feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

cleaning warnings in OCSP build

Browse Source
This commit is contained in:
John Safranek
2012-11-01 15:03:29 -07:00
parent 85e8f1988a
commit 134c6b8b1b
6 changed files with 56 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
ctaocrypt/src/asn.c
View File

@@ -1230,7 +1230,7 @@ static int GetKey(DecodedCert* cert)
if (b != ASN_BIT_STRING) if (b != ASN_BIT_STRING)
return ASN_BITSTR_E; return ASN_BITSTR_E;
if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
b = cert->source[cert->srcIdx++]; b = cert->source[cert->srcIdx++];
if (b != 0x00) if (b != 0x00)
@@ -2127,9 +2127,9 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
else { else {
/* make sure we're right justified */ /* make sure we're right justified */
encodedSigSz = encodedSigSz =
EncodeSignature(encodedSig, digest, digestSz, typeH); EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encodedSigSz != verifySz || if (encodedSigSz != verifySz ||
XMEMCMP(out, encodedSig, encodedSigSz) != 0) { XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
CYASSL_MSG("Rsa SSL verify match encode error"); CYASSL_MSG("Rsa SSL verify match encode error");
ret = 0; ret = 0;
} }
@@ -2173,7 +2173,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
return 0; return 0;
} }
ret = ecc_verify_hash(sig, sigSz, digest, digestSz, &verify, &pubKey); ret = ecc_verify_hash(sig,sigSz,digest,digestSz,&verify,&pubKey);
ecc_free(&pubKey); ecc_free(&pubKey);
if (ret == 0 && verify == 1) if (ret == 0 && verify == 1)
return 1; /* match */ return 1; /* match */
@@ -4135,90 +4135,90 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value)
static int DecodeSingleResponse(byte* source, static int DecodeSingleResponse(byte* source,
word32* ioIndex, OcspResponse* resp, word32 size) word32* ioIndex, OcspResponse* resp, word32 size)
{ {
word32 index = *ioIndex, prevIndex, oid; word32 idx = *ioIndex, prevIndex, oid;
int length, wrapperSz; int length, wrapperSz;
CertStatus* cs = resp->status; CertStatus* cs = resp->status;
CYASSL_ENTER("DecodeSingleResponse"); CYASSL_ENTER("DecodeSingleResponse");
/* Outer wrapper of the SEQUENCE OF Single Responses. */ /* Outer wrapper of the SEQUENCE OF Single Responses. */
if (GetSequence(source, &index, &wrapperSz, size) < 0) if (GetSequence(source, &idx, &wrapperSz, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
prevIndex = index; prevIndex = idx;
/* When making a request, we only request one status on one certificate /* When making a request, we only request one status on one certificate
* at a time. There should only be one SingleResponse */ * at a time. There should only be one SingleResponse */
/* Wrapper around the Single Response */ /* Wrapper around the Single Response */
if (GetSequence(source, &index, &length, size) < 0) if (GetSequence(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
/* Wrapper around the CertID */ /* Wrapper around the CertID */
if (GetSequence(source, &index, &length, size) < 0) if (GetSequence(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
/* Skip the hash algorithm */ /* Skip the hash algorithm */
if (GetAlgoId(source, &index, &oid, size) < 0) if (GetAlgoId(source, &idx, &oid, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
/* Save reference to the hash of CN */ /* Save reference to the hash of CN */
if (source[index++] != ASN_OCTET_STRING) if (source[idx++] != ASN_OCTET_STRING)
return ASN_PARSE_E; return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0) if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
resp->issuerHash = source + index; resp->issuerHash = source + idx;
index += length; idx += length;
/* Save reference to the hash of the issuer public key */ /* Save reference to the hash of the issuer public key */
if (source[index++] != ASN_OCTET_STRING) if (source[idx++] != ASN_OCTET_STRING)
return ASN_PARSE_E; return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0) if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
resp->issuerKeyHash = source + index; resp->issuerKeyHash = source + idx;
index += length; idx += length;
/* Read the serial number, it is handled as a string, not as a /* Read the serial number, it is handled as a string, not as a
* proper number. Just XMEMCPY the data over, rather than load it * proper number. Just XMEMCPY the data over, rather than load it
* as an mp_int. */ * as an mp_int. */
if (source[index++] != ASN_INTEGER) if (source[idx++] != ASN_INTEGER)
return ASN_PARSE_E; return ASN_PARSE_E;
