From 2b75d0faf3cdb98b6e5c31986869f4a99d8828f1 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Fri, 16 Dec 2016 14:11:52 -0700 Subject: [PATCH] asn1 string compatibility --- src/ssl.c | 80 ++++++++++++++++++++++++++++++++++++++++++ tests/api.c | 22 ++++++++++++ wolfssl/openssl/asn1.h | 20 +++++------ wolfssl/openssl/ssl.h | 37 +++++++++++-------- wolfssl/ssl.h | 20 +++++++++++ 5 files changed, 153 insertions(+), 26 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 44a423b0a..7db2409b0 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -14546,6 +14546,86 @@ static void ExternalFreeX509(WOLFSSL_X509* x509) } + WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new() + { + WOLFSSL_ASN1_STRING* asn1; + + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_new"); + + asn1 = (WOLFSSL_ASN1_STRING*)XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL, + DYNAMIC_TYPE_OPENSSL); + if (asn1 != NULL) { + XMEMSET(asn1, 0, sizeof(WOLFSSL_ASN1_STRING)); + } + + return asn1; /* no check for null because error case is returning null*/ + } + + + void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1) + { + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_free"); + + if (asn1 != NULL) { + if (asn1->length > 0 && asn1->data != NULL) { + XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL); + } + XFREE(asn1, NULL, DYNAMIC_TYPE_OPENSSL); + } + } + + + WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type) + { + WOLFSSL_ASN1_STRING* asn1; + + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_type_new"); + + asn1 = wolfSSL_ASN1_STRING_new(); + if (asn1 == NULL) { + return NULL; + } + asn1->type = type; + + return asn1; + } + + + /* if dataSz is negative then use XSTRLEN to find length of data + * return SSL_SUCCESS on success and SSL_FAILURE on failure */ + int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, const void* data, + int dataSz) + { + int sz; + + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_set"); + + if (data == NULL || asn1 == NULL) { + return SSL_FAILURE; + } + + if (dataSz < 0) { + sz = (int)XSTRLEN(data); + } + else { + sz = dataSz; + } + + if (sz < 0) { + return SSL_FAILURE; + } + + asn1->data = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL); + if (asn1->data == NULL) { + return SSL_FAILURE; + } + XMEMCPY(asn1->data, data, sz); + asn1->length = sz; + + return SSL_SUCCESS; + } + + char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) { WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); diff --git a/tests/api.c b/tests/api.c index e91fde627..0da8ee695 100644 --- a/tests/api.c +++ b/tests/api.c @@ -14453,6 +14453,27 @@ static void test_wolfSSL_BIO(void) #endif } + +static void test_wolfSSL_ASN1_STRING(void) +{ + #if defined(OPENSSL_EXTRA) + ASN1_STRING* str = NULL; + const char data[] = "hello wolfSSL"; + + printf(testingFmt, "wolfSSL_ASN1_STRING()"); + + AssertNotNull(str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); + AssertIntEQ(ASN1_STRING_set(str, (const void*)data, sizeof(data)), 1); + AssertIntEQ(ASN1_STRING_set(str, (const void*)data, -1), 1); + AssertIntEQ(ASN1_STRING_set(str, NULL, -1), 0); + + ASN1_STRING_free(str); + + printf(resultFmt, passed); + #endif +} + + static void test_wolfSSL_DES_ecb_encrypt(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB) @@ -15340,6 +15361,7 @@ void ApiTest(void) test_wolfSSL_X509_STORE_CTX(); test_wolfSSL_PEM_read_bio(); test_wolfSSL_BIO(); + test_wolfSSL_ASN1_STRING(); test_wolfSSL_DES_ecb_encrypt(); test_wolfSSL_set_tlsext_status_type(); test_wolfSSL_ASN1_TIME_adj(); diff --git a/wolfssl/openssl/asn1.h b/wolfssl/openssl/asn1.h index 3b89106ef..659ae905f 100644 --- a/wolfssl/openssl/asn1.h +++ b/wolfssl/openssl/asn1.h @@ -23,18 +23,14 @@ #ifndef WOLFSSL_ASN1_H_ #define WOLFSSL_ASN1_H_ -struct WOLFSSL_ASN1_BIT_STRING { - int length; - int type; - char* data; - long flags; -}; -struct WOLFSSL_ASN1_STRING { - int length; - int type; - char* data; - long flags; -}; +#include +typedef struct WOLFSSL_ASN1_STRING ASN1_STRING; +#define ASN1_STRING_new wolfSSL_ASN1_STRING_type_new +#define ASN1_STRING_type_new wolfSSL_ASN1_STRING_type_new +#define ASN1_STRING_set wolfSSL_ASN1_STRING_set +#define ASN1_STRING_free wolfSSL_ASN1_STRING_free + +#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */ #endif /* WOLFSSL_ASN1_H_ */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index e726dff3f..e233deed6 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -30,7 +30,10 @@ #define WOLFSSL_OPENSSL_H_ /* wolfssl_openssl compatibility layer */ +#ifndef OPENSSL_EXTRA_SSL_GUARD +#define OPENSSL_EXTRA_SSL_GUARD #include +#endif /* OPENSSL_EXTRA_SSL_GUARD */ #include @@ -63,20 +66,26 @@ typedef WOLFSSL_X509_CHAIN X509_CHAIN; #define WOLFSSL_TYPES_DEFINED -typedef WOLFSSL_EVP_PKEY EVP_PKEY; -typedef WOLFSSL_BIO BIO; -typedef WOLFSSL_BIO_METHOD BIO_METHOD; -typedef WOLFSSL_CIPHER SSL_CIPHER; -typedef WOLFSSL_X509_LOOKUP X509_LOOKUP; -typedef WOLFSSL_X509_LOOKUP_METHOD X509_LOOKUP_METHOD; -typedef WOLFSSL_X509_CRL X509_CRL; -typedef WOLFSSL_X509_EXTENSION X509_EXTENSION; -typedef WOLFSSL_ASN1_TIME ASN1_TIME; -typedef WOLFSSL_ASN1_INTEGER ASN1_INTEGER; -typedef WOLFSSL_ASN1_OBJECT ASN1_OBJECT; -typedef WOLFSSL_ASN1_STRING ASN1_STRING; -typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value; -typedef WOLFSSL_BUF_MEM BUF_MEM; +typedef WOLFSSL_EVP_PKEY EVP_PKEY; +typedef WOLFSSL_RSA RSA; +typedef WOLFSSL_DSA DSA; +typedef WOLFSSL_EC_KEY EC_KEY; +typedef WOLFSSL_EC_GROUP EC_GROUP; +typedef WOLFSSL_EC_POINT EC_POINT; +typedef WOLFSSL_ECDSA_SIG ECDSA_SIG; +typedef WOLFSSL_BIO BIO; +typedef WOLFSSL_BIO_METHOD BIO_METHOD; +typedef WOLFSSL_CIPHER SSL_CIPHER; +typedef WOLFSSL_X509_LOOKUP X509_LOOKUP; +typedef WOLFSSL_X509_LOOKUP_METHOD X509_LOOKUP_METHOD; +typedef WOLFSSL_X509_CRL X509_CRL; +typedef WOLFSSL_X509_EXTENSION X509_EXTENSION; +typedef WOLFSSL_ASN1_TIME ASN1_TIME; +typedef WOLFSSL_ASN1_INTEGER ASN1_INTEGER; +typedef WOLFSSL_ASN1_OBJECT ASN1_OBJECT; +typedef WOLFSSL_ASN1_STRING ASN1_STRING; +typedef WOLFSSL_dynlock_value CRYPTO_dynlock_value; +typedef WOLFSSL_BUF_MEM BUF_MEM; /* GENERAL_NAME and BASIC_CONSTRAINTS structs may need implemented as * compatibility layer expands. For now treating them as an ASN1_OBJECT */ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index ebfc5fac2..18581dca7 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -755,6 +755,11 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( WOLFSSL_X509_NAME*, int, int); WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_new(void); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_ASN1_STRING_type_new(int type); +WOLFSSL_API void wolfSSL_ASN1_STRING_free(WOLFSSL_ASN1_STRING* asn1); +WOLFSSL_API int wolfSSL_ASN1_STRING_set(WOLFSSL_ASN1_STRING* asn1, + const void* data, int dataSz); WOLFSSL_API char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); @@ -2342,6 +2347,21 @@ WOLFSSL_API WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX /*lighttp compatibility */ +struct WOLFSSL_ASN1_BIT_STRING { + int length; + int type; + char* data; + long flags; +}; + +struct WOLFSSL_ASN1_STRING { + int length; + int type; + char* data; + long flags; +}; + + #include struct WOLFSSL_X509_NAME_ENTRY { WOLFSSL_ASN1_OBJECT* object; /* not defined yet */