forked from wolfSSL/wolfssl
Jenkins fixes
This commit is contained in:
Juliusz Sosinowicz
@@ -52,7 +52,10 @@ EXTRA_DIST += \
|
|||||||
certs/ecc-privOnlyCert.pem \
|
certs/ecc-privOnlyCert.pem \
|
||||||
certs/dh3072.pem \
|
certs/dh3072.pem \
|
||||||
certs/dh4096.pem \
|
certs/dh4096.pem \
|
||||||
certs/client-cert-ext.pem
|
certs/client-cert-ext.pem \
|
||||||
|
certs/csr.attr.der \
|
||||||
|
certs/csr.dsa.pem \
|
||||||
|
certs/csr.signed.der
|
||||||
|
|
||||||
EXTRA_DIST += \
|
EXTRA_DIST += \
|
||||||
certs/ca-key.der \
|
certs/ca-key.der \
|
||||||
|
|||||||
16
src/bio.c
16
src/bio.c
@@ -231,8 +231,11 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
|||||||
if (bio && bio->type == WOLFSSL_BIO_FILE) {
|
if (bio && bio->type == WOLFSSL_BIO_FILE) {
|
||||||
if (bio->ptr)
|
if (bio->ptr)
|
||||||
ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr);
|
ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr);
|
||||||
|
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
|
||||||
|
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
|
||||||
else
|
else
|
||||||
ret = XREAD(bio->num, buf, len);
|
ret = (int)XREAD(bio->num, buf, len);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -586,8 +589,11 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
|||||||
if (bio && bio->type == WOLFSSL_BIO_FILE) {
|
if (bio && bio->type == WOLFSSL_BIO_FILE) {
|
||||||
if (bio->ptr)
|
if (bio->ptr)
|
||||||
ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr);
|
ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr);
|
||||||
|
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
|
||||||
|
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
|
||||||
else
|
else
|
||||||
ret = XWRITE(bio->num, data, len);
|
ret = (int)XWRITE(bio->num, data, len);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -1328,6 +1334,12 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef NO_FILESYSTEM
|
#ifndef NO_FILESYSTEM
|
||||||
|
/**
|
||||||
|
* Creates a new file BIO object
|
||||||
|
* @param fd file descriptor for to use for the new object
|
||||||
|
* @param close_flag BIO_NOCLOSE or BIO_CLOSE
|
||||||
|
* @return New BIO object or NULL on failure
|
||||||
|
*/
|
||||||
WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag)
|
WOLFSSL_BIO *wolfSSL_BIO_new_fd(int fd, int close_flag)
|
||||||
{
|
{
|
||||||
WOLFSSL_BIO* bio;
|
WOLFSSL_BIO* bio;
|
||||||
|
|||||||
267
src/ssl.c
267
src/ssl.c
@@ -8065,7 +8065,11 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert)
|
|||||||
}
|
}
|
||||||
InitDecodedCert(&cert, rawCert, (word32)outSz, 0);
|
InitDecodedCert(&cert, rawCert, (word32)outSz, 0);
|
||||||
|
|
||||||
if (ParseCert(&cert, passedCert->isCSR ? CERTREQ_TYPE : CA_TYPE,
|
if (ParseCert(&cert,
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
passedCert->isCSR ? CERTREQ_TYPE :
|
||||||
|
#endif
|
||||||
|
CA_TYPE,
|
||||||
NO_VERIFY, NULL) < 0) {
|
NO_VERIFY, NULL) < 0) {
|
||||||
WOLFSSL_MSG("\tCertificate parsing failed");
|
WOLFSSL_MSG("\tCertificate parsing failed");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
@@ -8080,7 +8084,10 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert)
|
|||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!passedCert->isCSR) {
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
if (!passedCert->isCSR)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
if (input[idx++] != ASN_EXTENSIONS) {
|
if (input[idx++] != ASN_EXTENSIONS) {
|
||||||
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
||||||
FreeDecodedCert(&cert);
|
FreeDecodedCert(&cert);
|
||||||
@@ -8403,7 +8410,11 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
|||||||
|
|
||||||
InitDecodedCert( &cert, rawCert, (word32)outSz, 0);
|
InitDecodedCert( &cert, rawCert, (word32)outSz, 0);
|
||||||
|
|
||||||
if (ParseCert(&cert, x509->isCSR ? CERTREQ_TYPE : CA_TYPE,
|
if (ParseCert(&cert,
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
x509->isCSR ? CERTREQ_TYPE :
|
||||||
|
#endif
|
||||||
|
CA_TYPE,
|
||||||
NO_VERIFY, NULL) < 0) {
|
NO_VERIFY, NULL) < 0) {
|
||||||
WOLFSSL_MSG("\tCertificate parsing failed");
|
WOLFSSL_MSG("\tCertificate parsing failed");
|
||||||
wolfSSL_X509_EXTENSION_free(ext);
|
wolfSSL_X509_EXTENSION_free(ext);
|
||||||
@@ -8420,7 +8431,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!x509->isCSR) {
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
if (!x509->isCSR)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
if (input[idx++] != ASN_EXTENSIONS) {
|
if (input[idx++] != ASN_EXTENSIONS) {
|
||||||
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
||||||
wolfSSL_X509_EXTENSION_free(ext);
|
wolfSSL_X509_EXTENSION_free(ext);
|
||||||
@@ -9412,7 +9426,11 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
|
|||||||
|
|
||||||
InitDecodedCert( &cert, rawCert, (word32)outSz, 0);
|
InitDecodedCert( &cert, rawCert, (word32)outSz, 0);
|
||||||
|
|
||||||
if (ParseCert(&cert, x509->isCSR ? CERTREQ_TYPE : CA_TYPE,
|
if (ParseCert(&cert,
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
x509->isCSR ? CERTREQ_TYPE :
|
||||||
|
#endif
|
||||||
|
CA_TYPE,
|
||||||
NO_VERIFY, NULL) < 0) {
|
NO_VERIFY, NULL) < 0) {
|
||||||
WOLFSSL_MSG("\tCertificate parsing failed");
|
WOLFSSL_MSG("\tCertificate parsing failed");
|
||||||
return WOLFSSL_FATAL_ERROR;
|
return WOLFSSL_FATAL_ERROR;
|
||||||
@@ -9427,7 +9445,10 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
|
|||||||
return WOLFSSL_FATAL_ERROR;
|
return WOLFSSL_FATAL_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!x509->isCSR) {
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
if (!x509->isCSR)
|
||||||
|
#endif
|
||||||
|
{
|
||||||
if (input[idx++] != ASN_EXTENSIONS) {
|
if (input[idx++] != ASN_EXTENSIONS) {
|
||||||
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
|
||||||
FreeDecodedCert(&cert);
|
FreeDecodedCert(&cert);
|
||||||
@@ -13454,7 +13475,7 @@ int AddSession(WOLFSSL* ssl)
|
|||||||
session = &SessionCache[row].Sessions[idx];
|
session = &SessionCache[row].Sessions[idx];
|
||||||
}
|
}
|
||||||
|
|
||||||
session->side = ssl->options.side;
|
session->side = (byte)ssl->options.side;
|
||||||
|
|
||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
if (ssl->options.tls1_3) {
|
if (ssl->options.tls1_3) {
|
||||||
@@ -15653,6 +15674,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return bio;
|
return bio;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create new socket BIO object. This is a pure TCP connection with
|
||||||
|
* no SSL or TLS protection.
|
||||||
|
* @param str IP address to connect to
|
||||||
|
* @return New BIO object or NULL on failure
|
||||||
|
*/
|
||||||
WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str)
|
WOLFSSL_BIO *wolfSSL_BIO_new_connect(const char *str)
|
||||||
{
|
{
|
||||||
WOLFSSL_BIO *bio;
|
WOLFSSL_BIO *bio;
|
||||||
@@ -15665,6 +15692,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return bio;
|
return bio;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the port to connect to in the BIO object
|
||||||
|
* @param b BIO object
|
||||||
|
* @param port destination port
|
||||||
|
* @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
|
||||||
|
*/
|
||||||
long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port)
|
long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port)
|
||||||
{
|
{
|
||||||
int p;
|
int p;
|
||||||
@@ -15685,6 +15718,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef HAVE_HTTP_CLIENT
|
||||||
|
/**
|
||||||
|
* Attempt to connect to the destination address and port
|
||||||
|
* @param b BIO object
|
||||||
|
* @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
|
||||||
|
*/
|
||||||
long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b)
|
long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b)
|
||||||
{
|
{
|
||||||
SOCKET_T sfd = SOCKET_INVALID;
|
SOCKET_T sfd = SOCKET_INVALID;
|
||||||
@@ -15704,7 +15743,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
b->shutdown = BIO_CLOSE;
|
b->shutdown = BIO_CLOSE;
|
||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
#endif /* HAVE_HTTP_CLIENT */
|
||||||
|
|
||||||
int wolfSSL_BIO_eof(WOLFSSL_BIO* b)
|
int wolfSSL_BIO_eof(WOLFSSL_BIO* b)
|
||||||
{
|
{
|
||||||
@@ -15881,9 +15920,12 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
if (bio->ptr) {
|
if (bio->ptr) {
|
||||||
XFCLOSE((XFILE)bio->ptr);
|
XFCLOSE((XFILE)bio->ptr);
|
||||||
}
|
}
|
||||||
|
#if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR)\
|
||||||
|
&& !defined(WOLFSSL_NUCLEUS) && !defined(WOLFSSL_NUCLEUS_1_2)
|
||||||
else if (bio->num != -1) {
|
else if (bio->num != -1) {
|
||||||
XCLOSE(bio->num);
|
XCLOSE(bio->num);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -16229,8 +16271,8 @@ int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version)
|
|||||||
}
|
}
|
||||||
|
|
||||||
switch (version) {
|
switch (version) {
|
||||||
#ifdef WOLFSSL_TLS13
|
|
||||||
case TLS1_3_VERSION:
|
case TLS1_3_VERSION:
|
||||||
|
#ifdef WOLFSSL_TLS13
|
||||||
wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2);
|
wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TLSv1_2);
|
||||||
FALL_THROUGH;
|
FALL_THROUGH;
|
||||||
#else
|
#else
|
||||||
@@ -19446,7 +19488,8 @@ static int wolfSSL_CONF_VALUE_cmp(const WOLFSSL_CONF_VALUE *a,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Use MD5 for hashing */
|
/* Use MD5 for hashing as it is fast and should
|
||||||
|
* be good enough for database indexing */
|
||||||
unsigned long wolfSSL_LH_strhash(const char *str)
|
unsigned long wolfSSL_LH_strhash(const char *str)
|
||||||
{
|
{
|
||||||
unsigned long ret = 0;
|
unsigned long ret = 0;
|
||||||
@@ -19458,16 +19501,16 @@ unsigned long wolfSSL_LH_strhash(const char *str)
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
