feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fix asn public interface, some potential collisions

Browse Source
This commit is contained in:
Todd A Ouska
2011-06-03 13:01:45 -07:00
parent 3eba68df6d
commit 004da8ff52
8 changed files with 174 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -6,7 +6,9 @@
*sh *sh
*.cache *.cache
.dirstamp .dirstamp
*.user
config* config*
*Debug/
ctc_config* ctc_config*
stamp* stamp*
libtool.m4 libtool.m4

15
configure.in
View File

@ -7,7 +7,7 @@ AC_CANONICAL_SYSTEM
AM_INIT_AUTOMAKE(subdir-objects) AM_INIT_AUTOMAKE(subdir-objects)
#shared library versioning #shared library versioning
CYASSL_LIBRARY_VERSION=2:0:0 CYASSL_LIBRARY_VERSION=2:1:0
# | | | # | | |
# +------+ | +---+ # +------+ | +---+
# | | | # | | |
@ -367,6 +367,19 @@ fi
AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"]) AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
# Test certs, use internal cert functions for extra testing
AC_ARG_ENABLE(testcert,
[ --enable-testcert Enable Test Cert (default: disabled)],
[ ENABLED_TESTCERT=$enableval ],
[ ENABLED_TESTCERT=no ]
)
if test "$ENABLED_TESTCERT" = "yes"
then
CFLAGS="$CFLAGS -DCYASSL_TEST_CERT"
fi
# LIBZ # LIBZ
trylibzdir="" trylibzdir=""
AC_ARG_WITH(libz, AC_ARG_WITH(libz,

55
ctaocrypt/include/ctc_asn.h
View File

@ -42,7 +42,6 @@ enum {
ISSUER = 0, ISSUER = 0,
SUBJECT = 1, SUBJECT = 1,
SERIAL_SIZE = 8,
EXTERNAL_SERIAL_SIZE = 32, EXTERNAL_SERIAL_SIZE = 32,
BEFORE = 0, BEFORE = 0,
@ -170,20 +169,16 @@ enum KDF_Sum {
}; };
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
PRIVATEKEY_TYPE,
CA_TYPE
};
enum VerifyType { enum VerifyType {
NO_VERIFY = 0, NO_VERIFY = 0,
VERIFY = 1 VERIFY = 1
}; };
typedef struct DecodedCert DecodedCert;
typedef struct Signer Signer;
struct DecodedCert { struct DecodedCert {
byte* publicKey; byte* publicKey;
word32 pubKeySize; word32 pubKeySize;
@ -237,6 +232,18 @@ struct Signer {
}; };
/* not for public consumption but may use for testing sometimes */
#ifdef CYASSL_TEST_CERT
#define CYASSL_TEST_API CYASSL_API
#else
#define CYASSL_TEST_API CYASSL_LOCAL
#endif
CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, void*);
CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
CYASSL_TEST_API int ParseCert(DecodedCert*, word32, int type, int verify,
Signer* signer);
CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify, CYASSL_LOCAL int ParseCertRelative(DecodedCert*, word32, int type, int verify,
Signer* signer); Signer* signer);
@ -265,7 +272,6 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
enum cert_enums { enum cert_enums {
NAME_SIZE = 64,
NAME_ENTRIES = 8, NAME_ENTRIES = 8,
JOINT_LEN = 2, JOINT_LEN = 2,
EMAIL_JOINT_LEN = 9, EMAIL_JOINT_LEN = 9,
@ -274,35 +280,6 @@ enum cert_enums {
}; };
typedef struct CertName {
char country[NAME_SIZE];
char state[NAME_SIZE];
char locality[NAME_SIZE];
char sur[NAME_SIZE];
char org[NAME_SIZE];
char unit[NAME_SIZE];
char commonName[NAME_SIZE];
char email[NAME_SIZE]; /* !!!! email has to be last !!!! */
} CertName;
/* for user to fill for certificate generation */
struct Cert {
int version; /* x509 version */
byte serial[SERIAL_SIZE]; /* serial number */
int sigType; /* signature algo type */
CertName issuer; /* issuer info */
int daysValid; /* validity days */
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
};
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */

78
ctaocrypt/include/ctc_asn_public.h
View File

@ -24,31 +24,58 @@
#define CTAO_CRYPT_ASN_PUBLIC_H #define CTAO_CRYPT_ASN_PUBLIC_H
#include "ctc_types.h" #include "ctc_types.h"
#ifdef CYASSL_CERT_GEN
#include "ctc_rsa.h"
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/* forward declarations */
typedef struct DecodedCert DecodedCert;
typedef struct Cert Cert;
typedef struct Signer Signer;
#ifndef CTC_RSA_KEY_DEFINED
typedef struct RsaKey RsaKey;
#endif
#ifndef CTC_RNG_DEFINED
typedef struct RNG RNG;
#endif
CYASSL_API void InitDecodedCert(DecodedCert*, byte*, void*); /* Certificate file Type */
CYASSL_API void FreeDecodedCert(DecodedCert*); enum CertType {
CYASSL_API int ParseCert(DecodedCert*, word32, int type, int verify, CERT_TYPE = 0,
Signer* signer); PRIVATEKEY_TYPE,
CA_TYPE
};
#ifdef CYASSL_CERT_GEN
enum Ctc_Misc {
CTC_NAME_SIZE = 64,
CTC_SERIAL_SIZE = 8
};
typedef struct CertName {
char country[CTC_NAME_SIZE];
char state[CTC_NAME_SIZE];
char locality[CTC_NAME_SIZE];
char sur[CTC_NAME_SIZE];
char org[CTC_NAME_SIZE];
char unit[CTC_NAME_SIZE];
char commonName[CTC_NAME_SIZE];
char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
} CertName;
/* for user to fill for certificate generation */
typedef struct Cert {
int version; /* x509 version */
byte serial[CTC_SERIAL_SIZE]; /* serial number */
int sigType; /* signature algo type */
CertName issuer; /* issuer info */
int daysValid; /* validity days */
int selfSigned; /* self signed flag */
CertName subject; /* subject info */
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
} Cert;
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
#endif
/* Initialize and Set Certficate defaults: /* Initialize and Set Certficate defaults:
version = 3 (0x2) version = 3 (0x2)
@ -66,9 +93,18 @@ CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*); RNG*);
CYASSL_API int SetIssuer(Cert*, const char*); CYASSL_API int SetIssuer(Cert*, const char*);
#ifdef HAVE_NTRU
CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, #ifdef HAVE_NTRU
const byte* ntruKey, word16 keySz, RNG*); CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz, RNG*);
#endif
#endif /* CYASSL_CERT_GEN */
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
#endif #endif

1
ctaocrypt/include/ctc_random.h
View File

@ -59,7 +59,6 @@ typedef struct RNG {
Arc4 cipher; Arc4 cipher;
} RNG; } RNG;
#define CTC_RNG_DEFINED /* redeclare guard */
CYASSL_API int InitRng(RNG*); CYASSL_API int InitRng(RNG*);
CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz); CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz);

11
ctaocrypt/include/ctc_rsa.h
View File

@ -44,8 +44,6 @@ typedef struct RsaKey {
void* heap; /* for user memory overrides */ void* heap; /* for user memory overrides */
} RsaKey; } RsaKey;
#define CTC_RSA_KEY_DEFINED /* redeclare guard */
CYASSL_API void InitRsaKey(RsaKey* key, void*); CYASSL_API void InitRsaKey(RsaKey* key, void*);
CYASSL_API void FreeRsaKey(RsaKey* key); CYASSL_API void FreeRsaKey(RsaKey* key);
@ -64,15 +62,16 @@ CYASSL_API int RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key); word32 outLen, RsaKey* key);
CYASSL_API int RsaEncryptSize(RsaKey* key); CYASSL_API int RsaEncryptSize(RsaKey* key);
CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
#ifdef CYASSL_KEY_GEN #ifdef CYASSL_KEY_GEN
CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng); CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
#endif #endif
CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
word32);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

