feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add callbacks for PKCS7 streaming input and output

Browse Source
This commit is contained in:
JacobBarthelmeh
2024-02-08 02:44:18 +07:00
parent a77c6d1fa0
commit 2044d6b7dd
4 changed files with 922 additions and 248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
tests/api.c
View File

@@ -27019,8 +27019,8 @@ static int test_wc_PKCS7_EncodeSignedData(void)
pkcs7->rng = &rng; pkcs7->rng = &rng;
} }
ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0); ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 0);
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1), 0); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL), 0);
ExpectIntEQ(wc_PKCS7_SetStreamMode(NULL, 1), BAD_FUNC_ARG); ExpectIntEQ(wc_PKCS7_SetStreamMode(NULL, 1, NULL, NULL), BAD_FUNC_ARG);
ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 1); ExpectIntEQ(wc_PKCS7_GetStreamMode(pkcs7), 1);
ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, output, ExpectIntGT(signedSz = wc_PKCS7_EncodeSignedData(pkcs7, output,
@@ -28287,16 +28287,46 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
pkcs7->privateKey = (testVectors + i)->privateKey; pkcs7->privateKey = (testVectors + i)->privateKey;
pkcs7->privateKeySz = (testVectors + i)->privateKeySz; pkcs7->privateKeySz = (testVectors + i)->privateKeySz;
} }
ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1), 0); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, NULL), 0);
ExpectIntGE(encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output, encodedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
(word32)sizeof(output)), 0); (word32)sizeof(output));
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output, switch ((testVectors + i)->encryptOID) {
(word32)encodedSz, decoded, (word32)sizeof(decoded)); #ifndef NO_DES3
ExpectIntGE(decodedSz, 0); case DES3b:
/* Verify the size of each buffer. */ case DESb:
ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz); ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef HAVE_AESCCM
#ifdef WOLFSSL_AES_128
case AES128CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef WOLFSSL_AES_192
case AES192CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#ifdef WOLFSSL_AES_256
case AES256CCMb:
ExpectIntEQ(encodedSz, BAD_FUNC_ARG);
break;
#endif
#endif
default:
ExpectIntGE(encodedSz, 0);
}
if (encodedSz > 0) {
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)encodedSz, decoded, (word32)sizeof(decoded));
ExpectIntGE(decodedSz, 0);
/* Verify the size of each buffer. */
ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
}
wc_PKCS7_Free(pkcs7); wc_PKCS7_Free(pkcs7);
pkcs7 = NULL; pkcs7 = NULL;
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));

4
wolfcrypt/src/asn.c
View File

@@ -3465,7 +3465,9 @@ word32 SetBitString(word32 len, byte unusedBits, byte* output)
#ifdef ASN_BER_TO_DER #ifdef ASN_BER_TO_DER
#define BER_OCTET_LENGTH 4096 #ifndef BER_OCTET_LENGTH
#define BER_OCTET_LENGTH 4096
#endif
/* sets the terminating 0x00 0x00 at the end of an indefinite length /* sets the terminating 0x00 0x00 at the end of an indefinite length
* returns the number of bytes written */ * returns the number of bytes written */

1103
wolfcrypt/src/pkcs7.c
View File

File diff suppressed because it is too large Load Diff

13
wolfssl/wolfcrypt/pkcs7.h
View File

@@ -224,6 +224,11 @@ typedef int (*CallbackWrapCEK)(PKCS7* pkcs7, byte* cek, word32 cekSz,
byte* out, word32 outSz, byte* out, word32 outSz,
int keyWrapAlgo, int type, int dir); int keyWrapAlgo, int type, int dir);
/* Callbacks for supporting different stream cases */
typedef int (*CallbackGetContent)(PKCS7* pkcs7, byte** content);
typedef int (*CallbackStreamOut)(PKCS7* pkcs7, const byte* output,
word32 outputSz);
#if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA) #if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA)
/* RSA sign raw digest callback, user builds DigestInfo */ /* RSA sign raw digest callback, user builds DigestInfo */
typedef int (*CallbackRsaSignRawDigest)(PKCS7* pkcs7, byte* digest, typedef int (*CallbackRsaSignRawDigest)(PKCS7* pkcs7, byte* digest,
@@ -247,6 +252,8 @@ struct PKCS7 {
#ifdef ASN_BER_TO_DER #ifdef ASN_BER_TO_DER
byte* der; /* DER encoded version of message */ byte* der; /* DER encoded version of message */
word32 derSz; word32 derSz;
CallbackGetContent getContentCb;
CallbackStreamOut streamOutCb;
#endif #endif
byte encodeStream:1; /* use BER when encoding */ byte encodeStream:1; /* use BER when encoding */
byte noCerts:1; /* if certificates should be added into bundle byte noCerts:1; /* if certificates should be added into bundle
@@ -498,7 +505,11 @@ WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCb(PKCS7* pkcs7,
WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx); WOLFSSL_API int wc_PKCS7_SetDecodeEncryptedCtx(PKCS7* pkcs7, void* ctx);
#endif /* NO_PKCS7_ENCRYPTED_DATA */ #endif /* NO_PKCS7_ENCRYPTED_DATA */
WOLFSSL_API int wc_PKCS7_SetStreamMode(PKCS7* pkcs7, byte flag); /* stream and certs */
WOLFSSL_LOCAL int wc_PKCS7_WriteOut(PKCS7* pkcs7, byte* output,
const byte* input, word32 inputSz);
WOLFSSL_API int wc_PKCS7_SetStreamMode(PKCS7* pkcs7, byte flag,
CallbackGetContent getContentCb, CallbackStreamOut streamOutCb);
WOLFSSL_API int wc_PKCS7_GetStreamMode(PKCS7* pkcs7); WOLFSSL_API int wc_PKCS7_GetStreamMode(PKCS7* pkcs7);
WOLFSSL_API int wc_PKCS7_SetNoCerts(PKCS7* pkcs7, byte flag); WOLFSSL_API int wc_PKCS7_SetNoCerts(PKCS7* pkcs7, byte flag);
WOLFSSL_API int wc_PKCS7_GetNoCerts(PKCS7* pkcs7); WOLFSSL_API int wc_PKCS7_GetNoCerts(PKCS7* pkcs7);