Merge tizen_5.0 codes into tizen_4.0

[platform/upstream/iotivity.git] / resource / csdk / security / src / pkix_interface.c

diff --git a/resource/csdk/security/src/pkix_interface.c b/resource/csdk/security/src/pkix_interface.c
index 919608d..6a487a9 100644 (file)
--- a/resource/csdk/security/src/pkix_interface.c
+++ b/resource/csdk/security/src/pkix_interface.c
@@ -32,6 +32,8 @@
 
 #define TAG "OIC_SRM_PKIX_INTERFACE"
 
+#define ECC256_SIG_LEN 32+4
+
 static HWPkixContext_t gHwPkixCtx = {
     .getHwKeyContext = NULL,
     .freeHwKeyContext = NULL,
@@ -165,6 +167,7 @@ void CheckInvalidDERSignature(uint8_t *crtBuf, size_t *crtBufLen)
                 if(NULL == derCrtBufTmp)
                 {
                     OIC_LOG (ERROR, TAG, "Failed to allocate memory.");
+                    OICFree(certCopy);
                     goto exit;
                 }
 
@@ -195,8 +198,8 @@ void CheckInvalidDERSignature(uint8_t *crtBuf, size_t *crtBufLen)
         * | tag (INTEGER) | length (1B) | value (r or s in integer)  |
         * +---------------+-------------+----------------------------+
         */
-        uint8_t r_buf[32 + 4]; // for ECC 256 sign
-        uint8_t s_buf[32 + 4];
+        uint8_t r_buf[ECC256_SIG_LEN]; // for ECC 256 sign
+        uint8_t s_buf[ECC256_SIG_LEN];
         uint32_t r_len = 0;
         uint32_t s_len = 0;
         size_t sign_len = 0;
@@ -237,7 +240,7 @@ void CheckInvalidDERSignature(uint8_t *crtBuf, size_t *crtBufLen)
             {
                 r_len = sign_ptr[1] + 2; // including header itself
             }
-            if (r_len > deviceCert.sig.len)
+            if (r_len > deviceCert.sig.len || r_len > ECC256_SIG_LEN)
             {
                 OIC_LOG_V(ERROR, TAG, "signature length check error #1 : %d", ret);
                 goto exit;
@@ -254,7 +257,7 @@ void CheckInvalidDERSignature(uint8_t *crtBuf, size_t *crtBufLen)
             {
                 s_len = sign_ptr[1] + 2; // including header itself
             }
-            if (s_len + r_len > deviceCert.sig.len)
+            if (s_len + r_len > deviceCert.sig.len || s_len > ECC256_SIG_LEN)
             {
                 OIC_LOG_V(ERROR, TAG, "signature length check error #2 : %d", ret);
                 goto exit;
@@ -341,7 +344,7 @@ void CheckInvalidDERSignature(uint8_t *crtBuf, size_t *crtBufLen)
 exit:
     mbedtls_x509_crt_free(&deviceCert);
     OICFree(derCrtBufTmp);
-    OIC_LOG_V(DEBUG, TAG, "Cert chain length = %lu", *crtBufLen);
+    OIC_LOG_V(DEBUG, TAG, "Cert chain length = %u", *crtBufLen);
     OIC_LOG_V(DEBUG, TAG, "Out %s", __func__);
 }
 
@@ -378,7 +381,7 @@ static bool GetPkixInfoFromHw(PkiInfo_t * inf)
         // check and fix invalid cert signature
         CheckInvalidDERSignature(inf->crt.data, &inf->crt.len);
 
-        OIC_LOG_V(INFO, TAG, "Cert chain length = %lu", inf->crt.len);
+        OIC_LOG_V(INFO, TAG, "Cert chain length = %u", inf->crt.len);
         OIC_LOG_V(INFO, TAG, "Out %s", __func__);
         return true;
     }