6ffac75995
Using 4096 bytes of stack for the temporary buffer used for holding a throw-away DER-formatted CSR limits the portability of generating certificate signing requests to only devices with lots of stack space. To increase portability, use the mbedtls_pem_write_buffer() in-place capability instead, using the same buffer for input and output. This works since the DER encoding for some given data is always smaller than that same data PEM-encoded. PEM format is desirable to use even on stack-constrained devices as the format is easy to work with (for example, copy-pasting from a tiny device's serial console output, for CSRs generated on tiny devices without the private key leaving said tiny device). |
||
---|---|---|
.. | ||
.gitignore | ||
certs.c | ||
CMakeLists.txt | ||
debug.c | ||
error.c | ||
Makefile | ||
net_sockets.c | ||
pkcs11.c | ||
ssl_cache.c | ||
ssl_ciphersuites.c | ||
ssl_cli.c | ||
ssl_cookie.c | ||
ssl_srv.c | ||
ssl_ticket.c | ||
ssl_tls.c | ||
version.c | ||
version_features.c | ||
x509.c | ||
x509_create.c | ||
x509_crl.c | ||
x509_crt.c | ||
x509_csr.c | ||
x509write_crt.c | ||
x509write_csr.c |