wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix for serial number containing 0's and for RNG fail case

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-08-26 00:03:39 -06:00
parent ef9beaf271
commit bc58dde700
3 changed files with 29 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl.c
View File

@ -37284,7 +37284,7 @@ static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName)
if (j >= CTC_MAX_ATTRIB) { if (j >= CTC_MAX_ATTRIB) {
WOLFSSL_MSG("No more space left in CertName"); WOLFSSL_MSG("No more space left in CertName");
break; return MEMORY_E;
} }
cName->name[j].sz = length; cName->name[j].sz = length;
@ -48354,7 +48354,7 @@ int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_ASN1_INTEGER* s)
if (s->length < 3) { if (s->length < 3) {
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
XSTRNCPY((char*)x509->serial, (char*)s->data + 2, s->length - 2); XMEMCPY(x509->serial, s->data + 2, s->length - 2);
x509->serialSz = s->length - 2; x509->serialSz = s->length - 2;
x509->serial[s->length] = 0; x509->serial[s->length] = 0;

25
tests/api.c
View File

@ -30534,7 +30534,7 @@ static void test_wolfSSL_X509_get_serialNumber(void)
BIGNUM* bn; BIGNUM* bn;
X509* x509; X509* x509;
char *serialHex; char *serialHex;
byte serial[1]; byte serial[3];
int serialSz; int serialSz;
printf(testingFmt, "wolfSSL_X509_get_serialNumber()"); printf(testingFmt, "wolfSSL_X509_get_serialNumber()");
@ -30556,6 +30556,29 @@ static void test_wolfSSL_X509_get_serialNumber(void)
WOLFSSL_SUCCESS); WOLFSSL_SUCCESS);
AssertIntEQ(serialSz, 1); AssertIntEQ(serialSz, 1);
AssertIntEQ(serial[0], 3); AssertIntEQ(serial[0], 3);
ASN1_INTEGER_free(a);
/* test setting serial number with 0's in it */
serial[0] = 0x01;
serial[1] = 0x00;
serial[2] = 0x02;
AssertNotNull(a = wolfSSL_ASN1_INTEGER_new());
a->data[0] = ASN_INTEGER;
a->data[1] = sizeof(serial);
XMEMCPY(&a->data[2], serial, sizeof(serial));
a->length = sizeof(serial) + 2;
AssertIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
XMEMSET(serial, 0, sizeof(serial));
serialSz = sizeof(serial);
AssertIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
WOLFSSL_SUCCESS);
AssertIntEQ(serialSz, 3);
AssertIntEQ(serial[0], 0x01);
AssertIntEQ(serial[1], 0x00);
AssertIntEQ(serial[2], 0x02);
ASN1_INTEGER_free(a);
X509_free(x509); /* free's a */ X509_free(x509); /* free's a */

5
wolfcrypt/src/evp.c
View File

@ -6644,13 +6644,14 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
#else #else
ret = wc_InitRng(&pkey->rng); ret = wc_InitRng(&pkey->rng);
#endif #endif
pkey->references = 1;
wc_InitMutex(&pkey->refMutex); /* init of mutex needs to come before
* wolfSSL_EVP_PKEY_free */
if (ret != 0){ if (ret != 0){
wolfSSL_EVP_PKEY_free(pkey); wolfSSL_EVP_PKEY_free(pkey);
WOLFSSL_MSG("memory failure"); WOLFSSL_MSG("memory failure");
return NULL; return NULL;
} }
pkey->references = 1;
wc_InitMutex(&pkey->refMutex);
} }
else { else {
WOLFSSL_MSG("memory failure"); WOLFSSL_MSG("memory failure");