#ifndef NO_MD5
|
#ifndef NO_MD5
|
||||||
strLen = XSTRLEN(str);
|
strLen = (int)XSTRLEN(str);
|
||||||
if (wc_Md5Hash((const byte*)str, strLen, digest) != 0) {
|
if (wc_Md5Hash((const byte*)str, strLen, digest) != 0) {
|
||||||
WOLFSSL_MSG("wc_Md5Hash error");
|
WOLFSSL_MSG("wc_Md5Hash error");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* Take first 4 bytes in small endian as unsigned long */
|
/* Take first 4 bytes in small endian as unsigned long */
|
||||||
ret = digest[0];
|
ret = (unsigned int)digest[0];
|
||||||
ret |= digest[1] << 8;
|
ret |= ((unsigned int)digest[1] << 8 );
|
||||||
ret |= digest[2] << 16;
|
ret |= ((unsigned int)digest[2] << 16);
|
||||||
ret |= digest[3] << 24;
|
ret |= ((unsigned int)digest[3] << 24);
|
||||||
#else
|
#else
|
||||||
WOLFSSL_MSG("No md5 available for wolfSSL_LH_strhash");
|
WOLFSSL_MSG("No md5 available for wolfSSL_LH_strhash");
|
||||||
#endif
|
#endif
|
||||||
@@ -19551,7 +19594,7 @@ WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
slen = XSTRLEN(section);
|
slen = (int)XSTRLEN(section);
|
||||||
|
|
||||||
if (!(ret = wolfSSL_CONF_VALUE_new())) {
|
if (!(ret = wolfSSL_CONF_VALUE_new())) {
|
||||||
WOLFSSL_MSG("wolfSSL_CONF_new error");
|
WOLFSSL_MSG("wolfSSL_CONF_new error");
|
||||||
@@ -19606,7 +19649,7 @@ WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf,
|
|||||||
while (sk) {
|
while (sk) {
|
||||||
WOLFSSL_CONF_VALUE* val = sk->data.conf;
|
WOLFSSL_CONF_VALUE* val = sk->data.conf;
|
||||||
if (val) {
|
if (val) {
|
||||||
if (XSTRCMP(section, val->section) == 0) {
|
if (!val->name && XSTRCMP(section, val->section) == 0) {
|
||||||
return val;
|
return val;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -19741,7 +19784,7 @@ static WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (section) {
|
if (section) {
|
||||||
len = XSTRLEN(section);
|
len = (int)XSTRLEN(section);
|
||||||
ret->section = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
ret->section = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
if (!ret->section) {
|
if (!ret->section) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
@@ -19752,7 +19795,7 @@ static WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (name) {
|
if (name) {
|
||||||
len = XSTRLEN(name);
|
len = (int)XSTRLEN(name);
|
||||||
ret->name = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
ret->name = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
if (!ret->name) {
|
if (!ret->name) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
@@ -19763,7 +19806,7 @@ static WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (value) {
|
if (value) {
|
||||||
len = XSTRLEN(value);
|
len = (int)XSTRLEN(value);
|
||||||
ret->value = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
ret->value = (char*)XMALLOC(len+1, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
if (!ret->value) {
|
if (!ret->value) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
@@ -19779,7 +19822,7 @@ static WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section,
|
|||||||
static char* expandValue(WOLFSSL_CONF *conf, const char* section,
|
static char* expandValue(WOLFSSL_CONF *conf, const char* section,
|
||||||
char *str)
|
char *str)
|
||||||
{
|
{
|
||||||
int strLen = XSTRLEN(str);
|
int strLen = (int)XSTRLEN(str);
|
||||||
char* ret = NULL;
|
char* ret = NULL;
|
||||||
|
|
||||||
/* Check to see if there is anything to expand */
|
/* Check to see if there is anything to expand */
|
||||||
@@ -19806,7 +19849,7 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
|
|||||||
* format: ${section_name::var_name} */
|
* format: ${section_name::var_name} */
|
||||||
s = ++startIdx;
|
s = ++startIdx;
|
||||||
while (*strIdx && *strIdx != ':') strIdx++;
|
while (*strIdx && *strIdx != ':') strIdx++;
|
||||||
if (!strIdx || s == strIdx || strIdx[1] != ':') {
|
if (!*strIdx || s == strIdx || strIdx[1] != ':') {
|
||||||
WOLFSSL_MSG("invalid section name in "
|
WOLFSSL_MSG("invalid section name in "
|
||||||
"variable expansion");
|
"variable expansion");
|
||||||
goto expand_cleanup;
|
goto expand_cleanup;
|
||||||
@@ -19838,7 +19881,7 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
|
|||||||
*endIdx = prevValue;
|
*endIdx = prevValue;
|
||||||
/* Skip copy if no value or zero-length value */
|
/* Skip copy if no value or zero-length value */
|
||||||
if (value && *value) {
|
if (value && *value) {
|
||||||
int valueLen = XSTRLEN(value);
|
int valueLen = (int)XSTRLEN(value);
|
||||||
char* newRet;
|
char* newRet;
|
||||||
/* This will allocate slightly more memory than necessary
|
/* This will allocate slightly more memory than necessary
|
||||||
* but better be safe */
|
* but better be safe */
|
||||||
@@ -19900,7 +19943,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
|
|||||||
WOLFSSL_MSG("wolfSSL_BIO_get_len error");
|
WOLFSSL_MSG("wolfSSL_BIO_get_len error");
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
if (!(buf = (char*)XMALLOC(bufLen, NULL, DYNAMIC_TYPE_TMP_BUFFER))) {
|
if (!(buf = (char*)XMALLOC(bufLen + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER))) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
goto cleanup;
|
goto cleanup;
|
||||||
}
|
}
|
||||||
@@ -19918,11 +19961,11 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
|
|||||||
idx = buf;
|
idx = buf;
|
||||||
bufEnd = buf + bufLen;
|
bufEnd = buf + bufLen;
|
||||||
while (idx < bufEnd) {
|
while (idx < bufEnd) {
|
||||||
char* lineEnd = XSTRNSTR(idx, "\n", bufEnd - idx);
|
char* lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx));
|
||||||
char* maxIdx;
|
char* maxIdx;
|
||||||
if (!lineEnd)
|
if (!lineEnd)
|
||||||
lineEnd = bufEnd; /* Last line in file */
|
lineEnd = bufEnd; /* Last line in file */
|
||||||
maxIdx = XSTRNSTR(idx, "#", lineEnd - idx);
|
maxIdx = XSTRNSTR(idx, "#", (unsigned int)(lineEnd - idx));
|
||||||
if (!maxIdx)
|
if (!maxIdx)
|
||||||
maxIdx = lineEnd;
|
maxIdx = lineEnd;
|
||||||
line++;
|
line++;
|
||||||
@@ -19950,7 +19993,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
|
|||||||
/* Find end of section name */
|
/* Find end of section name */
|
||||||
while (idx < maxIdx && *idx != ' ' && *idx != ']')
|
while (idx < maxIdx && *idx != ' ' && *idx != ']')
|
||||||
idx++;
|
idx++;
|
||||||
sectionNameLen = idx - sectionName;
|
sectionNameLen = (int)(idx - sectionName);
|
||||||
SKIP_WHITESPACE(idx, maxIdx);
|
SKIP_WHITESPACE(idx, maxIdx);
|
||||||
|
|
||||||
if (*idx != ']') {
|
if (*idx != ']') {
|
||||||
@@ -19976,7 +20019,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
|
|||||||
/* Find end of name */
|
/* Find end of name */
|
||||||
while (idx < maxIdx && *idx != ' ' && *idx != '=')
|
while (idx < maxIdx && *idx != ' ' && *idx != '=')
|
||||||
idx++;
|
idx++;
|
||||||
nameLen = idx - name;
|
nameLen = (int)(idx - name);
|
||||||
SKIP_WHITESPACE(idx, maxIdx);
|
SKIP_WHITESPACE(idx, maxIdx);
|
||||||
if (*idx != '=') {
|
if (*idx != '=') {
|
||||||
WOLFSSL_MSG("Missing equals sign");
|
WOLFSSL_MSG("Missing equals sign");
|
||||||
@@ -19989,7 +20032,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
|
|||||||
idx = maxIdx-1;
|
idx = maxIdx-1;
|
||||||
while (idx >= value && (*idx == ' ' || *idx == '\t'))
|
while (idx >= value && (*idx == ' ' || *idx == '\t'))
|
||||||
idx--;
|
idx--;
|
||||||
valueLen = idx - value + 1;
|
valueLen = (int)(idx - value + 1);
|
||||||
|
|
||||||
/* Sanity checks */
|
/* Sanity checks */
|
||||||
if (nameLen <= 0 || valueLen <= 0) {
|
if (nameLen <= 0 || valueLen <= 0) {
|
||||||
@@ -21565,7 +21608,7 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
|
|||||||
char** fieldPtr = NULL;
|
char** fieldPtr = NULL;
|
||||||
int fieldPtrIdx = 0;
|
int fieldPtrIdx = 0;
|
||||||
char* fieldCheckIdx = NULL;
|
char* fieldCheckIdx = NULL;
|
||||||
lineEnd = XSTRNSTR(idx, "\n", bufEnd - idx);
|
lineEnd = XSTRNSTR(idx, "\n", (unsigned int)(bufEnd - idx));
|
||||||
if (!lineEnd)
|
if (!lineEnd)
|
||||||
lineEnd = bufEnd;
|
lineEnd = bufEnd;
|
||||||
if (idx == lineEnd) /* empty line */
|
if (idx == lineEnd) /* empty line */
|
||||||
@@ -21675,7 +21718,7 @@ long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
idx[-1] = '\n';
|
idx[-1] = '\n';
|
||||||
sz = idx - buf;
|
sz = (int)(idx - buf);
|
||||||
|
|
||||||
if (wolfSSL_BIO_write(out, buf, sz) != sz) {
|
if (wolfSSL_BIO_write(out, buf, sz) != sz) {
|
||||||
WOLFSSL_MSG("wolfSSL_BIO_write error");
|
WOLFSSL_MSG("wolfSSL_BIO_write error");
|
||||||
@@ -23320,6 +23363,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
|
|||||||
return wolfSSL_X509_print_ex(bio, x509, 0, 0);
|
return wolfSSL_X509_print_ex(bio, x509, 0, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef NO_FILESYSTEM
|
||||||
int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509)
|
int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509)
|
||||||
{
|
{
|
||||||
WOLFSSL_BIO* bio;
|
WOLFSSL_BIO* bio;
|
||||||
@@ -23348,6 +23392,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
|
|||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
#endif /* NO_FILESYSTEM */
|
||||||
|
|
||||||
#endif /* XSNPRINTF */
|
#endif /* XSNPRINTF */
|
||||||
#endif /* !NO_BIO */
|
#endif /* !NO_BIO */
|
||||||
@@ -24179,8 +24224,13 @@ WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE* store,
|
|||||||
return &store->lookup;
|
return &store->lookup;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN)
|
||||||
|
static int wolfSSL_X509_make_der(WOLFSSL_X509* x509, int req,
|
||||||
|
unsigned char* der, int* derSz, int includeSig);
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef NO_CERTS
|
#ifndef NO_CERTS
|
||||||
|
#ifdef WOLFSSL_CERT_GEN
|
||||||
#ifndef NO_BIO
|
#ifndef NO_BIO
|
||||||
/* Converts the X509 to DER format and outputs it into bio.
