wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix printing empty names in certificates

Browse Source 
The empty-issuer-cert.pem certificate was created with:

    wolfssl genkey rsa -size 2048 -out mykey -outform pem -output KEY
    wolfssl req -new -days 3650 -key mykey.priv -out empty-issuer-cert.pem -x509

Prior to this fix this command would error printing the certificate:

    wolfssl x509 -inform pem -in empty-issuer-cert.pem -text
This commit is contained in:
Josh Holtrop
2025-06-13 11:20:17 -04:00
parent e74214ded0
commit 8bde5e6982
5 changed files with 39 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
certs/empty-issuer-cert.pem Normal file
View File

@@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICnTCCAYWgAwIBAgIQToFDJ79b/2ZHXVCCCNt8VTANBgkqhkiG9w0BAQsFADAA
MB4XDTI1MDYxMjIwMTE0N1oXDTM1MDYxMDIwMTE0N1owADCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAOI/4VVa7Pk0NWS7BQGM4ZbuTapoza4baS9+TRbT
QUqgN28gChSw/kHNp4BU/KQhKN/Mp0NN2vmYzRVDB25L1HWph8TqCO+Kqa6XYvnN
CgMEYyumWYWJr2u6hjpF19QeiZ26ezgnDbpkFiysdzn7+MG+PjtRj3mcnaKb1PjK
1P2j9pcrhc/WLo39y+OF2+3nW7JeqJHgAdXgeTLPaFyf91ktaWSLmc3pLqlurLup
pcClP6CKkLClz2Re3eM2/qdTEDO1pU8DRPc5v8qHxuX4K4DD0HYwWXFWDW8Ce+Ta
3o2hrM3mKtQH4n2xoJhJKXlcyrOu++SE4iyaSnooYLxkIqsCAwEAAaMTMBEwDwYD
VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAhBolr3oHIKUrKp0eC1AO
1+byE+vjuDIs0JBtAQ6TD4VTb9E2YavckOXcs0deHM7FUY2TcZ01A0msqtTYYyJ4
9D325+jrh4FIACrOOyVblWaO+lentmBhexzEXPWS6EhYTDTeZvY1AzDRTkBKm245
yqeqALL9K5KWdKesQurmt2FKzlc0WSQJmyfVf0IUdHgF05yjECOksYQdFDpeewNF
+1IKwHKemEtnIYatGv0w7XNeUrGTsgVa9vk0Uzg+wIh9+ZeJpOS21010ph6BkaeC
8Y1+kK7bZc0kBw5V20w16QtbE2MZucjlNLzjvAW5rVFNlBaiO7WIHPTvJfk38hq9
zw==
-----END CERTIFICATE-----

1
certs/include.am
View File

@@ -30,6 +30,7 @@ EXTRA_DIST += \
certs/ecc-keyPkcs8.der \ certs/ecc-keyPkcs8.der \
certs/ecc-client-key.pem \ certs/ecc-client-key.pem \
certs/ecc-client-keyPub.pem \ certs/ecc-client-keyPub.pem \
certs/empty-issuer-cert.pem \
certs/client-ecc-cert.pem \ certs/client-ecc-cert.pem \
certs/client-ca.pem \ certs/client-ca.pem \
certs/dh2048.pem \ certs/dh2048.pem \

2
src/x509.c
View File

@@ -13874,7 +13874,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
WOLFSSL_ENTER("wolfSSL_X509_NAME_print_ex"); WOLFSSL_ENTER("wolfSSL_X509_NAME_print_ex");
if ((name == NULL) || (name->sz == 0) || (bio == NULL)) if ((name == NULL) || (bio == NULL))
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
XMEMSET(eqStr, 0, sizeof(eqStr)); XMEMSET(eqStr, 0, sizeof(eqStr));

19
tests/api.c
View File

@@ -22154,7 +22154,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
ExpectIntEQ(X509_NAME_print_ex(NULL, NULL, 0, 0), WOLFSSL_FAILURE); ExpectIntEQ(X509_NAME_print_ex(NULL, NULL, 0, 0), WOLFSSL_FAILURE);
ExpectIntEQ(X509_NAME_print_ex(membio, NULL, 0, 0), WOLFSSL_FAILURE); ExpectIntEQ(X509_NAME_print_ex(membio, NULL, 0, 0), WOLFSSL_FAILURE);
ExpectIntEQ(X509_NAME_print_ex(NULL, name, 0, 0), WOLFSSL_FAILURE); ExpectIntEQ(X509_NAME_print_ex(NULL, name, 0, 0), WOLFSSL_FAILURE);
ExpectIntEQ(X509_NAME_print_ex(membio, empty, 0, 0), WOLFSSL_FAILURE); ExpectIntEQ(X509_NAME_print_ex(membio, empty, 0, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS); ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
wolfSSL_X509_NAME_free(empty); wolfSSL_X509_NAME_free(empty);
BIO_free(membio); BIO_free(membio);
@@ -22178,6 +22178,23 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
BIO_free(bio); BIO_free(bio);
name = NULL; name = NULL;
/* Test with empty issuer cert. */
ExpectNotNull(bio = BIO_new(BIO_s_file()));
ExpectIntGT(BIO_read_filename(bio, noIssuerCertFile), 0);
ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL));
ExpectNotNull(name = X509_get_subject_name(x509));
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
/* Should be empty string "" */
ExpectIntEQ((memSz = BIO_get_mem_data(membio, &mem)), 0);
BIO_free(membio);
membio = NULL;
X509_free(x509);
BIO_free(bio);
name = NULL;
/* Test normal case without escaped characters */ /* Test normal case without escaped characters */
{ {
/* Create name: "/C=US/CN=wolfssl.com" */ /* Create name: "/C=US/CN=wolfssl.com" */

2
wolfssl/test.h
View File

@@ -527,6 +527,7 @@ err_sys_with_errno(const char* msg)
#define cliEd448CertFile "certs/ed448/client-ed448.pem" #define cliEd448CertFile "certs/ed448/client-ed448.pem"
#define cliEd448KeyFile "certs/ed448/client-ed448-priv.pem" #define cliEd448KeyFile "certs/ed448/client-ed448-priv.pem"
#define caEd448CertFile "certs/ed448/ca-ed448.pem" #define caEd448CertFile "certs/ed448/ca-ed448.pem"
#define noIssuerCertFile "certs/empty-issuer-cert.pem"
#define caCertFolder "certs/" #define caCertFolder "certs/"
#ifdef HAVE_WNR #ifdef HAVE_WNR
/* Whitewood netRandom default config file */ /* Whitewood netRandom default config file */
@@ -590,6 +591,7 @@ err_sys_with_errno(const char* msg)
#define cliEd448CertFile "./certs/ed448/client-ed448.pem" #define cliEd448CertFile "./certs/ed448/client-ed448.pem"
#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.pem" #define cliEd448KeyFile "./certs/ed448/client-ed448-priv.pem"
#define caEd448CertFile "./certs/ed448/ca-ed448.pem" #define caEd448CertFile "./certs/ed448/ca-ed448.pem"
#define noIssuerCertFile "./certs/empty-issuer-cert.pem"
#define caCertFolder "./certs/" #define caCertFolder "./certs/"
#ifdef HAVE_WNR #ifdef HAVE_WNR
/* Whitewood netRandom default config file */ /* Whitewood netRandom default config file */