From 91a7b8067ccb5f68ebe71048510a44b78bc63077 Mon Sep 17 00:00:00 2001 From: Lealem Amedie Date: Mon, 22 Aug 2022 12:04:15 -0700 Subject: [PATCH] Addressing some PR feedback --- src/crl.c | 2 +- wolfcrypt/src/asn.c | 24 ++++++++++++++++-------- wolfssl/wolfcrypt/asn.h | 1 + 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/src/crl.c b/src/crl.c index 26a782ad5..ddc39218a 100644 --- a/src/crl.c +++ b/src/crl.c @@ -94,7 +94,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff, #if defined(OPENSSL_EXTRA) crle->issuer = NULL; wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer, - XSTRLEN((const char*)dcrl->issuer)); + dcrl->issuerSz); if (crle->issuer == NULL) { return WOLFSSL_FAILURE; } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 9110a4439..0e48073a1 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -32853,7 +32853,10 @@ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl, int maxIdx) { #ifndef WOLFSSL_ASN_TEMPLATE - int ret, len; +#ifndef NO_ASN_TIME + int ret; +#endif + int len; word32 end; RevokedCert* rc; @@ -33114,7 +33117,8 @@ static int ParseCRL_CertList(DecodedCRL* dcrl, const byte* buf, } #ifdef OPENSSL_EXTRA else { - dcrl->issuer = (byte*)GetNameFromDer(buf + idx, WC_ASN_NAME_MAX); + dcrl->issuerSz = length + 3; + dcrl->issuer = (byte*)GetNameFromDer(buf + idx, dcrl->issuerSz); } #endif @@ -33149,6 +33153,8 @@ static int ParseCRL_CertList(DecodedCRL* dcrl, const byte* buf, WOLFSSL_ERROR_VERBOSE(CRL_CERT_DATE_ERR); return CRL_CERT_DATE_ERR; } +#else + (void)verify; #endif } @@ -33343,7 +33349,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, #ifdef WOLFSSL_SMALL_STACK m = (mp_int*)XMALLOC(sizeof(*m), NULL, - DYNAMIC_TYPE_TMP_BUFFER); + DYNAMIC_TYPE_BIGINT); if (m == NULL) { return MEMORY_E; } @@ -33356,7 +33362,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, if (ret != MP_OKAY) { mp_free(m); #ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(m, NULL, DYNAMIC_TYPE_BIGINT); #endif return BUFFER_E; } @@ -33681,12 +33687,14 @@ end: if (ret == 0) { #endif /* Parse and store the issuer name. */ - dcrl->issuer = (byte*)GetNameFromDer((byte*)GetASNItem_Addr( - dataASN[CRLASN_IDX_TBS_ISSUER], buff), ASN_NAME_MAX); + dcrl->issuerSz = GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER], + buff); + dcrl->issuer = (byte*)GetNameFromDer((byte*)GetASNItem_Addr( + dataASN[CRLASN_IDX_TBS_ISSUER], buff), + dcrl->issuerSz); /* Calculate the Hash id from the issuer name. */ ret = CalcHashId(GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff), - GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER], buff), - dcrl->issuerHash); + dcrl->issuerSz, dcrl->issuerHash); if (ret < 0) { ret = ASN_PARSE_E; } diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 68f86f4ad..6ec817942 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -2412,6 +2412,7 @@ struct DecodedCRL { RevokedCert* certs; /* revoked cert list */ #if defined(OPENSSL_EXTRA) byte* issuer; /* full name including common name */ + int issuerSz; /* length of the issuer */ #endif int totalCerts; /* number on list */ int version; /* version of cert */