feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Added example client/server support for loading certificate and private key into WOLFSSL object using -H loadSSL. Added load_ssl_buffer function to load buffers into WOLFSSL objects. Changed wolfSSL_get_SSL_CTX API to always be exposed. Added TEST_LOAD_BUFFER build option to use the load_buffer and load_ssl_buffer calls for example client/server.

Browse Source
This commit is contained in:
David Garske
2018-10-09 12:54:41 -07:00
parent 1d7c4f96fa
commit 0293686990
5 changed files with 194 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
examples/client/client.c
View File

@ -1036,6 +1036,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
int useX25519 = 0;
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
#ifdef HAVE_WNR
const char* wnrConfigFile = wnrConfig;
@ -1094,6 +1095,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)helloRetry;
(void)onlyKeyShare;
(void)useSupCurve;
(void)loadCertKeyIntoSSLObj;
StackTrap();
@ -1201,6 +1203,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
else if (myoptarg[0] == 'e') {
version = EITHER_DOWNGRADE_VERSION;
loadCertKeyIntoSSLObj = 1;
break;
}
#endif
@ -1236,6 +1239,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Test use supported curve\n");
useSupCurve = 1;
}
else if (XSTRNCMP(myoptarg, "loadSSL", 7) == 0) {
printf("Load cert/key into wolfSSL object\n");
loadCertKeyIntoSSLObj = 1;
}
else {
Usage();
XEXIT_T(MY_EX_USAGE);
@ -1586,6 +1593,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (doDTLS) {
if (version == 3)
version = -2;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
else if (version == EITHER_DOWNGRADE_VERSION)
version = -3;
#endif
else
version = -1;
}
@ -1652,6 +1663,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
method = wolfDTLSv1_2_client_method_ex;
break;
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
case -3:
method = wolfDTLSv1_2_method_ex;
break;
#endif
#endif
default:
@ -1826,8 +1842,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#ifndef NO_CERTS
if (useClientCert){
#ifndef NO_FILESYSTEM
if (useClientCert && !loadCertKeyIntoSSLObj){
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
@ -1837,14 +1853,17 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#else
load_buffer(ctx, ourCert, WOLFSSL_CERT_CHAIN);
#endif
}
#ifdef HAVE_PK_CALLBACKS
pkCbInfo.ourKey = ourKey;
#ifdef TEST_PK_PRIVKEY
if (!pkCallbacks)
#endif
#endif
#ifndef NO_FILESYSTEM
if (!loadCertKeyIntoSSLObj
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
&& !pkCallbacks
#endif
) {
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
@ -1857,7 +1876,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
if (!usePsk && !useAnon && (!useVerifyCb || myVerifyFail)) {
#if !defined(NO_FILESYSTEM)
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_CTX_load_verify_locations(ctx, verifyCert, 0)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
@ -1866,9 +1885,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#else
load_buffer(ctx, verifyCert, WOLFSSL_CA);
#endif /* !NO_FILESYSTEM */
#ifdef HAVE_ECC
/* load ecc verify too, echoserver uses it by default w/ ecc */
#ifndef NO_FILESYSTEM
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_CTX_load_verify_locations(ctx, eccCertFile, 0)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
@ -1876,7 +1896,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#else
load_buffer(ctx, eccCertFile, WOLFSSL_CA);
#endif /* !NO_FILESYSTEM */
#endif /* !TEST_LOAD_BUFFER */
#endif /* HAVE_ECC */
#if defined(WOLFSSL_TRUST_PEER_CERT) && !defined(NO_FILESYSTEM)
if (trustCert) {
@ -2039,19 +2059,52 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err_sys("unable to get SSL object");
}
#ifdef OPENSSL_EXTRA
wolfSSL_KeepArrays(ssl);
#ifndef NO_CERTS
if (useClientCert && loadCertKeyIntoSSLObj){
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_use_certificate_chain_file(ssl, ourCert)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't load client cert file, check file and run from"
" wolfSSL home dir");
}
#else
load_ssl_buffer(ssl, ourCert, WOLFSSL_CERT_CHAIN);
#endif
}
if (loadCertKeyIntoSSLObj
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
&& !pkCallbacks
#endif
) {
#ifndef TEST_LOAD_BUFFER
if (wolfSSL_use_PrivateKey_file(ssl, ourKey, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't load client private key file, check file and run "
"from wolfSSL home dir");
}
#else
load_ssl_buffer(ssl, ourKey, WOLFSSL_KEY);
#endif
}
#endif /* !NO_CERTS */
#ifdef OPENSSL_EXTRA
wolfSSL_KeepArrays(ssl);
#endif
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
fprintf(stderr, "After creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys("ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
fprintf(stderr, "After creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys("ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
err_sys("error printing out memory stats");
#endif
#ifdef WOLFSSL_TLS13
#ifdef WOLFSSL_TLS13
if (!helloRetry) {
if (onlyKeyShare == 0 || onlyKeyShare == 2) {
#ifdef HAVE_CURVE25519
@ -2083,7 +2136,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
else {
wolfSSL_NoKeyShares(ssl);
}
#endif
#endif
if (doMcast) {
#ifdef WOLFSSL_MULTICAST