|
/* Converts the X509 to DER format and outputs it into bio.
|
||||||
*
|
*
|
||||||
@@ -24250,6 +24300,7 @@ int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509)
|
|||||||
return wolfSSL_i2d_X509_X509_REQ_bio(bio, x509, 1);
|
return wolfSSL_i2d_X509_X509_REQ_bio(bio, x509, 1);
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_CERT_REQ */
|
#endif /* WOLFSSL_CERT_REQ */
|
||||||
|
#endif /* WOLFSSL_CERT_GEN */
|
||||||
|
|
||||||
/* Converts an internal structure to a DER buffer
|
/* Converts an internal structure to a DER buffer
|
||||||
*
|
*
|
||||||
@@ -25299,6 +25350,8 @@ static int wolfSSL_X509_X509_REQ_verify(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pk
|
|||||||
int derSz = 0;
|
int derSz = 0;
|
||||||
int type;
|
int type;
|
||||||
|
|
||||||
|
(void)req;
|
||||||
|
|
||||||
if (x509 == NULL || pkey == NULL) {
|
if (x509 == NULL || pkey == NULL) {
|
||||||
return WOLFSSL_FATAL_ERROR;
|
return WOLFSSL_FATAL_ERROR;
|
||||||
}
|
}
|
||||||
@@ -27668,7 +27721,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
|||||||
{
|
{
|
||||||
const unsigned char *d;
|
const unsigned char *d;
|
||||||
long len;
|
long len;
|
||||||
int tag, class;
|
int tag, cls;
|
||||||
WOLFSSL_ASN1_OBJECT* ret = NULL;
|
WOLFSSL_ASN1_OBJECT* ret = NULL;
|
||||||
|
|
||||||
WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OBJECT");
|
WOLFSSL_ENTER("wolfSSL_d2i_ASN1_OBJECT");
|
||||||
@@ -27680,7 +27733,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
|||||||
|
|
||||||
d = *der;
|
d = *der;
|
||||||
|
|
||||||
if (wolfSSL_ASN1_get_object(&d, &len, &tag, &class, length) & 0x80) {
|
if (wolfSSL_ASN1_get_object(&d, &len, &tag, &cls, length) & 0x80) {
|
||||||
WOLFSSL_MSG("wolfSSL_ASN1_get_object error");
|
WOLFSSL_MSG("wolfSSL_ASN1_get_object error");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -27702,7 +27755,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
|||||||
* @param in ASN1 encoded data. *in is moved to the value of the ASN1 object
|
* @param in ASN1 encoded data. *in is moved to the value of the ASN1 object
|
||||||
* @param len Length of parsed ASN1 object
|
* @param len Length of parsed ASN1 object
|
||||||
* @param tag Tag value of parsed ASN1 object
|
* @param tag Tag value of parsed ASN1 object
|
||||||
* @param class Class of parsed ASN1 object
|
* @param cls Class of parsed ASN1 object
|
||||||
* @param inLen Length of *in buffer
|
* @param inLen Length of *in buffer
|
||||||
* @return int Depends on which bits are set in the returned int:
|
* @return int Depends on which bits are set in the returned int:
|
||||||
* 0x80 an error occurred during parsing
|
* 0x80 an error occurred during parsing
|
||||||
@@ -27710,7 +27763,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
|||||||
* 0x01 the parsed object length is infinite
|
* 0x01 the parsed object length is infinite
|
||||||
*/
|
*/
|
||||||
int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
||||||
int *class, long inLen)
|
int *cls, long inLen)
|
||||||
{
|
{
|
||||||
word32 inOutIdx = 0;
|
word32 inOutIdx = 0;
|
||||||
int l;
|
int l;
|
||||||
@@ -27719,27 +27772,27 @@ int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
|||||||
|
|
||||||
WOLFSSL_ENTER("wolfSSL_ASN1_get_object");
|
WOLFSSL_ENTER("wolfSSL_ASN1_get_object");
|
||||||
|
|
||||||
if (!in || !*in || !len || !tag || !class || inLen == 0) {
|
if (!in || !*in || !len || !tag || !cls || inLen == 0) {
|
||||||
WOLFSSL_MSG("Bad parameter");
|
WOLFSSL_MSG("Bad parameter");
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (GetASNTag(*in, &inOutIdx, &t, inLen) != 0) {
|
if (GetASNTag(*in, &inOutIdx, &t, (word32)inLen) != 0) {
|
||||||
WOLFSSL_MSG("GetASNTag error");
|
WOLFSSL_MSG("GetASNTag error");
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (GetLength(*in, &inOutIdx, &l, inLen) < 0) {
|
if (GetLength(*in, &inOutIdx, &l, (word32)inLen) < 0) {
|
||||||
WOLFSSL_MSG("GetLength error");
|
WOLFSSL_MSG("GetLength error");
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
*tag = t & 0x1F; /* Tag number is 5 lsb */
|
*tag = t & 0x1F; /* Tag number is 5 lsb */
|
||||||
*class = t & 0xC0; /* Class is 2 msb */
|
*cls = t & 0xC0; /* Class is 2 msb */
|
||||||
*len = l;
|
*len = l;
|
||||||
ret = t & ASN_CONSTRUCTED;
|
ret = t & ASN_CONSTRUCTED;
|
||||||
|
|
||||||
if (l > inLen - inOutIdx) {
|
if (l > (int)(inLen - inOutIdx)) {
|
||||||
/* Still return other values but indicate error in msb */
|
/* Still return other values but indicate error in msb */
|
||||||
ret |= 0x80;
|
ret |= 0x80;
|
||||||
}
|
}
|
||||||
@@ -27773,7 +27826,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
|||||||
}
|
}
|
||||||
|
|
||||||
XMEMCPY((byte*)ret->obj, *pp, len);
|
XMEMCPY((byte*)ret->obj, *pp, len);
|
||||||
ret->objSz = len;
|
ret->objSz = (unsigned int)len;
|
||||||
ret->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
|
ret->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
|
||||||
|
|
||||||
*pp += len;
|
*pp += len;
|
||||||
@@ -29122,7 +29175,7 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str)
|
|||||||
WOLFSSL_MSG("Bad parameter");
|
WOLFSSL_MSG("Bad parameter");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
slen = XSTRLEN(str)+1;
|
slen = (int)XSTRLEN(str)+1;
|
||||||
if (slen > CTC_DATE_SIZE) {
|
if (slen > CTC_DATE_SIZE) {
|
||||||
WOLFSSL_MSG("Date string too long");
|
WOLFSSL_MSG("Date string too long");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
@@ -39856,7 +39909,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
|
|||||||
* updates derSz with certificate body size on success
|
* updates derSz with certificate body size on success
|
||||||
* return WOLFSSL_SUCCESS on success
|
* return WOLFSSL_SUCCESS on success
|
||||||
*/
|
*/
|
||||||
int wolfSSL_X509_make_der(WOLFSSL_X509* x509, int req,
|
static int wolfSSL_X509_make_der(WOLFSSL_X509* x509, int req,
|
||||||
unsigned char* der, int* derSz, int includeSig)
|
unsigned char* der, int* derSz, int includeSig)
|
||||||
{
|
{
|
||||||
int ret = WOLFSSL_FAILURE;
|
int ret = WOLFSSL_FAILURE;
|
||||||
@@ -40046,6 +40099,8 @@ cleanup:
|
|||||||
int sigType;
|
int sigType;
|
||||||
WC_RNG rng;
|
WC_RNG rng;
|
||||||
|
|
||||||
|
(void)req;
|
||||||
|
|
||||||
sigType = wolfSSL_sigTypeFromPKEY(md, pkey);
|
sigType = wolfSSL_sigTypeFromPKEY(md, pkey);
|
||||||
if (sigType == WOLFSSL_FAILURE)
|
if (sigType == WOLFSSL_FAILURE)
|
||||||
return WOLFSSL_FATAL_ERROR;
|
return WOLFSSL_FATAL_ERROR;
|
||||||
@@ -40065,7 +40120,7 @@ cleanup:
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Sign the certificate request body. */
|
/* Sign the certificate (request) body. */
|
||||||
ret = wc_InitRng(&rng);
|
ret = wc_InitRng(&rng);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
@@ -40309,7 +40364,7 @@ cleanup:
|
|||||||
XFREE(pem, 0, DYNAMIC_TYPE_PEM);
|
XFREE(pem, 0, DYNAMIC_TYPE_PEM);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
footerSz = XSTRLEN(footer);
|
footerSz = (long)XSTRLEN(footer);
|
||||||
|
|
||||||
/* TODO: Inefficient
|
/* TODO: Inefficient
|
||||||
* reading in one byte at a time until see the footer
|
* reading in one byte at a time until see the footer
|
||||||
@@ -40532,6 +40587,7 @@ err:
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_CERT_GEN
|
||||||
#ifndef NO_BIO
|
#ifndef NO_BIO
|
||||||
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x)
