From 0fb446ad3662a86722339181730faf5b5e5d4664 Mon Sep 17 00:00:00 2001 From: Go Hosohara Date: Tue, 22 May 2018 18:53:00 +0900 Subject: [PATCH] i2c_ASN1_INTEGER --- src/ssl.c | 121 ++++++++++++++++++++++++++++++++---------- tests/api.c | 96 ++++++++++++++++++++++++++++++++- wolfssl/openssl/ssl.h | 2 +- wolfssl/ssl.h | 7 +-- 4 files changed, 192 insertions(+), 34 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 85d6b21f3..2f31e5345 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -32637,8 +32637,11 @@ int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p, #ifndef NO_WOLFSSL_STUB int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509) { - WOLFSSL_STUB("X509_check_ca"); - (void)x509; + WOLFSSL_ENTER("X509_check_ca"); + + if (x509->isCa) + return 1; + return 0; } @@ -32688,11 +32691,10 @@ static int check_esc_char(char c, char *esc) int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags) { - WOLFSSL_ENTER("ASN1_STRING_PRINT_ex"); + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_PRINT_ex"); size_t str_len = 0, type_len = 0; unsigned char *typebuf = NULL; const char *hash="#"; - //unsigned char * strbuf = NULL; if (out == NULL || str == NULL) return WOLFSSL_FAILURE; @@ -32702,7 +32704,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, const char *tag = wolfSSL_ASN1_tag2str(str->type); /* colon len + tag len + null*/ type_len = XSTRLEN(tag) + 2; - typebuf = (unsigned char *)XMALLOC(str_len , NULL, DYNAMIC_TYPE_TMP_BUFFER); + typebuf = (unsigned char *)XMALLOC(type_len , NULL, DYNAMIC_TYPE_TMP_BUFFER); if (typebuf == NULL){ WOLFSSL_MSG("memory alloc failed."); return WOLFSSL_FAILURE; @@ -32721,7 +32723,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, char *str_ptr, *str_end; if (type_len > 0){ - if (wolfSSL_BIO_write(out, typebuf, type_len) != (int)type_len){ + if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){ XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } @@ -32760,12 +32762,11 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, str_ptr++; str_len += 2; } - fprintf(stderr, "str_len = %d\n", (int)str_len); - return str_len; + return (int)str_len; } if (type_len > 0){ - if (wolfSSL_BIO_write(out, typebuf, type_len) != (int)type_len){ + if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){ XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } @@ -32779,7 +32780,6 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, esc_ptr = str->data; while (*esc_ptr != 0){ if (check_esc_char(*esc_ptr, esc_ch)){ - fprintf(stderr, "esc_char = %c\n",*esc_ptr); if (wolfSSL_BIO_write(out,"\\", 1) != 1) goto err_exit; str_len++; @@ -32791,7 +32791,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, } if (type_len > 0) XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return str_len; + return (int)str_len; } if (wolfSSL_BIO_write(out, str->data, str->length) != str->length){ @@ -32802,7 +32802,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, str_len += str->length; XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return str_len; + return (int)str_len; err_exit: if (type_len > 0) @@ -32814,7 +32814,7 @@ err_exit: WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, WOLFSSL_ASN1_TIME **out) { - WOLFSSL_ENTER("ASN1_TIME_to_generalizedtime"); + WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_generalizedtime"); unsigned char time_type; WOLFSSL_ASN1_TIME *ret = NULL; unsigned char *data_ptr = NULL; @@ -32859,24 +32859,89 @@ WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, #endif /* !NO_ASN_TIME */ -#ifndef NO_WOLFSSL_STUB #ifndef NO_ASN -int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER **a, unsigned char **pp) +int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp) { - WOLFSSL_STUB("i2c_ASN1_INTEGER"); - (void)a; - (void)pp; - return 0; + WOLFSSL_ENTER("wolfSSL_i2c_ASN1_INTEGER"); + + unsigned char *pptr = NULL; + char pad = 0 ; + unsigned char pad_val = 0; + int ret_size = 0; + unsigned char data1 = 0; + unsigned char neg = 0; + int i = 0; + + if (a == NULL) + return WOLFSSL_FAILURE; + + ret_size = a->intData[1]; + if (ret_size == 0) + ret_size = 1; + else{ + ret_size = (int)a->intData[1]; + neg = a->negative; + data1 = a->intData[2]; + if (ret_size == 1 && data1 == 0) + neg = 0; + /* 0x80 or greater positive number in first byte */ + if (!neg && (data1 > 127)){ + pad = 1; + pad_val = 0; + } else if (neg){ + /* negative number */ + if (data1 > 128){ + pad = 1; + pad_val = 0xff; + } else if (data1 == 128){ + for (i = 3; i < a->intData[1] + 2; i++){ + if (a->intData[i]){ + pad = 1; + pad_val = 0xff; + break; + } + } + } + } + ret_size += (int)pad; + } + if (pp == NULL) + return ret_size; + + pptr = *pp; + if (pad) + *(pptr++) = pad_val; + if (a->intData[1] == 0) + *(pptr++) = 0; + else if (!neg){ + /* positive number */ + for (i=0; i < a->intData[1]; i++){ + *pptr = a->intData[i+2]; + pptr++; + } + } else { + /* negative number */ + int str_len = 0; + + /* 0 padding from end of buffer */ + str_len = (int)a->intData[1]; + pptr += a->intData[1] - 1; + while (!a->intData[str_len + 2] && str_len > 1){ + *(pptr--) = 0; + str_len--; + } + /* 2's complement next octet */ + *(pptr--) = ((a->intData[str_len + 1]) ^ 0xff) + 1; + str_len--; + /* Complement any octets left */ + while (str_len > 0){ + *(pptr--) = a->intData[str_len + 1] ^ 0xff; + str_len--; + } + } + *pp += ret_size; + return ret_size; } #endif /* !NO_ASN */ -#endif /* !NO_WOLFSSL_STUB */ - - -int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x) -{ - (void)ctx; - (void)x; - return 