feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2605 from SparkiDev/set_ser_num

Browse Source 
Added output size to SetSerialNumber
This commit is contained in:
toddouska
2019-11-20 09:15:36 -08:00
committed by GitHub
parent 1ba366920c 79b35860e0
commit d5a1adab5d
3 changed files with 23 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
wolfcrypt/src/asn.c
View File

@@ -599,7 +599,7 @@ char* GetSigName(int oid) {
} }
#if !defined(NO_DSA) || defined(HAVE_ECC) || \ #if !defined(NO_DSA) || defined(HAVE_ECC) || !defined(NO_CERTS) || \
(!defined(NO_RSA) && \ (!defined(NO_RSA) && \
(defined(WOLFSSL_CERT_GEN) || \ (defined(WOLFSSL_CERT_GEN) || \
((defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(HAVE_USER_RSA)))) ((defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(HAVE_USER_RSA))))
@@ -8898,43 +8898,39 @@ WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header)
WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output, WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
int maxSnSz) word32 outputSz, int maxSnSz)
{ {
int i = 0; int i;
int snSzInt = (int)snSz; int snSzInt = (int)snSz;
if (sn == NULL || output == NULL || snSzInt < 0) if (sn == NULL || output == NULL || snSzInt < 0)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
/* remove leading zeros */ /* remove leading zeros */
while (snSzInt > 0 && sn[0] == 0) { while (snSzInt > 1 && sn[0] == 0) {
snSzInt--; snSzInt--;
sn++; sn++;
} }
if (sn[0] & 0x80)
maxSnSz--;
/* truncate if input is too long */ /* truncate if input is too long */
if (snSzInt > maxSnSz) if (snSzInt > maxSnSz)
snSzInt = maxSnSz; snSzInt = maxSnSz;
/* encode ASN Integer, with length and value */ i = SetASNInt(snSzInt, sn[0], NULL);
output[i++] = ASN_INTEGER; /* truncate if input is too long */
if ((word32)snSzInt > outputSz - i)
/* handle MSB, to make sure value is positive */ snSzInt = outputSz - i;
if (sn[0] & 0x80) { /* sanity check number of bytes to copy */
/* make room for zero pad */ if (snSzInt <= 0) {
if (snSzInt > maxSnSz-1) return BUFFER_E;
snSzInt = maxSnSz-1;
/* add zero pad */
i += SetLength(snSzInt+1, &output[i]);
output[i++] = 0x00;
XMEMCPY(&output[i], sn, snSzInt);
}
else {
i += SetLength(snSzInt, &output[i]);
XMEMCPY(&output[i], sn, snSzInt);
} }
/* write out ASN.1 Integer */
(void)SetASNInt(snSzInt, sn[0], output);
XMEMCPY(output + i, sn, snSzInt);
/* compute final length */ /* compute final length */
i += snSzInt; i += snSzInt;
@@ -11876,7 +11872,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
return ret; return ret;
} }
der->serialSz = SetSerialNumber(cert->serial, cert->serialSz, der->serial, der->serialSz = SetSerialNumber(cert->serial, cert->serialSz, der->serial,
CTC_SERIAL_SIZE); sizeof(der->serial), CTC_SERIAL_SIZE);
if (der->serialSz < 0) if (der->serialSz < 0)
return der->serialSz; return der->serialSz;
@@ -15369,7 +15365,8 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
issuerSz = SetDigest(req->issuerHash, KEYID_SIZE, issuerArray); issuerSz = SetDigest(req->issuerHash, KEYID_SIZE, issuerArray);
issuerKeySz = SetDigest(req->issuerKeyHash, KEYID_SIZE, issuerKeyArray); issuerKeySz = SetDigest(req->issuerKeyHash, KEYID_SIZE, issuerKeyArray);
snSz = SetSerialNumber(req->serial, req->serialSz, snArray, MAX_SN_SZ); snSz = SetSerialNumber(req->serial, req->serialSz, snArray,
MAX_SN_SZ, MAX_SN_SZ);
extSz = 0; extSz = 0;
if (snSz < 0) if (snSz < 0)

4
wolfcrypt/src/pkcs7.c
View File

@@ -2173,7 +2173,7 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
if (pkcs7->sidType == CMS_ISSUER_AND_SERIAL_NUMBER) { if (pkcs7->sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
/* IssuerAndSerialNumber */ /* IssuerAndSerialNumber */
esd->issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz, esd->issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz,
esd->issuerSn, MAX_SN_SZ); esd->issuerSn, MAX_SN_SZ, MAX_SN_SZ);
signerInfoSz += esd->issuerSnSz; signerInfoSz += esd->issuerSnSz;
esd->issuerNameSz = SetSequence(pkcs7->issuerSz, esd->issuerName); esd->issuerNameSz = SetSequence(pkcs7->issuerSz, esd->issuerName);
signerInfoSz += esd->issuerNameSz + pkcs7->issuerSz; signerInfoSz += esd->issuerNameSz + pkcs7->issuerSz;
@@ -6128,7 +6128,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
return -1; return -1;
} }
snSz = SetSerialNumber(decoded->serial, decoded->serialSz, serial, snSz = SetSerialNumber(decoded->serial, decoded->serialSz, serial,
MAX_SN_SZ); MAX_SN_SZ, MAX_SN_SZ);
issuerSerialSeqSz = SetSequence(issuerSeqSz + issuerSz + snSz, issuerSerialSeqSz = SetSequence(issuerSeqSz + issuerSz + snSz,
issuerSerialSeq); issuerSerialSeq);

2
wolfssl/wolfcrypt/asn.h
View File

@@ -1122,7 +1122,7 @@ WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
WOLFSSL_LOCAL word32 SetAlgoID(int algoOID,byte* output,int type,int curveSz); WOLFSSL_LOCAL word32 SetAlgoID(int algoOID,byte* output,int type,int curveSz);
WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output, WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
int maxSnSz); word32 outputSz, int maxSnSz);
WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx, WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
byte* serial, int* serialSz, word32 maxIdx); byte* serial, int* serialSz, word32 maxIdx);
WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,