Retrieve RegisteredID from subjectAltName

Question

I've a certificate (using openssl app) with SubjectAltName set as :

I want to read to field RegisteredID (for example) for that I've constructed the following code:

GENERAL_NAME* getX508SubjectAltNameInfo(X509* pCertificate)
{
    int i;
    int san_nb =-1;
    STACK_OF(GENERAL_NAME) * san_names=NULL;
    GENERAL_NAME *current_name;
    san_names =(STACK_OF(GENERAL_NAME) *)X509_get_ext_d2i(pCertificate, NID_subject_alt_name, NULL, NULL);
    if (san_names == NULL)
        return NULL;
    san_nb = sk_GENERAL_NAME_num(san_names);
    if (san_nb <= 0)
        return NULL;
    for (i=0;i<san_nb;i++){
        current_name = sk_GENERAL_NAME_value(san_names, i);
        if (current_name->type == GEN_RID/*8*/) {
            return current_name;
        {
    }
    sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
    return current_name;
}

later I use it

ASN1_OBJECT* rid;
char* ridStr;
GENERAL_NAME* san = getX508SubjectAltNameInfo(pCertificate);
if (san == NULL)//<-- always true 
{
    print_log_err("no indx key found");
}

rid = san->d.registeredID;
ridStr = (char*)rid->data;
printf("%s",ridStr);

but when I debug it all I can see inside current_name is:

 (gdb) p *current_name.d->rid
$5 = {sn = 0x1600000010 <Address 0x1600000010 out of bounds>, ln = 0x1bee1f0 "my@other.address", nid = 0, length = 0,
  data = 0x21 <Address 0x21 out of bounds>, flags = 8}
(gdb) p *current_name.d->registeredID
$6 = {sn = 0x1600000010 <Address 0x1600000010 out of bounds>, ln = 0x1bee1f0 "my@other.address", nid = 0, length = 0,
  data = 0x21 <Address 0x21 out of bounds>, flags = 8}

my question is what am I doing wrong ? is my code OK but the certificate creation gone wrong or the opposite (or both)

I believe `GENERAL_NAME` is a pointer into the stack of names. `sk_GENERAL_NAME_pop_free` frees the names. After that, `current_name` is no longer valid unless you dup it. Have you run the code under Valgrind looking for memory errors? — jww, Feb 07 '17 at 18:25
@jww sadly it is not trivial to run Valgrind on my setup , I stopped with the gdb inside the for loop , so if something was there I would have found it — LordTitiKaka, Feb 07 '17 at 18:44
Perhaps you can try something like [Use of sk_GENERAL_NAME_dup](http://pastebin.com/CjE1in7y) just to ensure its not odd behavior from a use-after-free. — jww, Feb 07 '17 at 19:52
@jww I'll try although as can be found here : https://wiki.openssl.org/index.php/Hostname_validation and here : https://github.com/iSECPartners/ssl-conservatory/blob/master/openssl/openssl_hostname_validation.c it is probably correct way — LordTitiKaka, Feb 07 '17 at 20:22
*"it is probably correct way"* - I doubt it, but you are free to do what you want. The functions in [Hostname Validation](https://github.com/iSECPartners/ssl-conservatory/blob/master/openssl/openssl_hostname_validation.c) return int's, like `result = MatchFound;`. They don't return a `GENERAL_NAME`, and they don't use a `GENERAL_NAME` after the `sk_GENERAL_NAME_pop_free`. — jww, Feb 07 '17 at 20:26
@jww you are right ,I'll surely correct the code and try again, sorry if you got offended , wasn't my intention — LordTitiKaka, Feb 07 '17 at 20:29

Retrieve RegisteredID from subjectAltName

0 Answers0