Commit fa2c5958 authored by Dan Mihai's avatar Dan Mihai Committed by Nathan Heldt-Sheller

security: fix mbedtls_x509_crt_parse error

Add null terminator at the end of the cert, required by

This patch allows CT1.7.8.5 to make progress with its DTLS handshake.
Handshake fails later on, for different reasons, being investigated.

Change-Id: Iebfcf17be2661f080499961fbd259cef3b1c06d8
Signed-off-by: default avatarDan Mihai <>
Reviewed-on: default avatarKevin Kane <>
Reviewed-by: default avatarWay Vadhanasin <>
Tested-by: default avatarjenkins-iotivity <>
Reviewed-by: Nathan Heldt-Sheller's avatarNathan Heldt-Sheller <>
parent 60c237df
......@@ -3457,6 +3457,29 @@ static OCStackResult GetCaCert(ByteArray_t * crt, const char * usage, OicEncodin
OIC_LOG_V(WARNING, TAG, "%s not found", usage);
if (OIC_ENCODING_PEM == desiredEncoding)
/* mbedtls_x509_crt_parse requires a null terminator to determine that the format is PEM */
size_t crtLength = crt->len;
bool addNull = (crt->data[crtLength - 1] != 0);
if (addNull)
OIC_LOG_V(DEBUG, TAG, "%s: adding null terminator at the end of the cert", __func__);
uint8_t *oldData = crt->data;
crt->data = OICRealloc(crt->data, crtLength + 1);
if (NULL == crt->data)
OIC_LOG(ERROR, TAG, "No memory reallocating crt->data");
crt->data[crtLength] = 0;
crt->len = crtLength + 1;
OIC_LOG_V(DEBUG, TAG, "Out %s", __func__);
return OC_STACK_OK;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment