feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

evp key flags and add WOLFSSL_BUF_MEM struct to WOLFSSL_BIO

Browse Source
This commit is contained in:
Jacob Barthelmeh
2017-03-31 15:39:21 -06:00
parent 4ab9cc65f3
commit 18019f1bae
8 changed files with 96 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/bio.c
View File

@ -90,6 +90,10 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)
XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL); XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
bio->mem = tmp; bio->mem = tmp;
bio->memLen = memSz-sz; bio->memLen = memSz-sz;
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
} }
bio->wrSz -= sz; bio->wrSz -= sz;
} }
@ -310,6 +314,10 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
return SSL_FAILURE; return SSL_FAILURE;
} }
bio->memLen = len; bio->memLen = len;
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
} }
/* check if will fit in current buffer size */ /* check if will fit in current buffer size */
@ -325,6 +333,10 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
return SSL_FAILURE; return SSL_FAILURE;
} }
bio->memLen = sz + len; bio->memLen = sz + len;
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
} }
} }
@ -713,6 +725,10 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
bio->memLen = bio->wrSz; bio->memLen = bio->wrSz;
bio->wrIdx = 0; bio->wrIdx = 0;
bio->rdIdx = 0; bio->rdIdx = 0;
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
} }

92
src/ssl.c
View File

@ -11982,16 +11982,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int closeF) WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int closeF)
{ {
WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0, WOLFSSL_BIO* bio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket());
DYNAMIC_TYPE_OPENSSL);
WOLFSSL_ENTER("BIO_new_socket"); WOLFSSL_ENTER("BIO_new_socket");
if (bio) { if (bio) {
XMEMSET(bio, 0, sizeof(WOLFSSL_BIO));
bio->type = WOLFSSL_BIO_SOCKET; bio->type = WOLFSSL_BIO_SOCKET;
bio->close = (byte)closeF; bio->close = (byte)closeF;
bio->fd = sfd; bio->fd = sfd;
bio->mem = NULL;
} }
return bio; return bio;
} }
@ -12038,14 +12035,19 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{ {
WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0, WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0,
DYNAMIC_TYPE_OPENSSL); DYNAMIC_TYPE_OPENSSL);
WOLFSSL_ENTER("BIO_new"); WOLFSSL_ENTER("wolfSSL_BIO_new");
if (bio) { if (bio) {
XMEMSET(bio, 0, sizeof(WOLFSSL_BIO)); XMEMSET(bio, 0, sizeof(WOLFSSL_BIO));
bio->type = method->type; bio->type = method->type;
bio->ssl = NULL; bio->close = BIO_CLOSE; /* default to close things */
bio->mem = NULL; bio->mem_buf = (WOLFSSL_BUF_MEM*)XMALLOC(sizeof(WOLFSSL_BUF_MEM),
bio->prev = NULL; 0, DYNAMIC_TYPE_OPENSSL);
bio->next = NULL; if (bio->mem_buf == NULL) {
WOLFSSL_MSG("Memory error");
wolfSSL_BIO_free(bio);
return NULL;
}
bio->mem_buf->data = (char*)bio->mem;
} }
return bio; return bio;
} }
@ -12080,6 +12082,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL);
return NULL; return NULL;
} }
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
XMEMCPY(bio->mem, buf, len); XMEMCPY(bio->mem, buf, len);
@ -12096,6 +12102,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#define CloseSocket(s) close(s) #define CloseSocket(s) close(s)
#endif #endif
/*
* Note : If the flag BIO_NOCLOSE is set then freeing memory buffers is up
* to the application.
*/
int wolfSSL_BIO_free(WOLFSSL_BIO* bio) int wolfSSL_BIO_free(WOLFSSL_BIO* bio)
{ {
/* unchain?, doesn't matter in goahead since from free all */ /* unchain?, doesn't matter in goahead since from free all */
@ -12121,9 +12131,18 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
} }
#endif #endif
if (bio->mem) if (bio->close != BIO_NOCLOSE) {
XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL); if (bio->mem_buf->data != (char*)bio->mem && bio->mem != NULL) {
XFREE(bio, bio->heap, DYNAMIC_TYPE_OPENSSL); XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
