forked from wolfSSL/wolfssl
Updated per PR comments.
This commit is contained in:
Uriah Pollock
18
src/ocsp.c
18
src/ocsp.c
@ -1072,22 +1072,24 @@ WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
|
|||||||
const unsigned char** derIn,
|
const unsigned char** derIn,
|
||||||
int length)
|
int length)
|
||||||
{
|
{
|
||||||
if ((derIn == NULL) || (length == 0))
|
if ((cidOut == NULL) || (derIn == NULL) || (length == 0))
|
||||||
return (NULL);
|
return (NULL);
|
||||||
|
|
||||||
if (*cidOut != NULL) {
|
/* If a NULL is passed we allocate the memory for the caller. */
|
||||||
XMEMCPY ((*cidOut)->rawCertId, *derIn, length);
|
if (*cidOut == NULL) {
|
||||||
(*cidOut)->rawCertIdSize = length;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
*cidOut = (WOLFSSL_OCSP_CERTID*)XMALLOC(length, NULL, DYNAMIC_TYPE_OPENSSL);
|
*cidOut = (WOLFSSL_OCSP_CERTID*)XMALLOC(length, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
|
|
||||||
if (*cidOut == NULL) {
|
if (*cidOut == NULL) {
|
||||||
return (NULL);
|
return (NULL);
|
||||||
}
|
}
|
||||||
XMEMCPY ((*cidOut)->rawCertId, *derIn, length);
|
|
||||||
(*cidOut)->rawCertIdSize = length;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
XMEMCPY ((*cidOut)->rawCertId, *derIn, length);
|
||||||
|
(*cidOut)->rawCertIdSize = length;
|
||||||
|
|
||||||
|
/* Per spec. advance past the data that is being returned to the caller. */
|
||||||
|
*derIn = *derIn + length;
|
||||||
|
|
||||||
return (*cidOut);
|
return (*cidOut);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
54
src/x509.c
54
src/x509.c
@ -7611,7 +7611,7 @@ int wolfSSL_X509_CRL_get_signature(WOLFSSL_X509_CRL* crl,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Retrieve serial number from RevokedCert
|
/* Retrieve serial number from RevokedCert
|
||||||
* return WOLFSSL_SUCCESS on success
|
* return WOLFSSL_SUCCESS on success and negative values on failure
|
||||||
*/
|
*/
|
||||||
int wolfSSL_X509_REVOKED_get_serial_number(RevokedCert* rev,
|
int wolfSSL_X509_REVOKED_get_serial_number(RevokedCert* rev,
|
||||||
byte* in, int* inOutSz)
|
byte* in, int* inOutSz)
|
||||||
@ -7633,47 +7633,29 @@ int wolfSSL_X509_REVOKED_get_serial_number(RevokedCert* rev,
|
|||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Retrieve the revocation date from RevokedCert
|
const WOLFSSL_ASN1_INTEGER* wolfSSL_X509_REVOKED_get0_serial_number(const
|
||||||
* return WOLFSSL_SUCCESS on success
|
WOLFSSL_X509_REVOKED *rev)
|
||||||
*/
|
|
||||||
int wolfSSL_X509_REVOKED_get_revocationDate(RevokedCert* rev,
|
|
||||||
byte* in, int* inOutSz)
|
|
||||||
{
|
{
|
||||||
char tmp[MAX_DATE_SIZE];
|
WOLFSSL_ENTER("wolfSSL_X509_REVOKED_get0_serial_number");
|
||||||
|
|
||||||
WOLFSSL_ENTER("wolfSSL_X509_REVOKED_get_revocationDate");
|
if (rev != NULL) {
|
||||||
|
return rev->serialNumber;
|
||||||
if ((rev == NULL) || (in == NULL) || (inOutSz == NULL)) {
|
|
||||||
return (BAD_FUNC_ARG);
|
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (*inOutSz < MAX_DATE_SIZE) {
|
const WOLFSSL_ASN1_TIME* wolfSSL_X509_REVOKED_get0_revocation_date(const
|
||||||
return (BAD_FUNC_ARG);
|
WOLFSSL_X509_REVOKED *rev)
|
||||||
}
|
{
|
||||||
|
WOLFSSL_STUB("wolfSSL_X509_REVOKED_get0_revocation_date");
|
||||||
|
|
||||||
if (rev->revDate[0] != 0) {
|
(void) rev;
|
||||||
if (GetTimeString(rev->revDate, ASN_UTC_TIME,
|
return NULL;
|
||||||
tmp, MAX_DATE_SIZE) != WOLFSSL_SUCCESS) {
|
|
||||||
if (GetTimeString(rev->revDate, ASN_GENERALIZED_TIME,
|
|
||||||
tmp, MAX_DATE_SIZE) != WOLFSSL_SUCCESS) {
|
|
