feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Improve wolfSSL_i2d_X509_NAME and wolfSSL_i2d_X509_NAME_canon.

Browse Source 
Like other i2d functions, these functions should be able to take a NULL output
parameter and return the necessary output buffer size. This commit adds this
ability. This commit also removes some redundant code in wolfSSL_i2d_X509_NAME.
This commit is contained in:
Hayden Roche
2022-02-18 17:04:06 -08:00
parent fef8a57eb2
commit c33ae4c245
2 changed files with 23 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/ssl.c
View File

@ -44169,9 +44169,9 @@ static int wolfSSL_ASN1_STRING_canon(WOLFSSL_ASN1_STRING* asn_out,
/* convert to UTF8 */ /* convert to UTF8 */
/* convert to lower case */ /* convert to lower case */
/* multi-spaces collapsed */ /* multi-spaces collapsed */
/* leading SEQUENCE hader is skipped */ /* leading SEQUENCE header is skipped */
/* @param name a pointer to X509_NAME that is to be converted */ /* @param name a pointer to X509_NAME that is to be converted */
/* @param out a pointer to conveted data */ /* @param out a pointer to converted data */
/* @return a number of converted bytes, otherwise <=0 error code */ /* @return a number of converted bytes, otherwise <=0 error code */
int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out)
{ {
@ -44183,7 +44183,7 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out)
EncodedName names[MAX_NAME_ENTRIES]; EncodedName names[MAX_NAME_ENTRIES];
#endif #endif
if (out == NULL || name == NULL) if (name == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@ -44243,6 +44243,14 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out)
} }
} }
if (out == NULL) {
/* If out is NULL, caller just wants length. */
#ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return totalBytes;
}
/* skip header */ /* skip header */
/* check if using buffer passed in */ /* check if using buffer passed in */
if (*out == NULL) { if (*out == NULL) {
@ -44291,7 +44299,8 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out)
* *
* out pointer to either a pre setup buffer or a pointer to null for * out pointer to either a pre setup buffer or a pointer to null for
* creating a dynamic buffer. In the case that a pre-existing buffer is * creating a dynamic buffer. In the case that a pre-existing buffer is
* used out will be incremented the size of the DER buffer on success. * used out will be incremented the size of the DER buffer on success. If
* out is NULL, the function returns the necessary output buffer length.
* *
* returns the size of the buffer on success, or negative value with failure * returns the size of the buffer on success, or negative value with failure
*/ */
@ -44306,7 +44315,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
EncodedName names[MAX_NAME_ENTRIES]; EncodedName names[MAX_NAME_ENTRIES];
#endif #endif
if (out == NULL || name == NULL) if (name == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@ -44374,23 +44383,13 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
return BUFFER_E; return BUFFER_E;
} }
/* check if using buffer passed in */ if (out == NULL) {
if (*out == NULL) { /* If out is NULL, caller just wants length. */
*out = local = (unsigned char*)XMALLOC(totalBytes + idx, NULL, totalBytes += idx;
DYNAMIC_TYPE_OPENSSL);
if (*out == NULL) {
return MEMORY_E;
}
}
/* header */
idx = SetSequence(totalBytes, temp);
if (totalBytes + idx > ASN_NAME_MAX) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
WOLFSSL_MSG("Total Bytes is greater than ASN_NAME_MAX"); return totalBytes;
return BUFFER_E;
} }
/* check if using buffer passed in */ /* check if using buffer passed in */

5
tests/api.c
View File

@ -29330,6 +29330,8 @@ static void test_wolfSSL_X509_NAME(void)
AssertNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz)); AssertNotNull(d2i_name = d2i_X509_NAME(NULL, &tmp, sz));
#endif #endif
/* if output parameter is NULL, should still return required size. */
AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)b, NULL)), 0);
/* retry but with the function creating a buffer */ /* retry but with the function creating a buffer */
tmp = NULL; tmp = NULL;
AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0); AssertIntGT((sz = i2d_X509_NAME((X509_NAME*)b, &tmp)), 0);
@ -32356,6 +32358,9 @@ static void test_wolfSSL_X509_Name_canon(void)
AssertNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL)); AssertNotNull(x509 = PEM_read_X509(file, NULL, NULL, NULL));
AssertNotNull(name = X509_get_issuer_name(x509)); AssertNotNull(name = X509_get_issuer_name(x509));
/* When output buffer is NULL, should return necessary output buffer
* length.*/
AssertIntGT(wolfSSL_i2d_X509_NAME_canon(name, NULL), 0);
AssertIntGT((len = wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0); AssertIntGT((len = wolfSSL_i2d_X509_NAME_canon(name, &pbuf)), 0);
AssertIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0); AssertIntEQ(wc_ShaHash((const byte*)pbuf, (word32)len, digest), 0);