|
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x)
|
||||||
{
|
{
|
||||||
@@ -40558,6 +40614,7 @@ err:
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
#endif /* !NO_BIO */
|
#endif /* !NO_BIO */
|
||||||
|
#endif /* WOLFSSL_CERT_GEN */
|
||||||
#endif /* !NO_FILESYSTEM */
|
#endif /* !NO_FILESYSTEM */
|
||||||
|
|
||||||
#define PEM_BEGIN "-----BEGIN "
|
#define PEM_BEGIN "-----BEGIN "
|
||||||
@@ -41063,12 +41120,13 @@ err:
|
|||||||
while ((l = wolfSSL_BIO_read(bio, &pem[i], 1)) == 1) {
|
while ((l = wolfSSL_BIO_read(bio, &pem[i], 1)) == 1) {
|
||||||
i++;
|
i++;
|
||||||
if (!header)
|
if (!header)
|
||||||
header = XSTRNSTR(pem, "-----BEGIN ", i);
|
header = XSTRNSTR(pem, "-----BEGIN ", (unsigned int)i);
|
||||||
else if (header) {
|
else if (header) {
|
||||||
if (!headerEnd) {
|
if (!headerEnd) {
|
||||||
headerEnd = XSTRNSTR(header + XSTR_SIZEOF("-----BEGIN "),
|
headerEnd = XSTRNSTR(header + XSTR_SIZEOF("-----BEGIN "),
|
||||||
"-----",
|
"-----",
|
||||||
i - (header + XSTR_SIZEOF("-----BEGIN ") - pem));
|
(unsigned int)
|
||||||
|
(i - (header + XSTR_SIZEOF("-----BEGIN ") - pem)));
|
||||||
if (headerEnd) {
|
if (headerEnd) {
|
||||||
headerEnd += XSTR_SIZEOF("-----");
|
headerEnd += XSTR_SIZEOF("-----");
|
||||||
/* Read in the newline */
|
/* Read in the newline */
|
||||||
@@ -41082,12 +41140,12 @@ err:
|
|||||||
}
|
}
|
||||||
else if (!footer) {
|
else if (!footer) {
|
||||||
footer = XSTRNSTR(headerEnd, "-----END ",
|
footer = XSTRNSTR(headerEnd, "-----END ",
|
||||||
i - (headerEnd - pem));
|
(unsigned int)(i - (headerEnd - pem)));
|
||||||
}
|
}
|
||||||
else if (!footerEnd) {
|
else if (!footerEnd) {
|
||||||
footerEnd = XSTRNSTR(footer + XSTR_SIZEOF("-----"),
|
footerEnd = XSTRNSTR(footer + XSTR_SIZEOF("-----"),
|
||||||
"-----", i -
|
"-----", (unsigned int)(i -
|
||||||
(footer + XSTR_SIZEOF("-----") - pem));
|
(footer + XSTR_SIZEOF("-----") - pem)));
|
||||||
if (footerEnd) {
|
if (footerEnd) {
|
||||||
footerEnd += XSTR_SIZEOF("-----");
|
footerEnd += XSTR_SIZEOF("-----");
|
||||||
/* Now check that footer matches header */
|
/* Now check that footer matches header */
|
||||||
@@ -41121,12 +41179,13 @@ err:
|
|||||||
WOLFSSL_MSG("Parsing x509 cert");
|
WOLFSSL_MSG("Parsing x509 cert");
|
||||||
*x509 = wolfSSL_X509_load_certificate_buffer(
|
*x509 = wolfSSL_X509_load_certificate_buffer(
|
||||||
(const unsigned char*) header,
|
(const unsigned char*) header,
|
||||||
footerEnd - header, WOLFSSL_FILETYPE_PEM);
|
(int)(footerEnd - header), WOLFSSL_FILETYPE_PEM);
|
||||||
if (!*x509) {
|
if (!*x509) {
|
||||||
WOLFSSL_MSG("wolfSSL_X509_load_certificate_buffer error");
|
WOLFSSL_MSG("wolfSSL_X509_load_certificate_buffer error");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#ifdef HAVE_CRL
|
||||||
else if (headerEnd - header ==
|
else if (headerEnd - header ==
|
||||||
XSTR_SIZEOF("-----BEGIN X509 CRL-----") &&
|
XSTR_SIZEOF("-----BEGIN X509 CRL-----") &&
|
||||||
XMEMCMP(header, "-----BEGIN X509 CRL-----",
|
XMEMCMP(header, "-----BEGIN X509 CRL-----",
|
||||||
@@ -41144,6 +41203,7 @@ err:
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
else {
|
else {
|
||||||
/* TODO support WOLFSSL_X509_PKEY as well */
|
/* TODO support WOLFSSL_X509_PKEY as well */
|
||||||
WOLFSSL_MSG("Unsupported PEM structure");
|
WOLFSSL_MSG("Unsupported PEM structure");
|
||||||
@@ -41216,7 +41276,9 @@ err:
|
|||||||
}
|
}
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
wolfSSL_X509_free(x509);
|
wolfSSL_X509_free(x509);
|
||||||
|
#ifdef HAVE_CRL
|
||||||
wolfSSL_X509_CRL_free(crl);
|
wolfSSL_X509_CRL_free(crl);
|
||||||
|
#endif
|
||||||
wolfSSL_X509_PKEY_free(x_pkey);
|
wolfSSL_X509_PKEY_free(x_pkey);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@@ -42194,7 +42256,7 @@ err:
|
|||||||
if (ret == ASN_OBJECT_ID_E) {
|
if (ret == ASN_OBJECT_ID_E) {
|
||||||
/* Put ASN object tag in front and try again */
|
/* Put ASN object tag in front and try again */
|
||||||
int len = SetObjectId(o->objSz, NULL) + o->objSz;
|
int len = SetObjectId(o->objSz, NULL) + o->objSz;
|
||||||
byte* buf = XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
byte* buf = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (!buf) {
|
if (!buf) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
return -1;
|
return -1;
|
||||||
@@ -42269,35 +42331,34 @@ err:
|
|||||||
{
|
{
|
||||||
WOLFSSL_ENTER("wolfSSL_OBJ_cmp");
|
WOLFSSL_ENTER("wolfSSL_OBJ_cmp");
|
||||||
|
|
||||||
if (a != NULL && b != NULL &&
|
if (a && b && a->obj && b->obj) {
|
||||||
a->obj != NULL && b->obj != NULL &&
|
if (a->objSz == b->objSz) {
|
||||||
a->objSz == b->objSz) {
|
return XMEMCMP(a->obj, b->obj, a->objSz);
|
||||||
return XMEMCMP(a->obj, b->obj, a->objSz);
|
|
||||||
}
|
|
||||||
else if (a != NULL && b != NULL && a->objSz != b->objSz &&
|
|
||||||
(a->type == EXT_KEY_USAGE_OID
|
|
||||||
|| b->type == EXT_KEY_USAGE_OID)) {
|
|
||||||
/* Special case for EXT_KEY_USAGE_OID so that
|
|
||||||
* cmp will be treated as a substring search */
|
|
||||||
/* Used in libest to check for id-kp-cmcRA in
|
|
||||||
* EXT_KEY_USAGE extension */
|
|
||||||
unsigned int idx;
|
|
||||||
const byte* s; /* shorter */
|
|
||||||
unsigned int sLen;
|
|
||||||
const byte* l; /* longer */
|
|
||||||
unsigned int lLen;
|
|
||||||
if (a->objSz > b->objSz) {
|
|
||||||
s = b->obj; sLen = b->objSz;
|
|
||||||
l = a->obj; lLen = a->objSz;
|
|
||||||
}
|
}
|
||||||
else {
|
else if (a->type == EXT_KEY_USAGE_OID ||
|
||||||
s = a->obj; sLen = a->objSz;
|
b->type == EXT_KEY_USAGE_OID) {
|
||||||
l = b->obj; lLen = b->objSz;
|
/* Special case for EXT_KEY_USAGE_OID so that
|
||||||
}
|
* cmp will be treated as a substring search */
|
||||||
for (idx = 0; idx <= lLen - sLen; idx++) {
|
/* Used in libest to check for id-kp-cmcRA in
|
||||||
if (XMEMCMP(l + idx, s, sLen) == 0) {
|
* EXT_KEY_USAGE extension */
|
||||||
/* Found substring */
|
unsigned int idx;
|
||||||
return 0;
|
const byte* s; /* shorter */
|
||||||
|
unsigned int sLen;
|
||||||
|
const byte* l; /* longer */
|
||||||
|
unsigned int lLen;
|
||||||
|
if (a->objSz > b->objSz) {
|
||||||
|
s = b->obj; sLen = b->objSz;
|
||||||
|
l = a->obj; lLen = a->objSz;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
s = a->obj; sLen = a->objSz;
|
||||||
|
l = b->obj; lLen = b->objSz;
|
||||||
|
}
|
||||||
|
for (idx = 0; idx <= lLen - sLen; idx++) {
|
||||||
|
if (XMEMCMP(l + idx, s, sLen) == 0) {
|
||||||
|
/* Found substring */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -42554,18 +42615,6 @@ err:
|
|||||||
return ret == 1 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
return ret == 1 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef NO_WOLFSSL_STUB
|
|
||||||
WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
|
|
||||||
WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk)
|
|
||||||
{
|
|
||||||
(void) sk;
|
|
||||||
WOLFSSL_ENTER("wolfSSL_dup_CA_list");
|
|
||||||
WOLFSSL_STUB("SSL_dup_CA_list");
|
|
||||||
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* wolfSSL uses negative values for error states. This function returns an
|
/* wolfSSL uses negative values for error states. This function returns an
|
||||||
* unsigned type so the value returned is the absolute value of the error.
|
* unsigned type so the value returned is the absolute value of the error.
|
||||||
*/
|
*/
|
||||||
@@ -42935,7 +42984,7 @@ size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize)
|
|||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if (!dstSize)
|
if (!dstSize || !dst || !src)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
/* Always have to leave a space for NULL */
|
/* Always have to leave a space for NULL */
|
||||||
@@ -43615,7 +43664,6 @@ int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 *x)
|
|||||||
if (ret <= 0) return WOLFSSL_FAILURE;
|
if (ret <= 0) return WOLFSSL_FAILURE;
|
||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_CERT_GEN */
|
|
||||||
|
|
||||||
int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert)
|
int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert)
|
||||||
{
|
{
|
||||||
@@ -43679,10 +43727,10 @@ error:
|
|||||||
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
#endif /* WOLFSSL_CERT_GEN */
|
||||||
|
|
||||||
#endif /* !NO_BIO */
|
#endif /* !NO_BIO */
|
||||||
|
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
|
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
|
||||||
/* Initialize ctx->dh with dh's params. Return WOLFSSL_SUCCESS on ok */
|
/* Initialize ctx->dh with dh's params. Return WOLFSSL_SUCCESS on ok */
|
||||||
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh)
|
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh)
|
||||||
@@ -46742,6 +46790,7 @@ int wolfSSL_SSL_CTX_remove_session(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *s)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef NO_BIO
|
||||||
BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s)
|
BIO *wolfSSL_SSL_get_rbio(const WOLFSSL *s)
|
||||||
{
|
{
|
||||||
WOLFSSL_ENTER("wolfSSL_SSL_get_rbio");
|
WOLFSSL_ENTER("wolfSSL_SSL_get_rbio");
|
||||||
@@ -46898,7 +46947,7 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
|
|||||||
if (len > (int)(sizeof(asn1->intData) - extraTagSz)) {
|
if (len > (int)(sizeof(asn1->intData) - extraTagSz)) {
|
||||||
/* Allocate mem for data */
|
/* Allocate mem for data */
|
||||||
if (asn1->isDynamic) {
|
if (asn1->isDynamic) {
|
||||||
byte* tmp = XREALLOC(asn1->data, len + extraTagSz, NULL,
|
byte* tmp = (byte*)XREALLOC(asn1->data, len + extraTagSz, NULL,
|
||||||
DYNAMIC_TYPE_OPENSSL);
|
DYNAMIC_TYPE_OPENSSL);
|
||||||
if (!tmp) {
|
if (!tmp) {
|
||||||
WOLFSSL_MSG("realloc error");
|
WOLFSSL_MSG("realloc error");
|
||||||
@@ -46907,7 +46956,7 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
|
|||||||
asn1->data = tmp;
|
asn1->data = tmp;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
asn1->data = XMALLOC(len + extraTagSz, NULL,
|
asn1->data = (byte*)XMALLOC(len + extraTagSz, NULL,
|
||||||
DYNAMIC_TYPE_OPENSSL);
|
DYNAMIC_TYPE_OPENSSL);
|
||||||
if (!asn1->data) {
|
if (!asn1->data) {
|
||||||
WOLFSSL_MSG("malloc error");
|
WOLFSSL_MSG("malloc error");
|
||||||
@@ -47425,7 +47474,7 @@ WOLFSSL_STRING wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* st
|
|||||||
int wolfSSL_sk_WOLFSSL_STRING_num(WOLF_STACK_OF(WOLFSSL_STRING)* strings)
|
int wolfSSL_sk_WOLFSSL_STRING_num(WOLF_STACK_OF(WOLFSSL_STRING)* strings)
|
||||||
{
|
{
|
||||||
if (strings)
|
if (strings)
|
||||||
return strings->num;
|
return (int)strings->num;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */
|
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */
|
||||||
@@ -47712,7 +47761,7 @@ void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int
|
|||||||
void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len)
|
void wolfSSL_OPENSSL_cleanse(void *ptr, size_t len)
|
||||||
{
|
{
|
||||||
if (ptr)
|
if (ptr)
|
||||||
ForceZero(ptr, len);
|
ForceZero(ptr, (word32)len);
|
||||||
}
|
}
|
||||||
|
|
||||||
int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p,
|
int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p,
|
||||||
@@ -48130,6 +48179,7 @@ int oid2nid(word32 oid, int grp)
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
case oidCsrAttrType:
|
case oidCsrAttrType:
|
||||||
switch (oid) {
|
switch (oid) {
|
||||||
case CHALLENGE_PASSWORD_OID:
|
case CHALLENGE_PASSWORD_OID:
|
||||||
@@ -48138,6 +48188,7 @@ int oid2nid(word32 oid, int grp)
|
|||||||
return NID_serialNumber;
|
return NID_serialNumber;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
#endif
|
||||||
|
|
||||||
default:
|
default:
|
||||||
WOLFSSL_MSG("NID not in table");
|
WOLFSSL_MSG("NID not in table");
|
||||||
@@ -51032,7 +51083,7 @@ int wolfSSL_PKCS7_encode_certs(PKCS7* pkcs7, WOLFSSL_STACK* certs,
|
|||||||
#endif /* !NO_BIO */
|
#endif /* !NO_BIO */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This API was added as a helper functio for libest. It
|
* This API was added as a helper function for libest. It
|
||||||
* extracts a stack of certificates from the pkcs7 object.
|
* extracts a stack of certificates from the pkcs7 object.
|
||||||
* @param pkcs7 PKCS7 parameter object
|
* @param pkcs7 PKCS7 parameter object
|
||||||
* @return WOLFSSL_STACK_OF(WOLFSSL_X509)*
|
* @return WOLFSSL_STACK_OF(WOLFSSL_X509)*
|
||||||
@@ -51047,7 +51098,7 @@ WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7)
|
|||||||
|
|
||||||
if (!p7) {
|
if (!p7) {
|
||||||
WOLFSSL_MSG("Bad parameter");
|
WOLFSSL_MSG("Bad parameter");
|
||||||
return WOLFSSL_FAILURE;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (p7->certs)
|
if (p7->certs)
|
||||||
@@ -51714,7 +51765,6 @@ int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_ASN1_INTEGER* s)
|
|||||||
int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey)
|
int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey)
|
||||||
{
|
{
|
||||||
byte* p = NULL;
|
byte* p = NULL;
|
||||||
int pLen;
|
|
||||||
WOLFSSL_ENTER("wolfSSL_X509_set_pubkey");
|
WOLFSSL_ENTER("wolfSSL_X509_set_pubkey");
|
||||||
|
|
||||||
if (cert == NULL || pkey == NULL)
|
if (cert == NULL || pkey == NULL)
|
||||||
@@ -51729,7 +51779,10 @@ int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey)
|
|||||||
else
|
else
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
|
|
||||||
|
#if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
|
||||||
|
!defined(NO_RSA) && !defined(HAVE_USER_RSA)
|
||||||
if (pkey->type == EVP_PKEY_RSA) {
|
if (pkey->type == EVP_PKEY_RSA) {
|
||||||
|
int pLen;
|
||||||
/* Public and private key formats differ. Make sure to put in the
|
/* Public and private key formats differ. Make sure to put in the
|
||||||
* public key format in the cert. */
|
* public key format in the cert. */
|
||||||
if ((pLen = wolfSSL_i2d_RSAPublicKey(pkey->rsa, (const byte**)&p)) <= 0) {
|
if ((pLen = wolfSSL_i2d_RSAPublicKey(pkey->rsa, (const byte**)&p)) <= 0) {
|
||||||
@@ -51741,7 +51794,9 @@ int wolfSSL_X509_set_pubkey(WOLFSSL_X509 *cert, WOLFSSL_EVP_PKEY *pkey)
|
|||||||
cert->pubKey.buffer = p;
|
cert->pubKey.buffer = p;
|
||||||
cert->pubKey.length = pLen;
|
cert->pubKey.length = pLen;
|
||||||
}
|
}
|
||||||
else {
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
p = (byte*)XMALLOC(pkey->pkey_sz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
p = (byte*)XMALLOC(pkey->pkey_sz, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
@@ -51955,7 +52010,7 @@ int wolfSSL_X509_REQ_add1_attr_by_txt(WOLFSSL_X509 *req,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (len < 0) {
|
if (len < 0) {
|
||||||
len = XSTRLEN((char*)bytes);
|
len = (int)XSTRLEN((char*)bytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* For now just pretend that we support this for libest testing */
|
/* For now just pretend that we support this for libest testing */
|
||||||
@@ -51998,7 +52053,7 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
|
|||||||
switch (nid) {
|
switch (nid) {
|
||||||
case NID_pkcs9_challengePassword:
|
case NID_pkcs9_challengePassword:
|
||||||
if (len < 0)
|
if (len < 0)
|
||||||
len = XSTRLEN((char*)bytes);
|
len = (int)XSTRLEN((char*)bytes);
|
||||||
if (len < CTC_NAME_SIZE) {
|
if (len < CTC_NAME_SIZE) {
|
||||||
XMEMCPY(req->challengePw, bytes, len);
|
XMEMCPY(req->challengePw, bytes, len);
|
||||||
req->challengePw[len] = '\0';
|
req->challengePw[len] = '\0';
|
||||||
@@ -52029,7 +52084,7 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
|
|||||||
break;
|
break;
|
||||||
case NID_serialNumber:
|
case NID_serialNumber:
|
||||||
if (len < 0)
|
if (len < 0)
|
||||||
len = XSTRLEN((char*)bytes);
|
len = (int)XSTRLEN((char*)bytes);
|
||||||
if (len + 1 > EXTERNAL_SERIAL_SIZE) {
|
if (len + 1 > EXTERNAL_SERIAL_SIZE) {
|
||||||
WOLFSSL_MSG("SerialNumber too long");
|
WOLFSSL_MSG("SerialNumber too long");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
|
|||||||
78
tests/api.c
78
tests/api.c
@@ -25290,7 +25290,17 @@ static int test_wc_HashGetFlags(void)
|
|||||||
|
|
||||||
static void test_wolfSSL_lhash(void)
|
static void test_wolfSSL_lhash(void)
|
||||||
{
|
{
|
||||||
|
#ifdef OPENSSL_ALL
|
||||||
|
const char testStr[] = "Like a true nature's child\n"
|
||||||
|
"We were born\n"
|
||||||
|
"Born to be wild";
|
||||||
|
|
||||||
|
printf(testingFmt, "wolfSSL_LH_strhash()");
|
||||||
|
|
||||||
|
AssertIntEQ(lh_strhash(testStr), 0xb1231320);
|
||||||
|
|
||||||
|
printf(resultFmt, passed);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_wolfSSL_X509_NAME(void)
|
static void test_wolfSSL_X509_NAME(void)
|
||||||
@@ -26811,7 +26821,9 @@ static void test_wolfSSL_tmp_dh(void)
|
|||||||
int bytes;
|
int bytes;
|
||||||
DSA* dsa;
|
DSA* dsa;
|
||||||
DH* dh;
|
DH* dh;
|
||||||
|
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
|
||||||
DH* dh2;
|
DH* dh2;
|
||||||
|
#endif
|
||||||
BIO* bio;
|
BIO* bio;
|
||||||
SSL* ssl;
|
SSL* ssl;
|
||||||
SSL_CTX* ctx;
|
SSL_CTX* ctx;
|
||||||
@@ -26840,7 +26852,9 @@ static void test_wolfSSL_tmp_dh(void)
|
|||||||
|
|
||||||
dh = wolfSSL_DSA_dup_DH(dsa);
|
dh = wolfSSL_DSA_dup_DH(dsa);
