mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 23:15:41 +01:00
Fix many off-by-one errors
This commit is contained in:
parent
6dcf0bfcf4
commit
27d87fa6c4
@ -440,7 +440,7 @@ int x509write_pubkey_der( rsa_context *rsa, unsigned char *buf, size_t size )
|
|||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
c = buf + size - 1;
|
c = buf + size;
|
||||||
|
|
||||||
ASN1_CHK_ADD( len, x509_write_rsa_pubkey( &c, buf, rsa ) );
|
ASN1_CHK_ADD( len, x509_write_rsa_pubkey( &c, buf, rsa ) );
|
||||||
|
|
||||||
@ -473,7 +473,7 @@ int x509write_key_der( rsa_context *rsa, unsigned char *buf, size_t size )
|
|||||||
unsigned char *c;
|
unsigned char *c;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
c = buf + size - 1;
|
c = buf + size;
|
||||||
|
|
||||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
|
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
|
||||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
|
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
|
||||||
@ -703,7 +703,7 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
|
|||||||
size_t pub_len = 0, sig_len = 0;
|
size_t pub_len = 0, sig_len = 0;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
c = tmp_buf + 2048 - 1;
|
c = tmp_buf + sizeof( tmp_buf );
|
||||||
|
|
||||||
ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
|
ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
|
||||||
|
|
||||||
@ -726,7 +726,7 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
|
|||||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
|
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
|
||||||
|
|
||||||
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( pk_rsa( *ctx->key ),
|
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( pk_rsa( *ctx->key ),
|
||||||
tmp_buf, c - tmp_buf + 1 ) );
|
tmp_buf, c - tmp_buf ) );
|
||||||
c -= pub_len;
|
c -= pub_len;
|
||||||
len += pub_len;
|
len += pub_len;
|
||||||
|
|
||||||
@ -758,7 +758,7 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size )
|
|||||||
&sig_oid_len );
|
&sig_oid_len );
|
||||||
|
|
||||||
// TODO: use pk_get_len()
|
// TODO: use pk_get_len()
|
||||||
c2 = buf + size - 1;
|
c2 = buf + size;
|
||||||
ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig_oid_len,
|
ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig_oid_len,
|
||||||
sig, pk_rsa( *ctx->key )->len ) );
|
sig, pk_rsa( *ctx->key )->len ) );
|
||||||
|
|
||||||
@ -784,7 +784,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
|
|||||||
size_t sub_len = 0, pub_len = 0, sig_len = 0;
|
size_t sub_len = 0, pub_len = 0, sig_len = 0;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
c = tmp_buf + 2048 - 1;
|
c = tmp_buf + sizeof( tmp_buf );
|
||||||
|
|
||||||
// Generate correct OID
|
// Generate correct OID
|
||||||
//
|
//
|
||||||
@ -806,7 +806,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
|
|||||||
* SubjectPublicKeyInfo
|
* SubjectPublicKeyInfo
|
||||||
*/
|
*/
|
||||||
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->subject_key,
|
ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->subject_key,
|
||||||
tmp_buf, c - tmp_buf + 1 ) );
|
tmp_buf, c - tmp_buf ) );
|
||||||
c -= pub_len;
|
c -= pub_len;
|
||||||
len += pub_len;
|
len += pub_len;
|
||||||
|
|
||||||
@ -864,7 +864,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
|
|||||||
|
|
||||||
rsa_pkcs1_sign( ctx->issuer_key, NULL, NULL, RSA_PRIVATE, ctx->md_alg, 0, hash, sig );
|
rsa_pkcs1_sign( ctx->issuer_key, NULL, NULL, RSA_PRIVATE, ctx->md_alg, 0, hash, sig );
|
||||||
|
|
||||||
c2 = buf + size - 1;
|
c2 = buf + size;
|
||||||
ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig_oid_len,
|
ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig_oid_len,
|
||||||
sig, ctx->issuer_key->len ) );
|
sig, ctx->issuer_key->len ) );
|
||||||
|
|
||||||
@ -942,7 +942,7 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size )
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509write_pemify( PEM_BEGIN_CRT, PEM_END_CRT,
|
if( ( ret = x509write_pemify( PEM_BEGIN_CRT, PEM_END_CRT,
|
||||||
output_buf + sizeof(output_buf) - 1 - ret,
|
output_buf + sizeof(output_buf) - ret,
|
||||||
ret, buf, size ) ) != 0 )
|
ret, buf, size ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -963,7 +963,7 @@ int x509write_pubkey_pem( rsa_context *rsa, unsigned char *buf, size_t size )
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
|
if( ( ret = x509write_pemify( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
|
||||||
output_buf + sizeof(output_buf) - 1 - ret,
|
output_buf + sizeof(output_buf) - ret,
|
||||||
ret, buf, size ) ) != 0 )
|
ret, buf, size ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -984,7 +984,7 @@ int x509write_key_pem( rsa_context *rsa, unsigned char *buf, size_t size )
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509write_pemify( PEM_BEGIN_PRIVATE_KEY, PEM_END_PRIVATE_KEY,
|
if( ( ret = x509write_pemify( PEM_BEGIN_PRIVATE_KEY, PEM_END_PRIVATE_KEY,
|
||||||
output_buf + sizeof(output_buf) - 1 - ret,
|
output_buf + sizeof(output_buf) - ret,
|
||||||
ret, buf, size ) ) != 0 )
|
ret, buf, size ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -1005,7 +1005,7 @@ int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size )
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509write_pemify( PEM_BEGIN_CSR, PEM_END_CSR,
|
if( ( ret = x509write_pemify( PEM_BEGIN_CSR, PEM_END_CSR,
|
||||||
output_buf + sizeof(output_buf) - 1 - ret,
|
output_buf + sizeof(output_buf) - ret,
|
||||||
ret, buf, size ) ) != 0 )
|
ret, buf, size ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -21,7 +21,7 @@ void x509_csr_check( char *key_file, int md_type,
|
|||||||
unsigned char buf[4000];
|
unsigned char buf[4000];
|
||||||
unsigned char check_buf[4000];
|
unsigned char check_buf[4000];
|
||||||
int ret;
|
int ret;
|
||||||
size_t olen = 2000;
|
size_t olen = sizeof( check_buf );
|
||||||
FILE *f;
|
FILE *f;
|
||||||
char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
||||||
|
|
||||||
@ -36,21 +36,21 @@ void x509_csr_check( char *key_file, int md_type,
|
|||||||
x509write_csr_set_rsa_key( &req, &rsa );
|
x509write_csr_set_rsa_key( &req, &rsa );
|
||||||
TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
|
TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
|
||||||
|
|
||||||
ret = x509write_csr_der( &req, buf, 4000 );
|
ret = x509write_csr_der( &req, buf, sizeof( buf ) );
|
||||||
TEST_ASSERT( ret >= 0 );
|
TEST_ASSERT( ret >= 0 );
|
||||||
|
|
||||||
c = buf + 3999 - ret;
|
c = buf + sizeof( buf ) - ret;
|
||||||
|
|
||||||
f = fopen( cert_req_check_file, "r" );
|
f = fopen( cert_req_check_file, "r" );
|
||||||
TEST_ASSERT( f != NULL );
|
TEST_ASSERT( f != NULL );
|
||||||
fread( check_buf, 1, 4000, f );
|
fread( check_buf, 1, sizeof( check_buf ), f );
|
||||||
fclose( f );
|
fclose( f );
|
||||||
|
|
||||||
pem_init( &pem );
|
pem_init( &pem );
|
||||||
pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
|
pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
|
||||||
|
|
||||||
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
|
|
||||||
TEST_ASSERT( pem.buflen == (size_t) ret );
|
TEST_ASSERT( pem.buflen == (size_t) ret );
|
||||||
|
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
|
||||||
|
|
||||||
x509write_csr_free( &req );
|
x509write_csr_free( &req );
|
||||||
rsa_free( &rsa );
|
rsa_free( &rsa );
|
||||||
@ -73,7 +73,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|||||||
unsigned char check_buf[5000];
|
unsigned char check_buf[5000];
|
||||||
mpi serial;
|
mpi serial;
|
||||||
int ret;
|
int ret;
|
||||||
size_t olen = 2000;
|
size_t olen = sizeof( check_buf );
|
||||||
FILE *f;
|
FILE *f;
|
||||||
|
|
||||||
mpi_init( &serial );
|
mpi_init( &serial );
|
||||||
@ -103,7 +103,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|||||||
ret = x509write_crt_der( &crt, buf, sizeof(buf) );
|
ret = x509write_crt_der( &crt, buf, sizeof(buf) );
|
||||||
TEST_ASSERT( ret >= 0 );
|
TEST_ASSERT( ret >= 0 );
|
||||||
|
|
||||||
c = buf + 3999 - ret;
|
c = buf + sizeof( buf ) - ret;
|
||||||
|
|
||||||
f = fopen( cert_check_file, "r" );
|
f = fopen( cert_check_file, "r" );
|
||||||
TEST_ASSERT( f != NULL );
|
TEST_ASSERT( f != NULL );
|
||||||
|
Loading…
Reference in New Issue
Block a user