66
examples/server/server.c
View File

@ -572,6 +572,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
int useX25519 = 0;
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
((func_args*)args)->return_code = -1; /* error state */
@ -605,6 +606,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
(void)postHandAuth;
(void)mcastID;
(void)useX25519;
(void)loadCertKeyIntoSSLObj;
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@ -701,6 +703,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
else if (myoptarg[0] == 'e') {
version = EITHER_DOWNGRADE_VERSION;
loadCertKeyIntoSSLObj = 1;
break;
}
#endif
@ -728,6 +731,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
printf("Verify should fail\n");
myVerifyFail = 1;
}
else if (XSTRNCMP(myoptarg, "loadSSL", 7) == 0) {
printf("Load cert/key into wolfSSL object\n");
loadCertKeyIntoSSLObj = 1;
}
else {
Usage();
XEXIT_T(MY_EX_USAGE);
@ -950,6 +957,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (doDTLS) {
if (version == 3)
version = -2;
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
else if (version == EITHER_DOWNGRADE_VERSION)
version = -3;
#endif
else
version = -1;
}
@ -1016,6 +1027,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
method = wolfDTLSv1_2_server_method_ex;
break;
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
case -3:
method = wolfDTLSv1_2_method_ex;
break;
#endif
#endif
default:
@ -1090,8 +1106,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
#if !defined(NO_CERTS)
if ((!usePsk || usePskPlus) && !useAnon) {
#if !defined(NO_FILESYSTEM)
if ((!usePsk || usePskPlus) && !useAnon && !loadCertKeyIntoSSLObj) {
#ifndef TEST_LOAD_BUFFER
if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
!= WOLFSSL_SUCCESS)
err_sys_ex(runWithErrors, "can't load server cert file, check file and run from"
@ -1128,14 +1144,15 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
#endif
#if !defined(NO_CERTS)
#ifdef HAVE_PK_CALLBACKS
pkCbInfo.ourKey = ourKey;
#ifdef TEST_PK_PRIVKEY
if (!pkCallbacks)
#ifdef HAVE_PK_CALLBACKS
pkCbInfo.ourKey = ourKey;
#endif
#endif
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon) {
#if !defined(NO_FILESYSTEM)
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon && !loadCertKeyIntoSSLObj
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
&& !pkCallbacks
#endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
) {
#ifndef TEST_LOAD_BUFFER
if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys_ex(runWithErrors, "can't load server private key file, check file and run "
@ -1294,6 +1311,37 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
wolfSSL_KeepArrays(ssl);
#endif
/* Support for loading private key and cert using WOLFSSL object */
#if !defined(NO_CERTS)
if ((!usePsk || usePskPlus) && !useAnon && loadCertKeyIntoSSLObj) {
#ifndef TEST_LOAD_BUFFER
if (SSL_use_certificate_chain_file(ssl, ourCert)
!= WOLFSSL_SUCCESS)
err_sys_ex(runWithErrors, "can't load server cert file, check file and run from"
" wolfSSL home dir");
#else
/* loads cert chain file using buffer API */
load_ssl_buffer(ssl, ourCert, WOLFSSL_CERT_CHAIN);
#endif
}
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon && loadCertKeyIntoSSLObj
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
&& !pkCallbacks
#endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
) {
#ifndef TEST_LOAD_BUFFER
if (SSL_use_PrivateKey_file(ssl, ourKey, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys_ex(runWithErrors, "can't load server private key file, check file and run "
"from wolfSSL home dir");
#else
/* loads private key file using buffer API */
load_ssl_buffer(ssl, ourKey, WOLFSSL_KEY);
#endif
}
#endif /* !NO_CERTS */
#ifdef WOLFSSL_SEND_HRR_COOKIE
if (hrrCookie && wolfSSL_send_hrr_cookie(ssl, NULL, 0) != WOLFSSL_SUCCESS) {
err_sys("unable to set use of cookie with HRR msg");

