feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

expand compatibility layer with write bio function

Browse Source
This commit is contained in:
Jacob Barthelmeh
2016-11-28 15:17:13 -07:00
parent 778680116e
commit 1704a8d683
8 changed files with 173 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
src/ssl.c
View File

@@ -5685,6 +5685,42 @@ int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* fname, int format)
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
/* put SSL type in extra for now, not very common */ /* put SSL type in extra for now, not very common */
WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out,
const unsigned char **in, long inSz)
{
WOLFSSL_EVP_PKEY* local;
WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey");
if (in == NULL || inSz < 0) {
WOLFSSL_MSG("Bad argument");
return NULL;
}
local = wolfSSL_PKEY_new();
if (local == NULL) {
return NULL;
}
local->type = type;
local->pkey_sz = inSz;
local->pkey.ptr = (char*)XMALLOC(inSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
if (local->pkey.ptr == NULL) {
wolfSSL_EVP_PKEY_free(local);
local = NULL;
}
else {
XMEMCPY(local->pkey.ptr, *in, inSz);
}
if (out != NULL) {
*out = local;
}
return local;
}
long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt) long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt)
{ {
WOLFSSL_STUB("wolfSSL_ctrl"); WOLFSSL_STUB("wolfSSL_ctrl");
@@ -13803,6 +13839,20 @@ void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT* obj)
} }
WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new()
{
WOLFSSL_EVP_PKEY* pkey;
pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), NULL,
DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey != NULL) {
XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY));
}
return pkey;
}
void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
{ {
if (key != NULL) { if (key != NULL) {
@@ -17417,26 +17467,72 @@ int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
} }
#endif /* NO_FILESYSTEM */ #endif /* NO_FILESYSTEM */
/*** TBD ***/ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
WOLFSSL_API const WOLFSSL_EVP_CIPHER* cipher,
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb cb, void* arg) pem_password_cb cb, void* arg)
{ {
(void)bio; byte* keyDer;
(void)rsa; int pemSz;
int type;
int ret;
(void)cipher; (void)cipher;
(void)passwd; (void)passwd;
(void)len; (void)len;
(void)cb; (void)cb;
(void)arg; (void)arg;
WOLFSSL_MSG("wolfSSL_PEM_write_bio_PrivateKey not implemented"); WOLFSSL_ENTER("wolfSSL_PEM_write_bio_PrivateKey");
return SSL_FAILURE; if (bio == NULL || key == NULL) {
return SSL_FAILURE;
}
keyDer = (byte*)key->pkey.ptr;
switch (key->type) {
case EVP_PKEY_RSA:
type = PRIVATEKEY_TYPE;
break;
#ifndef NO_DSA
case EVP_PKEY_DSA:
type = DSA_PRIVATEKEY_TYPE;
break;
#endif
case EVP_PKEY_EC:
type = ECC_PRIVATEKEY_TYPE;
break;
default:
WOLFSSL_MSG("Unknown Key type!");
type = PRIVATEKEY_TYPE;
}
pemSz = wc_DerToPem(keyDer, key->pkey_sz, NULL, 0, type);
if (pemSz < 0) {
WOLFSSL_LEAVE("wolfSSL_PEM_write_bio_PrivateKey", pemSz);
return SSL_FAILURE;
}
if (bio->mem != NULL) {
XFREE(bio->mem, NULL, DYNAMIC_TYPE_OPENSSL);
}
bio->mem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_OPENSSL);
bio->memLen = pemSz;
ret = wc_DerToPemEx(keyDer, key->pkey_sz, bio->mem, bio->memLen,
NULL, type);
if (ret < 0) {
WOLFSSL_LEAVE("wolfSSL_PEM_write_bio_PrivateKey", ret);
return SSL_FAILURE;
}
return SSL_SUCCESS;
} }
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa, int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
const EVP_CIPHER* cipher, const EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,

