mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow zero legnth asn names, remove weird subjectcn len as zero means we own, use stored flag instead

This commit is contained in:
toddouska 2012-07-27 16:51:46 -07:00
parent 85889f7fb9
commit e0328ef78a
2 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ctaocrypt/src/asn.c
View File

@ -1059,6 +1059,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
cert->signature = 0;
cert->subjectCN = 0;
cert->subjectCNLen = 0;
cert->subjectCNStored = 0;
cert->issuer[0] = '\0';
cert->subject[0] = '\0';
cert->source = source; /* don't own */
@ -1100,7 +1101,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
void FreeDecodedCert(DecodedCert* cert)
{
if (cert->subjectCNLen == 0) /* 0 means no longer pointer to raw, we own */
if (cert->subjectCNStored == 1)
XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
if (cert->pubKeyStored == 1)
XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
@ -1363,10 +1364,6 @@ static int GetName(DecodedCert* cert, int nameType)
cert->maxIdx) < 0)
return ASN_PARSE_E;
if (strLen == 0) {
CYASSL_MSG("Zero length name");
return ASN_PARSE_E;
}
if (strLen > (int)(ASN_NAME_MAX - idx))
return ASN_PARSE_E;
@ -2342,7 +2339,7 @@ int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen);
ptr[cert->subjectCNLen] = '\0';
cert->subjectCN = ptr;
cert->subjectCNLen = 0;
cert->subjectCNStored = 1;
}
if (cert->keyOID == RSAk && cert->pubKeySize > 0) {

1
cyassl/ctaocrypt/asn.h
View File

@ -221,6 +221,7 @@ struct DecodedCert {
byte* signature; /* not owned, points into raw cert */
char* subjectCN; /* CommonName */
int subjectCNLen;
int subjectCNStored; /* have we saved a copy we own */
char issuer[ASN_NAME_MAX]; /* full name including common name */
char subject[ASN_NAME_MAX]; /* full name including common name */
int verify; /* Default to yes, but could be off */