Skip to content

Commit 6475106

Browse files
kaleb-himeskaleb-himes
authored
Merge pull request #9449 from lealem47/hash_script
Use only the first 64 bytes of hash output in fips-hash.sh
2 parents ab2196b + 61e58f0 commit 6475106

File tree

3 files changed

+18
-9
lines changed

3 files changed

+18
-9
lines changed

fips-check.sh

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -31,17 +31,19 @@ Usage() {
3131
cat <<usageText
3232
Usage: $0 [flavor] [keep] [nomakecheck] [nodoconfigure] [noautogen]
3333
Flavor is one of:
34-
linuxv2 (FIPSv2, use for Win10)
35-
fipsv2-OE-ready (ready FIPSv2)
34+
linuxv2 (FIPSv2, use for Win10)
35+
fipsv2-OE-ready (ready FIPSv2)
3636
solaris
3737
netbsd-selftest
3838
marvell-linux-selftest
39-
linuxv5 (current FIPS 140-3)
40-
fips-ready (ready FIPS 140-3)
41-
fips-dev (dev FIPS 140-3)
39+
linuxv5 (current FIPS 140-3 [v5.2.1])
40+
linuxv5-RC12 (current FIPS 140-3 [v5.2.0.1])
41+
fips-ready (ready FIPS 140-3)
42+
fips-dev (dev FIPS 140-3)
4243
wolfrand
4344
wolfentropy
44-
v6.0.0
45+
v6.0.0 (pending FIPS 140-3 [v6.0.0])
46+
4547
keep: (default off) retains the temp dir $TEST_DIR for inspection.
4648
nomakecheck: (default off) don't run make check
4749
nodoconfigure: (default off) don't run configure
@@ -670,10 +672,12 @@ if [ "$DOCONFIGURE" = "yes" ]; then
670672
fi
671673

672674
if [ -s wolfcrypt/src/fips_test.c ]; then
673-
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
675+
OUT=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
676+
NEWHASH=$(echo "$OUT" | cut -c1-64)
674677
if [ -n "$NEWHASH" ]; then
675678
cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
676-
sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak >wolfcrypt/src/fips_test.c
679+
sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak > \
680+
wolfcrypt/src/fips_test.c
677681
make clean
678682
fi
679683
fi

fips-hash.sh

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@ then
1212
exit 1
1313
fi
1414

15-
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
15+
OUT=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
16+
NEWHASH=$(echo "$OUT" | cut -c1-64)
1617
if test -n "$NEWHASH"
1718
then
1819
cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak

src/internal.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13204,6 +13204,10 @@ int CheckHostName(DecodedCert* dCert, const char *domainName,
1320413204
int checkCN;
1320513205
int ret = WC_NO_ERR_TRACE(DOMAIN_NAME_MISMATCH);
1320613206

13207+
if (dCert == NULL) {
13208+
return BAD_FUNC_ARG;
13209+
}
13210+
1320713211
if (CheckForAltNames(dCert, domainName, (word32)domainNameLen,
1320813212
&checkCN, flags, isIP) != 1) {
1320913213
ret = DOMAIN_NAME_MISMATCH;

0 commit comments

Comments
 (0)