bio->mem = NULL;
}
if (bio->mem_buf != NULL) {
wolfSSL_BUF_MEM_free(bio->mem_buf);
bio->mem_buf = NULL;
}
}
XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL);
} }
return 0; return 0;
} }
@ -17282,22 +17301,13 @@ int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (bio->mem != NULL) {
XFREE(bio->mem, NULL, DYNAMIC_TYPE_OPENSSL);
}
if (x509->derCert != NULL) { if (x509->derCert != NULL) {
word32 len = x509->derCert->length; word32 len = x509->derCert->length;
byte* der = x509->derCert->buffer; byte* der = x509->derCert->buffer;
bio->mem = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); if (wolfSSL_BIO_write(bio, der, len) == (int)len) {
if (bio->mem == NULL) { return SSL_SUCCESS;
WOLFSSL_MSG("Memory allocation error");
return WOLFSSL_FAILURE;
} }
bio->memLen = len;
XMEMCPY(bio->mem, der, len);
return WOLFSSL_SUCCESS;
} }
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
@ -17785,7 +17795,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
WOLFSSL_MSG("Bad PKCS12 key format"); WOLFSSL_MSG("Bad PKCS12 key format");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
(*pkey)->type = ECDSAk; (*pkey)->type = EVP_PKEY_EC;
(*pkey)->pkey_curve = key.dp->oidSum; (*pkey)->pkey_curve = key.dp->oidSum;
wc_ecc_free(&key); wc_ecc_free(&key);
WOLFSSL_MSG("Found PKCS12 ECC key"); WOLFSSL_MSG("Found PKCS12 ECC key");
@ -19829,6 +19839,13 @@ void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
} }
#endif #endif
/*
*
* Note: It is expected that the importing and exporting function have been
* built with the same settings. For example if session tickets was
* enabled with the wolfSSL library exporting a session then it is
* expected to be turned on with the wolfSSL library importing the session.
*/
int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p) int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
{ {
int size = 0; int size = 0;
@ -19922,7 +19939,14 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
return size; return size;
} }
/* TODO: no function to free new session. */
/* TODO: no function to free new session.
*
* Note: It is expected that the importing and exporting function have been
* built with the same settings. For example if session tickets was
* enabled with the wolfSSL library exporting a session then it is
* expected to be turned on with the wolfSSL library importing the session.
*/
WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess, WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
const unsigned char** p, long i) const unsigned char** p, long i)
{ {
@ -20232,11 +20256,6 @@ int wolfSSL_RAND_seed(const void* seed, int len)
} }
#ifndef XGETENV
#include <stdlib.h>
#define XGETENV getenv
#endif
/* Returns the path for reading seed data from. /* Returns the path for reading seed data from.
* Uses the env variable $RANDFILE first if set, if not then used $HOME/.rnd * Uses the env variable $RANDFILE first if set, if not then used $HOME/.rnd
* *
@ -23581,8 +23600,13 @@ WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key)
else if (key->type == EVP_PKEY_RSA) { else if (key->type == EVP_PKEY_RSA) {
if (wolfSSL_RSA_LoadDer(local, (const unsigned char*)key->pkey.ptr, if (wolfSSL_RSA_LoadDer(local, (const unsigned char*)key->pkey.ptr,
key->pkey_sz) != SSL_SUCCESS) { key->pkey_sz) != SSL_SUCCESS) {
wolfSSL_RSA_free(local); /* now try public key */
local = NULL; if (wolfSSL_RSA_LoadDer_ex(local,
(const unsigned char*)key->pkey.ptr, key->pkey_sz,
WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {
wolfSSL_RSA_free(local);
local = NULL;
}
} }
} }
else { else {
@ -28645,6 +28669,10 @@ int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
bio->memLen = pemSz; bio->memLen = pemSz;
if (bio->mem_buf != NULL) {
bio->mem_buf->data = (char*)bio->mem;
bio->mem_buf->length = bio->memLen;
}
ret = wc_DerToPemEx(certDer, derSz, bio->mem, bio->memLen, NULL, CERT_TYPE); ret = wc_DerToPemEx(certDer, derSz, bio->mem, bio->memLen, NULL, CERT_TYPE);
if (ret < 0) { if (ret < 0) {