25
src/ssl.c
View File

@ -18485,13 +18485,13 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
if (ctx != NULL) {
ctx->store = store;
#ifndef WOLFSSL_X509_STORE_CERTS
ctx->current_cert = x509;
ctx->current_cert = x509;
#else
if(x509 != NULL){
ctx->current_cert = wolfSSL_X509_d2i(NULL, x509->derCert->buffer,x509->derCert->length);
if(ctx->current_cert == NULL)
return WOLFSSL_FATAL_ERROR;
} else
} else
ctx->current_cert = NULL;
#endif
@ -29595,7 +29595,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
int pemSz;
long i = 0, l;
void *newx509;
WOLFSSL_ENTER("wolfSSL_PEM_read_X509");
if (fp == XBADFILE) {
@ -29641,13 +29641,13 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
derSz = der->length;
if((newx509 = (void *)wolfSSL_d2i_X509_CRL(
(WOLFSSL_X509_CRL **)x, (const unsigned char *)der->buffer, derSz)) == NULL)
goto err_exit;
goto err_exit;
FreeDer(&der);
break;
}
#endif
default:
default:
goto err_exit;
}
if (x != NULL) {
@ -29679,7 +29679,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
return (WOLFSSL_X509_CRL* )wolfSSL_PEM_read_X509_ex(fp, (void **)crl, cb, u, CRL_TYPE);
}
#endif
#endif
/*
@ -29807,13 +29807,13 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
* returns a pointer to a new WOLFSSL_ASN1_OBJECT struct on success and NULL
* on fail
*/
WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int id)
{
return wolfSSL_OBJ_nid2obj_ex(id, NULL);
}
WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int id,
WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int id,
WOLFSSL_ASN1_OBJECT* arg_obj)
{
word32 oidSz = 0;
@ -30978,7 +30978,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
switch (loc)
{
case 0:
case 0:
name->cnEntry.value->length = name->fullName.cnLen;
name->cnEntry.value->data = &name->fullName.fullName[name->fullName.cnIdx];
break;
@ -31083,7 +31083,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
name->cnEntry.nid = ASN_COMMON_NAME;
name->cnEntry.set = 1;
}
return &name->cnEntry;
}
@ -32626,12 +32626,13 @@ unsigned long wolfSSL_ERR_peek_last_error(void)
#endif
}
#endif /* OPENSSL_EXTRA */
WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_get_SSL_CTX");
return ssl->ctx;
}
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_ALL) || \
(defined(OPENSSL_EXTRA) && (defined(HAVE_STUNNEL) || \
@ -34411,7 +34412,7 @@ long wolfSSL_X509_get_version(const WOLFSSL_X509 *x509){
version = x509->version;
if (version != 0)
return (long)version - 1L;
return 0L;
}
#endif /* OPENSSL_EXTRA */

