feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Add support for cert format in get cert crypto callback

Browse Source
This commit is contained in:
Colton Willey
2024-12-09 14:32:02 -08:00
parent c83c9e68c9
commit 0cda59e00e
4 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/ssl_load.c
View File

@ -4155,6 +4155,7 @@ static int wolfSSL_CTX_use_certificate_ex(WOLFSSL_CTX* ctx,
byte *certData = NULL; byte *certData = NULL;
word32 certDataLen = 0; word32 certDataLen = 0;
word32 labelLen = 0; word32 labelLen = 0;
int certFormat = 0;
WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_ex"); WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_ex");
@ -4163,13 +4164,13 @@ static int wolfSSL_CTX_use_certificate_ex(WOLFSSL_CTX* ctx,
} }
ret = wc_CryptoCb_GetCert(devId, (const sword8 *)label, ret = wc_CryptoCb_GetCert(devId, (const sword8 *)label,
labelLen, id, idLen, &certData, &certDataLen, ctx->heap); labelLen, id, idLen, &certData, &certDataLen, &certFormat, ctx->heap);
if (ret != 0) { if (ret != 0) {
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;
goto exit; goto exit;
} }
ret = ProcessBuffer(ctx, certData, certDataLen, WOLFSSL_FILETYPE_ASN1, ret = ProcessBuffer(ctx, certData, certDataLen, certFormat,
CERT_TYPE, NULL, NULL, 0, GET_VERIFY_SETTING_CTX(ctx)); CERT_TYPE, NULL, NULL, 0, GET_VERIFY_SETTING_CTX(ctx));
exit: exit:

3
wolfcrypt/src/cryptocb.c
View File

@ -1803,7 +1803,7 @@ int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz)
#ifndef NO_CERTS #ifndef NO_CERTS
int wc_CryptoCb_GetCert(int devId, const sword8 *label, word32 labelLen, int wc_CryptoCb_GetCert(int devId, const sword8 *label, word32 labelLen,
const byte *id, word32 idLen, byte** out, const byte *id, word32 idLen, byte** out,
word32* outSz, void *heap) word32* outSz, int *format, void *heap)
{ {
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE); int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
CryptoCb* dev; CryptoCb* dev;
@ -1821,6 +1821,7 @@ int wc_CryptoCb_GetCert(int devId, const sword8 *label, word32 labelLen,
cryptoInfo.cert.heap = heap; cryptoInfo.cert.heap = heap;
cryptoInfo.cert.certDataOut = out; cryptoInfo.cert.certDataOut = out;
cryptoInfo.cert.certSz = outSz; cryptoInfo.cert.certSz = outSz;
cryptoInfo.cert.certFormatOut = format;
cryptoInfo.cert.heap = heap; cryptoInfo.cert.heap = heap;
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx); ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);

3
wolfcrypt/src/wc_pkcs11.c
View File

@ -4039,6 +4039,9 @@ static int Pkcs11GetCert(Pkcs11Session* session, wc_CryptoInfo* info) {
*info->cert.certDataOut = certData; *info->cert.certDataOut = certData;
*info->cert.certSz = (word32)tmpl[0].ulValueLen; *info->cert.certSz = (word32)tmpl[0].ulValueLen;
if (info->cert.certFormatOut != NULL) {
*info->cert.certFormatOut = CTC_FILETYPE_ASN1;
}
certData = NULL; certData = NULL;
exit: exit:

3
wolfssl/wolfcrypt/cryptocb.h
View File

@ -456,6 +456,7 @@ typedef struct wc_CryptoInfo {
word32 labelLen; word32 labelLen;
byte **certDataOut; byte **certDataOut;
word32 *certSz; word32 *certSz;
int *certFormatOut;
void *heap; void *heap;
} cert; } cert;
#endif #endif
@ -671,7 +672,7 @@ WOLFSSL_LOCAL int wc_CryptoCb_Cmac(Cmac* cmac, const byte* key, word32 keySz,
#ifndef NO_CERTS #ifndef NO_CERTS
WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const sword8 *label, WOLFSSL_LOCAL int wc_CryptoCb_GetCert(int devId, const sword8 *label,
word32 labelLen, const byte *id, word32 idLen, byte** out, word32 labelLen, const byte *id, word32 idLen, byte** out,
word32* outSz, void *heap); word32* outSz, int *format, void *heap);
#endif #endif
#endif /* WOLF_CRYPTO_CB */ #endif /* WOLF_CRYPTO_CB */