|Applies To||RSA BSAFE Micro Edition Suite|
|Issue||What input checking does MES do for R_SSL_CTX_use_certificate_ASN1(), R_SSL_CTX_use_PrivateKey_ASN1(), R_SSL_CTX_check_private_key()?|
What input checking does MES do for these functions?
What if the data is ASN.1 but not X.509 format?
|Resolution||1. R_SSL_CTX_use_certificate_ASN1() calls R_CERT_from_binary(). If the certificate is not a valid binary X.509 certificate (e.g. if it is valid ASN.1 but not an X.509 certificate, if it is an X.509 certificate but not in binary format, or if it different data such as a Word document), then it will log an SSL error on the error stack. |
If you run the sample program cert.c with "-inform bin", then R_CERT_read() also calls R_CERT_from_binary(). You can use this to test the behavior of R_CERT_from_binary().
If NO_WTLS_CERT is not defined, then a WTLS certificate may also be used.
If you run the sample program pkey.c with "-inform bin", then it also also calls R_PKEY_from_binary(). You can use this to test the behavior of R_PKEY_from_binary().
|Legacy Article ID||a42054|