Cleanup mess of ASN_NAME_MAX.

wolfcrypt/src/asn.c

@@ -11127,7 +11127,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
         if (ret == 0) {
             /* Check there is space for this in the full name string and
              * terminating NUL character. */
-            if ((typeStrLen + strLen) < (word32)(ASN_NAME_MAX - *idx))
+            if ((typeStrLen + strLen) < (word32)(WC_ASN_NAME_MAX - *idx))
             {
                 /* Add RDN to full string. */
                 XMEMCPY(&full[*idx], typeStr, typeStrLen);
@@ -11525,7 +11525,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                 #endif /* OPENSSL_EXTRA */
             }
 
-            if ((strLen + copyLen) > (int)(ASN_NAME_MAX - idx)) {
+            if ((strLen + copyLen) > (int)(WC_ASN_NAME_MAX - idx)) {
                 WOLFSSL_MSG("ASN Name too big, skipping");
                 tooBig = TRUE;
             }
@@ -11559,14 +11559,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                 return ASN_PARSE_E;
             }
 
-            if (strLen > (int)(ASN_NAME_MAX - idx)) {
+            if (strLen > (int)(WC_ASN_NAME_MAX - idx)) {
                 WOLFSSL_MSG("ASN name too big, skipping");
                 tooBig = TRUE;
             }
 
             if (email) {
                 copyLen = sizeof(WOLFSSL_EMAIL_ADDR) - 1;
-                if ((copyLen + strLen) > (int)(ASN_NAME_MAX - idx)) {
+                if ((copyLen + strLen) > (int)(WC_ASN_NAME_MAX - idx)) {
                     WOLFSSL_MSG("ASN name too big, skipping");
                     tooBig = TRUE;
                 }
@@ -11664,7 +11664,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                 }
             }
         }
-        if ((copyLen + strLen) > (int)(ASN_NAME_MAX - idx))
+        if ((copyLen + strLen) > (int)(WC_ASN_NAME_MAX - idx))
         {
             WOLFSSL_MSG("ASN Name too big, skipping");
             tooBig = TRUE;
@@ -11707,14 +11707,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
     if (nameType == ISSUER) {
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) && \
     (defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
-        dName->rawLen = min(cert->issuerRawLen, ASN_NAME_MAX);
+        dName->rawLen = min(cert->issuerRawLen, WC_ASN_NAME_MAX);
         XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen);
 #endif
         cert->issuerName = dName;
     }
     else {
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
-        dName->rawLen = min(cert->subjectRawLen, ASN_NAME_MAX);
+        dName->rawLen = min(cert->subjectRawLen, WC_ASN_NAME_MAX);
         XMEMCPY(dName->raw, cert->subjectRaw, dName->rawLen);
 #endif
         cert->subjectName = dName;
@@ -11838,14 +11838,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
         #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
              defined(HAVE_LIGHTY)) && \
             (defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
-            dName->rawLen = min(cert->issuerRawLen, ASN_NAME_MAX);
+            dName->rawLen = min(cert->issuerRawLen, WC_ASN_NAME_MAX);
             XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen);
         #endif
             cert->issuerName = dName;
         }
         else {
         #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
-            dName->rawLen = min(cert->subjectRawLen, ASN_NAME_MAX);
+            dName->rawLen = min(cert->subjectRawLen, WC_ASN_NAME_MAX);
             XMEMCPY(dName->raw, cert->subjectRaw, dName->rawLen);
         #endif
             cert->subjectName = dName;
@@ -20880,8 +20880,8 @@ typedef struct DerCert {
     byte version[MAX_VERSION_SZ];      /* version encoded */
     byte serial[(int)CTC_SERIAL_SIZE + (int)MAX_LENGTH_SZ]; /* serial number encoded */
     byte sigAlgo[MAX_ALGO_SZ];         /* signature algo encoded */
-    byte issuer[ASN_NAME_MAX];         /* issuer  encoded */
+    byte issuer[WC_ASN_NAME_MAX];         /* issuer  encoded */
-    byte subject[ASN_NAME_MAX];        /* subject encoded */
+    byte subject[WC_ASN_NAME_MAX];        /* subject encoded */
     byte validity[MAX_DATE_SIZE*2 + MAX_SEQ_SZ*2];  /* before and after dates */
     byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa public key encoded */
     byte ca[MAX_CA_SZ];                /* basic constraint CA true size */
@@ -23017,11 +23017,11 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap)
     /* header */
     idx = SetSequence(totalBytes, output);
     totalBytes += idx;
-    if (totalBytes > ASN_NAME_MAX) {
+    if (totalBytes > WC_ASN_NAME_MAX) {
 #ifdef WOLFSSL_SMALL_STACK
         XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
-        WOLFSSL_MSG("Total Bytes is greater than ASN_NAME_MAX");
+        WOLFSSL_MSG("Total Bytes is greater than WC_ASN_NAME_MAX");
         return BUFFER_E;
     }
 
