wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8825 from kareem-wolfssl/zd19911

Browse Source 
Fix parsing RPK with no parameters.
This commit is contained in:
Sean Parkinson
2025-07-11 08:36:55 +10:00
committed by GitHub
parent 8d68977e33 362f0a2cfd
commit 046e46a67f
3 changed files with 20 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/api.c
View File

@@ -61443,7 +61443,7 @@ static int test_wolfSSL_DTLS_fragment_buckets(void)
#if !defined(NO_FILESYSTEM) && \ #if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(NO_RSA)
static int test_wolfSSL_dtls_stateless2(void) static int test_wolfSSL_dtls_stateless2(void)
{ {

3
tests/utils.h
View File

@@ -27,7 +27,8 @@
#ifndef TESTS_UTILS_H #ifndef TESTS_UTILS_H
#define TESTS_UTILS_H #define TESTS_UTILS_H
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
(!defined(NO_RSA) || defined(HAVE_RPK)) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
(!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
#define HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES #define HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES

20
wolfcrypt/src/asn.c
View File

@@ -23128,10 +23128,10 @@ static const ASNItem RPKCertASN[] = {
/* Algorithm OBJECT IDENTIFIER */ /* Algorithm OBJECT IDENTIFIER */
/* TBS_SPUBKEYINFO_ALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, /* TBS_SPUBKEYINFO_ALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 },
/* parameters ANY defined by algorithm OPTIONAL */ /* parameters ANY defined by algorithm OPTIONAL */
/* TBS_SPUBKEYINFO_ALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 2 }, /* TBS_SPUBKEYINFO_ALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 1 },
/* TBS_SPUBKEYINFO_ALGO_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 }, /* TBS_SPUBKEYINFO_ALGO_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 1 },
#ifdef WC_RSA_PSS #ifdef WC_RSA_PSS
/* TBS_SPUBKEYINFO_ALGO_P_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 2 }, /* TBS_SPUBKEYINFO_ALGO_P_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 1 },
#endif #endif
/* subjectPublicKey BIT STRING */ /* subjectPublicKey BIT STRING */
/* TBS_SPUBKEYINFO_PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 }, /* TBS_SPUBKEYINFO_PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
@@ -23372,6 +23372,20 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
oidCurveType); oidCurveType);
ret = GetASN_Items(RPKCertASN, RPKdataASN, RPKCertASN_Length, 1, ret = GetASN_Items(RPKCertASN, RPKdataASN, RPKCertASN_Length, 1,
cert->source, &cert->srcIdx, cert->maxIdx); cert->source, &cert->srcIdx, cert->maxIdx);
if (ret == 0) {
if (( RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_NULL].length &&
RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID].length)
#ifdef WC_RSA_PSS
|| ( RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_P_SEQ].length &&
( RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_NULL].length ||
RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID].length))
#endif
) {
WOLFSSL_MSG("Multiple RPK algorithm parameters set.");
ret = ASN_PARSE_E;
}
}
if (ret == 0) { if (ret == 0) {
cert->keyOID = cert->keyOID =
RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID].data.oid.sum; RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID].data.oid.sum;