From 95cd9c81c899e630d15ba7313df25b0225f25a8d Mon Sep 17 00:00:00 2001
From: Eric Blankenhorn <eric@wolfssl.com>
Date: Tue, 18 Jun 2024 14:41:58 -0500
Subject: [PATCH 1/3] Add attr to get_dn_attr_by_nid

---
 src/x509.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/x509.c b/src/x509.c
index 2fcc5d9318..6c9c769cdb 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -12972,6 +12972,14 @@ static int get_dn_attr_by_nid(int n, const char** buf)
             str = "UID";
             len = 3;
             break;
+        case NID_serialNumber:
+            str = "serialNumber";
+            len = 12;
+            break;
+        case NID_title:
+            str = "title";
+            len = 5;
+            break;
         default:
             WOLFSSL_MSG("Attribute type not found");
             str = NULL;

From 5efa82a239d66f50b54aa3ab224a69e7cb6268eb Mon Sep 17 00:00:00 2001
From: Eric Blankenhorn <eric@wolfssl.com>
Date: Tue, 18 Jun 2024 14:47:01 -0500
Subject: [PATCH 2/3] Check for null sig in wolfSSL_X509_CRL_get_signature

---
 src/x509.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/x509.c b/src/x509.c
index 6c9c769cdb..43386dc8a5 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -8236,7 +8236,8 @@ int wolfSSL_X509_CRL_get_signature(WOLFSSL_X509_CRL* crl,
 {
     WOLFSSL_ENTER("wolfSSL_X509_CRL_get_signature");
 
-    if (crl == NULL || crl->crlList == NULL || bufSz == NULL)
+    if (crl == NULL || crl->crlList == NULL ||
+        crl->crlList->signature == NULL || bufSz == NULL)
         return BAD_FUNC_ARG;
 
     if (buf != NULL)

From d4a90e8a716e221a516a03435f6bb9115e3d5cc8 Mon Sep 17 00:00:00 2001
From: Eric Blankenhorn <eric@wolfssl.com>
Date: Tue, 18 Jun 2024 15:08:01 -0500
Subject: [PATCH 3/3] Fix wolfSSL_ASN1_TIME_to_generalizedtime with UTC time

---
 src/ssl_asn1.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c
index 2c3a58e349..9e9ef2d094 100644
--- a/src/ssl_asn1.c
+++ b/src/ssl_asn1.c
@@ -3510,14 +3510,17 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
     if (ret != NULL) {
         /* Set the ASN.1 type and length of string. */
         ret->type = V_ASN1_GENERALIZEDTIME;
-        ret->length = ASN_GENERALIZED_TIME_SIZE;
 
         if (t->type == V_ASN1_GENERALIZEDTIME) {
+            ret->length = ASN_GENERALIZED_TIME_SIZE;
+
             /* Just copy as data already appropriately formatted. */
             XMEMCPY(ret->data, t->data, ASN_GENERALIZED_TIME_SIZE);
         }
         else {
             /* Convert UTC TIME to GENERALIZED TIME. */
+            ret->length = t->length + 2; /* Add two extra year digits */
+
             if (t->data[0] >= '5') {
                 /* >= 50 is 1900s.  */
                 ret->data[0] = '1'; ret->data[1] = '9';
@@ -3527,7 +3530,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
                 ret->data[0] = '2'; ret->data[1] = '0';
             }
             /* Append rest of the data as it is the same. */
-            XMEMCPY(&ret->data[2], t->data, ASN_UTC_TIME_SIZE);
+            XMEMCPY(&ret->data[2], t->data, t->length);
         }
 
         /* Check for pointer to return result through. */