feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

make SetAltNames optional since need bigger buffer with -DCYASSL_ALT_NAMES

Browse Source
This commit is contained in:
toddouska
2012-04-05 12:48:28 -07:00
parent b9e6d44bf7
commit 3001804c51
5 changed files with 37 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
configure.ac
View File

@ -6,7 +6,7 @@
# #
# #
AC_INIT([cyassl],[2.0.9],[http://www.yassl.com]) AC_INIT([cyassl],[2.1.0],[http://www.yassl.com])
AC_CONFIG_AUX_DIR(config) AC_CONFIG_AUX_DIR(config)
@ -199,7 +199,7 @@ AC_ARG_ENABLE(bump,
if test "$ENABLED_BUMP" = "yes" if test "$ENABLED_BUMP" = "yes"
then then
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD" AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES"
fi fi
# fastmath # fastmath

21
ctaocrypt/src/asn.c
View File

@ -2412,6 +2412,10 @@ void CTaoCryptErrorString(int error, char* buffer)
XSTRNCPY(buffer, "No password provided by user", max); XSTRNCPY(buffer, "No password provided by user", max);
break; break;
case ALT_NAME_E :
XSTRNCPY(buffer, "Alt Name problem, too big", max);
break;
default: default:
XSTRNCPY(buffer, "unknown error number", max); XSTRNCPY(buffer, "unknown error number", max);
@ -2601,7 +2605,9 @@ void InitCert(Cert* cert)
cert->selfSigned = 1; cert->selfSigned = 1;
cert->isCA = 0; cert->isCA = 0;
cert->bodySz = 0; cert->bodySz = 0;
#ifdef CYASSL_ALT_NAMES
cert->altNamesSz = 0; cert->altNamesSz = 0;
#endif
cert->keyType = RSA_KEY; cert->keyType = RSA_KEY;
XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE); XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
@ -3149,12 +3155,14 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng,
else else
der->extensionsSz = 0; der->extensionsSz = 0;
#ifdef CYASSL_ALT_NAMES
if (der->extensionsSz == 0 && cert->altNamesSz) { if (der->extensionsSz == 0 && cert->altNamesSz) {
der->extensionsSz = SetExtensions(der->extensions, cert->altNames, der->extensionsSz = SetExtensions(der->extensions, cert->altNames,
cert->altNamesSz); cert->altNamesSz);
if (der->extensionsSz == 0) if (der->extensionsSz == 0)
return EXTENSIONS_E; return EXTENSIONS_E;
} }
#endif
der->total = der->versionSz + der->serialSz + der->sigAlgoSz + der->total = der->versionSz + der->serialSz + der->sigAlgoSz +
der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz + der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz +
@ -3340,6 +3348,8 @@ int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng)
} }
#ifdef CYASSL_ALT_NAMES
/* Set Alt Names from der cert, return 0 on success */ /* Set Alt Names from der cert, return 0 on success */
static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz) static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
{ {
@ -3410,6 +3420,8 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
else { else {
cert->altNamesSz = 0; cert->altNamesSz = 0;
CYASSL_MSG("AltNames extensions too big"); CYASSL_MSG("AltNames extensions too big");
FreeDecodedCert(&decoded);
return ALT_NAME_E;
} }
} }
decoded.srcIdx = tmpIdx + length; decoded.srcIdx = tmpIdx + length;
@ -3420,6 +3432,8 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
return 0; return 0;
} }
#endif /* CYASSL_ALT_NAMES */
/* Set cn name from der buffer, return 0 on success */ /* Set cn name from der buffer, return 0 on success */
static int SetNameFromCert(CertName* cn, const byte* der, int derSz) static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
@ -3518,6 +3532,8 @@ int SetSubject(Cert* cert, const char* subjectFile)
} }
#ifdef CYASSL_ALT_NAMES
/* Set atl names from file in PEM */ /* Set atl names from file in PEM */
int SetAltNames(Cert* cert, const char* file) int SetAltNames(Cert* cert, const char* file)
{ {
@ -3527,6 +3543,8 @@ int SetAltNames(Cert* cert, const char* file)
return SetAltNamesFromCert(cert, der, derSz); return SetAltNamesFromCert(cert, der, derSz);
} }
#endif /* CYASSL_ALT_NAMES */
#endif /* NO_FILESYSTEM */ #endif /* NO_FILESYSTEM */
/* Set cert issuer from DER buffer */ /* Set cert issuer from DER buffer */
@ -3544,12 +3562,15 @@ int SetSubjectBuffer(Cert* cert, const byte* der, int derSz)
} }
#ifdef CYASSL_ALT_NAMES
/* Set cert alt names from DER buffer */ /* Set cert alt names from DER buffer */
int SetAltNamesBuffer(Cert* cert, const byte* der, int derSz) int SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
{ {
return SetAltNamesFromCert(cert, der, derSz); return SetAltNamesFromCert(cert, der, derSz);
} }
#endif /* CYASSL_ALT_NAMES */
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */

6
cyassl/ctaocrypt/asn.h
View File

@ -127,7 +127,11 @@ enum Misc_ASN {
MAX_RSA_E_SZ = 16, /* Max RSA public e size */ MAX_RSA_E_SZ = 16, /* Max RSA public e size */
MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, #ifdef CYASSL_ALT_NAMES
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
#else
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
#endif
/* Max total extensions, id + len + others */ /* Max total extensions, id + len + others */
#endif #endif
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2 MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2

12
cyassl/ctaocrypt/asn_public.h
View File

@ -58,9 +58,9 @@ enum Ctc_SigType {
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
enum Ctc_Misc { enum Ctc_Misc {
CTC_NAME_SIZE = 64, CTC_NAME_SIZE = 64,
CTC_MAX_ALT_SIZE = 512, CTC_MAX_ALT_SIZE = 8192, /* may be huge */
CTC_SERIAL_SIZE = 8 CTC_SERIAL_SIZE = 8
}; };
typedef struct CertName { typedef struct CertName {
@ -88,8 +88,10 @@ typedef struct Cert {
/* internal use only */ /* internal use only */
int bodySz; /* pre sign total size */ int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */ int keyType; /* public key type of subject */
#ifdef CYASSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */ int altNamesSz; /* altNames size in bytes */
#endif
} Cert; } Cert;
@ -113,7 +115,9 @@ CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*); RNG*);
CYASSL_API int SetIssuer(Cert*, const char*); CYASSL_API int SetIssuer(Cert*, const char*);
CYASSL_API int SetSubject(Cert*, const char*); CYASSL_API int SetSubject(Cert*, const char*);
CYASSL_API int SetAltNames(Cert*, const char*); #ifdef CYASSL_ALT_NAMES
CYASSL_API int SetAltNames(Cert*, const char*);
#endif
CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int); CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int);
CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int); CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int);
CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int); CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int);

1
cyassl/ctaocrypt/error.h
View File

@ -96,6 +96,7 @@ enum {
NOT_COMPILED_IN = -174, /* Feature not compiled in */ NOT_COMPILED_IN = -174, /* Feature not compiled in */
UNICODE_SIZE_E = -175, /* Unicode password too big */ UNICODE_SIZE_E = -175, /* Unicode password too big */
NO_PASSWORD = -176, /* no password provided by user */ NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */
MIN_CODE_E = -200 /* errors -101 - -199 */ MIN_CODE_E = -200 /* errors -101 - -199 */
}; };