mbedtls/library
Hanno Becker eeea9ead3c Perform CRT writing in-place on the output buffer
The CRT writing routine mbedtls_x509write_crt_der() prepares the TBS
(to-be-signed) part of the CRT in a temporary stack-allocated buffer,
copying it to the actual output buffer at the end of the routine.

This comes at the cost of a very large stack buffer. Moreover, its size
must be hardcoded to an upper bound for the lengths of all CRTs to be
written through the routine. So far, this upper bound was set to 2Kb, which
isn't sufficient some larger certificates, as was reported e.g. in #2631.

This commit fixes this by changing mbedtls_x509write_crt_der() to write
the certificate in-place in the output buffer, thereby avoiding the use
of a statically sized stack buffer for the TBS.

Fixes #2631.
2020-07-10 17:51:54 +00:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
aesni.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
arc4.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
aria.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
asn1parse.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
asn1write.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
base64.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
bignum.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
blowfish.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
camellia.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ccm.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
certs.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
chacha20.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
chachapoly.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
cipher.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
cipher_wrap.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
cmac.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
CMakeLists.txt Bump version to Mbed TLS 2.16.7 2020-06-26 12:35:53 +01:00
ctr_drbg.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
debug.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
des.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
dhm.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ecdh.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ecdsa.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ecjpake.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ecp.c Merge branch 'mbedtls-2.16-restricted' into mbedtls-2.16.7r0 2020-06-25 09:19:21 +01:00
ecp_curves.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
entropy.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
entropy_poll.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
error.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
gcm.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
havege.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
hkdf.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
hmac_drbg.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
Makefile Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
md.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
md2.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
md4.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
md5.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
md_wrap.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
memory_buffer_alloc.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
net_sockets.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
nist_kw.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
oid.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
padlock.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pem.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pk.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pk_wrap.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pkcs5.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pkcs11.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pkcs12.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pkparse.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
pkwrite.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
platform.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
platform_util.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
poly1305.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ripemd160.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
rsa.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
rsa_internal.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
sha1.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
sha256.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
sha512.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_cache.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_ciphersuites.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_cli.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_cookie.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_srv.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_ticket.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
ssl_tls.c Merge branch 'mbedtls-2.16-restricted' into mbedtls-2.16.7r0 2020-06-25 09:19:21 +01:00
threading.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
timing.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
version.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
version_features.c Merge branch 'mbedtls-2.16-restricted' into mbedtls-2.16.7r0 2020-06-25 09:19:21 +01:00
x509.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
x509_create.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
x509_crl.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
x509_crt.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
x509_csr.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
x509write_crt.c Perform CRT writing in-place on the output buffer 2020-07-10 17:51:54 +00:00
x509write_csr.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00
xtea.c Update license headers to Apache-2.0 OR GPL-2.0-or-later 2020-06-15 12:48:48 +02:00