WolfSSL
/
wolfcrypt-jni
mirror of https://github.com/wolfSSL/wolfcrypt-jni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

JNI/JCE: fix pointer use in JNI X509CheckPrivateKey()

pull/80/head
Chris Conlon 2024-10-23 10:27:47 -06:00
parent ddddfc604d
commit d8ed437f3b
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
jni/jni_jce_wolfsslkeystore.c
View File

@ -42,6 +42,7 @@ JNIEXPORT jboolean JNICALL Java_com_wolfssl_provider_jce_WolfSSLKeyStore_X509Che
int keyDerSz = 0; int keyDerSz = 0;
byte* certDer = NULL; byte* certDer = NULL;
byte* keyDer = NULL; byte* keyDer = NULL;
byte* pkcs8KeyDer = NULL;
WOLFSSL_X509* x509 = NULL; WOLFSSL_X509* x509 = NULL;
WOLFSSL_EVP_PKEY* key = NULL; WOLFSSL_EVP_PKEY* key = NULL;
WOLFSSL_PKCS8_PRIV_KEY_INFO* keyInfo = NULL; WOLFSSL_PKCS8_PRIV_KEY_INFO* keyInfo = NULL;
@ -58,6 +59,9 @@ JNIEXPORT jboolean JNICALL Java_com_wolfssl_provider_jce_WolfSSLKeyStore_X509Che
keyDer = (byte*)(*env)->GetByteArrayElements(env, pkcs8KeyDerArr, NULL); keyDer = (byte*)(*env)->GetByteArrayElements(env, pkcs8KeyDerArr, NULL);
keyDerSz = (*env)->GetArrayLength(env, pkcs8KeyDerArr); keyDerSz = (*env)->GetArrayLength(env, pkcs8KeyDerArr);
/* Keep original keyDer pointer for free later, wolfSSL_d2i_PKCS8_PKEY
* will change/advance the pointer. */
pkcs8KeyDer = keyDer;
if (certDer == NULL || certDerSz <= 0 || keyDer == NULL || keyDerSz <= 0) { if (certDer == NULL || certDerSz <= 0 || keyDer == NULL || keyDerSz <= 0) {
fprintf(stderr, "Native X509CheckPrivateKey() bad args"); fprintf(stderr, "Native X509CheckPrivateKey() bad args");
@ -75,7 +79,8 @@ JNIEXPORT jboolean JNICALL Java_com_wolfssl_provider_jce_WolfSSLKeyStore_X509Che
} }
if (ret == WOLFSSL_SUCCESS) { if (ret == WOLFSSL_SUCCESS) {
keyInfo = wolfSSL_d2i_PKCS8_PKEY(NULL, (const byte**)&keyDer, keyDerSz); keyInfo = wolfSSL_d2i_PKCS8_PKEY(NULL, (const byte**)&pkcs8KeyDer,
keyDerSz);
if (keyInfo == NULL) { if (keyInfo == NULL) {
fprintf(stderr, "Native wolfSSL_d2i_PKCS8_PKEY() failed"); fprintf(stderr, "Native wolfSSL_d2i_PKCS8_PKEY() failed");
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;