ASN: move DecodedCert.extSubjKeyIdSz and .extAuthKeyIdSz out of the OPENSSL_EXTRA gate. fixes test.c:certext_test(), broken by f8c968d8d1 for some valid configs.

2024-08-14 14:42:56 -05:00 · 2024-08-14 14:42:56 -05:00 · 1fa2d2d625
parent 21484ec75a
commit 1fa2d2d625
2 changed files with 5 additions and 4 deletions
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -19717,13 +19717,14 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
        return ASN_PARSE_E;
    }

+    cert->extAuthKeyIdSz = length;
+
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 #ifdef WOLFSSL_AKID_NAME
    cert->extRawAuthKeyIdSrc = input;
    cert->extRawAuthKeyIdSz = sz;
 #endif
    cert->extAuthKeyIdSrc = &input[idx];
-    cert->extAuthKeyIdSz = length;
 #endif /* OPENSSL_EXTRA */

    return GetHashId(input + idx, length, cert->extAuthKeyId,
@ -19819,9 +19820,9 @@ static int DecodeSubjKeyId(const byte* input, word32 sz, DecodedCert* cert)

    ret = GetOctetString(input, &idx, &length, sz);
    if (ret > 0) {
+        cert->extSubjKeyIdSz = (word32)length;
    #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
        cert->extSubjKeyIdSrc = &input[idx];
-        cert->extSubjKeyIdSz = (word32)length;
    #endif /* OPENSSL_EXTRA */

        /* Get the hash or hash of the hash if wrong size. */
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@ -1724,7 +1724,9 @@ struct DecodedCert {
    const byte* extCrlInfo;          /* CRL Distribution Points          */
    int     extCrlInfoSz;            /* length of the URI                */
    byte    extSubjKeyId[KEYID_SIZE]; /* Subject Key ID                  */
+    word32  extSubjKeyIdSz;
    byte    extAuthKeyId[KEYID_SIZE]; /* Authority Key ID                */
+    word32  extAuthKeyIdSz;
 #ifdef WOLFSSL_AKID_NAME
    const byte* extAuthKeyIdIssuer;  /* Authority Key ID authorityCertIssuer */
    word32  extAuthKeyIdIssuerSz;    /* Authority Key ID authorityCertIssuer length */
@ -1751,9 +1753,7 @@ struct DecodedCert {
    word32  extRawAuthKeyIdSz;
 #endif
    const byte* extAuthKeyIdSrc;
-    word32  extAuthKeyIdSz;
    const byte* extSubjKeyIdSrc;
-    word32  extSubjKeyIdSz;
 #endif
 #ifdef OPENSSL_ALL
    const byte* extSubjAltNameSrc;