45
tests/api.c
View File

@@ -48,6 +48,7 @@
#include <wolfssl/openssl/pkcs12.h> #include <wolfssl/openssl/pkcs12.h>
#include <wolfssl/openssl/evp.h> #include <wolfssl/openssl/evp.h>
#include <wolfssl/openssl/dh.h> #include <wolfssl/openssl/dh.h>
#include <wolfssl/openssl/pem.h>
#ifndef NO_DES3 #ifndef NO_DES3
#include <wolfssl/openssl/des.h> #include <wolfssl/openssl/des.h>
#endif #endif
@@ -2435,6 +2436,9 @@ static void test_wolfSSL_private_keys(void)
AssertIntEQ(wolfSSL_check_private_key(ssl), SSL_SUCCESS); AssertIntEQ(wolfSSL_check_private_key(ssl), SSL_SUCCESS);
#ifdef USE_CERT_BUFFERS_2048 #ifdef USE_CERT_BUFFERS_2048
{
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
AssertIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl, AssertIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl,
(unsigned char*)client_key_der_2048, (unsigned char*)client_key_der_2048,
sizeof_client_key_der_2048), SSL_SUCCESS); sizeof_client_key_der_2048), SSL_SUCCESS);
@@ -2444,15 +2448,23 @@ static void test_wolfSSL_private_keys(void)
#endif #endif
AssertIntEQ(SSL_use_PrivateKey_ASN1(0, ssl, AssertIntEQ(SSL_use_PrivateKey_ASN1(0, ssl,
(unsigned char*)server_key_der_2048, (unsigned char*)server_key,
sizeof_server_key_der_2048), SSL_SUCCESS); sizeof_server_key_der_2048), SSL_SUCCESS);
/* After loading back in DER format of original key, should match */ /* After loading back in DER format of original key, should match */
AssertIntEQ(wolfSSL_check_private_key(ssl), SSL_SUCCESS); AssertIntEQ(wolfSSL_check_private_key(ssl), SSL_SUCCESS);
#endif
/* pkey not set yet, expecting to fail */ /* pkey not set yet, expecting to fail */
AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), SSL_FAILURE); AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), SSL_FAILURE);
/* set PKEY and test again */
AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
&server_key, (long)sizeof_server_key_der_2048));
AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), SSL_SUCCESS);
}
#endif
EVP_PKEY_free(pkey);
SSL_free(ssl); /* frees x509 also since loaded into ssl */ SSL_free(ssl); /* frees x509 also since loaded into ssl */
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
@@ -2466,6 +2478,34 @@ static void test_wolfSSL_private_keys(void)
} }
static void test_wolfSSL_PEM_PrivateKey(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
(defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)) && \
defined(USE_CERT_BUFFERS_2048)
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
EVP_PKEY* pkey = NULL;
BIO* bio;
printf(testingFmt, "wolfSSL_PEM_PrivateKey()");
bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
AssertNotNull(bio);
AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
&server_key, (long)sizeof_server_key_der_2048));
AssertIntEQ(PEM_write_bio_PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL),
SSL_SUCCESS);
BIO_free(bio);
EVP_PKEY_free(pkey);
printf(resultFmt, passed);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
}
static void test_wolfSSL_tmp_dh(void) static void test_wolfSSL_tmp_dh(void)
{ {
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -2576,6 +2616,7 @@ void ApiTest(void)
test_wolfSSL_DES(); test_wolfSSL_DES();
test_wolfSSL_certs(); test_wolfSSL_certs();
test_wolfSSL_private_keys(); test_wolfSSL_private_keys();
test_wolfSSL_PEM_PrivateKey();
test_wolfSSL_tmp_dh(); test_wolfSSL_tmp_dh();
test_wolfSSL_ctrl(); test_wolfSSL_ctrl();

14
wolfcrypt/src/asn.c
View File

@@ -5908,6 +5908,20 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz,
headerLen = (int)XSTRLEN(header); headerLen = (int)XSTRLEN(header);
footerLen = (int)XSTRLEN(footer); footerLen = (int)XSTRLEN(footer);
/* if null output and 0 size passed in then return size needed */
if (!output && outSz == 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
outLen = 0;
if ((err = Base64_Encode(der, derSz, NULL, (word32*)&outLen))
!= LENGTH_ONLY_E) {
return err;
}
return headerLen + footerLen + outLen;
}
if (!der || !output) { if (!der || !output) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);

2
wolfcrypt/src/evp.c
View File

@@ -150,6 +150,8 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
return 0; return 0;
} }
(void)in; (void)in;
(void)inl;
(void)out;
return 1; return 1;
} }

2
wolfcrypt/test/test.c
View File

@@ -6980,6 +6980,7 @@ int openssl_test(void)
#define OPENSSL_TEST_ERROR (-10000) #define OPENSSL_TEST_ERROR (-10000)
#ifndef NO_AES
#ifdef WOLFSSL_AES_DIRECT #ifdef WOLFSSL_AES_DIRECT
/* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */ /* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */
{ {
@@ -7320,6 +7321,7 @@ int openssl_test(void)
return -3428; return -3428;
} }
#endif /* ifndef NO_AES */
return 0; return 0;
} }

2
wolfssl/openssl/evp.h
View File

@@ -145,7 +145,7 @@ enum {
NULL_CIPHER_TYPE = 15, NULL_CIPHER_TYPE = 15,
EVP_PKEY_RSA = 16, EVP_PKEY_RSA = 16,
EVP_PKEY_DSA = 17, EVP_PKEY_DSA = 17,
EVP_PKEY_EC = 18, EVP_PKEY_EC = 18,
IDEA_CBC_TYPE = 19, IDEA_CBC_TYPE = 19,
NID_sha1 = 64, NID_sha1 = 64,
NID_md2 = 3, NID_md2 = 3,

5
wolfssl/openssl/pem.h
View File

@@ -13,6 +13,7 @@
extern "C" { extern "C" {
#endif #endif
#define PEM_write_bio_PrivateKey wolfSSL_PEM_write_bio_PrivateKey
/* RSA */ /* RSA */
WOLFSSL_API WOLFSSL_API
@@ -90,8 +91,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
pem_password_cb cb, pem_password_cb cb,
void* arg); void* arg);
WOLFSSL_API WOLFSSL_API
int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, RSA* rsa, int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
const EVP_CIPHER* cipher, const WOLFSSL_EVP_CIPHER* cipher,
unsigned char* passwd, int len, unsigned char* passwd, int len,
pem_password_cb cb, void* arg); pem_password_cb cb, void* arg);

5
wolfssl/ssl.h
View File

@@ -124,7 +124,7 @@ typedef struct WOLFSSL_EVP_PKEY {
int save_type; /* openssh dereference */ int save_type; /* openssh dereference */
int pkey_sz; int pkey_sz;
union { union {
char* ptr; char* ptr; /* der format of key / or raw for NTRU */
} pkey; } pkey;
#ifdef HAVE_ECC #ifdef HAVE_ECC
int pkey_curve; int pkey_curve;
@@ -631,6 +631,9 @@ WOLFSSL_API int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKE
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*, WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*,
int); int);
WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*); WOLFSSL_API void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type,
WOLFSSL_EVP_PKEY** out, const unsigned char **in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*); WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*); WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*); WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);