order to determine the size buffer needed.
  @param[in,out]  CommonNameSize   The size in bytes of the CommonName buffer on input,
                                   and the size of buffer returned CommonName on output.
                                   If CommonName is NULL then the amount of space needed
                                   in buffer (including the final null) is returned.
  @retval RETURN_SUCCESS           The certificate CommonName retrieved successfully.
  @retval RETURN_INVALID_PARAMETER If Cert is NULL.
                                   If CommonNameSize is NULL.
                                   If CommonName is not NULL and *CommonNameSize is 0.
                                   If Certificate is invalid.
  @retval RETURN_NOT_FOUND         If no CommonName entry exists.
  @retval RETURN_BUFFER_TOO_SMALL  If the CommonName is NULL. The required buffer size
                                   (including the final null) is returned in the
                                   CommonNameSize parameter.
  @retval RETURN_UNSUPPORTED       The operation is not supported.
 **/
 RETURN_STATUS
 EFIAPI
 X509GetCommonName (
  IN      CONST UINT8  *Cert,
  IN      UINTN        CertSize,
  OUT     CHAR8        *CommonName,  OPTIONAL
  IN OUT  UINTN        *CommonNameSize
  )
 {
  return InternalX509GetNIDName (Cert, CertSize, NID_commonName, CommonName, CommonNameSize);
 }
 /**
  Retrieve the organization name (O) string from one X.509 certificate.
  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.
  @param[in]      CertSize         Size of the X509 certificate in bytes.
  @param[out]     NameBuffer       Buffer to contain the retrieved certificate organization
                                   name string. At most NameBufferSize bytes will be
                                   written and the string will be null terminated. May be
                                   NULL in order to determine the size buffer needed.
  @param[in,out]  NameBufferSize   The size in bytes of the Name buffer on input,
                                   and the size of buffer returned Name on output.
                                   If NameBuffer is NULL then the amount of space needed
                                   in buffer (including the final null) is returned.
  @retval RETURN_SUCCESS           The certificate Organization Name retrieved successfully.
  @retval RETURN_INVALID_PARAMETER If Cert is NULL.
                                   If NameBufferSize is NULL.
                                   If NameBuffer is not NULL and *CommonNameSize is 0.
                                   If Certificate is invalid.
  @retval RETURN_NOT_FOUND         If no Organization Name entry exists.
  @retval RETURN_BUFFER_TOO_SMALL  If the NameBuffer is NULL. The required buffer size
                                   (including the final null) is returned in the
                                   CommonNameSize parameter.
  @retval RETURN_UNSUPPORTED       The operation is not supported.
 **/
 RETURN_STATUS
 EFIAPI
 X509GetOrganizationName (
  IN      CONST UINT8   *Cert,
  IN      UINTN         CertSize,
  OUT     CHAR8         *NameBuffer,  OPTIONAL
  IN OUT  UINTN         *NameBufferSize
  )
 {
  return InternalX509GetNIDName (Cert, CertSize, NID_organizationName, NameBuffer, NameBufferSize);
 }
 /**
  Retrieve the RSA Public Key from one DER-encoded X509 certificate.
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
@ -153,6 +153,38 @@ X509GetCommonName (
  return RETURN_UNSUPPORTED;
 }
 /**
  Retrieve the organization name (ON) string from one X.509 certificate.
  Return RETURN_UNSUPPORTED to indicate this interface is not supported.
  @param[in]      Cert             Pointer to the DER-encoded X509 certificate.
  @param[in]      CertSize         Size of the X509 certificate in bytes.
  @param[out]     NameBuffer       Buffer to contain the retrieved certificate organization
                                   name string. At most NameBufferSize bytes will be
                                   written and the string will be null terminated. May be
                                   NULL in order to determine the size buffer needed.
  @param[in,out]  NameBufferSize   The size in bytes of the Name buffer on input,
                                   and the size of buffer returned Name on output.
                                   If NameBuffer is NULL then the amount of space needed
                                   in buffer (including the final null) is returned.
  @retval RETURN_UNSUPPORTED       The operation is not supported.
 **/
 RETURN_STATUS
 EFIAPI
 X509GetOrganizationName (
  IN      CONST UINT8   *Cert,
  IN      UINTN         CertSize,
  OUT     CHAR8         *NameBuffer,  OPTIONAL
  IN OUT  UINTN         *NameBufferSize
  )
 {
  ASSERT (FALSE);
  return RETURN_UNSUPPORTED;
 }
 /**
  Retrieve the RSA Public Key from one DER-encoded X509 certificate.