f1b2a7d1b4
When generating certificates with
`Crypto.generate_self_signed_certificate` we generate the PEM in a
buffer via `mbedtls_x509write_crt_pem`.
Since version 2.16.8, mbedtls adds spurious data at the end of the
buffer due to internal optimizations, this breaks our logic when we try
to immediately parse it and return a proper `X509Certificate` object.
This commit updates the code to find the actual PEM length to parse
using `strlen`, takes extra caution always adding the terminator to the
buffer, and slightly improve error messages.
(cherry picked from commit
|
||
---|---|---|
.. | ||
SCsub | ||
config.py | ||
crypto_mbedtls.cpp | ||
crypto_mbedtls.h | ||
dtls_server_mbedtls.cpp | ||
dtls_server_mbedtls.h | ||
packet_peer_mbed_dtls.cpp | ||
packet_peer_mbed_dtls.h | ||
register_types.cpp | ||
register_types.h | ||
ssl_context_mbedtls.cpp | ||
ssl_context_mbedtls.h | ||
stream_peer_mbedtls.cpp | ||
stream_peer_mbedtls.h |