if (GetLength(source, &index, &length, size) < 0) if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
if (length <= EXTERNAL_SERIAL_SIZE) if (length <= EXTERNAL_SERIAL_SIZE)
{ {
if (source[index] == 0) if (source[idx] == 0)
{ {
index++; idx++;
length--; length--;
} }
XMEMCPY(cs->serial, source + index, length); XMEMCPY(cs->serial, source + idx, length);
cs->serialSz = length; cs->serialSz = length;
} }
else else
{ {
return ASN_GETINT_E; return ASN_GETINT_E;
} }
index += length; idx += length;
/* CertStatus */ /* CertStatus */
switch (source[index++]) switch (source[idx++])
{ {
case (ASN_CONTEXT_SPECIFIC | CERT_GOOD): case (ASN_CONTEXT_SPECIFIC | CERT_GOOD):
cs->status = CERT_GOOD; cs->status = CERT_GOOD;
index++; idx++;
break; break;
case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED): case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED):
cs->status = CERT_REVOKED; cs->status = CERT_REVOKED;
GetLength(source, &index, &length, size); GetLength(source, &idx, &length, size);
index += length; idx += length;
break; break;
case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN): case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN):
cs->status = CERT_UNKNOWN; cs->status = CERT_UNKNOWN;
index++; idx++;
break; break;
default: default:
return ASN_PARSE_E; return ASN_PARSE_E;
} }
if (GetBasicDate(source, &index, cs->thisDate, if (GetBasicDate(source, &idx, cs->thisDate,
&cs->thisDateFormat, size) < 0) &cs->thisDateFormat, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
if (!ValidateDate(cs->thisDate, cs->thisDateFormat, BEFORE)) if (!ValidateDate(cs->thisDate, cs->thisDateFormat, BEFORE))
@@ -4227,26 +4227,26 @@ static int DecodeSingleResponse(byte* source,
/* The following items are optional. Only check for them if there is more /* The following items are optional. Only check for them if there is more
* unprocessed data in the singleResponse wrapper. */ * unprocessed data in the singleResponse wrapper. */
if ((index - prevIndex < wrapperSz) && if (((int)(idx - prevIndex) < wrapperSz) &&
(source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))) (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)))
{ {
index++; idx++;
if (GetLength(source, &index, &length, size) < 0) if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
if (GetBasicDate(source, &index, cs->nextDate, if (GetBasicDate(source, &idx, cs->nextDate,
&cs->nextDateFormat, size) < 0) &cs->nextDateFormat, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
} }
if ((index - prevIndex < wrapperSz) && if (((int)(idx - prevIndex) < wrapperSz) &&
(source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))) (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
{ {
index++; idx++;
if (GetLength(source, &index, &length, size) < 0) if (GetLength(source, &idx, &length, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
index += length; idx += length;
} }
*ioIndex = index; *ioIndex = idx;
return 0; return 0;
} }
@@ -4572,7 +4572,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output,
seqArray[1][0] = ASN_OBJECT_ID; seqArray[1][0] = ASN_OBJECT_ID;
seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]); seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]);
totalSz = seqSz[0] + seqSz[1] + nonceSz + sizeof(NonceObjId); totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId);
seqSz[2] = SetSequence(totalSz, seqArray[2]); seqSz[2] = SetSequence(totalSz, seqArray[2]);
totalSz += seqSz[2]; totalSz += seqSz[2];
@@ -4596,7 +4596,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output,
XMEMCPY(output + totalSz, seqArray[1], seqSz[1]); XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
totalSz += seqSz[1]; totalSz += seqSz[1];
XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId)); XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
totalSz += sizeof(NonceObjId); totalSz += (word32)sizeof(NonceObjId);
XMEMCPY(output + totalSz, seqArray[0], seqSz[0]); XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
totalSz += seqSz[0]; totalSz += seqSz[0];
XMEMCPY(output + totalSz, nonce, nonceSz); XMEMCPY(output + totalSz, nonce, nonceSz);
@@ -4617,7 +4617,6 @@ int EncodeOcspRequest(OcspRequest* req)
byte snArray[MAX_SN_SZ]; byte snArray[MAX_SN_SZ];
byte extArray[MAX_OCSP_EXT_SZ]; byte extArray[MAX_OCSP_EXT_SZ];
byte* output = req->dest; byte* output = req->dest;
word32 outputSz = req->destSz;
RNG rng; RNG rng;
word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz; word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz;
int i; int i;

