diff options
| -rw-r--r-- | lib/pkix.asn | 5 | ||||
| -rw-r--r-- | lib/pkix_asn1_tab.c | 2 | ||||
| -rw-r--r-- | lib/x509/pkcs7.c | 1 | ||||
| -rw-r--r-- | lib/x509/x509.c | 4 | ||||
| -rw-r--r-- | lib/x509_b64.c | 33 | ||||
| -rw-r--r-- | lib/x509_b64.h | 13 |
6 files changed, 30 insertions, 28 deletions
diff --git a/lib/pkix.asn b/lib/pkix.asn index f278026ce7..83e4772810 100644 --- a/lib/pkix.asn +++ b/lib/pkix.asn @@ -973,7 +973,10 @@ EncapsulatedContentInfo ::= SEQUENCE { CertificateRevocationLists ::= SET OF CertificateList CertificateChoices ::= CHOICE { - certificate Certificate +-- Although the paper uses Certificate type, we +-- don't use it since, we don't need to parse it. +-- We only need to read and store it. + certificate ANY } CertificateSet ::= SET OF CertificateChoices diff --git a/lib/pkix_asn1_tab.c b/lib/pkix_asn1_tab.c index 2316133a46..9def491e3b 100644 --- a/lib/pkix_asn1_tab.c +++ b/lib/pkix_asn1_tab.c @@ -893,7 +893,7 @@ const ASN1_ARRAY_TYPE pkix_asn1_tab[]={ {"CertificateRevocationLists",1610612751,0}, {0,2,"CertificateList"}, {"CertificateChoices",1610612754,0}, - {"certificate",2,"Certificate"}, + {"certificate",13,0}, {"CertificateSet",1610612751,0}, {0,2,"CertificateChoices"}, {"SignerInfos",1610612751,0}, diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 1b3cf206e5..dce9533cd2 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -590,7 +590,6 @@ int gnutls_pkcs7_set_certificate(gnutls_pkcs7 pkcs7, goto cleanup; } -#error FIX THAT. result = asn1_write_value(c2, "certificates.?LAST.certificate", crt->data, crt->size); if (result != ASN1_SUCCESS) { gnutls_assert(); diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 8ef97bcffa..ad72a05d1c 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -1125,6 +1125,10 @@ int _gnutls_x509_export_int( ASN1_TYPE asn1_data, if ((result=asn1_der_coding( asn1_data, "", tmp, &len, NULL)) != ASN1_SUCCESS) { gnutls_assert(); + if (result == ASN1_MEM_ERROR) { + _gnutls_x509_log("Length required for der coding: %d\n", len); + *output_data_size = B64FSIZE(strlen(pem_header),len); + } gnutls_afree(tmp); return _gnutls_asn2err(result); } diff --git a/lib/x509_b64.c b/lib/x509_b64.c index 3d8c48d3d3..0e54dff189 100644 --- a/lib/x509_b64.c +++ b/lib/x509_b64.c @@ -142,13 +142,7 @@ int _gnutls_base64_encode(const uint8 * data, size_t data_size, uint8 ** result) int ret, tmp; char tmpres[4]; - ret = data_size % 3; - if (ret != 0) - ret = 4; - else - ret = 0; - - ret += (data_size / 3) * 4; + ret = B64SIZE( data_size); (*result) = gnutls_malloc(ret + 1); if ((*result) == NULL) @@ -194,17 +188,7 @@ int _gnutls_fbase64_encode(const char *msg, const uint8 * data, int data_size, strcat(bottom, msg); /* Flawfinder: ignore */ strcat(bottom, "-----\n"); /* Flawfinder: ignore */ - ret = data_size % 3; - if (ret != 0) - ret = 4; - else - ret = 0; - - ret += strlen(top) + strlen(bottom); - - tmp = (data_size / 3) * 4; - ret += (tmp / 64) + (tmp % 64 > 0 ? 1 : 0); /* add new lines */ - ret += tmp; + ret = B64FSIZE( strlen(msg), data_size); (*result) = gnutls_calloc(1, ret + 1); if ((*result) == NULL) @@ -325,14 +309,13 @@ int size; int _gnutls_base64_decode(const uint8 * data, size_t data_size, uint8 ** result) { unsigned int i, j; - int ret, tmp; + int ret, tmp, est; uint8 tmpres[3]; - data_size /= 4; - data_size *= 4; + est = ((data_size * 3) / 4) + 1; + ret = 0; - ret = data_size / 4 * 3; - (*result) = gnutls_malloc(ret+1); + (*result) = gnutls_malloc(est); if ((*result) == NULL) return GNUTLS_E_MEMORY_ERROR; @@ -343,8 +326,8 @@ int _gnutls_base64_decode(const uint8 * data, size_t data_size, uint8 ** result) return tmp; } memcpy(&(*result)[j], tmpres, tmp); - if (tmp < 3) - ret -= (3 - tmp); + ret += tmp; + j += 3; } return ret; diff --git a/lib/x509_b64.h b/lib/x509_b64.h index 6c7b014707..9317fd5f47 100644 --- a/lib/x509_b64.h +++ b/lib/x509_b64.h @@ -4,3 +4,16 @@ int _gnutls_fbase64_encode(const char *msg, const uint8 * data, int data_size, int _gnutls_base64_decode(const uint8 * data, size_t data_size, uint8 ** result); int _gnutls_fbase64_decode( const opaque* header, const uint8 * data, size_t data_size, uint8 ** result); + +#define B64SIZE( data_size) ((data_size%3==0)?((data_size/3)*4):(4+((data_size/3)*4))) + +/* The size for B64 encoding + newlines plus header + */ + +#define HEADSIZE( hsize) \ + sizeof("-----BEGIN")-1+sizeof("-----\n")-1+ \ + sizeof("\n-----END ")-1+sizeof("-----\n")-1+hsize+hsize + +#define B64FSIZE( hsize, dsize) \ + (B64SIZE(dsize) + HEADSIZE(hsize) + /*newlines*/ \ + B64SIZE(dsize)/64 + (B64SIZE(dsize) % 64 > 0 ? 1 : 0)) |