Reject null bytes in DER encoded values in DNs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>

commit: f826d1113e30577dd5c662cacc92e1369b8cf37f [log] [tgz]
author: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com> Mon Aug 14 16:32:22 2023 +0100
committer: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com> Tue Aug 22 10:39:56 2023 +0100
tree: f146f2b60f760e2077e4f0c635671f205c31d713
parent: eb55867520c2cd67932c888b81d06d9f2bcc2d28 [diff] [blame]
diff --git a/library/x509_create.c b/library/x509_create.c
index 66f6806..8a648e3 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c

@@ -239,6 +239,9 @@
         if ((c + 1 >= end) || (n = hexpair_to_int(*c, *(c+1))) == -1) {
             return MBEDTLS_ERR_X509_INVALID_NAME;
         }
+        if (MBEDTLS_ASN1_IS_STRING_TAG(*tag) && n == 0) {
+            return MBEDTLS_ERR_X509_INVALID_NAME;
+        }
         *(p++) = n;
     }
     asn1_der_end = p;
commit	f826d1113e30577dd5c662cacc92e1369b8cf37f	[log] [tgz]
author	Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	Mon Aug 14 16:32:22 2023 +0100
committer	Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	Tue Aug 22 10:39:56 2023 +0100
tree	f146f2b60f760e2077e4f0c635671f205c31d713
parent	eb55867520c2cd67932c888b81d06d9f2bcc2d28 [diff] [blame]