cmd/jwk: check return from jose_jwk_thp_buf() properly

jose_jwk_thp_buf() returns, on success, the number of
bytes written; otherwise, it returns SIZE_MAX.

We now check its return properly, from jcmd_jwk_thp(),
which is used by the CLI utility. While at it, let us
also initialize the dec/enc buffers.

Signed-off-by: Sergio Correia <[email protected]>

Author: sergio-correia

cmd/jwk/thp.c

@@ -144,16 +144,17 @@ jcmd_jwk_thp(int argc, char *argv[])
         const json_t *jwk = json_array_get(opt.keys, i);
 
         for (const jose_hook_alg_t *a = jose_hook_alg_list(); a; a = a->next) {
-            uint8_t dec[dlen];
-            char enc[elen];
+            uint8_t dec[dlen] = {};
+            char enc[elen] = {};
 
             if (a->kind != JOSE_HOOK_ALG_KIND_HASH)
                 continue;
 
             if (!opt.find && strcmp(opt.hash, a->name) != 0)
                 continue;
 
-            if (!jose_jwk_thp_buf(NULL, jwk, opt.hash, dec, sizeof(dec))) {
+            size_t nbytes = jose_jwk_thp_buf(NULL, jwk, opt.hash, dec, sizeof(dec));
+            if (nbytes == 0 || nbytes == SIZE_MAX) {
                 fprintf(stderr, "Error making thumbprint!\n");
                 return EXIT_FAILURE;
             }