feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

cleaning warnings in OCSP build

Browse Source
This commit is contained in:
John Safranek
2012-11-01 15:03:29 -07:00
parent 85e8f1988a
commit 134c6b8b1b
6 changed files with 56 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
ctaocrypt/src/asn.c
View File

@ -1230,7 +1230,7 @@ static int GetKey(DecodedCert* cert)
if (b != ASN_BIT_STRING)
return ASN_BITSTR_E;
if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
return ASN_PARSE_E;
b = cert->source[cert->srcIdx++];
if (b != 0x00)
@ -2127,9 +2127,9 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
else {
/* make sure we're right justified */
encodedSigSz =
EncodeSignature(encodedSig, digest, digestSz, typeH);
EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encodedSigSz != verifySz ||
XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
CYASSL_MSG("Rsa SSL verify match encode error");
ret = 0;
}
@ -2173,7 +2173,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
return 0;
}
ret = ecc_verify_hash(sig, sigSz, digest, digestSz, &verify, &pubKey);
ret = ecc_verify_hash(sig,sigSz,digest,digestSz,&verify,&pubKey);
ecc_free(&pubKey);
if (ret == 0 && verify == 1)
return 1; /* match */
@ -4135,90 +4135,90 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value)
static int DecodeSingleResponse(byte* source,
word32* ioIndex, OcspResponse* resp, word32 size)
{
word32 index = *ioIndex, prevIndex, oid;
word32 idx = *ioIndex, prevIndex, oid;
int length, wrapperSz;
CertStatus* cs = resp->status;
CYASSL_ENTER("DecodeSingleResponse");
/* Outer wrapper of the SEQUENCE OF Single Responses. */
if (GetSequence(source, &index, &wrapperSz, size) < 0)
if (GetSequence(source, &idx, &wrapperSz, size) < 0)
return ASN_PARSE_E;
prevIndex = index;
prevIndex = idx;
/* When making a request, we only request one status on one certificate
* at a time. There should only be one SingleResponse */
/* Wrapper around the Single Response */
if (GetSequence(source, &index, &length, size) < 0)
if (GetSequence(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
/* Wrapper around the CertID */
if (GetSequence(source, &index, &length, size) < 0)
if (GetSequence(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
/* Skip the hash algorithm */
if (GetAlgoId(source, &index, &oid, size) < 0)
if (GetAlgoId(source, &idx, &oid, size) < 0)
return ASN_PARSE_E;
/* Save reference to the hash of CN */
if (source[index++] != ASN_OCTET_STRING)
if (source[idx++] != ASN_OCTET_STRING)
return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0)
if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
resp->issuerHash = source + index;
index += length;
resp->issuerHash = source + idx;
idx += length;
/* Save reference to the hash of the issuer public key */
if (source[index++] != ASN_OCTET_STRING)
if (source[idx++] != ASN_OCTET_STRING)
return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0)
if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
resp->issuerKeyHash = source + index;
index += length;
resp->issuerKeyHash = source + idx;
idx += length;
/* Read the serial number, it is handled as a string, not as a
* proper number. Just XMEMCPY the data over, rather than load it
* as an mp_int. */
if (source[index++] != ASN_INTEGER)
if (source[idx++] != ASN_INTEGER)
return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0)
if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
if (length <= EXTERNAL_SERIAL_SIZE)
{
if (source[index] == 0)
if (source[idx] == 0)
{
index++;
idx++;
length--;
}
XMEMCPY(cs->serial, source + index, length);
XMEMCPY(cs->serial, source + idx, length);
cs->serialSz = length;
}
else
{
return ASN_GETINT_E;
}
index += length;
idx += length;
/* CertStatus */
switch (source[index++])
switch (source[idx++])
{
case (ASN_CONTEXT_SPECIFIC | CERT_GOOD):
cs->status = CERT_GOOD;
index++;
idx++;
break;
case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED):
cs->status = CERT_REVOKED;
GetLength(source, &index, &length, size);
index += length;
GetLength(source, &idx, &length, size);
idx += length;
break;
case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN):
cs->status = CERT_UNKNOWN;
index++;
idx++;
break;
default:
return ASN_PARSE_E;
}
if (GetBasicDate(source, &index, cs->thisDate,
if (GetBasicDate(source, &idx, cs->thisDate,
&cs->thisDateFormat, size) < 0)
return ASN_PARSE_E;
if (!ValidateDate(cs->thisDate, cs->thisDateFormat, BEFORE))
@ -4227,26 +4227,26 @@ static int DecodeSingleResponse(byte* source,
/* The following items are optional. Only check for them if there is more
* unprocessed data in the singleResponse wrapper. */
if ((index - prevIndex < wrapperSz) &&
(source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)))
if (((int)(idx - prevIndex) < wrapperSz) &&
(source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)))
{
index++;
if (GetLength(source, &index, &length, size) < 0)
idx++;
if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
if (GetBasicDate(source, &index, cs->nextDate,
if (GetBasicDate(source, &idx, cs->nextDate,
&cs->nextDateFormat, size) < 0)
return ASN_PARSE_E;
}
if ((index - prevIndex < wrapperSz) &&
(source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
if (((int)(idx - prevIndex) < wrapperSz) &&
(source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
{
index++;
if (GetLength(source, &index, &length, size) < 0)
idx++;
if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E;
index += length;
idx += length;
}
*ioIndex = index;
*ioIndex = idx;
return 0;
}
@ -4572,7 +4572,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output,
seqArray[1][0] = ASN_OBJECT_ID;
seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]);
totalSz = seqSz[0] + seqSz[1] + nonceSz + sizeof(NonceObjId);
totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId);
seqSz[2] = SetSequence(totalSz, seqArray[2]);
totalSz += seqSz[2];
@ -4596,7 +4596,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output,
XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
totalSz += seqSz[1];
XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
totalSz += sizeof(NonceObjId);
totalSz += (word32)sizeof(NonceObjId);
XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
totalSz += seqSz[0];
XMEMCPY(output + totalSz, nonce, nonceSz);
@ -4617,7 +4617,6 @@ int EncodeOcspRequest(OcspRequest* req)
byte snArray[MAX_SN_SZ];
byte extArray[MAX_OCSP_EXT_SZ];
byte* output = req->dest;
word32 outputSz = req->destSz;
RNG rng;
word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz;
int i;

4
cyassl/ctaocrypt/asn.h
View File

@ -19,7 +19,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
//#ifndef NO_ASN
#ifndef NO_ASN
#ifndef CTAO_CRYPT_ASN_H
#define CTAO_CRYPT_ASN_H
@ -485,4 +485,4 @@ CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
#endif /* CTAO_CRYPT_ASN_H */
//#endif /* NO_ASN */
#endif /* !NO_ASN */

2
cyassl/ctaocrypt/rsa.h
View File

@ -80,4 +80,4 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
#endif /* CTAO_CRYPT_RSA_H */
#endif /* NO_RSA */
#endif /* NO_RSA */

3
cyassl/internal.h
View File

@ -180,7 +180,8 @@ void c32to24(word32 in, word24 out);
#define BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA
#endif
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA)
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA) && defined(OPENSSL_EXTRA)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#if !defined (NO_SHA256)

4
cyassl/ssl.h
View File

@ -654,8 +654,8 @@ CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*,
void (*f)(CYASSL_CTX*, CYASSL_SESSION*));
CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**);
CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,const unsigned char**,
long);
CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,
const unsigned char**, long);
CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*);
CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*);

12
src/ocsp.c
View File

@ -167,7 +167,7 @@ static int decode_url(const char* url, int urlSz,
int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url)
{
if (ocsp != NULL) {
int urlSz = strlen(url);
int urlSz = (int)XSTRLEN(url);
decode_url(url, urlSz,
ocsp->overrideName, ocsp->overridePath, &ocsp->overridePort);
return 1;
@ -278,8 +278,8 @@ static int decode_http_response(byte* httpBuf, int httpBufSz, byte** dst)
idx += 2; /* skip the crlf */
} else {
/* Advance idx past the next \r\n */
char* end = strstr(&buf[idx], "\r\n");
idx = end - buf + 2;
char* end = XSTRSTR(&buf[idx], "\r\n");
idx = (int)(end - buf + 2);
stop = 1;
}
}
@ -411,11 +411,11 @@ static int http_ocsp_transaction(CYASSL_OCSP* ocsp, DecodedCert* cert,
tcp_connect(&sfd, domainName, port);
if (sfd > 0) {
int written;
written = write(sfd, httpBuf, httpBufSz);
written = (int)write(sfd, httpBuf, httpBufSz);
if (written == httpBufSz) {
written = write(sfd, ocspReqBuf, ocspReqSz);
written = (int)write(sfd, ocspReqBuf, ocspReqSz);
if (written == ocspReqSz) {
httpBufSz = read(sfd, httpBuf, SCRATCH_BUFFER_SIZE);
httpBufSz = (int)read(sfd, httpBuf, SCRATCH_BUFFER_SIZE);
if (httpBufSz > 0) {
ocspRespSz = decode_http_response(httpBuf, httpBufSz,
ocspRespBuf);