From 4bb5740a7d0a5518de23635484847928e09600a7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 16:11:59 +0100 Subject: [PATCH] Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" This reverts commit 180915018dd04f6ad66faa3e9fc66813a221643d. Signed-off-by: Valerio Setti --- include/mbedtls/pem.h | 3 --- library/pem.c | 7 +------ library/x509write_crt.c | 4 ++-- library/x509write_csr.c | 4 ++-- tests/suites/test_suite_pem.data | 12 ++++++------ tests/suites/test_suite_pem.function | 6 +++--- 6 files changed, 14 insertions(+), 22 deletions(-) diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index 2fe19d026..cc617a9bc 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -135,9 +135,6 @@ void mbedtls_pem_free(mbedtls_pem_context *ctx); * \param olen The address at which to store the total length written * or required (if \p buf_len is not enough). * - * \note Newlines are automatically appended to both header and - * footer. - * * \note You may pass \c NULL for \p buf and \c 0 for \p buf_len * to request the length of the resulting PEM buffer in * `*olen`. diff --git a/library/pem.c b/library/pem.c index 7c0c447ee..9500ffcf7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -473,10 +473,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, size_t len = 0, use_len, add_len = 0; mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); - /* Newlines are appended to the end of both header and footer, so we - * account for an extra +2. */ - add_len = strlen(header) + strlen(footer) + 2 + \ - (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; + add_len = strlen(header) + strlen(footer) + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; if (use_len + add_len > buf_len) { *olen = use_len + add_len; @@ -496,7 +493,6 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, header, strlen(header)); p += strlen(header); - *p++ = '\n'; c = encode_buf; while (use_len) { @@ -510,7 +506,6 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, footer, strlen(footer)); p += strlen(footer); - *p++ = '\n'; *p++ = '\0'; *olen = p - buf; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 8d920f267..4c019eee4 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -651,8 +651,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, return (int) len; } -#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----" -#define PEM_END_CRT "-----END CERTIFICATE-----" +#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" +#define PEM_END_CRT "-----END CERTIFICATE-----\n" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt, diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 5ee683ff1..4e397553a 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -302,8 +302,8 @@ int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, return ret; } -#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----" -#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----" +#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" +#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data index 238a0bc04..a4dff45f0 100644 --- a/tests/suites/test_suite_pem.data +++ b/tests/suites/test_suite_pem.data @@ -1,20 +1,20 @@ Standard PEM write -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (zero data) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"":"-----START TEST-----\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n" PEM write (one byte) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" PEM write (more than line size) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (exactly two lines) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" PEM write (exactly two lines + 1) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" PEM write length reporting mbedtls_pem_write_buffer_lengths diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index cb652d458..413dc551c 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -40,17 +40,17 @@ void mbedtls_pem_write_buffer_lengths() size_t olen_needed, olen; int ret; for (size_t l = 0; l <= sizeof(data); l++) { - ret = mbedtls_pem_write_buffer("", "", data, l, NULL, 0, &olen_needed); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, NULL, 0, &olen_needed); TEST_EQUAL(ret, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); /* Test that a bigger buffer still only requires `olen_needed` */ - ret = mbedtls_pem_write_buffer("", "", data, l, buf, sizeof(buf), &olen); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, sizeof(buf), &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test that a buffer of exactly `olen_needed` works */ memset(buf, 1, sizeof(buf)); - ret = mbedtls_pem_write_buffer("", "", data, l, buf, olen_needed, &olen); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, olen_needed, &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test the function didn't overflow the given buffer */