pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

include/mbedtls/pem.h

@@ -135,6 +135,9 @@ void mbedtls_pem_free(mbedtls_pem_context *ctx);
  * \param olen      The address at which to store the total length written
  *                  or required (if \p buf_len is not enough).
  *
+ * \note            Newlines are automatically appended to both header and
+ *                  footer.
+ *
  * \note            You may pass \c NULL for \p buf and \c 0 for \p buf_len
  *                  to request the length of the resulting PEM buffer in
  *                  `*olen`.

library/pem.c

@@ -473,7 +473,10 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer,
     size_t len = 0, use_len, add_len = 0;
 
     mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len);
-    add_len = strlen(header) + strlen(footer) + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1;
+    /* Newlines are appended to the end of both header and footer, so we
+     * account for an extra +2. */
+    add_len = strlen(header) + strlen(footer) + 2 + \
+              (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1;
 
     if (use_len + add_len > buf_len) {
         *olen = use_len + add_len;
@@ -493,6 +496,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer,
 
     memcpy(p, header, strlen(header));
     p += strlen(header);
+    *p++ = '\n';
     c = encode_buf;
 
     while (use_len) {
@@ -506,6 +510,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer,
 
     memcpy(p, footer, strlen(footer));
     p += strlen(footer);
+    *p++ = '\n';
 
     *p++ = '\0';
     *olen = p - buf;

library/x509write_crt.c

@@ -651,8 +651,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
     return (int) len;
 }
 
-#define PEM_BEGIN_CRT           "-----BEGIN CERTIFICATE-----\n"
-#define PEM_END_CRT             "-----END CERTIFICATE-----\n"
+#define PEM_BEGIN_CRT           "-----BEGIN CERTIFICATE-----"
+#define PEM_END_CRT             "-----END CERTIFICATE-----"
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt,

library/x509write_csr.c

@@ -302,8 +302,8 @@ int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf,
     return ret;
 }
 
-#define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----\n"
-#define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----\n"
+#define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----"
+#define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----"
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,

tests/suites/test_suite_pem.data

@@ -1,20 +1,20 @@
 Standard PEM write
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
 
 PEM write (zero data)
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"":"-----START TEST-----\n-----END TEST-----\n"
 
 PEM write (one byte)
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n"
 
 PEM write (more than line size)
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n"
 
 PEM write (exactly two lines)
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n"
 
 PEM write (exactly two lines + 1)
-mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
+mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n"
 
 PEM write length reporting
 mbedtls_pem_write_buffer_lengths

tests/suites/test_suite_pem.function

@@ -40,17 +40,17 @@ void mbedtls_pem_write_buffer_lengths()
     size_t olen_needed, olen;
     int ret;
     for (size_t l = 0; l <= sizeof(data); l++) {
-        ret = mbedtls_pem_write_buffer("\n", "\n", data, l, NULL, 0, &olen_needed);
+        ret = mbedtls_pem_write_buffer("", "", data, l, NULL, 0, &olen_needed);
         TEST_EQUAL(ret, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL);
 
         /* Test that a bigger buffer still only requires `olen_needed` */
-        ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, sizeof(buf), &olen);
+        ret = mbedtls_pem_write_buffer("", "", data, l, buf, sizeof(buf), &olen);
         TEST_EQUAL(ret, 0);
         TEST_EQUAL(olen_needed, olen);
 
         /* Test that a buffer of exactly `olen_needed` works */
         memset(buf, 1, sizeof(buf));
-        ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, olen_needed, &olen);
+        ret = mbedtls_pem_write_buffer("", "", data, l, buf, olen_needed, &olen);
         TEST_EQUAL(ret, 0);
         TEST_EQUAL(olen_needed, olen);
         /* Test the function didn't overflow the given buffer */