mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-25 00:39:55 +00:00
Separate the fits-in-buffer check (*data_length <= data_size) from the we-think-it's-a-sensible-size check (*data_length <= MBEDTLS_X509_MAX_DN_NAME_SIZE). This requires using an intermediate buffer for the DER data, since its maximum sensible size has to be larger than the maximum sensible size for the payload, due to the overhead of the ASN.1 tag+length. Remove test cases focusing on the DER length since the implementation no longer has a threshold for it. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>