wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

set initial NID value and account for null character on string

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-07-12 19:54:50 -06:00
parent 2aaeb2a2df
commit eec5f4a109
2 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/ssl.c
View File

@ -20410,7 +20410,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
} }
if (dataSz < 0) { if (dataSz < 0) {
sz = (int)XSTRLEN((const char*)data) + 1; /* +1 for null */ sz = (int)XSTRLEN((const char*)data);
} }
else { else {
sz = dataSz; sz = dataSz;
@ -20426,9 +20426,9 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
asn1->data = NULL; asn1->data = NULL;
} }
if (sz > CTC_NAME_SIZE) { if (sz + 1 > CTC_NAME_SIZE) {
/* create new data buffer and copy over */ /* create new data buffer and copy over +1 for null */
asn1->data = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); asn1->data = (char*)XMALLOC(sz + 1, NULL, DYNAMIC_TYPE_OPENSSL);
if (asn1->data == NULL) { if (asn1->data == NULL) {
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@ -37917,6 +37917,12 @@ err:
} }
/* Creates a new entry given the NID, type, and data
* "dataSz" is number of bytes in data, if set to -1 then XSTRLEN is used
* "out" can be used to store the new entry data in an existing structure
* if NULL then a new WOLFSSL_X509_NAME_ENTRY structure is created
* returns a pointer to WOLFSSL_X509_NAME_ENTRY on success and NULL on fail
*/
WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID( WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
WOLFSSL_X509_NAME_ENTRY** out, int nid, int type, WOLFSSL_X509_NAME_ENTRY** out, int nid, int type,
const unsigned char* data, int dataSz) const unsigned char* data, int dataSz)
@ -38139,7 +38145,8 @@ err:
{ {
int ret; int ret;
WOLFSSL_X509_NAME_ENTRY* entry; WOLFSSL_X509_NAME_ENTRY* entry;
entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len); entry = wolfSSL_X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes,
len);
if (entry == NULL) if (entry == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
ret = wolfSSL_X509_NAME_add_entry(name, entry, loc, set); ret = wolfSSL_X509_NAME_add_entry(name, entry, loc, set);
@ -47382,8 +47389,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
} }
#endif #endif
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
/* unlike wolfSSL_X509_NAME_dup this does not malloc a duplicate, only deep /* unlike wolfSSL_X509_NAME_dup this does not malloc a duplicate, only deep
* copy. "to" is expected to be a fresh blank name, if not pointers could be * copy. "to" is expected to be a fresh blank name, if not pointers could be
* lost */ * lost */
@ -47543,7 +47549,7 @@ int wolfSSL_X509_set_version(WOLFSSL_X509* x509, long v)
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
} }
#endif /* OPENSSL_EXTRA && !NO_CERTS && WOLFSSL_CERT_GEN && WOLFSSL_CERT_REQ */ #endif /* (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)

11
wolfcrypt/src/asn.c
View File

@ -5551,7 +5551,7 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
byte tag; byte tag;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_X509_NAME* dName; WOLFSSL_X509_NAME* dName;
int nid; int nid = NID_undef;
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
WOLFSSL_MSG("Getting Cert Name"); WOLFSSL_MSG("Getting Cert Name");
@ -12508,6 +12508,7 @@ static int wc_EncodeName(EncodedName* name, const char* nameStr, char nameType,
/* Restrict country code size */ /* Restrict country code size */
if (ASN_COUNTRY_NAME == type && strLen != CTC_COUNTRY_SIZE) { if (ASN_COUNTRY_NAME == type && strLen != CTC_COUNTRY_SIZE) {
WOLFSSL_MSG("Country code size error");
return ASN_COUNTRY_SIZE_E; return ASN_COUNTRY_SIZE_E;
} }
@ -12640,9 +12641,10 @@ int SetName(byte* output, word32 outputSz, CertName* name)
GetCertNameId(i)); GetCertNameId(i));
if (ret < 0) { if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
return BUFFER_E; WOLFSSL_MSG("EncodeName failed");
return BUFFER_E;
} }
totalBytes += ret; totalBytes += ret;
} }
@ -12656,6 +12658,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
WOLFSSL_MSG("EncodeName on multiple attributes failed\n");
return BUFFER_E; return BUFFER_E;
} }
totalBytes += ret; totalBytes += ret;
@ -12673,6 +12676,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
WOLFSSL_MSG("Total Bytes is greater than ASN_NAME_MAX");
return BUFFER_E; return BUFFER_E;
} }
@ -12689,6 +12693,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
WOLFSSL_MSG("Not enough space left for DC value");
return BUFFER_E; return BUFFER_E;
} }