From fa2c5958f182c52ab05d3e40b0de55165671d66d Mon Sep 17 00:00:00 2001 From: Dan Mihai Date: Thu, 17 Aug 2017 13:20:16 -0700 Subject: [PATCH] security: fix mbedtls_x509_crt_parse error Add null terminator at the end of the cert, required by mbedtls_x509_crt_parse. This patch allows CT1.7.8.5 to make progress with its DTLS handshake. Handshake fails later on, for different reasons, being investigated. Change-Id: Iebfcf17be2661f080499961fbd259cef3b1c06d8 Signed-off-by: Dan Mihai https://jira.iotivity.org/browse/IOT-2622 Reviewed-on: https://gerrit.iotivity.org/gerrit/21985 Reviewed-by: Kevin Kane Reviewed-by: Way Vadhanasin Tested-by: jenkins-iotivity Reviewed-by: Nathan Heldt-Sheller --- resource/csdk/security/src/credresource.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/resource/csdk/security/src/credresource.c b/resource/csdk/security/src/credresource.c index 2a78f49..0a48d73 100644 --- a/resource/csdk/security/src/credresource.c +++ b/resource/csdk/security/src/credresource.c @@ -3457,6 +3457,29 @@ static OCStackResult GetCaCert(ByteArray_t * crt, const char * usage, OicEncodin OIC_LOG_V(WARNING, TAG, "%s not found", usage); return OC_STACK_NO_RESOURCE; } + + if (OIC_ENCODING_PEM == desiredEncoding) + { + /* mbedtls_x509_crt_parse requires a null terminator to determine that the format is PEM */ + size_t crtLength = crt->len; + bool addNull = (crt->data[crtLength - 1] != 0); + + if (addNull) + { + OIC_LOG_V(DEBUG, TAG, "%s: adding null terminator at the end of the cert", __func__); + uint8_t *oldData = crt->data; + crt->data = OICRealloc(crt->data, crtLength + 1); + if (NULL == crt->data) + { + OIC_LOG(ERROR, TAG, "No memory reallocating crt->data"); + OICFree(oldData); + return OC_STACK_NO_MEMORY; + } + crt->data[crtLength] = 0; + crt->len = crtLength + 1; + } + } + OIC_LOG_V(DEBUG, TAG, "Out %s", __func__); return OC_STACK_OK; } -- 2.7.4