62
ctaocrypt/src/asn.c
View File

@ -2420,7 +2420,7 @@ void InitCert(Cert* cert)
cert->selfSigned = 1; cert->selfSigned = 1;
cert->bodySz = 0; cert->bodySz = 0;
cert->keyType = RSA_KEY; cert->keyType = RSA_KEY;
XMEMSET(cert->serial, 0, SERIAL_SIZE); XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
cert->issuer.country[0] = '\0'; cert->issuer.country[0] = '\0';
cert->issuer.state[0] = '\0'; cert->issuer.state[0] = '\0';
@ -2446,7 +2446,7 @@ void InitCert(Cert* cert)
typedef struct DerCert { typedef struct DerCert {
byte size[MAX_LENGTH_SZ]; /* length encoded */ byte size[MAX_LENGTH_SZ]; /* length encoded */
byte version[MAX_VERSION_SZ]; /* version encoded */ byte version[MAX_VERSION_SZ]; /* version encoded */
byte serial[SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */ byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */
byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */ byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */
byte issuer[ASN_NAME_MAX]; /* issuer encoded */ byte issuer[ASN_NAME_MAX]; /* issuer encoded */
byte subject[ASN_NAME_MAX]; /* subject encoded */ byte subject[ASN_NAME_MAX]; /* subject encoded */
@ -2478,10 +2478,10 @@ static int SetSerial(const byte* serial, byte* output)
int length = 0; int length = 0;
output[length++] = ASN_INTEGER; output[length++] = ASN_INTEGER;
length += SetLength(SERIAL_SIZE, &output[length]); length += SetLength(CTC_SERIAL_SIZE, &output[length]);
XMEMCPY(&output[length], serial, SERIAL_SIZE); XMEMCPY(&output[length], serial, CTC_SERIAL_SIZE);
return length + SERIAL_SIZE; return length + CTC_SERIAL_SIZE;
} }
@ -2657,7 +2657,7 @@ typedef struct EncodedName {
int totalLen; /* total encodeding length */ int totalLen; /* total encodeding length */
int type; /* type of name */ int type; /* type of name */
int used; /* are we actually using this one */ int used; /* are we actually using this one */
byte encoded[NAME_SIZE * 2]; /* encoding */ byte encoded[CTC_NAME_SIZE * 2]; /* encoding */
} EncodedName; } EncodedName;
@ -2853,7 +2853,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng,
der->versionSz = SetMyVersion(cert->version, der->version, TRUE); der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
/* serial number */ /* serial number */
RNG_GenerateBlock(rng, cert->serial, SERIAL_SIZE); RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE);
cert->serial[0] = 0x01; /* ensure positive */ cert->serial[0] = 0x01; /* ensure positive */
der->serialSz = SetSerial(cert->serial, der->serial); der->serialSz = SetSerial(cert->serial, der->serial);
@ -3086,51 +3086,51 @@ int SetIssuer(Cert* cert, const char* issuerCertFile)
return ret; return ret;
if (decoded.subjectCN) { if (decoded.subjectCN) {
