wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 11:44:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #893 from cconlon/pkcs7-valgrind-fix

Browse Source 
fix PKCS7 signedData valgrind issue
This commit is contained in:
toddouska
2017-05-03 18:14:32 -07:00
committed by GitHub
parent e771611c29 5e06d59c79
commit bfc43cee15
1 changed files with 23 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
wolfcrypt/src/pkcs7.c
View File

@@ -545,24 +545,18 @@ static int wc_PKCS7_EcdsaSign(PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd)
* esd - pointer to initialized ESD structure, used for output * esd - pointer to initialized ESD structure, used for output
* *
* return 0 on success, negative on error */ * return 0 on success, negative on error */
static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd) static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd,
byte* contentTypeOid, word32 contentTypeOidSz,
byte* contentType, word32 contentTypeSz,
byte* messageDigestOid, word32 messageDigestOidSz)
{ {
int hashSz; int hashSz;
byte contentTypeOid[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
0x09, 0x03 };
byte contentType[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x07, 0x01 };
byte messageDigestOid[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x09, 0x04 };
PKCS7Attrib cannedAttribs[2]; PKCS7Attrib cannedAttribs[2];
word32 cannedAttribsCount; word32 cannedAttribsCount;
if (pkcs7 == NULL || esd == NULL) if (pkcs7 == NULL || esd == NULL || contentTypeOid == NULL ||
contentType == NULL || messageDigestOid == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
hashSz = wc_HashGetDigestSize(esd->hashType); hashSz = wc_HashGetDigestSize(esd->hashType);
@@ -572,11 +566,11 @@ static int wc_PKCS7_BuildSignedAttributes(PKCS7* pkcs7, ESD* esd)
cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib); cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);
cannedAttribs[0].oid = contentTypeOid; cannedAttribs[0].oid = contentTypeOid;
cannedAttribs[0].oidSz = sizeof(contentTypeOid); cannedAttribs[0].oidSz = contentTypeOidSz;
cannedAttribs[0].value = contentType; cannedAttribs[0].value = contentType;
cannedAttribs[0].valueSz = sizeof(contentType); cannedAttribs[0].valueSz = contentTypeSz;
cannedAttribs[1].oid = messageDigestOid; cannedAttribs[1].oid = messageDigestOid;
cannedAttribs[1].oidSz = sizeof(messageDigestOid); cannedAttribs[1].oidSz = messageDigestOidSz;
cannedAttribs[1].value = esd->contentDigest; cannedAttribs[1].value = esd->contentDigest;
cannedAttribs[1].valueSz = hashSz + 2; /* ASN.1 heading */ cannedAttribs[1].valueSz = hashSz + 2; /* ASN.1 heading */
@@ -884,6 +878,16 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
{ ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x07, 0x01 }; 0x07, 0x01 };
byte contentTypeOid[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
0x09, 0x03 };
byte contentType[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x07, 0x01 };
byte messageDigestOid[] =
{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x09, 0x04 };
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
ESD* esd = NULL; ESD* esd = NULL;
#else #else
@@ -989,7 +993,10 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
if (pkcs7->signedAttribsSz != 0) { if (pkcs7->signedAttribsSz != 0) {
/* build up signed attributes */ /* build up signed attributes */
ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd); ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd,
contentTypeOid, sizeof(contentTypeOid),
contentType, sizeof(contentType),
messageDigestOid, sizeof(messageDigestOid));
if (ret < 0) { if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);