|
||||||
AssertNotNull(dh);
|
AssertNotNull(dh);
|
||||||
|
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
|
||||||
AssertNotNull(dh2 = wolfSSL_DH_dup(dh));
|
AssertNotNull(dh2 = wolfSSL_DH_dup(dh));
|
||||||
|
#endif
|
||||||
|
|
||||||
AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
|
AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
|
||||||
#ifndef NO_WOLFSSL_SERVER
|
#ifndef NO_WOLFSSL_SERVER
|
||||||
@@ -26852,7 +26866,9 @@ static void test_wolfSSL_tmp_dh(void)
|
|||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
DSA_free(dsa);
|
DSA_free(dsa);
|
||||||
DH_free(dh);
|
DH_free(dh);
|
||||||
|
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
|
||||||
DH_free(dh2);
|
DH_free(dh2);
|
||||||
|
#endif
|
||||||
SSL_free(ssl);
|
SSL_free(ssl);
|
||||||
SSL_CTX_free(ctx);
|
SSL_CTX_free(ctx);
|
||||||
|
|
||||||
@@ -27662,7 +27678,7 @@ static void test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
|
|||||||
static void test_wolfSSL_PKCS7_certs(void)
|
static void test_wolfSSL_PKCS7_certs(void)
|
||||||
{
|
{
|
||||||
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
|
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
|
||||||
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
|
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7)
|
||||||
STACK_OF(X509)* sk = NULL;
|
STACK_OF(X509)* sk = NULL;
|
||||||
STACK_OF(X509_INFO)* info_sk = NULL;
|
STACK_OF(X509_INFO)* info_sk = NULL;
|
||||||
PKCS7 *p7 = NULL;
|
PKCS7 *p7 = NULL;
|
||||||
@@ -27712,7 +27728,7 @@ static void test_wolfSSL_PKCS7_certs(void)
|
|||||||
|
|
||||||
printf(resultFmt, passed);
|
printf(resultFmt, passed);
|
||||||
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
|
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
|
||||||
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */
|
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) */
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_wolfSSL_X509_STORE_CTX(void)
|
static void test_wolfSSL_X509_STORE_CTX(void)
|
||||||
@@ -29434,7 +29450,9 @@ static void test_wolfSSL_X509(void)
|
|||||||
|
|
||||||
AssertNotNull(bio = BIO_new(BIO_s_mem()));
|
AssertNotNull(bio = BIO_new(BIO_s_mem()));
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_CERT_GEN
|
||||||
AssertIntEQ(i2d_X509_bio(bio, x509), SSL_SUCCESS);
|
AssertIntEQ(i2d_X509_bio(bio, x509), SSL_SUCCESS);
|
||||||
|
#endif
|
||||||
|
|
||||||
AssertNotNull(ctx = X509_STORE_CTX_new());
|
AssertNotNull(ctx = X509_STORE_CTX_new());
|
||||||
|
|
||||||
@@ -31228,6 +31246,7 @@ static void test_wolfSSL_BIO_write(void)
|
|||||||
char msg[] = "conversion test";
|
char msg[] = "conversion test";
|
||||||
char out[40];
|
char out[40];
|
||||||
char expected[] = "Y29udmVyc2lvbiB0ZXN0AA==\n";
|
char expected[] = "Y29udmVyc2lvbiB0ZXN0AA==\n";
|
||||||
|
void* bufPtr = NULL;
|
||||||
BUF_MEM* buf = NULL;
|
BUF_MEM* buf = NULL;
|
||||||
|
|
||||||
printf(testingFmt, "wolfSSL_BIO_write()");
|
printf(testingFmt, "wolfSSL_BIO_write()");
|
||||||
@@ -31243,6 +31262,8 @@ static void test_wolfSSL_BIO_write(void)
|
|||||||
AssertIntEQ(SSL_SUCCESS, (int)BIO_get_mem_ptr(bio, &buf));
|
AssertIntEQ(SSL_SUCCESS, (int)BIO_get_mem_ptr(bio, &buf));
|
||||||
AssertNotNull(buf);
|
AssertNotNull(buf);
|
||||||
AssertIntEQ(buf->length, 25);
|
AssertIntEQ(buf->length, 25);
|
||||||
|
AssertIntEQ(BIO_get_mem_data(bio, &bufPtr), 25);
|
||||||
|
AssertPtrEq(buf->data, bufPtr);
|
||||||
|
|
||||||
AssertNotNull(ptr = BIO_find_type(bio, BIO_TYPE_MEM));
|
AssertNotNull(ptr = BIO_find_type(bio, BIO_TYPE_MEM));
|
||||||
sz = sizeof(out);
|
sz = sizeof(out);
|
||||||
@@ -33444,12 +33465,15 @@ static void test_wolfSSL_get_ciphers_compat(void)
|
|||||||
|
|
||||||
static void test_wolfSSL_X509_PUBKEY_get(void)
|
static void test_wolfSSL_X509_PUBKEY_get(void)
|
||||||
{
|
{
|
||||||
WOLFSSL_X509_PUBKEY pubkey = {0};
|
WOLFSSL_X509_PUBKEY pubkey;
|
||||||
WOLFSSL_X509_PUBKEY* key;
|
WOLFSSL_X509_PUBKEY* key;
|
||||||
WOLFSSL_EVP_PKEY evpkey = {0};
|
WOLFSSL_EVP_PKEY evpkey ;
|
||||||
WOLFSSL_EVP_PKEY* evpPkey;
|
WOLFSSL_EVP_PKEY* evpPkey;
|
||||||
WOLFSSL_EVP_PKEY* retEvpPkey;
|
WOLFSSL_EVP_PKEY* retEvpPkey;
|
||||||
|
|
||||||
|
XMEMSET(&pubkey, 0, sizeof(WOLFSSL_X509_PUBKEY));
|
||||||
|
XMEMSET(&evpkey, 0, sizeof(WOLFSSL_EVP_PKEY));
|
||||||
|
|
||||||
key = &pubkey;
|
key = &pubkey;
|
||||||
evpPkey = &evpkey;
|
evpPkey = &evpkey;
|
||||||
|
|
||||||
@@ -38158,7 +38182,7 @@ static void test_wolfSSL_X509_CRL(void)
|
|||||||
|
|
||||||
static void test_wolfSSL_d2i_X509_REQ(void)
|
static void test_wolfSSL_d2i_X509_REQ(void)
|
||||||
{
|
{
|
||||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
#if defined(WOLFSSL_CERT_REQ) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
|
||||||
/* ./certs/csr.signed.der and ./certs/csr.attr.der were
|
/* ./certs/csr.signed.der and ./certs/csr.attr.der were
|
||||||
* generated by libest
|
* generated by libest
|
||||||
* ./certs/csr.attr.der contains sample attributes */
|
* ./certs/csr.attr.der contains sample attributes */
|
||||||
@@ -38170,7 +38194,7 @@ static void test_wolfSSL_d2i_X509_REQ(void)
|
|||||||
* -outform PEM
|
* -outform PEM
|
||||||
* with the passphrase "wolfSSL"
|
* with the passphrase "wolfSSL"
|
||||||
*/
|
*/
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
const char* csrDsaFile = "./certs/csr.dsa.pem";
|
const char* csrDsaFile = "./certs/csr.dsa.pem";
|
||||||
#endif
|
#endif
|
||||||
BIO* bio = NULL;
|
BIO* bio = NULL;
|
||||||
@@ -38229,7 +38253,7 @@ static void test_wolfSSL_d2i_X509_REQ(void)
|
|||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
EVP_PKEY_free(pub_key);
|
EVP_PKEY_free(pub_key);
|
||||||
}
|
}
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
{
|
{
|
||||||
AssertNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
|
AssertNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
|
||||||
AssertNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
|
AssertNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
|
||||||
@@ -38248,8 +38272,8 @@ static void test_wolfSSL_d2i_X509_REQ(void)
|
|||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
EVP_PKEY_free(pub_key);
|
EVP_PKEY_free(pub_key);
|
||||||
}
|
}
|
||||||
#endif
|
#endif /* !NO_DSA && !HAVE_SELFTEST */
|
||||||
#endif /* defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) */
|
#endif /* WOLFSSL_CERT_REQ && (OPENSSL_ALL || OPENSSL_EXTRA) */
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_wolfSSL_PEM_read_X509(void)
|
static void test_wolfSSL_PEM_read_X509(void)
|
||||||
@@ -39012,7 +39036,6 @@ static void test_wolfSSL_X509_print()
|
|||||||
#ifdef OPENSSL_ALL
|
#ifdef OPENSSL_ALL
|
||||||
const X509_ALGOR *cert_sig_alg;
|
const X509_ALGOR *cert_sig_alg;
|
||||||
#endif
|
#endif
|
||||||
int stdout_fd = fileno(stdout);
|
|
||||||
|
|
||||||
printf(testingFmt, "wolfSSL_X509_print");
|
printf(testingFmt, "wolfSSL_X509_print");
|
||||||
x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
|
x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
|
||||||
@@ -39029,7 +39052,7 @@ static void test_wolfSSL_X509_print()
|
|||||||
#endif
|
#endif
|
||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
|
|
||||||
AssertNotNull(bio = BIO_new_fd(stdout_fd, BIO_NOCLOSE));
|
AssertNotNull(bio = BIO_new_fd(STDOUT_FILENO, BIO_NOCLOSE));
|
||||||
|
|
||||||
#ifdef OPENSSL_ALL
|
#ifdef OPENSSL_ALL
|
||||||
/* Print signature */
|
/* Print signature */
|
||||||
@@ -39055,11 +39078,10 @@ static void test_wolfSSL_RSA_print()
|
|||||||
!defined(HAVE_FAST_RSA) && !defined(NO_BIO)
|
!defined(HAVE_FAST_RSA) && !defined(NO_BIO)
|
||||||
BIO *bio;
|
BIO *bio;
|
||||||
WOLFSSL_RSA* rsa = NULL;
|
WOLFSSL_RSA* rsa = NULL;
|
||||||
int stdout_fd = fileno(stdout);
|
|
||||||
printf(testingFmt, "wolfSSL_RSA_print");
|
printf(testingFmt, "wolfSSL_RSA_print");
|
||||||
|
|
||||||
AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
|
AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
|
||||||
AssertNotNull(bio = wolfSSL_BIO_new_fd(stdout_fd, BIO_NOCLOSE));
|
AssertNotNull(bio = BIO_new_fd(STDOUT_FILENO, BIO_NOCLOSE));
|
||||||
AssertIntEQ(RSA_print(bio, rsa, 0), SSL_SUCCESS);
|
AssertIntEQ(RSA_print(bio, rsa, 0), SSL_SUCCESS);
|
||||||
|
|
||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
@@ -39145,60 +39167,60 @@ static void test_wolfSSL_ASN1_STRING_print(void){
|
|||||||
|
|
||||||
static void test_wolfSSL_ASN1_get_object(void)
|
static void test_wolfSSL_ASN1_get_object(void)
|
||||||
{
|
{
|
||||||
#ifdef OPENSSL_EXTRA
|
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
|
||||||
const unsigned char* derBuf = cliecc_cert_der_256;
|
const unsigned char* derBuf = cliecc_cert_der_256;
|
||||||
int len = sizeof_cliecc_cert_der_256;
|
int len = sizeof_cliecc_cert_der_256;
|
||||||
long asnLen = 0;
|
long asnLen = 0;
|
||||||
int tag = 0, class = 0;
|
int tag = 0, cls = 0;
|
||||||
ASN1_OBJECT *a;
|
ASN1_OBJECT *a;
|
||||||
|
|
||||||
printf(testingFmt, "wolfSSL_ASN1_get_object()");
|
printf(testingFmt, "wolfSSL_ASN1_get_object()");
|
||||||
|
|
||||||
/* Read a couple TLV triplets and make sure they match the expected values */
|
/* Read a couple TLV triplets and make sure they match the expected values */
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class, len) & 0x80, 0);
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 863);
|
AssertIntEQ(asnLen, 863);
|
||||||
AssertIntEQ(tag, 0x10);
|
AssertIntEQ(tag, 0x10);
|
||||||
AssertIntEQ(class, 0);
|
AssertIntEQ(cls, 0);
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
|
||||||
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 772);
|
AssertIntEQ(asnLen, 772);
|
||||||
AssertIntEQ(tag, 0x10);
|
AssertIntEQ(tag, 0x10);
|
||||||
AssertIntEQ(class, 0);
|
AssertIntEQ(cls, 0);
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