sz = (decoded.subjectCNLen < NAME_SIZE) ? decoded.subjectCNLen : sz = (decoded.subjectCNLen < CTC_NAME_SIZE) ? decoded.subjectCNLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.commonName, decoded.subjectCN, NAME_SIZE); strncpy(cert->issuer.commonName, decoded.subjectCN, CTC_NAME_SIZE);
cert->issuer.commonName[sz] = 0; cert->issuer.commonName[sz] = 0;
} }
if (decoded.subjectC) { if (decoded.subjectC) {
sz = (decoded.subjectCLen < NAME_SIZE) ? decoded.subjectCLen : sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.country, decoded.subjectC, NAME_SIZE); strncpy(cert->issuer.country, decoded.subjectC, CTC_NAME_SIZE);
cert->issuer.country[sz] = 0; cert->issuer.country[sz] = 0;
} }
if (decoded.subjectST) { if (decoded.subjectST) {
sz = (decoded.subjectSTLen < NAME_SIZE) ? decoded.subjectSTLen : sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.state, decoded.subjectST, NAME_SIZE); strncpy(cert->issuer.state, decoded.subjectST, CTC_NAME_SIZE);
cert->issuer.state[sz] = 0; cert->issuer.state[sz] = 0;
} }
if (decoded.subjectL) { if (decoded.subjectL) {
sz = (decoded.subjectLLen < NAME_SIZE) ? decoded.subjectLLen : sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.locality, decoded.subjectL, NAME_SIZE); strncpy(cert->issuer.locality, decoded.subjectL, CTC_NAME_SIZE);
cert->issuer.locality[sz] = 0; cert->issuer.locality[sz] = 0;
} }
if (decoded.subjectO) { if (decoded.subjectO) {
sz = (decoded.subjectOLen < NAME_SIZE) ? decoded.subjectOLen : sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.org, decoded.subjectO, NAME_SIZE); strncpy(cert->issuer.org, decoded.subjectO, CTC_NAME_SIZE);
cert->issuer.org[sz] = 0; cert->issuer.org[sz] = 0;
} }
if (decoded.subjectOU) { if (decoded.subjectOU) {
sz = (decoded.subjectOULen < NAME_SIZE) ? decoded.subjectOULen : sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.unit, decoded.subjectOU, NAME_SIZE); strncpy(cert->issuer.unit, decoded.subjectOU, CTC_NAME_SIZE);
cert->issuer.unit[sz] = 0; cert->issuer.unit[sz] = 0;
} }
if (decoded.subjectSN) { if (decoded.subjectSN) {
sz = (decoded.subjectSNLen < NAME_SIZE) ? decoded.subjectSNLen : sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen :
NAME_SIZE - 1; CTC_NAME_SIZE - 1;
strncpy(cert->issuer.sur, decoded.subjectSN, NAME_SIZE); strncpy(cert->issuer.sur, decoded.subjectSN, CTC_NAME_SIZE);
cert->issuer.sur[sz] = 0; cert->issuer.sur[sz] = 0;
} }
if (decoded.subjectEmail) { if (decoded.subjectEmail) {
sz = (decoded.subjectEmailLen < NAME_SIZE) ? decoded.subjectEmailLen : sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ?
NAME_SIZE - 1; decoded.subjectEmailLen : CTC_NAME_SIZE - 1;
strncpy(cert->issuer.email, decoded.subjectEmail, NAME_SIZE); strncpy(cert->issuer.email, decoded.subjectEmail, CTC_NAME_SIZE);
cert->issuer.email[sz] = 0; cert->issuer.email[sz] = 0;
} }

