From 8bd3850e58c3fc3011e82ce0c2047e5b1307538e Mon Sep 17 00:00:00 2001 From: Joe Hamman Date: Wed, 24 May 2023 17:28:53 -0400 Subject: [PATCH 1/4] Added ASN.1 Integer sequencing --- src/ssl_asn1.c | 17 ++++++++++++++++- tests/api.c | 15 ++++++++++----- wolfssl/openssl/asn1.h | 1 + wolfssl/ssl.h | 2 +- 4 files changed, 28 insertions(+), 7 deletions(-) diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c index 5a09e2742..7c8106417 100644 --- a/src/ssl_asn1.c +++ b/src/ssl_asn1.c @@ -65,6 +65,9 @@ static int wolfssl_asn1_item_new(void** item, int type) case WOLFSSL_ASN1_BIT_STRING_ASN1: *(WOLFSSL_ASN1_BIT_STRING**)item = wolfSSL_ASN1_BIT_STRING_new(); break; + case WOLFSSL_ASN1_INTEGER_ASN1: + *(WOLFSSL_ASN1_INTEGER**)item = wolfSSL_ASN1_INTEGER_new(); + break; default: WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_new"); *(void**)item = NULL; @@ -128,6 +131,9 @@ static void wolfssl_asn1_item_free(void** item, int type) case WOLFSSL_ASN1_BIT_STRING_ASN1: wolfSSL_ASN1_BIT_STRING_free(*(WOLFSSL_ASN1_BIT_STRING**)item); break; + case WOLFSSL_ASN1_INTEGER_ASN1: + wolfSSL_ASN1_INTEGER_free(*(WOLFSSL_ASN1_INTEGER**)item); + break; default: WOLFSSL_MSG("Type not supported in wolfSSL_ASN1_item_free"); } @@ -225,6 +231,15 @@ static int wolfssl_i2d_asn1_item(void** item, int type, byte* buf) len = wolfSSL_i2d_ASN1_BIT_STRING( *(const WOLFSSL_ASN1_BIT_STRING**)item, buf); break; + case WOLFSSL_ASN1_INTEGER_ASN1: + byte *tmp_buf = buf; + len = wolfSSL_i2d_ASN1_INTEGER( + *(const WOLFSSL_ASN1_INTEGER**)item, &tmp_buf); + if ((buf == NULL) && (tmp_buf != NULL)) { + XFREE(tmp_buf, NULL, DYNAMIC_TYPE_ASN1); + tmp_buf = NULL; + } + break; default: WOLFSSL_MSG("Type not support in processMembers"); len = 0; @@ -787,7 +802,7 @@ static int wolfssl_asn1_int_twos_compl(byte* data, int length, byte* neg) * @return -1 when a is NULL or no data, out is NULL, dynamic memory allocation * fails or encoding length fails. */ -int wolfSSL_i2d_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER* a, unsigned char** out) +int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** out) { int ret = 0; byte* buf = NULL; diff --git a/tests/api.c b/tests/api.c index 26aa797b5..c33c49277 100644 --- a/tests/api.c +++ b/tests/api.c @@ -33514,7 +33514,8 @@ static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void) const EC_GROUP *group; const EC_POINT *point; int nid; - TEST_ASN1 test_asn1; + TEST_ASN1 *test_asn1 = NULL; + const unsigned char badObjDer[] = { 0x06, 0x00 }; const unsigned char goodObjDer[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01 @@ -33606,12 +33607,16 @@ static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void) XFREE(der, NULL, DYNAMIC_TYPE_ASN1); DPP_BOOTSTRAPPING_KEY_free(bootstrap); + /* Test integer */ + AssertNotNull(test_asn1 = TEST_ASN1_new()); + der = NULL; + AssertIntEQ(i2d_TEST_ASN1(test_asn1, &der), 4); + XFREE(der, NULL, DYNAMIC_TYPE_ASN1); + TEST_ASN1_free(test_asn1); + /* Test error cases. */ - AssertNull(TEST_ASN1_new()); AssertNull(wolfSSL_ASN1_item_new(NULL)); TEST_ASN1_free(NULL); - XMEMSET(&test_asn1, 0, sizeof(TEST_ASN1)); - AssertIntEQ(i2d_TEST_ASN1(&test_asn1, &der), 0); res = TEST_RES_CHECK(1); #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ @@ -62839,7 +62844,7 @@ static int test_wolfSSL_CRYPTO_get_ex_new_index(void) return res; } -#if defined(HAVE_EX_DATA) && \ +#if defined(HAVE_EX_DATA) && defined(HAVE_EXT_CACHE) && \ (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \ (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \ diff --git a/wolfssl/openssl/asn1.h b/wolfssl/openssl/asn1.h index edfa66291..12ad36980 100644 --- a/wolfssl/openssl/asn1.h +++ b/wolfssl/openssl/asn1.h @@ -140,6 +140,7 @@ typedef struct { typedef enum { WOLFSSL_X509_ALGOR_ASN1 = 0, WOLFSSL_ASN1_BIT_STRING_ASN1, + WOLFSSL_ASN1_INTEGER_ASN1, } WOLFSSL_ASN1_TYPES; #define ASN1_SEQUENCE(type) \ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 4797848a4..648cdbcee 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2057,7 +2057,7 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER( WOLFSSL_ASN1_INTEGER** a, const unsigned char** in, long inSz); -WOLFSSL_API int wolfSSL_i2d_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER* a, +WOLFSSL_API int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a, unsigned char** out); WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime); From 2c59bec72c1563085b7ae2548ca9589f8f0595df Mon Sep 17 00:00:00 2001 From: Joe Hamman Date: Wed, 24 May 2023 17:37:51 -0400 Subject: [PATCH 2/4] Fixed typo in comment --- src/ssl_asn1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c index 7c8106417..d4435ed24 100644 --- a/src/ssl_asn1.c +++ b/src/ssl_asn1.c @@ -558,7 +558,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_ASN1_INTEGER_new(void) void wolfSSL_ASN1_INTEGER_free(WOLFSSL_ASN1_INTEGER* in) { if ((in != NULL) && (in->isDynamic)) { - /* Dispose of any data allocated in BIT_STRING. */ + /* Dispose of any data allocated in INTEGER. */ XFREE(in->data, NULL, DYNAMIC_TYPE_OPENSSL); } /* Dispose of the ASN.1 INTEGER object. */ From 8fb4e7813b05595ac4e978a577d618697912e3f8 Mon Sep 17 00:00:00 2001 From: Joe Hamman Date: Sun, 28 May 2023 18:59:16 -0400 Subject: [PATCH 3/4] Added braces to support older compilers --- src/ssl_asn1.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c index d4435ed24..6d00eefb4 100644 --- a/src/ssl_asn1.c +++ b/src/ssl_asn1.c @@ -232,6 +232,7 @@ static int wolfssl_i2d_asn1_item(void** item, int type, byte* buf) *(const WOLFSSL_ASN1_BIT_STRING**)item, buf); break; case WOLFSSL_ASN1_INTEGER_ASN1: + { byte *tmp_buf = buf; len = wolfSSL_i2d_ASN1_INTEGER( *(const WOLFSSL_ASN1_INTEGER**)item, &tmp_buf); @@ -239,6 +240,7 @@ static int wolfssl_i2d_asn1_item(void** item, int type, byte* buf) XFREE(tmp_buf, NULL, DYNAMIC_TYPE_ASN1); tmp_buf = NULL; } + } break; default: WOLFSSL_MSG("Type not support in processMembers"); From d340587035868f0ccab2f8e96264eea45a3692c0 Mon Sep 17 00:00:00 2001 From: Joe Hamman Date: Sun, 28 May 2023 21:18:45 -0400 Subject: [PATCH 4/4] Added valid ASN.1 integer value to test_asn1 --- tests/api.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index c33c49277..036b0c743 100644 --- a/tests/api.c +++ b/tests/api.c @@ -33610,7 +33610,8 @@ static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void) /* Test integer */ AssertNotNull(test_asn1 = TEST_ASN1_new()); der = NULL; - AssertIntEQ(i2d_TEST_ASN1(test_asn1, &der), 4); + ASN1_INTEGER_set(test_asn1->integer, 100); + AssertIntEQ(i2d_TEST_ASN1(test_asn1, &der), 5); XFREE(der, NULL, DYNAMIC_TYPE_ASN1); TEST_ASN1_free(test_asn1);