pem_read_buffer() already update use_len after header and footer are read

After header and footer are read, pem_read_buffer() is able to determine the length of input data used. This allows calling functions to skip this PEM bit if an error occurs during its parsing. (cherry picked from commit 9255e8300e)
2025-07-30 22:43:08 +03:00 · 2013-06-24 13:02:41 +02:00
parent b2a1140469
commit 00b2860e8d
5 changed files with 31 additions and 22 deletions
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -1430,7 +1430,7 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
                buflen -= use_len;
                buf += use_len;
            }
-            else if( ret != POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+            else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
            {
                pem_free( &pem );

@ -1570,7 +1570,7 @@ int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
        len = pem.buflen;
        pem_free( &pem );
    }
-    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
    {
        pem_free( &pem );
        return( ret );
@ -2025,7 +2025,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
                           "-----END RSA PRIVATE KEY-----",
                           key, pwd, pwdlen, &len );

-    if( ret == POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+    if( ret == POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
    {
        ret = pem_read_buffer( &pem,
                           "-----BEGIN PRIVATE KEY-----",
@ -2040,7 +2040,7 @@ int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen,
         */
        keylen = pem.buflen;
    }
-    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
    {
        pem_free( &pem );
        return( ret );
@ -2265,7 +2265,7 @@ int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t key
         */
        keylen = pem.buflen;
    }
-    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
    {
        pem_free( &pem );
        return( ret );
@ -2357,7 +2357,7 @@ int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen
         */
        dhminlen = pem.buflen;
    }
-    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_PRESENT )
+    else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
    {
        pem_free( &pem );
        return( ret );