mirror of
https://github.com/ARMmbed/mbedtls.git
synced 2025-05-19 06:58:24 +08:00
6ffac75995
Using 4096 bytes of stack for the temporary buffer used for holding a throw-away DER-formatted CSR limits the portability of generating certificate signing requests to only devices with lots of stack space. To increase portability, use the mbedtls_pem_write_buffer() in-place capability instead, using the same buffer for input and output. This works since the DER encoding for some given data is always smaller than that same data PEM-encoded. PEM format is desirable to use even on stack-constrained devices as the format is easy to work with (for example, copy-pasting from a tiny device's serial console output, for CSRs generated on tiny devices without the private key leaving said tiny device).