@@ -24549,7 +24549,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
     #endif
         {
             /* Calcuate issuer name encoding size. */
-            issuerSz = SetNameEx(NULL, ASN_NAME_MAX, &cert->issuer, cert->heap);
+            issuerSz = SetNameEx(NULL, WC_ASN_NAME_MAX, &cert->issuer, cert->heap);
             ret = issuerSz;
         }
     }
@@ -24565,7 +24565,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
     #endif
         {
             /* Calcuate subject name encoding size. */
-            subjectSz = SetNameEx(NULL, ASN_NAME_MAX, &cert->subject, cert->heap);
+            subjectSz = SetNameEx(NULL, WC_ASN_NAME_MAX, &cert->subject, cert->heap);
             ret = subjectSz;
         }
     }
@@ -25385,7 +25385,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
         else
     #endif
         {
-            subjectSz = SetNameEx(NULL, ASN_NAME_MAX, &cert->subject, cert->heap);
+            subjectSz = SetNameEx(NULL, WC_ASN_NAME_MAX, &cert->subject, cert->heap);
             ret = subjectSz;
         }
     }

wolfssl/internal.h

@@ -3812,7 +3812,18 @@ typedef struct Arrays {
 } Arrays;
 
 #ifndef ASN_NAME_MAX
-#define ASN_NAME_MAX 256
+    #ifndef NO_ASN
+        /* use value from asn.h */
+        #define ASN_NAME_MAX WC_ASN_NAME_MAX
+    #else
+        /* calculate for WOLFSSL_X509 */
+        #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+            defined(WOLFSSL_CERT_EXT)
+            #define ASN_NAME_MAX 330
+        #else
+            #define ASN_NAME_MAX 256
+        #endif
+    #endif
 #endif
 
 #ifndef MAX_DATE_SZ

wolfssl/test.h

@@ -20,10 +20,7 @@
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/mem_track.h>
 #include <wolfssl/wolfio.h>
-#if defined(SHOW_CERTS) && \
+#include <wolfssl/wolfcrypt/asn.h>
-    (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL))
-    #include <wolfssl/wolfcrypt/asn.h> /* for domain component NID value */
-#endif
 
 #ifdef ATOMIC_USER
     #include <wolfssl/wolfcrypt/aes.h>
@@ -31,7 +28,6 @@
     #include <wolfssl/wolfcrypt/hmac.h>
 #endif
 #ifdef HAVE_PK_CALLBACKS
-    #include <wolfssl/wolfcrypt/asn.h>
     #ifndef NO_RSA
         #include <wolfssl/wolfcrypt/rsa.h>
     #endif
@@ -1053,7 +1049,7 @@ static WC_INLINE void ShowX509Ex(WOLFSSL_X509* x509, const char* hdr,
 #if defined(SHOW_CERTS) && defined(OPENSSL_EXTRA)
     {
         WOLFSSL_BIO* bio;
-        char buf[256]; /* should be size of ASN_NAME_MAX */
+        char buf[WC_ASN_NAME_MAX];
         int  textSz;
 
         /* print out domain component if certificate has it */

wolfssl/wolfcrypt/asn.h

@@ -840,13 +840,13 @@ enum ECC_TYPES
 #define ASN_JOI_ST              0x2
 
 #ifndef WC_ASN_NAME_MAX
-    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+        defined(WOLFSSL_CERT_EXT)
         #define WC_ASN_NAME_MAX 330
     #else
         #define WC_ASN_NAME_MAX 256
     #endif
 #endif
-#define ASN_NAME_MAX WC_ASN_NAME_MAX
 
 enum Misc_ASN {
     MAX_SALT_SIZE       =  64,     /* MAX PKCS Salt length */
@@ -1487,8 +1487,8 @@ struct DecodedCert {
     char*   subjectCN;               /* CommonName                       */
     int     subjectCNLen;            /* CommonName Length                */
     char    subjectCNEnc;            /* CommonName Encoding              */
-    char    issuer[ASN_NAME_MAX];    /* full name including common name  */
+    char    issuer[WC_ASN_NAME_MAX]; /* full name including common name  */
-    char    subject[ASN_NAME_MAX];   /* full name including common name  */
+    char    subject[WC_ASN_NAME_MAX];/* full name including common name  */
     int     verify;                  /* Default to yes, but could be off */
     const byte* source;              /* byte buffer holder cert, NOT owner */
     word32  srcIdx;                  /* current offset into buffer       */

wolfssl/wolfcrypt/pkcs7.h

@@ -156,7 +156,7 @@ enum Pkcs7_Misc {
     MAX_CONTENT_BLOCK_LEN = DES_BLOCK_SIZE,
 #endif
     MAX_RECIP_SZ          = MAX_VERSION_SZ +
-                            MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
+                            MAX_SEQ_SZ + WC_ASN_NAME_MAX + MAX_SN_SZ +
                             MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ,
 };