feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Implement review comments

Browse Source
This commit is contained in:
Vysakh P Pillai
2020-12-03 08:25:40 +05:30
committed by GitHub
parent 3a2675fb63
commit 376cac5ab1
1 changed files with 13 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
wolfcrypt/src/port/atmel/atmel.c
View File

@ -913,50 +913,35 @@ static int atcatls_set_certificates(WOLFSSL_CTX *ctx)
{ {
int ret = 0; int ret = 0;
ATCA_STATUS status; ATCA_STATUS status;
size_t signerCertSize = 0; size_t signerCertSize = 1024;
uint8_t signerCert[signerCertSize]; uint8_t signerCert[signerCertSize];
size_t deviceCertSize = 0; size_t deviceCertSize = 1024;
uint8_t deviceCert[deviceCertSize]; uint8_t deviceCert[deviceCertSize];
int devPemSz, signerPemSz; int devPemSz, signerPemSz;
byte devPem[1024]; char devCertChain[2048];
byte signerPem[1024];
char devCertChain[devPemSz+signerPemSz];
/*Read signer cert*/ /*Read signer cert*/
status = tng_atcacert_max_signer_cert_size(&signerCertSize);
if (ATCA_SUCCESS != status) {
ret = atmel_ecc_translate_err(ret);
return ret;
}
status = tng_atcacert_read_signer_cert((uint8_t*)&signerCert, &signerCertSize); status = tng_atcacert_read_signer_cert((uint8_t*)&signerCert, &signerCertSize);
if (ATCA_SUCCESS != status) { if (ATCA_SUCCESS != status) {
ret = atmel_ecc_translate_err(ret); ret = atmel_ecc_translate_err(ret);
return ret; return ret;
} }
/*Read device cert signed by the signer above*/ /*Read device cert signed by the signer above*/
status = tng_atcacert_max_device_cert_size(&deviceCertSize); status = tng_atcacert_read_device_cert((uint8_t*)deviceCert, &deviceCertSize, (uint8_t*)signerCert);
if (ATCA_SUCCESS != status) { if (ATCA_SUCCESS != status) {
ret = atmel_ecc_translate_err(ret); ret = atmel_ecc_translate_err(ret);
return ret; return ret;
} }
status = tng_atcacert_read_device_cert((uint8_t*) & deviceCert, &deviceCertSize, (uint8_t*) & signerCert); /*Generate a PEM chain of device certificate.*/
if (ATCA_SUCCESS != status) { XMEMSET(devCertChain, 0, sizeof(devCertChain));
ret = atmel_ecc_translate_err(ret); devPemSz = wc_DerToPem(deviceCert, deviceCertSize, (byte*)&devCertChain[0], sizeof(devCertChain), CERT_TYPE);
return ret;
}
/*Generate a PEM chain for device certificate.*/
XMEMSET(devPem, 0, 1024);
XMEMSET(signerPem, 0, 1024);
devPemSz = wc_DerToPem(deviceCert, deviceCertSize, devPem, sizeof(devPem), CERT_TYPE);
if((devPemSz <= 0)){ if((devPemSz <= 0)){
return devPemSz; return devPemSz;
} }
signerPemSz = wc_DerToPem(signerCert, signerCertSize, signerPem, sizeof(signerPem), CERT_TYPE); signerPemSz = wc_DerToPem(signerCert, signerCertSize, (byte*)&devCertChain[devPemSz], sizeof(devCertChain)-devPemSz, CERT_TYPE);
if((signerPemSz <= 0)){ if((signerPemSz <= 0)){
return signerPemSz; return signerPemSz;
} }
XSTRNCAT(devCertChain,(char*)devPem,devPemSz);
XSTRNCAT(devCertChain,(char*)signerPem,signerPemSz);
ret = wolfSSL_CTX_use_certificate_chain_buffer(ctx, (const unsigned char*)devCertChain, XSTRLEN(devCertChain)); ret = wolfSSL_CTX_use_certificate_chain_buffer(ctx, (const unsigned char*)devCertChain, XSTRLEN(devCertChain));
if (ret != WOLFSSL_SUCCESS) { if (ret != WOLFSSL_SUCCESS) {
ret = -1; ret = -1;
@ -969,7 +954,7 @@ static int atcatls_set_certificates(WOLFSSL_CTX *ctx)
int atcatls_set_callbacks(WOLFSSL_CTX* ctx) int atcatls_set_callbacks(WOLFSSL_CTX* ctx)
{ {
int ret; int ret = 0;
wolfSSL_CTX_SetEccKeyGenCb(ctx, atcatls_create_key_cb); wolfSSL_CTX_SetEccKeyGenCb(ctx, atcatls_create_key_cb);
wolfSSL_CTX_SetEccVerifyCb(ctx, atcatls_verify_signature_cb); wolfSSL_CTX_SetEccVerifyCb(ctx, atcatls_verify_signature_cb);
wolfSSL_CTX_SetEccSignCb(ctx, atcatls_sign_certificate_cb); wolfSSL_CTX_SetEccSignCb(ctx, atcatls_sign_certificate_cb);
@ -980,7 +965,6 @@ int atcatls_set_callbacks(WOLFSSL_CTX* ctx)
#ifdef WOLFSSL_ATECC_DEBUG #ifdef WOLFSSL_ATECC_DEBUG
printf("atcatls_set_certificates failed. (%d) \r\n",ret); printf("atcatls_set_certificates failed. (%d) \r\n",ret);
#endif #endif
return ret;
} }
#endif #endif
return 0; return 0;