WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #406 from night1rider/SelfSigned_Bug 

Self Signed CA always set to version 1
pull/408/head
David Garske 2025-03-06 16:02:45 -08:00 committed by GitHub
parent a6e54ccf93 250fa3923f
commit fe5b575039
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/tpm2_wrap.c
View File

@ -7180,6 +7180,14 @@ int wolfTPM2_CSR_MakeAndSign_ex(WOLFTPM2_DEV* dev, WOLFTPM2_CSR* csr,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
/* Set version to 2 for self-signed certificates, 0 for regular CSRs per RFC2986 */
if (selfSignCert) {
csr->req.version = 2;
}
else {
csr->req.version = 0;
}
rc = CSR_KeySetup(dev, csr, key, &csrKey, sigType, devId); rc = CSR_KeySetup(dev, csr, key, &csrKey, sigType, devId);
if (rc == 0) { if (rc == 0) {
rc = CSR_MakeAndSign(dev, csr, &csrKey, outFormat, out, outSz, rc = CSR_MakeAndSign(dev, csr, &csrKey, outFormat, out, outSz,
@ -7211,7 +7219,13 @@ int wolfTPM2_CSR_Generate_ex(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
XMEMSET(&csrKey, 0, sizeof(csrKey)); XMEMSET(&csrKey, 0, sizeof(csrKey));
rc = wc_InitCert(&csr.req); rc = wc_InitCert(&csr.req);
if (rc == 0) { if (rc == 0) {
csr.req.version = 0; /* per RFC2986 : CSR version should be 0 */ /* Set version to 2 for self-signed certificates, 0 for regular CSRs per RFC2986 */
if (selfSignCert) {
csr.req.version = 2;
}
else {
csr.req.version = 0;
}
rc = CSR_KeySetup(dev, &csr, key, &csrKey, sigType, devId); rc = CSR_KeySetup(dev, &csr, key, &csrKey, sigType, devId);
} }