84
ctaocrypt/test/test.c
View File

@ -5,6 +5,11 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#ifdef CYASSL_TEST_CERT
#include "ctc_asn.h"
#else
#include "ctc_asn_public.h"
#endif
#include "ctc_md5.h" #include "ctc_md5.h"
#include "ctc_md4.h" #include "ctc_md4.h"
#include "ctc_sha.h" #include "ctc_sha.h"
@ -13,7 +18,7 @@
#include "ctc_arc4.h" #include "ctc_arc4.h"
#include "ctc_random.h" #include "ctc_random.h"
#include "ctc_coding.h" #include "ctc_coding.h"
#include "ctc_asn.h" #include "ctc_rsa.h"
#include "ctc_des3.h" #include "ctc_des3.h"
#include "ctc_aes.h" #include "ctc_aes.h"
#include "ctc_hmac.h" #include "ctc_hmac.h"
@ -1081,7 +1086,9 @@ int rsa_test()
word32 inLen = (word32)strlen((char*)in); word32 inLen = (word32)strlen((char*)in);
byte out[256]; byte out[256];
byte plain[256]; byte plain[256];
#ifdef CYASSL_TEST_CERT
DecodedCert cert; DecodedCert cert;
#endif
FILE* file = fopen(clientKey, "rb"), * file2; FILE* file = fopen(clientKey, "rb"), * file2;
@ -1115,12 +1122,14 @@ int rsa_test()
bytes2 = fread(tmp2, 1, sizeof(tmp2), file2); bytes2 = fread(tmp2, 1, sizeof(tmp2), file2);
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&cert, (byte*)&tmp2, 0); InitDecodedCert(&cert, (byte*)&tmp2, 0);
ret = ParseCert(&cert, (word32)bytes2, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&cert, (word32)bytes2, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) return -48; if (ret != 0) return -48;
FreeDecodedCert(&cert); FreeDecodedCert(&cert);
#endif
fclose(file2); fclose(file2);
fclose(file); fclose(file);
@ -1179,31 +1188,35 @@ int rsa_test()
Cert myCert; Cert myCert;
byte derCert[4096]; byte derCert[4096];
byte pem[4096]; byte pem[4096];
DecodedCert decode;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
int certSz; int certSz;
int pemSz; int pemSz;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
InitCert(&myCert); InitCert(&myCert);
strncpy(myCert.subject.country, "US", NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", NAME_SIZE); strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
strncpy(myCert.subject.unit, "Development", NAME_SIZE); strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng); certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng);
if (certSz < 0) if (certSz < 0)
return -401; return -401;
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, 0); InitDecodedCert(&decode, derCert, 0);
ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) if (ret != 0)
return -402; return -402;
FreeDecodedCert(&decode);
#endif
derFile = fopen("./cert.der", "wb"); derFile = fopen("./cert.der", "wb");
if (!derFile) if (!derFile)
return -403; return -403;
@ -1220,7 +1233,6 @@ int rsa_test()
ret = fwrite(pem, pemSz, 1, pemFile); ret = fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile); fclose(pemFile);
FreeDecodedCert(&decode);
} }
/* CA style */ /* CA style */
@ -1229,7 +1241,6 @@ int rsa_test()
Cert myCert; Cert myCert;
byte derCert[4096]; byte derCert[4096];
byte pem[4096]; byte pem[4096];
DecodedCert decode;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
int certSz; int certSz;
@ -1237,6 +1248,9 @@ int rsa_test()
byte tmp[2048]; byte tmp[2048];
size_t bytes; size_t bytes;
word32 idx = 0; word32 idx = 0;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
FILE* file = fopen(caKeyFile, "rb"); FILE* file = fopen(caKeyFile, "rb");
@ -1251,13 +1265,13 @@ int rsa_test()
InitCert(&myCert); InitCert(&myCert);
strncpy(myCert.subject.country, "US", NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", NAME_SIZE); strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
strncpy(myCert.subject.unit, "Development", NAME_SIZE); strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile); ret = SetIssuer(&myCert, caCertFile);
if (ret < 0) if (ret < 0)
@ -1272,10 +1286,13 @@ int rsa_test()
return -408; return -408;
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, 0); InitDecodedCert(&decode, derCert, 0);
ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) if (ret != 0)
return -409; return -409;
FreeDecodedCert(&decode);
#endif
derFile = fopen("./othercert.der", "wb"); derFile = fopen("./othercert.der", "wb");
if (!derFile) if (!derFile)
@ -1292,9 +1309,6 @@ int rsa_test()
return -412; return -412;
ret = fwrite(pem, pemSz, 1, pemFile); ret = fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile); fclose(pemFile);
FreeDecodedCert(&decode);
} }
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
{ {
@ -1302,7 +1316,6 @@ int rsa_test()
Cert myCert; Cert myCert;
byte derCert[4096]; byte derCert[4096];
byte pem[4096]; byte pem[4096];
DecodedCert decode;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
FILE* caFile; FILE* caFile;
@ -1312,6 +1325,9 @@ int rsa_test()
byte tmp[2048]; byte tmp[2048];
size_t bytes; size_t bytes;
word32 idx = 0; word32 idx = 0;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
byte public_key[557]; /* sized for EES401EP2 */ byte public_key[557]; /* sized for EES401EP2 */
word16 public_key_len; /* no. of octets in public key */ word16 public_key_len; /* no. of octets in public key */
@ -1352,13 +1368,13 @@ int rsa_test()
InitCert(&myCert); InitCert(&myCert);
strncpy(myCert.subject.country, "US", NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", NAME_SIZE); strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
strncpy(myCert.subject.org, "yaSSL", NAME_SIZE); strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
strncpy(myCert.subject.unit, "Development", NAME_SIZE); strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE); strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE); strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile); ret = SetIssuer(&myCert, caCertFile);
if (ret < 0) if (ret < 0)
@ -1374,11 +1390,13 @@ int rsa_test()
return -457; return -457;
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, 0); InitDecodedCert(&decode, derCert, 0);
ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) if (ret != 0)
return -458; return -458;
FreeDecodedCert(&decode);
#endif
derFile = fopen("./ntru-cert.der", "wb"); derFile = fopen("./ntru-cert.der", "wb");
if (!derFile) if (!derFile)
return -459; return -459;
@ -1400,10 +1418,6 @@ int rsa_test()
return -462; return -462;
ret = fwrite(private_key, private_key_len, 1, ntruPrivFile); ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
fclose(ntruPrivFile); fclose(ntruPrivFile);
FreeDecodedCert(&decode);
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */