Commit fa2c5958 authored by Dan Mihai's avatar Dan Mihai Committed by Nathan Heldt-Sheller

security: fix mbedtls_x509_crt_parse error

Add null terminator at the end of the cert, required by
mbedtls_x509_crt_parse.

This patch allows CT1.7.8.5 to make progress with its DTLS handshake.
Handshake fails later on, for different reasons, being investigated.

Change-Id: Iebfcf17be2661f080499961fbd259cef3b1c06d8
Signed-off-by: default avatarDan Mihai <Daniel.Mihai@microsoft.com>
https://jira.iotivity.org/browse/IOT-2622
Reviewed-on: https://gerrit.iotivity.org/gerrit/21985Reviewed-by: default avatarKevin Kane <kkane@microsoft.com>
Reviewed-by: default avatarWay Vadhanasin <wayvad@microsoft.com>
Tested-by: default avatarjenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Nathan Heldt-Sheller's avatarNathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
parent 60c237df
......@@ -3457,6 +3457,29 @@ static OCStackResult GetCaCert(ByteArray_t * crt, const char * usage, OicEncodin
OIC_LOG_V(WARNING, TAG, "%s not found", usage);
return OC_STACK_NO_RESOURCE;
}
if (OIC_ENCODING_PEM == desiredEncoding)
{
/* mbedtls_x509_crt_parse requires a null terminator to determine that the format is PEM */
size_t crtLength = crt->len;
bool addNull = (crt->data[crtLength - 1] != 0);
if (addNull)
{
OIC_LOG_V(DEBUG, TAG, "%s: adding null terminator at the end of the cert", __func__);
uint8_t *oldData = crt->data;
crt->data = OICRealloc(crt->data, crtLength + 1);
if (NULL == crt->data)
{
OIC_LOG(ERROR, TAG, "No memory reallocating crt->data");
OICFree(oldData);
return OC_STACK_NO_MEMORY;
}
crt->data[crtLength] = 0;
crt->len = crtLength + 1;
}
}
OIC_LOG_V(DEBUG, TAG, "Out %s", __func__);
return OC_STACK_OK;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment