feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

adding RSA-PSS macro guard around CRL use

Browse Source
This commit is contained in:
JacobBarthelmeh
2024-01-15 15:33:01 -07:00
parent b38e20a721
commit 114d11a8d8
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/crl.c
View File

@@ -138,7 +138,6 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
crle->tbsSz = dcrl->sigIndex - dcrl->certBegin; crle->tbsSz = dcrl->sigIndex - dcrl->certBegin;
crle->signatureSz = dcrl->sigLength; crle->signatureSz = dcrl->sigLength;
crle->signatureOID = dcrl->signatureOID; crle->signatureOID = dcrl->signatureOID;
crle->sigParamsSz = dcrl->sigParamsLength;
crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap, crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap,
DYNAMIC_TYPE_CRL_ENTRY); DYNAMIC_TYPE_CRL_ENTRY);
if (crle->toBeSigned == NULL) if (crle->toBeSigned == NULL)
@@ -151,6 +150,8 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
return -1; return -1;
} }
#ifdef WC_RSA_PSS
crle->sigParamsSz = dcrl->sigParamsLength;
if (dcrl->sigParamsLength > 0) { if (dcrl->sigParamsLength > 0) {
crle->sigParams = (byte*)XMALLOC(crle->sigParamsSz, heap, crle->sigParams = (byte*)XMALLOC(crle->sigParamsSz, heap,
DYNAMIC_TYPE_CRL_ENTRY); DYNAMIC_TYPE_CRL_ENTRY);
@@ -164,6 +165,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex, XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex,
crle->sigParamsSz); crle->sigParamsSz);
} }
#endif
XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz); XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz);
XMEMCPY(crle->signature, dcrl->signature, crle->signatureSz); XMEMCPY(crle->signature, dcrl->signature, crle->signatureSz);
#ifndef NO_SKID #ifndef NO_SKID
@@ -221,8 +223,10 @@ static void CRL_Entry_free(CRL_Entry* crle, void* heap)
XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY); XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY);
if (crle->toBeSigned != NULL) if (crle->toBeSigned != NULL)
XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY); XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
#ifdef WC_RSA_PSS
if (crle->sigParams != NULL) if (crle->sigParams != NULL)
XFREE(crle->sigParams, heap, DYNAMIC_TYPE_CRL_ENTRY); XFREE(crle->sigParams, heap, DYNAMIC_TYPE_CRL_ENTRY);
#endif
#if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA)
if (crle->issuer != NULL) { if (crle->issuer != NULL) {
FreeX509Name(crle->issuer); FreeX509Name(crle->issuer);
@@ -759,16 +763,24 @@ static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap)
DYNAMIC_TYPE_CRL_ENTRY); DYNAMIC_TYPE_CRL_ENTRY);
dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap, dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap,
DYNAMIC_TYPE_CRL_ENTRY); DYNAMIC_TYPE_CRL_ENTRY);
#ifdef WC_RSA_PSS
dupl->sigParams = (byte*)XMALLOC(dupl->sigParamsSz, heap, dupl->sigParams = (byte*)XMALLOC(dupl->sigParamsSz, heap,
DYNAMIC_TYPE_CRL_ENTRY); DYNAMIC_TYPE_CRL_ENTRY);
if (dupl->toBeSigned == NULL || dupl->signature == NULL || #endif
dupl->sigParams == NULL) { if (dupl->toBeSigned == NULL || dupl->signature == NULL) {
CRL_Entry_free(dupl, heap); CRL_Entry_free(dupl, heap);
return NULL; return NULL;
} }
XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz); XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz);
XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz);
XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz); XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz);
#ifdef WC_RSA_PSS
if (dupl->sigParams == NULL) {
CRL_Entry_free(dupl, heap);
return NULL;
}
XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz);
#endif
} }
else { else {
dupl->toBeSigned = NULL; dupl->toBeSigned = NULL;