feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add set dates from buffer

Browse Source
This commit is contained in:
toddouska
2012-05-17 14:41:45 -07:00
parent 4b8ab62bd1
commit 839b5a4478
3 changed files with 122 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
ctaocrypt/src/asn.c
View File

@ -1078,6 +1078,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
cert->subjectOULen = 0; cert->subjectOULen = 0;
cert->subjectEmail = 0; cert->subjectEmail = 0;
cert->subjectEmailLen = 0; cert->subjectEmailLen = 0;
cert->beforeDate = 0;
cert->beforeDateLen = 0;
cert->afterDate = 0;
cert->afterDateLen = 0;
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
} }
@ -1586,8 +1590,18 @@ static int GetDate(DecodedCert* cert, int dateType)
{ {
int length; int length;
byte date[MAX_DATE_SIZE]; byte date[MAX_DATE_SIZE];
byte b = cert->source[cert->srcIdx++]; byte b;
word32 startIdx = 0;
#ifdef CYASSL_CERT_GEN
if (dateType == BEFORE)
cert->beforeDate = &cert->source[cert->srcIdx];
else
cert->afterDate = &cert->source[cert->srcIdx];
startIdx = cert->srcIdx;
#endif
b = cert->source[cert->srcIdx++];
if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME)
return ASN_TIME_E; return ASN_TIME_E;
@ -1600,6 +1614,13 @@ static int GetDate(DecodedCert* cert, int dateType)
XMEMCPY(date, &cert->source[cert->srcIdx], length); XMEMCPY(date, &cert->source[cert->srcIdx], length);
cert->srcIdx += length; cert->srcIdx += length;
#ifdef CYASSL_CERT_GEN
if (dateType == BEFORE)
cert->beforeDateLen = cert->srcIdx - startIdx;
else
cert->afterDateLen = cert->srcIdx - startIdx;
#endif
if (!XVALIDATE_DATE(date, b, dateType)) { if (!XVALIDATE_DATE(date, b, dateType)) {
if (dateType == BEFORE) if (dateType == BEFORE)
return ASN_BEFORE_DATE_E; return ASN_BEFORE_DATE_E;
@ -2847,7 +2868,9 @@ void InitCert(Cert* cert)
cert->isCA = 0; cert->isCA = 0;
cert->bodySz = 0; cert->bodySz = 0;
#ifdef CYASSL_ALT_NAMES #ifdef CYASSL_ALT_NAMES
cert->altNamesSz = 0; cert->altNamesSz = 0;
cert->beforeDateSz = 0;
cert->afterDateSz = 0;
#endif #endif
cert->keyType = RSA_KEY; cert->keyType = RSA_KEY;
XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE); XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
@ -3031,6 +3054,26 @@ static void SetTime(struct tm* date, byte* output)
} }
#ifdef CYASSL_ALT_NAMES
/* Copy Dates from cert, return bytes written */
static int CopyValidity(byte* output, Cert* cert)
{
int seqSz;
CYASSL_ENTER("CopyValidity");
/* headers and output */
seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
cert->afterDateSz);
return seqSz + cert->beforeDateSz + cert->afterDateSz;
}
#endif
/* Set Date validity from now until now + daysValid */ /* Set Date validity from now until now + daysValid */
static int SetValidity(byte* output, int daysValid) static int SetValidity(byte* output, int daysValid)
{ {
@ -3362,10 +3405,22 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng,
#endif #endif
} }
der->validitySz = 0;
#ifdef CYASSL_ALT_NAMES
/* date validity copy ? */
if (cert->beforeDateSz && cert->afterDateSz) {
der->validitySz = CopyValidity(der->validity, cert);
if (der->validitySz == 0)
return DATE_E;
}
#endif
/* date validity */ /* date validity */
der->validitySz = SetValidity(der->validity, cert->daysValid); if (der->validitySz == 0) {
if (der->validitySz == 0) der->validitySz = SetValidity(der->validity, cert->daysValid);
return DATE_E; if (der->validitySz == 0)
return DATE_E;
}
/* subject name */ /* subject name */
der->subjectSz = SetName(der->subject, &cert->subject); der->subjectSz = SetName(der->subject, &cert->subject);
@ -3603,8 +3658,10 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
InitDecodedCert(&decoded, (byte*)der, derSz, 0); InitDecodedCert(&decoded, (byte*)der, derSz, 0);
ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0); ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0);
if (ret < 0) if (ret < 0) {
FreeDecodedCert(&decoded);
return ret; return ret;
}
if (decoded.extensions) { if (decoded.extensions) {
byte b; byte b;
@ -3673,6 +3730,49 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
return 0; return 0;
} }
/* Set Dates from der cert, return 0 on success */
static int SetDatesFromCert(Cert* cert, const byte* der, int derSz)
{
DecodedCert decoded;
int ret;
CYASSL_ENTER("SetDatesFromCert");
if (derSz < 0)
return derSz;
InitDecodedCert(&decoded, (byte*)der, derSz, 0);
ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0);
if (ret < 0) {
CYASSL_MSG("ParseCertRelative error");
FreeDecodedCert(&decoded);
return ret;
}
if (decoded.beforeDate == NULL || decoded.afterDate == NULL) {
CYASSL_MSG("Couldn't extract dates");
FreeDecodedCert(&decoded);
return -1;
}
if (decoded.beforeDateLen > MAX_DATE_SIZE || decoded.afterDateLen >
MAX_DATE_SIZE) {
CYASSL_MSG("Bad date size");
FreeDecodedCert(&decoded);
return -1;
}
XMEMCPY(cert->beforeDate, decoded.beforeDate, decoded.beforeDateLen);
XMEMCPY(cert->afterDate, decoded.afterDate, decoded.afterDateLen);
cert->beforeDateSz = decoded.beforeDateLen;
cert->afterDateSz = decoded.afterDateLen;
return 0;
}
#endif /* CYASSL_ALT_NAMES */ #endif /* CYASSL_ALT_NAMES */
@ -3811,6 +3911,12 @@ int SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
return SetAltNamesFromCert(cert, der, derSz); return SetAltNamesFromCert(cert, der, derSz);
} }
/* Set cert dates from DER buffer */
int SetDatesBuffer(Cert* cert, const byte* der, int derSz)
{
return SetDatesFromCert(cert, der, derSz);
}
#endif /* CYASSL_ALT_NAMES */ #endif /* CYASSL_ALT_NAMES */
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */

4
cyassl/ctaocrypt/asn.h
View File

@ -251,6 +251,10 @@ struct DecodedCert {
int subjectOULen; int subjectOULen;
char* subjectEmail; char* subjectEmail;
int subjectEmailLen; int subjectEmailLen;
byte* beforeDate;
int beforeDateLen;
byte* afterDate;
int afterDateLen;
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
}; };

6
cyassl/ctaocrypt/asn_public.h
View File

@ -64,6 +64,7 @@ enum Ctc_SigType {
enum Ctc_Misc { enum Ctc_Misc {
CTC_NAME_SIZE = 64, CTC_NAME_SIZE = 64,
CTC_DATE_SIZE = 32,
CTC_MAX_ALT_SIZE = 8192, /* may be huge */ CTC_MAX_ALT_SIZE = 8192, /* may be huge */
CTC_SERIAL_SIZE = 8 CTC_SERIAL_SIZE = 8
}; };
@ -96,6 +97,10 @@ typedef struct Cert {
#ifdef CYASSL_ALT_NAMES #ifdef CYASSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */ int altNamesSz; /* altNames size in bytes */
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
int beforeDateSz; /* size of copy */
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif #endif
} Cert; } Cert;
@ -126,6 +131,7 @@ CYASSL_API int SetSubject(Cert*, const char*);
CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int); CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int);
CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int); CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int);
CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int); CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int);
CYASSL_API int SetDatesBuffer(Cert*, const byte*, int);
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,