0; -} #endif /* OPENSSLEXTRA */ \ No newline at end of file diff --git a/tests/api.c b/tests/api.c index e27817b0a..7be19f42e 100644 --- a/tests/api.c +++ b/tests/api.c @@ -17139,8 +17139,8 @@ static void test_wolfSSL_ASN1_TIME_adj(void) /* GeneralizedTime notation test */ /* 2055/03/01 09:00:00 */ t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day; - offset_day = 12; - offset_sec = 10 * mini; + offset_day = 12; + offset_sec = 10 * mini; asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec); AssertTrue(asn_time->data[0] == asn_gen_time); XSTRNCPY(date_str,(const char*) &asn_time->data+2, 15); @@ -18514,6 +18514,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ BIO_free(bio); ASN1_STRING_free(asn_str); + ASN1_STRING_free(esc_str); printf(resultFmt, passed); #endif @@ -19465,6 +19466,96 @@ static void test_wolfSSL_X509_CRL(void) return; } +static void test_wolfSSL_i2c_ASN1_INTEGER() +{ +#ifdef OPENSSL_EXTRA + ASN1_INTEGER *a; + unsigned char *pp,*tpp; + int ret; + + a = wolfSSL_ASN1_INTEGER_new(); + + /* 40 */ + a->intData[0] = ASN_INTEGER; + a->intData[1] = 1; + a->intData[2] = 40; + ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); + AssertIntEQ(ret, 1); + pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tpp = pp; + XMEMSET(pp, 0, ret + 1); + wolfSSL_i2c_ASN1_INTEGER(a, &pp); + pp--; + AssertIntEQ(*pp, 40); + XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + /* 128 */ + a->intData[0] = ASN_INTEGER; + a->intData[1] = 1; + a->intData[2] = 128; + ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); + AssertIntEQ(ret, 2); + pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tpp = pp; + XMEMSET(pp, 0, ret + 1); + wolfSSL_i2c_ASN1_INTEGER(a, &pp); + pp--; + AssertIntEQ(*(pp--), 128); + AssertIntEQ(*pp, 0); + XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + /* -40 */ + a->intData[0] = ASN_INTEGER; + a->intData[1] = 1; + a->intData[2] = 40; + a->negative = 1; + ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); + AssertIntEQ(ret, 1); + pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tpp = pp; + XMEMSET(pp, 0, ret + 1); + wolfSSL_i2c_ASN1_INTEGER(a, &pp); + pp--; + AssertIntEQ(*pp, 216); + XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + /* -128 */ + a->intData[0] = ASN_INTEGER; + a->intData[1] = 1; + a->intData[2] = 128; + a->negative = 1; + ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); + AssertIntEQ(ret, 1); + pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tpp = pp; + XMEMSET(pp, 0, ret + 1); + wolfSSL_i2c_ASN1_INTEGER(a, &pp); + pp--; + AssertIntEQ(*pp, 128); + XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + /* -200 */ + a->intData[0] = ASN_INTEGER; + a->intData[1] = 1; + a->intData[2] = 200; + a->negative = 1; + ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); + AssertIntEQ(ret, 2); + pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + tpp = pp; + XMEMSET(pp, 0, ret + 1); + wolfSSL_i2c_ASN1_INTEGER(a, &pp); + pp--; + AssertIntEQ(*(pp--), 56); + AssertIntEQ(*pp, 255); + + XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + wolfSSL_ASN1_INTEGER_free(a); + + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA */ +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -19579,6 +19670,7 @@ void ApiTest(void) test_wolfSSL_OPENSSL_add_all_algorithms(); test_wolfSSL_ASN1_STRING_print_ex(); test_wolfSSL_ASN1_TIME_to_generalizedtime(); + test_wolfSSL_i2c_ASN1_INTEGER(); /* test the no op functions for compatibility */ test_no_op_functions(); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 0c2d9ebb1..a50e99bcb 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -895,7 +895,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; #define SSL_get0_session wolfSSL_SSL_get0_session #define X509_check_host wolfSSL_X509_check_host #define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER -#define i2c_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER +#define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER #define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data #define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 5914f75a8..963854b9f 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -189,6 +189,7 @@ struct WOLFSSL_ASN1_INTEGER { * byte type */ unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX]; /* ASN_INTEGER | LENGTH | hex of number */ + unsigned char negative; /* negative number flag */ unsigned char* data; unsigned int dataMax; /* max size of data buffer */ @@ -1528,12 +1529,12 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509(WOLFSSL_X509** x509, const unsigned char** in, int len); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len); -WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(FILE *fp, WOLFSSL_X509 **x509); WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, const unsigned char *in, int len); #ifndef NO_FILESYSTEM -WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); +WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(FILE *fp, WOLFSSL_X509 **x509); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(WOLFSSL_X509_CRL **crl, XFILE file); #endif WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl); @@ -2921,7 +2922,7 @@ WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags); WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, WOLFSSL_ASN1_TIME **out); -WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER **a, unsigned char **pp); +WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); #endif /* OPENSSL_EXTRA */