forked from wolfSSL/wolfssl
Support for new DPP in wpa_supplicant
- Add null check to asn template code in MakeCertReq and test - ENABLED_ECCCUSTCURVES can also be "all"
This commit is contained in:
Juliusz Sosinowicz
26
configure.ac
26
configure.ac
@ -1234,6 +1234,11 @@ AC_ARG_ENABLE([wpas-dpp],
|
||||
[ ENABLED_WPAS_DPP=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS_DPP" = "yes"
|
||||
then
|
||||
ENABLED_WPAS="yes"
|
||||
fi
|
||||
|
||||
# ntp support
|
||||
AC_ARG_ENABLE([ntp],
|
||||
[AS_HELP_STRING([--enable-ntp],[Enable ntp support (default: disabled)])],
|
||||
@ -1241,11 +1246,6 @@ AC_ARG_ENABLE([ntp],
|
||||
[ ENABLED_NTP=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS_DPP" = "yes"
|
||||
then
|
||||
ENABLED_WPAS="yes"
|
||||
fi
|
||||
|
||||
# Fortress build
|
||||
AC_ARG_ENABLE([fortress],
|
||||
[AS_HELP_STRING([--enable-fortress],[Enable SSL fortress build (default: disabled)])],
|
||||
@ -2677,6 +2677,10 @@ AC_ARG_ENABLE([certreq],
|
||||
[ ENABLED_CERTREQ=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS_DPP" = "yes"
|
||||
then
|
||||
ENABLED_CERTREQ="yes"
|
||||
fi
|
||||
|
||||
# CERT REQUEST EXTENSION
|
||||
AC_ARG_ENABLE([certext],
|
||||
@ -2815,6 +2819,11 @@ AC_ARG_ENABLE([ecccustcurves],
|
||||
[ ENABLED_ECCCUSTCURVES=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WPAS_DPP" = "yes"
|
||||
then
|
||||
ENABLED_ECCCUSTCURVES="all"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_ECCCUSTCURVES" != "no"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CUSTOM_CURVES"
|
||||
@ -4812,6 +4821,11 @@ AC_ARG_ENABLE([pkcs7],
|
||||
[ ENABLED_PKCS7=$enableval ],
|
||||
[ ENABLED_PKCS7=no ]
|
||||
)
|
||||
|
||||
if test "x$ENABLED_WPAS_DPP" = "xyes"
|
||||
then
|
||||
ENABLED_PKCS7=yes
|
||||
fi
|
||||
|
||||
# wolfSSH Options
|
||||
AC_ARG_ENABLE([wolfssh],
|
||||
@ -6450,7 +6464,7 @@ if test "$ENABLED_SP_MATH" = "yes"; then
|
||||
if test "$ENABLED_SP" = "no"; then
|
||||
AC_MSG_ERROR([Must have SP enabled with SP math: --enable-sp])
|
||||
fi
|
||||
if test "$ENABLED_ECCCUSTCURVES" = "yes"; then
|
||||
if test "$ENABLED_ECCCUSTCURVES" != "no"; then
|
||||
AC_MSG_ERROR([Cannot use single precision math and custom curves])
|
||||
fi
|
||||
if test "$ENABLED_DSA" = "yes"; then
|
||||
|
||||
@ -26549,7 +26549,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
|
||||
if ((ret == 0) && (sz > (int)derSz)) {
|
||||
ret = BUFFER_E;
|
||||
}
|
||||
if (ret == 0) {
|
||||
if (ret == 0 && derBuffer != NULL) {
|
||||
/* Encode certificate request body into buffer. */
|
||||
SetASN_Items(certReqBodyASN, dataASN, certReqBodyASN_Length, derBuffer);
|
||||
|
||||
@ -26565,14 +26565,15 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
|
||||
&cert->subject, cert->heap);
|
||||
}
|
||||
}
|
||||
if (ret >= 0) {
|
||||
if (ret >= 0 && derBuffer != NULL) {
|
||||
/* Encode public key into space in buffer. */
|
||||
ret = EncodePublicKey(cert->keyType,
|
||||
(byte*)dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.data,
|
||||
dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.length,
|
||||
rsaKey, eccKey, ed25519Key, ed448Key, dsaKey);
|
||||
}
|
||||
if ((ret >= 0) && (!dataASN[CERTREQBODYASN_IDX_EXT_BODY].noOut)) {
|
||||
if ((ret >= 0 && derBuffer != NULL) &&
|
||||
(!dataASN[CERTREQBODYASN_IDX_EXT_BODY].noOut)) {
|
||||
/* Encode extensions into space in buffer. */
|
||||
ret = EncodeExtensions(cert,
|
||||
(byte*)dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.data,
|
||||
|
||||
@ -11995,7 +11995,7 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
|
||||
static const char* certDerFile = CERT_WRITE_TEMP_DIR "cert.der";
|
||||
static const char* otherCertPemFile = CERT_WRITE_TEMP_DIR "othercert.pem";
|
||||
static const char* certPemFile = CERT_WRITE_TEMP_DIR "cert.pem";
|
||||
#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
#if defined(WOLFSSL_CERT_REQ) && !defined(WOLFSSL_NO_MALLOC)
|
||||
static const char* certReqDerFile = CERT_WRITE_TEMP_DIR "certreq.der";
|
||||
static const char* certReqPemFile = CERT_WRITE_TEMP_DIR "certreq.pem";
|
||||
#endif
|
||||
@ -15559,10 +15559,13 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
|
||||
goto exit_rsa;
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
#if defined(WOLFSSL_CERT_REQ) && !defined(WOLFSSL_NO_MALLOC)
|
||||
{
|
||||
Cert *req;
|
||||
int derSz;
|
||||
#ifndef WOLFSSL_SMALL_STACK
|
||||
byte* der = NULL;
|
||||
#endif
|
||||
|
||||
req = (Cert *)XMALLOC(sizeof *req, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (! req)
|
||||
@ -15656,6 +15659,13 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
|
||||
ERROR_OUT(-7974, exit_rsa);
|
||||
}
|
||||
|
||||
/* Test getting the size of the buffer without providing the buffer.
|
||||
* derSz is set to the "largest buffer" we are willing to allocate. */
|
||||
derSz = wc_MakeCertReq(req, NULL, 10000, key, NULL);
|
||||
if (derSz < 0) {
|
||||
ERROR_OUT(-7975, exit_rsa);
|
||||
}
|
||||
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(req, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
der = NULL;
|
||||
|
||||
Reference in New Issue
Block a user