|
||||||
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 3);
|
AssertIntEQ(asnLen, 3);
|
||||||
AssertIntEQ(tag, 0);
|
AssertIntEQ(tag, 0);
|
||||||
AssertIntEQ(class, 0x80);
|
AssertIntEQ(cls, 0x80);
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
|
||||||
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 1);
|
AssertIntEQ(asnLen, 1);
|
||||||
AssertIntEQ(tag, 0x2);
|
AssertIntEQ(tag, 0x2);
|
||||||
AssertIntEQ(class, 0);
|
AssertIntEQ(cls, 0);
|
||||||
derBuf += asnLen;
|
derBuf += asnLen;
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
|
||||||
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 20);
|
AssertIntEQ(asnLen, 20);
|
||||||
AssertIntEQ(tag, 0x2);
|
AssertIntEQ(tag, 0x2);
|
||||||
AssertIntEQ(class, 0);
|
AssertIntEQ(cls, 0);
|
||||||
derBuf += asnLen;
|
derBuf += asnLen;
|
||||||
|
|
||||||
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
|
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls,
|
||||||
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
|
||||||
AssertIntEQ(asnLen, 10);
|
AssertIntEQ(asnLen, 10);
|
||||||
AssertIntEQ(tag, 0x10);
|
AssertIntEQ(tag, 0x10);
|
||||||
AssertIntEQ(class, 0);
|
AssertIntEQ(cls, 0);
|
||||||
|
|
||||||
/* Read an ASN OBJECT */
|
/* Read an ASN OBJECT */
|
||||||
AssertNotNull(d2i_ASN1_OBJECT(&a, &derBuf, len));
|
AssertNotNull(d2i_ASN1_OBJECT(&a, &derBuf, len));
|
||||||
ASN1_OBJECT_free(a);
|
ASN1_OBJECT_free(a);
|
||||||
|
|
||||||
printf(resultFmt, passed);
|
printf(resultFmt, passed);
|
||||||
#endif /* OPENSSL_EXTRA */
|
#endif /* OPENSSL_EXTRA && HAVE_ECC && USE_CERT_BUFFERS_256 */
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_wolfSSL_RSA_verify()
|
static void test_wolfSSL_RSA_verify()
|
||||||
|
|||||||
@@ -50,5 +50,7 @@ EXTRA_DIST += tests/test.conf \
|
|||||||
tests/test-trustpeer.conf \
|
tests/test-trustpeer.conf \
|
||||||
tests/test-dhprime.conf \
|
tests/test-dhprime.conf \
|
||||||
tests/test-p521.conf \
|
tests/test-p521.conf \
|
||||||
tests/test-ecc-cust-curves.conf
|
tests/test-ecc-cust-curves.conf \
|
||||||
|
tests/NCONF_test.cnf \
|
||||||
|
tests/TXT_DB.txt
|
||||||
DISTCLEANFILES+= tests/.libs/unit.test
|
DISTCLEANFILES+= tests/.libs/unit.test
|
||||||
|
|||||||
@@ -7029,7 +7029,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
|
|||||||
XFREE(sigCtx->digest, sigCtx->heap, DYNAMIC_TYPE_DIGEST);
|
XFREE(sigCtx->digest, sigCtx->heap, DYNAMIC_TYPE_DIGEST);
|
||||||
sigCtx->digest = NULL;
|
sigCtx->digest = NULL;
|
||||||
}
|
}
|
||||||
#if !defined(NO_RSA) && !defined(NO_DSA)
|
#if !(defined(NO_RSA) && defined(NO_DSA))
|
||||||
if (sigCtx->sigCpy) {
|
if (sigCtx->sigCpy) {
|
||||||
XFREE(sigCtx->sigCpy, sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
|
XFREE(sigCtx->sigCpy, sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||||
sigCtx->sigCpy = NULL;
|
sigCtx->sigCpy = NULL;
|
||||||
@@ -7265,7 +7265,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* !NO_RSA */
|
#endif /* !NO_RSA */
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
case DSAk:
|
case DSAk:
|
||||||
{
|
{
|
||||||
word32 idx = 0;
|
word32 idx = 0;
|
||||||
@@ -7317,7 +7317,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* !NO_DSA */
|
#endif /* !NO_DSA && !HAVE_SELFTEST */
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
case ECDSAk:
|
case ECDSAk:
|
||||||
{
|
{
|
||||||
@@ -7458,14 +7458,14 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* !NO_RSA */
|
#endif /* !NO_RSA */
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
case DSAk:
|
case DSAk:
|
||||||
{
|
{
|
||||||
ret = wc_DsaVerify(sigCtx->digest, sigCtx->sigCpy,
|
ret = wc_DsaVerify(sigCtx->digest, sigCtx->sigCpy,
|
||||||
sigCtx->key.dsa, &sigCtx->verify);
|
sigCtx->key.dsa, &sigCtx->verify);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* !NO_DSA */
|
#endif /* !NO_DSA && !HAVE_SELFTEST */
|
||||||
#if defined(HAVE_ECC)
|
#if defined(HAVE_ECC)
|
||||||
case ECDSAk:
|
case ECDSAk:
|
||||||
{
|
{
|
||||||
@@ -7564,7 +7564,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* NO_RSA */
|
#endif /* NO_RSA */
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
case DSAk:
|
case DSAk:
|
||||||
{
|
{
|
||||||
if (sigCtx->verify == 1) {
|
if (sigCtx->verify == 1) {
|
||||||
@@ -7576,7 +7576,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif /* !NO_DSA */
|
#endif /* !NO_DSA && !HAVE_SELFTEST */
|
||||||
#ifdef HAVE_ECC
|
#ifdef HAVE_ECC
|
||||||
case ECDSAk:
|
case ECDSAk:
|
||||||
{
|
{
|
||||||
@@ -13497,7 +13497,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
if (cert->keyType == DSA_KEY) {
|
if (cert->keyType == DSA_KEY) {
|
||||||
if (dsaKey == NULL)
|
if (dsaKey == NULL)
|
||||||
return PUBLIC_KEY_E;
|
return PUBLIC_KEY_E;
|
||||||
@@ -14246,7 +14246,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef NO_DSA
|
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
|
||||||
if (cert->keyType == DSA_KEY) {
|
if (cert->keyType == DSA_KEY) {
|
||||||
if (dsaKey == NULL)
|
if (dsaKey == NULL)
|
||||||
return PUBLIC_KEY_E;
|
return PUBLIC_KEY_E;
|
||||||
|
|||||||
@@ -1377,9 +1377,12 @@ WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e)
|
|||||||
if (pkey) {
|
if (pkey) {
|
||||||
pkey->type = id;
|
pkey->type = id;
|
||||||
ctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
|
ctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
|
||||||
if (ctx == NULL) {
|
/* wolfSSL_EVP_PKEY_CTX_new calls wolfSSL_EVP_PKEY_up_ref so we need
|
||||||
wolfSSL_EVP_PKEY_free(pkey);
|
* to always call wolfSSL_EVP_PKEY_free (either to free it if an
|
||||||
}
|
* error occured in the previous function or to decrease the reference
|
||||||
|
* count so that pkey is actually free'd when wolfSSL_EVP_PKEY_CTX_free
|
||||||
|
* is called) */
|
||||||
|
wolfSSL_EVP_PKEY_free(pkey);
|
||||||
}
|
}
|
||||||
return ctx;
|
return ctx;
|
||||||
}
|
}
|
||||||
@@ -1955,8 +1958,9 @@ int wolfSSL_EVP_PKEY_copy_parameters(WOLFSSL_EVP_PKEY *to,
|
|||||||
WOLFSSL_MSG("Copy parameters not available for this key type");
|
WOLFSSL_MSG("Copy parameters not available for this key type");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
#if defined(HAVE_ECC) || !defined(NO_DSA)
|
||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef NO_WOLFSSL_STUB
|
#ifndef NO_WOLFSSL_STUB
|
||||||
@@ -3260,7 +3264,7 @@ const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name)
|
|||||||
const struct s_ent *ent;
|
const struct s_ent *ent;
|
||||||
|
|
||||||
for (i = 0; i < sizeof(nameUpper) && name[i] != '\0'; i++) {
|
for (i = 0; i < sizeof(nameUpper) && name[i] != '\0'; i++) {
|
||||||
nameUpper[i] = XTOUPPER(name[i]);
|
nameUpper[i] = (char)XTOUPPER(name[i]);
|
||||||
}
|
}
|
||||||
if (i < sizeof(nameUpper))
|
if (i < sizeof(nameUpper))
|
||||||
nameUpper[i] = '\0';
|
nameUpper[i] = '\0';
|
||||||
|
|||||||
@@ -1261,18 +1261,24 @@ void wc_PKCS7_Free(PKCS7* pkcs7)
|
|||||||
|
|
||||||
wc_PKCS7_SignerInfoFree(pkcs7);
|
wc_PKCS7_SignerInfoFree(pkcs7);
|
||||||
wc_PKCS7_FreeDecodedAttrib(pkcs7->decodedAttrib, pkcs7->heap);
|
wc_PKCS7_FreeDecodedAttrib(pkcs7->decodedAttrib, pkcs7->heap);
|
||||||
|
pkcs7->decodedAttrib = NULL;
|
||||||
wc_PKCS7_FreeCertSet(pkcs7);
|
wc_PKCS7_FreeCertSet(pkcs7);
|
||||||
|
|
||||||
#ifdef ASN_BER_TO_DER
|
#ifdef ASN_BER_TO_DER
|
||||||
if (pkcs7->der != NULL)
|
if (pkcs7->der != NULL) {
|
||||||
XFREE(pkcs7->der, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
XFREE(pkcs7->der, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||||
|
pkcs7->der = NULL;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
if (pkcs7->contentDynamic != NULL)
|
if (pkcs7->contentDynamic != NULL) {
|
||||||
XFREE(pkcs7->contentDynamic, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
XFREE(pkcs7->contentDynamic, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||||
|
pkcs7->contentDynamic = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (pkcs7->cek != NULL) {
|
if (pkcs7->cek != NULL) {
|
||||||
ForceZero(pkcs7->cek, pkcs7->cekSz);
|
ForceZero(pkcs7->cek, pkcs7->cekSz);
|
||||||
XFREE(pkcs7->cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
XFREE(pkcs7->cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||||
|
pkcs7->cek = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
pkcs7->contentTypeSz = 0;
|
pkcs7->contentTypeSz = 0;
|
||||||
@@ -4909,6 +4915,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
|
|||||||
}
|
}
|
||||||
#ifdef ASN_BER_TO_DER
|
#ifdef ASN_BER_TO_DER
|
||||||
der = pkcs7->der;
|
der = pkcs7->der;
|
||||||
|
pkcs7->der = NULL;
|
||||||
#endif
|
#endif
|
||||||
contentDynamic = pkcs7->contentDynamic;
|
contentDynamic = pkcs7->contentDynamic;
|
||||||
version = pkcs7->version;
|
version = pkcs7->version;
|
||||||
|
|||||||
@@ -1252,11 +1252,6 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock,
|
|||||||
m += inputLen;
|
m += inputLen;
|
||||||
o = 0;
|
o = 0;
|
||||||
if (saltLen > 0) {
|
if (saltLen > 0) {
|
||||||
if (pkcsBlockLen < RSA_PSS_PAD_SZ + inputLen + saltLen) {
|
|
||||||
WOLFSSL_MSG("RSA-PSS Output buffer too short. "
|
|
||||||
"Recommend using WOLFSSL_PSS_SALT_LEN_DISCOVER");
|
|
||||||
return PSS_SALTLEN_E;
|
|
||||||
}
|
|
||||||
ret = wc_RNG_GenerateBlock(rng, salt, saltLen);
|
ret = wc_RNG_GenerateBlock(rng, salt, saltLen);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
XMEMCPY(m, salt, saltLen);
|
XMEMCPY(m, salt, saltLen);
|
||||||
|
|||||||
@@ -3637,7 +3637,9 @@ struct WOLFSSL_STACK {
|
|||||||
WOLFSSL_CIPHER cipher;
|
WOLFSSL_CIPHER cipher;
|
||||||
WOLFSSL_ACCESS_DESCRIPTION* access;
|
WOLFSSL_ACCESS_DESCRIPTION* access;
|
||||||
WOLFSSL_X509_EXTENSION* ext;
|
WOLFSSL_X509_EXTENSION* ext;
|
||||||
|
#ifdef OPENSSL_EXTRA
|
||||||
WOLFSSL_CONF_VALUE* conf;
|
WOLFSSL_CONF_VALUE* conf;
|
||||||
|
#endif
|
||||||
void* generic;
|