4
cyassl/ctaocrypt/asn.h
View File

@@ -19,7 +19,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/ */
//#ifndef NO_ASN #ifndef NO_ASN
#ifndef CTAO_CRYPT_ASN_H #ifndef CTAO_CRYPT_ASN_H
#define CTAO_CRYPT_ASN_H #define CTAO_CRYPT_ASN_H
@@ -485,4 +485,4 @@ CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
#endif /* CTAO_CRYPT_ASN_H */ #endif /* CTAO_CRYPT_ASN_H */
//#endif /* NO_ASN */ #endif /* !NO_ASN */

2
cyassl/ctaocrypt/rsa.h
View File

@@ -80,4 +80,4 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
#endif /* CTAO_CRYPT_RSA_H */ #endif /* CTAO_CRYPT_RSA_H */
#endif /* NO_RSA */ #endif /* NO_RSA */

3
cyassl/internal.h
View File

@@ -180,7 +180,8 @@ void c32to24(word32 in, word24 out);
#define BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA #define BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA
#endif #endif
#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) #if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
!defined(NO_RSA) && defined(OPENSSL_EXTRA)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#if !defined (NO_SHA256) #if !defined (NO_SHA256)

4
cyassl/ssl.h
View File

@@ -654,8 +654,8 @@ CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*,
void (*f)(CYASSL_CTX*, CYASSL_SESSION*)); void (*f)(CYASSL_CTX*, CYASSL_SESSION*));
CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**); CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**);
CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,const unsigned char**, CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,
long); const unsigned char**, long);
CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*); CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*);
CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*); CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*);

12
src/ocsp.c
View File

@@ -167,7 +167,7 @@ static int decode_url(const char* url, int urlSz,
int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url) int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url)
{ {
if (ocsp != NULL) { if (ocsp != NULL) {
int urlSz = strlen(url); int urlSz = (int)XSTRLEN(url);
decode_url(url, urlSz, decode_url(url, urlSz,
ocsp->overrideName, ocsp->overridePath, &ocsp->overridePort); ocsp->overrideName, ocsp->overridePath, &ocsp->overridePort);
return 1; return 1;
@@ -278,8 +278,8 @@ static int decode_http_response(byte* httpBuf, int httpBufSz, byte** dst)
idx += 2; /* skip the crlf */ idx += 2; /* skip the crlf */
} else { } else {
/* Advance idx past the next \r\n */ /* Advance idx past the next \r\n */
char* end = strstr(&buf[idx], "\r\n"); char* end = XSTRSTR(&buf[idx], "\r\n");
idx = end - buf + 2; idx = (int)(end - buf + 2);
stop = 1; stop = 1;
} }
} }
@@ -411,11 +411,11 @@ static int http_ocsp_transaction(CYASSL_OCSP* ocsp, DecodedCert* cert,
tcp_connect(&sfd, domainName, port); tcp_connect(&sfd, domainName, port);
if (sfd > 0) { if (sfd > 0) {
int written; int written;
written = write(sfd, httpBuf, httpBufSz); written = (int)write(sfd, httpBuf, httpBufSz);
if (written == httpBufSz) { if (written == httpBufSz) {
written = write(sfd, ocspReqBuf, ocspReqSz); written = (int)write(sfd, ocspReqBuf, ocspReqSz);
if (written == ocspReqSz) { if (written == ocspReqSz) {
httpBufSz = read(sfd, httpBuf, SCRATCH_BUFFER_SIZE); httpBufSz = (int)read(sfd, httpBuf, SCRATCH_BUFFER_SIZE);
if (httpBufSz > 0) { if (httpBufSz > 0) {
ocspRespSz = decode_http_response(httpBuf, httpBufSz, ocspRespSz = decode_http_response(httpBuf, httpBufSz,
ocspRespBuf); ocspRespBuf);