mirror of https://github.com/wolfSSL/wolfssl.git
Merge pull request #8880 from holtrop/fix-printing-cert-with-empty-issuer-name
Fix printing empty names in certificatespull/8886/head
David Garske
GitHub
commit
5151a2297a
|
|
@ -0,0 +1,17 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICnzCCAYegAwIBAgIQU1iTAJIjUtSgSXdIIsSjfzANBgkqhkiG9w0BAQsFADAA
|
||||
MCAXDTI1MDYxNjE1MzUzMVoYDzIxMjUwNTIzMTUzNTMxWjAAMIIBIjANBgkqhkiG
|
||||
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOqupjygE+kYGouC/fcDyPnOoimqKOL/dqdA
|
||||
vyRfTL93qgOpkpE6LgdbnUdOIqLgzo66uymwMvzZ3n5ZOfNpjk+ZZ6BA9fPlfnSb
|
||||
UEF944metFas1zX7WMrx7lVp/tviMzVcAN8tegY5upOrRK4CmpjnNrHyn4La/aO6
|
||||
Xjf/87T2ESt8gpwdfwSKJJp6wKxlplShyXwFERG+J3cyGOrHwqj7m/MHMkNleRra
|
||||
WVuGHNN1KIMkM1uu+5mddGoAeft9q72IU5dzHh8L4Bie3BeXmXbym9V5Ol1kunJL
|
||||
+tQhTy/pkez2JmnbzSgCMsP1CvjudTdHBpGsQvKu4khs6+iL/wIDAQABoxMwETAP
|
||||
BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBhWgTR9Aldz76zdSIe
|
||||
PktR4h4HkTSzdrnY17S3vgRRpYtG3wvVNEFoNrq5qHAt+LuaG0zujU0CtRBZS40F
|
||||
8gtgs8tHRbi3erT2WzE0r60KUIEtDUr+MNI2eQqPMR0DQEdheiIW4cGV5brvsCsA
|
||||
iv8EnXtUq/JB2os40eFsYi6c9clMZxKwk2AmOYB8i4hvONxyfs0mSP+yJWRVXWoq
|
||||
iRcpynIyeaWhTW+Y4Fl4o81a+Ei23NLQkFH6jVAkk2bSkn6W3DwQXhtFu0aBO52E
|
||||
zRGGzKBMqwS82tNxHXjwZu0BunDCrpjoDR5RxKiCWWw5ckASQVRpz1Gg3nA8iOB7
|
||||
fnXW
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -30,6 +30,7 @@ EXTRA_DIST += \
|
|||
certs/ecc-keyPkcs8.der \
|
||||
certs/ecc-client-key.pem \
|
||||
certs/ecc-client-keyPub.pem \
|
||||
certs/empty-issuer-cert.pem \
|
||||
certs/client-ecc-cert.pem \
|
||||
certs/client-ca.pem \
|
||||
certs/dh2048.pem \
|
||||
|
|
|
|||
|
|
@ -228,3 +228,11 @@ generate_expired_certs expired/expired-cert ../server-key.pem
|
|||
|
||||
|
||||
generate_test_trusted_cert ossl-trusted-cert localhost "" 1
|
||||
|
||||
# Note on certs/empty-issuer-cert.pem:
|
||||
# OpenSSL did not like to generate this certificate with an empty CN in the
|
||||
# conf file.
|
||||
# The following commands were used to generate this certificate file:
|
||||
# wolfssl genkey rsa -size 2048 -out mykey -outform pem -output KEY
|
||||
# wolfssl req -new -days 36500 -key mykey.priv -out empty-issuer-cert.pem -x509
|
||||
# (pressing enter for ean input without entering any input text)
|
||||
|
|
|
|||
|
|
@ -13874,7 +13874,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
|
|||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_NAME_print_ex");
|
||||
|
||||
if ((name == NULL) || (name->sz == 0) || (bio == NULL))
|
||||
if ((name == NULL) || (bio == NULL))
|
||||
return WOLFSSL_FAILURE;
|
||||
|
||||
XMEMSET(eqStr, 0, sizeof(eqStr));
|
||||
|
|
|
|||
20
tests/api.c
20
tests/api.c
|
|
@ -22154,7 +22154,7 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
|
|||
ExpectIntEQ(X509_NAME_print_ex(NULL, NULL, 0, 0), WOLFSSL_FAILURE);
|
||||
ExpectIntEQ(X509_NAME_print_ex(membio, NULL, 0, 0), WOLFSSL_FAILURE);
|
||||
ExpectIntEQ(X509_NAME_print_ex(NULL, name, 0, 0), WOLFSSL_FAILURE);
|
||||
ExpectIntEQ(X509_NAME_print_ex(membio, empty, 0, 0), WOLFSSL_FAILURE);
|
||||
ExpectIntEQ(X509_NAME_print_ex(membio, empty, 0, 0), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
|
||||
wolfSSL_X509_NAME_free(empty);
|
||||
BIO_free(membio);
|
||||
|
|
@ -22178,6 +22178,24 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
|
|||
BIO_free(bio);
|
||||
name = NULL;
|
||||
|
||||
/* Test with empty issuer cert empty-issuer-cert.pem.
|
||||
* See notes in certs/test/gen-testcerts.sh for how it was generated. */
|
||||
ExpectNotNull(bio = BIO_new(BIO_s_file()));
|
||||
ExpectIntGT(BIO_read_filename(bio, noIssuerCertFile), 0);
|
||||
ExpectNotNull(PEM_read_bio_X509(bio, &x509, NULL, NULL));
|
||||
ExpectNotNull(name = X509_get_subject_name(x509));
|
||||
|
||||
ExpectNotNull(membio = BIO_new(BIO_s_mem()));
|
||||
ExpectIntEQ(X509_NAME_print_ex(membio, name, 0, 0), WOLFSSL_SUCCESS);
|
||||
/* Should be empty string "" */
|
||||
ExpectIntEQ((memSz = BIO_get_mem_data(membio, &mem)), 0);
|
||||
|
||||
BIO_free(membio);
|
||||
membio = NULL;
|
||||
X509_free(x509);
|
||||
BIO_free(bio);
|
||||
name = NULL;
|
||||
|
||||
/* Test normal case without escaped characters */
|
||||
{
|
||||
/* Create name: "/C=US/CN=wolfssl.com" */
|
||||
|
|
|
|||
|
|
@ -527,6 +527,7 @@ err_sys_with_errno(const char* msg)
|
|||
#define cliEd448CertFile "certs/ed448/client-ed448.pem"
|
||||
#define cliEd448KeyFile "certs/ed448/client-ed448-priv.pem"
|
||||
#define caEd448CertFile "certs/ed448/ca-ed448.pem"
|
||||
#define noIssuerCertFile "certs/empty-issuer-cert.pem"
|
||||
#define caCertFolder "certs/"
|
||||
#ifdef HAVE_WNR
|
||||
/* Whitewood netRandom default config file */
|
||||
|
|
@ -590,6 +591,7 @@ err_sys_with_errno(const char* msg)
|
|||
#define cliEd448CertFile "./certs/ed448/client-ed448.pem"
|
||||
#define cliEd448KeyFile "./certs/ed448/client-ed448-priv.pem"
|
||||
#define caEd448CertFile "./certs/ed448/ca-ed448.pem"
|
||||
#define noIssuerCertFile "./certs/empty-issuer-cert.pem"
|
||||
#define caCertFolder "./certs/"
|
||||
#ifdef HAVE_WNR
|
||||
/* Whitewood netRandom default config file */
|
||||
|
|
|
|||
Loading…
Reference in New Issue