Replies: 1 comment 2 replies
-
Out of curiosity, does the certificate you're trying to use have a key length of 4KB (32768 bits) or 4Kb (4096 bits)? |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Certificates in size over 4KB is not converting
Trying this piece of code:
UINT8* cert = ... (loaded certificate over 4KB)
BIO *bio = NULL;
bio = BIO_new(BIO_s_mem());
if (BIO_puts(bio, cert) <= 0) // This fails
{
}
After investigating I've found that it happens because openssl uses function strlen() to read certificate length that mapped to function in file CryptoPkg\Library\Include\CrtLibSupport.h :
#define MAX_STRING_SIZE 0x1000
#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))
where MAX_STRING_SIZE is 4096 bytes so openssl can't handle files over this border.
This is weird, there must be unsafe version of AsciiStrLen with unlimited size..
Beta Was this translation helpful? Give feedback.
All reactions