15
wolfssl/ssl.h
View File

@ -569,6 +569,7 @@ WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_is_server(WOLFSSL*);
WOLFSSL_API WOLFSSL* wolfSSL_write_dup(WOLFSSL*);
WOLFSSL_API int wolfSSL_set_fd (WOLFSSL*, int);
@ -578,7 +579,7 @@ WOLFSSL_API char* wolfSSL_get_cipher_list(int priority);
WOLFSSL_API char* wolfSSL_get_cipher_list_ex(WOLFSSL* ssl, int priority);
WOLFSSL_API int wolfSSL_get_ciphers(char*, int);
WOLFSSL_API const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char,
WOLFSSL_API const char* wolfSSL_get_cipher_name_from_suite(const unsigned char,
const unsigned char);
WOLFSSL_API const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf,
int len);
@ -1041,9 +1042,9 @@ WOLFSSL_API const char* wolfSSL_state_string_long(const WOLFSSL*);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long,
void(*)(int, int, void*), void*);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r,
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPublicKey(WOLFSSL_RSA **r,
const unsigned char **pp, long len);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**,
WOLFSSL_API WOLFSSL_RSA *wolfSSL_d2i_RSAPrivateKey(WOLFSSL_RSA**,
const unsigned char**, long);
WOLFSSL_API int wolfSSL_i2d_RSAPublicKey(WOLFSSL_RSA *r, const unsigned char **pp);
WOLFSSL_API int wolfSSL_i2d_RSAPrivateKey(WOLFSSL_RSA *r, unsigned char **pp);
@ -1906,7 +1907,7 @@ enum KDF_MacAlgorithm {
struct ecc_key;
typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key,
typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key,
unsigned int keySz, int ecc_curve, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX*, CallbackEccKeyGen);
WOLFSSL_API void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx);
@ -1978,7 +1979,7 @@ WOLFSSL_API void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl);
#ifdef HAVE_CURVE25519
struct curve25519_key;
typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key,
typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key,
unsigned int keySz, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX*, CallbackX25519KeyGen);
WOLFSSL_API void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx);
@ -2776,8 +2777,6 @@ WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_version(WOLFSSL*);
WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*);
@ -2952,7 +2951,7 @@ WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value(
WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio,
WOLFSSL_X509 *cert);
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
OPENSSL_EXTRA || HAVE_LIGHTY*/
WOLFSSL_API void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl,

52
wolfssl/test.h
View File

@ -403,11 +403,11 @@ static const word16 wolfSSLPort = 11111;
#endif
static WC_INLINE
static WC_INLINE
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
THREAD_RETURN
#else
WC_NORETURN void
WC_NORETURN void
#endif
err_sys(const char* msg)
{
@ -1421,6 +1421,48 @@ static WC_INLINE void OCSPRespFreeCb(void* ioCtx, unsigned char* response)
free(buff);
}
static WC_INLINE void load_ssl_buffer(WOLFSSL* ssl, const char* fname, int type)
{
int format = WOLFSSL_FILETYPE_PEM;
byte* buff = NULL;
size_t sz = 0;
if (load_file(fname, &buff, &sz) != 0) {
err_sys("can't open file for buffer load "
"Please run from wolfSSL home directory if not");
}
/* determine format */
if (strstr(fname, ".der"))
format = WOLFSSL_FILETYPE_ASN1;
if (type == WOLFSSL_CA) {
/* verify certs (CA's) use the shared ctx->cm (WOLFSSL_CERT_MANAGER) */
WOLFSSL_CTX* ctx = wolfSSL_get_SSL_CTX(ssl);
if (wolfSSL_CTX_load_verify_buffer(ctx, buff, (long)sz, format)
!= WOLFSSL_SUCCESS)
err_sys("can't load buffer ca file");
}
else if (type == WOLFSSL_CERT) {
if (wolfSSL_use_certificate_buffer(ssl, buff, (long)sz,
format) != WOLFSSL_SUCCESS)
err_sys("can't load buffer cert file");
}
else if (type == WOLFSSL_KEY) {
if (wolfSSL_use_PrivateKey_buffer(ssl, buff, (long)sz,
format) != WOLFSSL_SUCCESS)
err_sys("can't load buffer key file");
}
else if (type == WOLFSSL_CERT_CHAIN) {
if (wolfSSL_use_certificate_chain_buffer_format(ssl, buff,
(long)sz, format) != WOLFSSL_SUCCESS)
err_sys("can't load cert chain buffer");
}
if (buff)
free(buff);
}
#ifdef TEST_PK_PRIVKEY
static WC_INLINE int load_key_file(const char* fname, byte** derBuf, word32* derLen)
{
@ -1473,7 +1515,7 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
* store->store: WOLFSSL_X509_STORE with CA cert chain
* store->store->cm: WOLFSSL_CERT_MANAGER
* store->ex_data: The WOLFSSL object pointer
* store->discardSessionCerts: When set to non-zero value session certs
* store->discardSessionCerts: When set to non-zero value session certs
will be discarded (only with SESSION_CERTS)
*/
@ -2040,7 +2082,7 @@ typedef struct PkCbInfo {
#ifdef HAVE_ECC
static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz,
static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz,
int ecc_curve, void* ctx)
{
int ret;
@ -2285,7 +2327,7 @@ static WC_INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz
#endif /* HAVE_ED25519 */
#ifdef HAVE_CURVE25519
static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key,
static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key,
unsigned int keySz, void* ctx)
{
int ret;