void* generic;
|
||||||
char* string;
|
char* string;
|
||||||
WOLFSSL_GENERAL_NAME* gn;
|
WOLFSSL_GENERAL_NAME* gn;
|
||||||
@@ -3762,8 +3764,10 @@ struct WOLFSSL_X509 {
|
|||||||
byte authKeyIdSet:1;
|
byte authKeyIdSet:1;
|
||||||
byte authKeyIdCrit:1;
|
byte authKeyIdCrit:1;
|
||||||
byte issuerSet:1;
|
byte issuerSet:1;
|
||||||
byte isCSR:1;
|
|
||||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||||
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
byte isCSR:1;
|
||||||
|
#endif
|
||||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||||
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
||||||
#ifdef WOLFSSL_CERT_REQ
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
|
|||||||
@@ -99,7 +99,7 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
|
|||||||
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
|
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
|
||||||
|
|
||||||
WOLFSSL_API int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
WOLFSSL_API int wolfSSL_ASN1_get_object(const unsigned char **in, long *len, int *tag,
|
||||||
int *class, long inLen);
|
int *cls, long inLen);
|
||||||
|
|
||||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
WOLFSSL_API WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
|
||||||
const unsigned char **pp, long len);
|
const unsigned char **pp, long len);
|
||||||
|
|||||||
@@ -28,7 +28,8 @@
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <wolfssl/openssl/ssl.h>
|
#include <wolfssl/wolfcrypt/settings.h>
|
||||||
|
#include <wolfssl/version.h>
|
||||||
|
|
||||||
typedef struct WOLFSSL_CONF_VALUE {
|
typedef struct WOLFSSL_CONF_VALUE {
|
||||||
char *section;
|
char *section;
|
||||||
@@ -36,9 +37,8 @@ typedef struct WOLFSSL_CONF_VALUE {
|
|||||||
char *value;
|
char *value;
|
||||||
} WOLFSSL_CONF_VALUE;
|
} WOLFSSL_CONF_VALUE;
|
||||||
|
|
||||||
typedef struct WOLFSSL_INIT_SETTINGS {
|
/* ssl.h requires WOLFSSL_CONF_VALUE */
|
||||||
char* appname;
|
#include <wolfssl/ssl.h>
|
||||||
} WOLFSSL_INIT_SETTINGS;
|
|
||||||
|
|
||||||
typedef struct WOLFSSL_CONF {
|
typedef struct WOLFSSL_CONF {
|
||||||
void *meth_data;
|
void *meth_data;
|
||||||
@@ -47,21 +47,14 @@ typedef struct WOLFSSL_CONF {
|
|||||||
|
|
||||||
typedef WOLFSSL_CONF CONF;
|
typedef WOLFSSL_CONF CONF;
|
||||||
typedef WOLFSSL_CONF_VALUE CONF_VALUE;
|
typedef WOLFSSL_CONF_VALUE CONF_VALUE;
|
||||||
typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS;
|
|
||||||
|
#ifdef OPENSSL_EXTRA
|
||||||
|
|
||||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void);
|
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void);
|
||||||
WOLFSSL_API int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
|
WOLFSSL_API int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
|
||||||
WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value);
|
WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value);
|
||||||
WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val);
|
WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val);
|
||||||
|
|
||||||
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc);
|
|
||||||
WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(struct WOLFSSL_STACK *sk);
|
|
||||||
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk);
|
|
||||||
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value(
|
|
||||||
const struct WOLFSSL_STACK *sk, int i);
|
|
||||||
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk,
|
|
||||||
WOLFSSL_CONF_VALUE* val);
|
|
||||||
|
|
||||||
WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth);
|
WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth);
|
||||||
WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf,
|
WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf,
|
||||||
const char *group, const char *name);
|
const char *group, const char *name);
|
||||||
@@ -102,6 +95,8 @@ WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf,
|
|||||||
|
|
||||||
#define X509V3_conf_free wolfSSL_X509V3_conf_free
|
#define X509V3_conf_free wolfSSL_X509V3_conf_free
|
||||||
|
|
||||||
|
#endif /* OPENSSL_EXTRA */
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
} /* extern "C" */
|
} /* extern "C" */
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@@ -33,6 +33,11 @@
|
|||||||
#include "prefix_crypto.h"
|
#include "prefix_crypto.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
typedef struct WOLFSSL_INIT_SETTINGS {
|
||||||
|
char* appname;
|
||||||
|
} WOLFSSL_INIT_SETTINGS;
|
||||||
|
|
||||||
|
typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS;
|
||||||
|
|
||||||
WOLFSSL_API const char* wolfSSLeay_version(int type);
|
WOLFSSL_API const char* wolfSSLeay_version(int type);
|
||||||
WOLFSSL_API unsigned long wolfSSLeay(void);
|
WOLFSSL_API unsigned long wolfSSLeay(void);
|
||||||
|
|||||||
@@ -28,8 +28,6 @@
|
|||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <wolfssl/openssl/conf.h>
|
|
||||||
|
|
||||||
typedef void (*wolfSSL_sk_freefunc)(void *);
|
typedef void (*wolfSSL_sk_freefunc)(void *);
|
||||||
|
|
||||||
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
|
WOLFSSL_API void wolfSSL_sk_GENERIC_pop_free(WOLFSSL_STACK* sk, wolfSSL_sk_freefunc);
|
||||||
|
|||||||
@@ -188,7 +188,6 @@ typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM;
|
|||||||
typedef struct WOLFSSL_BIO WOLFSSL_BIO;
|
typedef struct WOLFSSL_BIO WOLFSSL_BIO;
|
||||||
typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
|
typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD;
|
||||||
typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
|
typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
|
||||||
typedef struct WOLFSSL_CONF_VALUE WOLFSSL_CONF_VALUE;
|
|
||||||
typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
|
typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
|
||||||
typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME;
|
typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME;
|
||||||
typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX;
|
typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX;
|
||||||
@@ -1361,7 +1360,9 @@ WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset
|
|||||||
#endif
|
#endif
|
||||||
WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
|
WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
|
||||||
unsigned long nmflags, unsigned long cflag);
|
unsigned long nmflags, unsigned long cflag);
|
||||||
|
#ifndef NO_FILESYSTEM
|
||||||
WOLFSSL_API int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509);
|
WOLFSSL_API int wolfSSL_X509_print_fp(XFILE fp, WOLFSSL_X509 *x509);
|
||||||
|
#endif
|
||||||
WOLFSSL_API int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp,
|
WOLFSSL_API int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp,
|
||||||
const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig);
|
const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig);
|
||||||
WOLFSSL_API void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psig,
|
WOLFSSL_API void wolfSSL_X509_get0_signature(const WOLFSSL_ASN1_BIT_STRING **psig,
|
||||||
@@ -3459,8 +3460,6 @@ WOLFSSL_API int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
|
|||||||
unsigned char* out, int outSz);
|
unsigned char* out, int outSz);
|
||||||
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
|
WOLFSSL_API int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
|
||||||
|
|
||||||
WOLFSSL_LOCAL int wolfSSL_X509_make_der(WOLFSSL_X509* x509, int req,
|
|
||||||
unsigned char* der, int* derSz, int includeSig);
|
|
||||||
WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
WOLFSSL_API int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||||
#ifdef WOLFSSL_CERT_REQ
|
#ifdef WOLFSSL_CERT_REQ
|
||||||
WOLFSSL_API int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
WOLFSSL_API int wolfSSL_i2d_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||||
@@ -3706,8 +3705,18 @@ WOLFSSL_API int wolfSSL_sk_X509_OBJECT_num(const WOLF_STACK_OF(WOLFSSL_X509_OBJE
|
|||||||
|
|
||||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
|
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,
|
||||||
unsigned long);
|
unsigned long);
|
||||||
|
#ifndef NO_FILESYSTEM
|
||||||
WOLFSSL_API int wolfSSL_X509_NAME_print_ex_fp(XFILE,WOLFSSL_X509_NAME*,int,
|
WOLFSSL_API int wolfSSL_X509_NAME_print_ex_fp(XFILE,WOLFSSL_X509_NAME*,int,
|
||||||
unsigned long);
|
unsigned long);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc);
|
||||||
|
WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(struct WOLFSSL_STACK *sk);
|
||||||
|
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk);
|
||||||
|
WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value(
|
||||||
|
const struct WOLFSSL_STACK *sk, int i);
|
||||||
|
WOLFSSL_API int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk,
|
||||||
|
WOLFSSL_CONF_VALUE* val);
|
||||||
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
|
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
|
||||||
|
|||||||
@@ -650,10 +650,13 @@ decouple library dependencies with standard string, memory and so on.
|
|||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||||
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
|
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) || \
|
||||||
|
defined(OPENSSL_EXTRA)
|
||||||
#define XTOUPPER(c) toupper((c))
|
#define XTOUPPER(c) toupper((c))
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef OPENSSL_ALL
|
||||||
#define XISALNUM(c) isalnum((c))
|
#define XISALNUM(c) isalnum((c))
|
||||||
|
#endif
|
||||||
/* needed by wolfSSL_check_domain_name() */
|
/* needed by wolfSSL_check_domain_name() */
|
||||||
#define XTOLOWER(c) tolower((c))
|
#define XTOLOWER(c) tolower((c))
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user