3
wolfcrypt/src/evp.c
View File

@ -345,7 +345,8 @@ WOLFSSL_API int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
inl -= ctx->block_size * blocks; inl -= ctx->block_size * blocks;
in += ctx->block_size * blocks; in += ctx->block_size * blocks;
if(ctx->enc == 0){ if(ctx->enc == 0){
if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING)){ if ((ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) ||
(ctx->block_size == 1)){
ctx->lastUsed = 0; ctx->lastUsed = 0;
XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks], ctx->block_size); XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks], ctx->block_size);
*outl+= ctx->block_size * blocks; *outl+= ctx->block_size * blocks;

1
wolfssl/internal.h
View File

@ -1354,6 +1354,7 @@ struct WOLFSSL_BIO_METHOD {
/* wolfSSL BIO type */ /* wolfSSL BIO type */
struct WOLFSSL_BIO { struct WOLFSSL_BIO {
WOLFSSL_BUF_MEM* mem_buf;
WOLFSSL* ssl; /* possible associated ssl */ WOLFSSL* ssl; /* possible associated ssl */
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
XFILE file; XFILE file;

6
wolfssl/openssl/buffer.h
View File

@ -30,12 +30,6 @@
extern "C" { extern "C" {
#endif #endif
struct WOLFSSL_BUF_MEM {
char* data;
size_t length; /* current length */
size_t max; /* maximum length */
};
WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void); WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void);
WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len); WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len);

5
wolfssl/openssl/ssl.h
View File

@ -104,6 +104,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup #define CRYPTO_EX_dup WOLFSSL_CRYPTO_EX_dup
#define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free #define CRYPTO_EX_free WOLFSSL_CRYPTO_EX_free
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
#define SSL_get_client_random(ssl,out,outSz) \ #define SSL_get_client_random(ssl,out,outSz) \
wolfSSL_get_client_random((ssl),(out),(outSz)) wolfSSL_get_client_random((ssl),(out),(outSz))
@ -579,6 +581,9 @@ enum {
}; };
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams #define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509 #define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509

6
wolfssl/ssl.h
View File

@ -249,6 +249,12 @@ enum BIO_FLAGS {
WOLFSSL_BIO_FLAG_RETRY = 0x10 WOLFSSL_BIO_FLAG_RETRY = 0x10
}; };
typedef struct WOLFSSL_BUF_MEM {
char* data; /* dereferenced */
size_t length; /* current length */
size_t max; /* maximum length */
} WOLFSSL_BUF_MEM;
typedef struct WOLFSSL_COMP_METHOD { typedef struct WOLFSSL_COMP_METHOD {
int type; /* stunnel dereference */ int type; /* stunnel dereference */
} WOLFSSL_COMP_METHOD; } WOLFSSL_COMP_METHOD;

6
wolfssl/wolfcrypt/types.h
View File

@ -337,6 +337,12 @@
#define XSNPRINTF _snprintf #define XSNPRINTF _snprintf
#endif #endif
#ifdef OPENSSL_EXTRA
#ifndef XGETENV
#define XGETENV getenv
#endif
#endif /* OPENSSL_EXTRA */
#if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN)
/* use only Thread Safe version of strtok */ /* use only Thread Safe version of strtok */
#if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \ #if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \