feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

address peer review on PR #5449.

Browse Source
This commit is contained in:
Daniel Pouzzner
2022-08-10 13:32:56 -05:00
parent f771181e1a
commit 8197f958a9
6 changed files with 63 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/internal.c
View File

@ -25908,7 +25908,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
* parse DN name */
#ifdef WOLFSSL_SMALL_STACK
DecodedCert *cert = (DecodedCert *)XMALLOC(
sizeof(*cert), ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
sizeof(*cert), ssl->heap, DYNAMIC_TYPE_DCERT);
if (cert == NULL)
return MEMORY_ERROR;
#else
@ -25917,28 +25917,29 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
InitDecodedCert(cert, input + *inOutIdx, dnSz, ssl->heap);
do {
if ((ret = GetName(cert, SUBJECT, dnSz)) != 0) {
break;
}
ret = GetName(cert, SUBJECT, dnSz);
if ((name = wolfSSL_X509_NAME_new()) == NULL) {
if (ret == 0) {
if ((name = wolfSSL_X509_NAME_new()) == NULL)
ret = MEMORY_ERROR;
break;
}
}
if (ret == 0) {
CopyDecodedName(name, cert, SUBJECT);
}
if (ret == 0) {
if (wolfSSL_sk_X509_NAME_push(ssl->ca_names, name)
== WOLFSSL_FAILURE)
{
ret = MEMORY_ERROR;
break;
}
} while (0);
}
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
#endif
if (ret != 0) {
if (name != NULL)

53
src/ocsp.c
View File

@ -599,10 +599,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
int ret = -1;
DerBuffer* derCert = NULL;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert *cert = (DecodedCert *)XMALLOC(sizeof(*cert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return NULL;
DecodedCert *cert = NULL;
#else
DecodedCert cert[1];
#endif
@ -615,6 +612,12 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
|| issuer == NULL || issuer->derCert == NULL)
goto out;
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert *)XMALLOC(sizeof(*cert), cm->heap, DYNAMIC_TYPE_DCERT);
if (cert == NULL)
goto out;
#endif
ret = AllocDer(&derCert, issuer->derCert->length,
issuer->derCert->type, NULL);
if (ret == 0) {
@ -625,16 +628,17 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
if (ret != WOLFSSL_SUCCESS) {
goto out;
}
derCert = NULL;
}
ret = -1;
certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), NULL,
DYNAMIC_TYPE_OPENSSL);
certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID),
cm->heap, DYNAMIC_TYPE_OPENSSL);
if (certId == NULL)
goto out;
certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), cm->heap,
DYNAMIC_TYPE_OPENSSL);
if (certStatus == NULL)
goto out;
@ -662,21 +666,25 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
out:
if (ret != 0) {
if (derCert != NULL)
FreeDer(&derCert);
if (certId != NULL)
XFREE(certId, cm->heap, DYNAMIC_TYPE_OPENSSL);
if (certStatus)
XFREE(certStatus, cm->heap, DYNAMIC_TYPE_OPENSSL);
return NULL;
}
#ifdef WOLFSSL_SMALL_STACK
if (cert != NULL)
XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
#endif
if (cm != NULL)
wolfSSL_CertManagerFree(cm);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ret != 0) {
if (certId != NULL)
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
if (certStatus)
XFREE(certStatus, NULL, DYNAMIC_TYPE_OPENSSL);
return NULL;
} else
return certId;
return certId;
}
void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse)
@ -691,8 +699,9 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
{
int ret;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert *cert = (DecodedCert *)XMALLOC(sizeof(*cert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
DecodedCert *cert = (DecodedCert *)
XMALLOC(sizeof(*cert), (st && st->cm) ? st->cm->heap : NULL,
DYNAMIC_TYPE_DCERT);
if (cert == NULL)
return WOLFSSL_FAILURE;
#else
@ -722,7 +731,7 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
out:
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cert, (st && st->cm) ? st->cm->heap : NULL, DYNAMIC_TYPE_DCERT);
#endif
return ret;

14
src/pk.c
View File

@ -6501,7 +6501,7 @@ int wolfSSL_DH_size(WOLFSSL_DH* dh)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6529,7 +6529,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6559,7 +6559,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6593,7 +6593,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_1536_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_2048_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6631,7 +6631,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_2048_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_3072_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6677,7 +6677,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_3072_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_4096_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
@ -6731,7 +6731,7 @@ WOLFSSL_BIGNUM* wolfSSL_DH_4096_prime(WOLFSSL_BIGNUM* bn)
*/
WOLFSSL_BIGNUM* wolfSSL_DH_6144_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
static const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"

4
src/ssl.c
View File

@ -40527,7 +40527,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
#ifdef WOLFSSL_SMALL_STACK
DeCert = (DecodedCert *)XMALLOC(sizeof(*DeCert), heap,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_DCERT);
if (DeCert == NULL) {
WOLFSSL_MSG("out of memory");
return WOLFSSL_FAILURE;
@ -40726,7 +40726,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
out:
#ifdef WOLFSSL_SMALL_STACK
XFREE(DeCert, heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(DeCert, heap, DYNAMIC_TYPE_DCERT);
#endif
return ret;

19
src/x509.c
View File

@ -115,7 +115,7 @@ unsigned int wolfSSL_X509_get_extended_key_usage(WOLFSSL_X509* x509)
/* Returns the number of X509V3 extensions in X509 object, or 0 on failure */
int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert)
{
int extCount = WOLFSSL_FAILURE;
int extCount = 0;
int length = 0;
int outSz = 0;
const byte* rawCert;
@ -141,7 +141,7 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert)
}
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert *)XMALLOC(sizeof(*cert), NULL, DYNAMIC_TYPE_TMP_BUFFER);
cert = (DecodedCert *)XMALLOC(sizeof(*cert), NULL, DYNAMIC_TYPE_DCERT);
if (cert == NULL) {
WOLFSSL_MSG("out of memory");
return WOLFSSL_FAILURE;
@ -188,7 +188,6 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert)
goto out;
}
extCount = 0;
while (idx < (word32)sz) {
if (GetSequence(input, &idx, &length, sz) < 0) {
WOLFSSL_MSG("\tfail: should be a SEQUENCE");
@ -203,7 +202,7 @@ out:
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return extCount;
}
@ -1752,7 +1751,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert *)XMALLOC(sizeof(*cert), x509->heap,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_DCERT);
if (cert == NULL) {
WOLFSSL_MSG("\tout of memory");
return WOLFSSL_FATAL_ERROR;
@ -1834,7 +1833,7 @@ out:
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, x509->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(cert, x509->heap, DYNAMIC_TYPE_DCERT);
#endif
return found ? extCount : WOLFSSL_FATAL_ERROR;
@ -11861,7 +11860,7 @@ int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, size_t chklen,
#ifdef WOLFSSL_SMALL_STACK
dCert = (DecodedCert *)XMALLOC(sizeof(*dCert), x->heap,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_DCERT);
if (dCert == NULL) {
WOLFSSL_MSG("\tout of memory");
return WOLFSSL_FATAL_ERROR;
@ -11880,7 +11879,7 @@ out:
FreeDecodedCert(dCert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dCert, x->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(dCert, x->heap, DYNAMIC_TYPE_DCERT);
#endif
if (ret != 0)
@ -11914,7 +11913,7 @@ int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc,
#ifdef WOLFSSL_SMALL_STACK
if (ret == WOLFSSL_SUCCESS) {
dCert = (DecodedCert *)XMALLOC(sizeof(*dCert), x->heap,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_DCERT);
if (dCert == NULL) {
WOLFSSL_MSG("\tout of memory");
ret = WOLFSSL_FAILURE;
@ -11942,7 +11941,7 @@ int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc,
#ifdef WOLFSSL_SMALL_STACK
if (dCert != NULL)
XFREE(dCert, x->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(dCert, x->heap, DYNAMIC_TYPE_DCERT);
#endif
return ret;

4
tests/quic.c
View File

@ -951,7 +951,7 @@ static int QuicConversation_step(QuicConversation *conv)
conv->started = 1;
}
if (conv->server->output.len > 0) {
QuicTestContext_forward(conv->server, conv->client, conv->rec_log, sizeof conv->rec_log);
QuicTestContext_forward(conv->server, conv->client, conv->rec_log, sizeof(conv->rec_log));
n = wolfSSL_quic_read_write(conv->client->ssl);
if (n != WOLFSSL_SUCCESS) {
AssertIntEQ(wolfSSL_get_error(conv->client->ssl, 0), SSL_ERROR_WANT_READ);
@ -959,7 +959,7 @@ static int QuicConversation_step(QuicConversation *conv)
return 1;
}
else if (conv->client->output.len > 0) {
QuicTestContext_forward(conv->client, conv->server, conv->rec_log, sizeof conv->rec_log);
QuicTestContext_forward(conv->client, conv->server, conv->rec_log, sizeof(conv->rec_log));
#ifdef WOLFSSL_EARLY_DATA
if (conv->accept_early_data) {
int written;