||||||
WOLFSSL_MSG("Error getting revocation date");
|
|
||||||
|
|
||||||
return (WOLFSSL_FAILURE);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
XSTRNCPY(tmp, "Not Set", MAX_DATE_SIZE-1);
|
|
||||||
}
|
|
||||||
|
|
||||||
*inOutSz = XSTRLEN (tmp);
|
|
||||||
XMEMCPY(in, tmp, *inOutSz);
|
|
||||||
|
|
||||||
return (WOLFSSL_SUCCESS);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* print serial number out
|
/* print serial number out
|
||||||
* return WOLFSSL_SUCCESS on success
|
* return WOLFSSL_SUCCESS on success
|
||||||
*/
|
*/
|
||||||
static int X509RevokedPrintSerial(WOLFSSL_BIO* bio, RevokedCert* rev,
|
static int X509RevokedPrintSerial(WOLFSSL_BIO* bio, RevokedCert* rev,
|
||||||
int indent)
|
int indent)
|
||||||
@ -8054,7 +8036,7 @@ void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl)
|
|||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl)
|
WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl)
|
||||||
{
|
{
|
||||||
if (crl->crlList->lastDate[0] != 0) {
|
if ((crl != NULL) && (crl->crlList->lastDate[0] != 0)) {
|
||||||
return (WOLFSSL_ASN1_TIME*)crl->crlList->lastDate;
|
return (WOLFSSL_ASN1_TIME*)crl->crlList->lastDate;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -8063,7 +8045,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl)
|
|||||||
|
|
||||||
WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* crl)
|
WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* crl)
|
||||||
{
|
{
|
||||||
if (crl->crlList->nextDate[0] != 0) {
|
if ((crl != NULL) && (crl->crlList->nextDate[0] != 0)) {
|
||||||
return (WOLFSSL_ASN1_TIME*)crl->crlList->nextDate;
|
return (WOLFSSL_ASN1_TIME*)crl->crlList->nextDate;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|||||||
17
tests/api.c
17
tests/api.c
@ -48125,6 +48125,7 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
|
|||||||
{
|
{
|
||||||
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
|
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
|
||||||
WOLFSSL_OCSP_CERTID* certId;
|
WOLFSSL_OCSP_CERTID* certId;
|
||||||
|
WOLFSSL_OCSP_CERTID* certIdBad;
|
||||||
const unsigned char* rawCertIdPtr;
|
const unsigned char* rawCertIdPtr;
|
||||||
|
|
||||||
const unsigned char rawCertId[] = {
|
const unsigned char rawCertId[] = {
|
||||||
@ -48151,7 +48152,7 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
|
|||||||
|
|
||||||
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
|
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
|
|
||||||
/* If the cert ID is not NULL the fucntion will just copy the data to it. */
|
/* If the cert ID is not NULL the function will just copy the data to it. */
|
||||||
certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
|
certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
XMEMSET(certId, 0, sizeof(*certId));
|
XMEMSET(certId, 0, sizeof(*certId));
|
||||||
@ -48163,6 +48164,20 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
|
|||||||
|
|
||||||
XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
|
||||||
|
/* The below tests should fail when passed bad parameters. NULL should
|
||||||
|
* always be returned. */
|
||||||
|
certIdBad = (WOLFSSL_OCSP_CERTID*) 1;
|
||||||
|
certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr, sizeof(rawCertId));
|
||||||
|
AssertNull(certIdBad);
|
||||||
|
|
||||||
|
certIdBad = (WOLFSSL_OCSP_CERTID*) 1;
|
||||||
|
certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL, sizeof(rawCertId));
|
||||||
|
AssertNull(certIdBad);
|
||||||
|
|
||||||
|
certIdBad = (WOLFSSL_OCSP_CERTID*) 1;
|
||||||
|
certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0);
|
||||||
|
AssertNull(certIdBad);
|
||||||
|
|
||||||
printf(resultFmt, passed);
|
printf(resultFmt, passed);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
@ -700,9 +700,14 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||||||
|
|
||||||
#define X509_CRL_free wolfSSL_X509_CRL_free
|
#define X509_CRL_free wolfSSL_X509_CRL_free
|
||||||
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
|
#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
|
||||||
|
#define X509_CRL_get0_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
|
||||||
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
|
#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
|
||||||
|
#define X509_CRL_get0_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
|
||||||
#define X509_CRL_verify wolfSSL_X509_CRL_verify
|
#define X509_CRL_verify wolfSSL_X509_CRL_verify
|
||||||
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
|
#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
|
||||||
|
#define X509_CRL_get_issuer wolfSSL_X509_CRL_get_issuer_name
|
||||||
|
#define X509_CRL_get_signature_nid wolfSSL_X509_CRL_get_signature_nid
|
||||||
|
#define X509_CRL_get_version wolfSSL_X509_CRL_version
|
||||||
#define X509_load_crl_file wolfSSL_X509_load_crl_file
|
#define X509_load_crl_file wolfSSL_X509_load_crl_file
|
||||||
|
|
||||||
#define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
|
#define X509_get_X509_PUBKEY wolfSSL_X509_get_X509_PUBKEY
|
||||||
@ -727,6 +732,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
|||||||
#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509
|
#define X509_OBJECT_get0_X509 wolfSSL_X509_OBJECT_get0_X509
|
||||||
#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL
|
#define X509_OBJECT_get0_X509_CRL wolfSSL_X509_OBJECT_get0_X509_CRL
|
||||||
|
|
||||||
|
#define X509_REVOKED_get_serial_number wolfSSL_X509_REVOKED_get_serial_number
|
||||||
|
#define X509_REVOKED_get0_serialNumber wolfSSL_X509_REVOKED_get0_serial_number
|
||||||
|
#define X509_REVOKED_get0_revocationDate wolfSSL_X509_REVOKED_get0_revocation_date
|
||||||
|
|
||||||
#define X509_check_purpose(...) 0
|
#define X509_check_purpose(...) 0
|
||||||
|
|
||||||
#define OCSP_parse_url wolfSSL_OCSP_parse_url
|
#define OCSP_parse_url wolfSSL_OCSP_parse_url
|
||||||
|
|||||||
@ -2897,11 +2897,16 @@ WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_CRL_get_issuer_name(
|
|||||||
WOLFSSL_X509_CRL *crl);
|
WOLFSSL_X509_CRL *crl);
|
||||||
WOLFSSL_API int wolfSSL_X509_REVOKED_get_serial_number(RevokedCert* rev,
|
WOLFSSL_API int wolfSSL_X509_REVOKED_get_serial_number(RevokedCert* rev,
|
||||||
byte* in, int* inOutSz);
|
byte* in, int* inOutSz);
|
||||||
WOLFSSL_API int wolfSSL_X509_REVOKED_get_revocationDate(RevokedCert* rev,
|
|
||||||
byte* in, int* inOutSz);
|
|
||||||
WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl);
|
WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
WOLFSSL_API
|
||||||
|
const WOLFSSL_ASN1_INTEGER* wolfSSL_X509_REVOKED_get0_serial_number(const
|
||||||
|
WOLFSSL_X509_REVOKED *rev);
|
||||||
|
WOLFSSL_API
|
||||||
|
const WOLFSSL_ASN1_TIME* wolfSSL_X509_REVOKED_get0_revocation_date(const
|
||||||
|
WOLFSSL_X509_REVOKED *rev);
|
||||||
|
|
||||||
#ifndef NO_FILESYSTEM
|
#ifndef NO_FILESYSTEM
|
||||||
#ifndef NO_STDIO_FILESYSTEM
|
#ifndef NO_STDIO_FILESYSTEM
|
||||||
WOLFSSL_API WOLFSSL_X509*
|
WOLFSSL_API WOLFSSL_X509*
|
||||||
|
|||||||
Reference in New Issue
Block a user