feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #6471 from SparkiDev/tests_api_expect_3

Browse Source 
Test api.c: change more tests to use Expect instead of Assert
This commit is contained in:
JacobBarthelmeh
2023-06-07 11:22:23 -06:00
committed by GitHub
parent 1445a6a832 e542e51d9f
commit 8583cc65fa
7 changed files with 3232 additions and 2934 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/bio.c
View File

@ -2693,8 +2693,13 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO* top, WOLFSSL_BIO* append)
{
WOLFSSL_ENTER("wolfSSL_BIO_push");
top->next = append;
append->prev = top;
if (top == NULL) {
return append;
}
top->next = append;
if (append != NULL) {
append->prev = top;
}
/* SSL BIO's should use the next object in the chain for IO */
if (top->type == WOLFSSL_BIO_SSL && top->ptr)

13
src/crl.c
View File

@ -142,6 +142,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
DYNAMIC_TYPE_CRL_ENTRY);
if (crle->signature == NULL) {
XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
crle->toBeSigned = NULL;
return -1;
}
XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz);
@ -529,14 +530,19 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
if (InitCRL_Entry(crle, dcrl, buff, verified, crl->heap) < 0) {
WOLFSSL_MSG("Init CRL Entry failed");
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
FreeCRL_Entry(crle, crl->heap);
if (crle != crl->currentEntry) {
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
}
return -1;
}
if (wc_LockMutex(&crl->crlLock) != 0) {
WOLFSSL_MSG("wc_LockMutex failed");
FreeCRL_Entry(crle, crl->heap);
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
if (crle != crl->currentEntry) {
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
}
return BAD_MUTEX_E;
}
@ -863,6 +869,9 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
if (store->cm->crl == NULL) {
crl = wolfSSL_X509_crl_new(store->cm);
if (crl == NULL) {
return WOLFSSL_FAILURE;
}
if (DupX509_CRL(crl, newcrl) != 0) {
if (crl != NULL)
FreeCRL(crl, 1);

4
src/ssl.c
View File

@ -5245,8 +5245,10 @@ WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
if (x509 == NULL)
goto error;
if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS)
if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) {
wolfSSL_X509_free(x509);
goto error;
}
}
for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {

4
src/ssl_asn1.c
View File

@ -3993,7 +3993,7 @@ void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS)
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS)
/**
* Set ASN.1 TYPE object with a type and value.
*
@ -4046,7 +4046,7 @@ void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value)
}
}
#endif /* OPENSSL_ALL || WOLFSSL_WPAS */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || WOLFSSL_WPAS */
#endif /* !NO_ASN */

311
src/x509.c
View File

@ -527,6 +527,190 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
return -1;
}
/* Set a general name from the DNS entry data.
*
* @param [in] dns DNS entry.
* @param [in, out] gn General name to place data in.
* @return 1 on success.
* @return 0 on failure.
*/
static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
WOLFSSL_GENERAL_NAME* gn)
{
int ret = 0;
WOLFSSL_ASN1_OBJECT* obj;
WOLFSSL_ASN1_TYPE* type;
WOLFSSL_ASN1_STRING* str;
byte tag;
unsigned char* p = (unsigned char *)dns->name;
long len = dns->len;
#ifdef WOLFSSL_FPKI
if (dns->oidSum != 0) {
/* UPN OID: 1.3.6.1.4.1.311.20.2.3 */
static const unsigned char upn_oid[] = {
0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03
};
const unsigned char* oid;
word32 oidSz;
if ((oid = OidFromId(dns->oidSum, oidCertAltNameType, &oidSz)) ==
NULL) {
if (dns->oidSum == UPN_OID) {
oid = upn_oid;
oidSz = (word32)sizeof(upn_oid);
}
else {
goto err;
}
}
if ((obj = wolfSSL_c2i_ASN1_OBJECT(NULL, &oid, oidSz)) == NULL) {
goto err;
}
tag = ASN_UTF8STRING;
}
else
#endif
{
word32 idx = 0;
int nameLen;
/* Create an object id for general name from DER encoding. */
obj = wolfSSL_d2i_ASN1_OBJECT(NULL, (const unsigned char**)&p, len);
if (obj == NULL) {
goto err;
}
/* Pointer moved on and now update length of remaining data. */
len -= (long)((size_t)p - (size_t)dns->name);
/* Next is: [0]. Check tag and length. */
if (GetASNTag(p, &idx, &tag, (word32)len) < 0) {
goto err;
}
if (tag != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) {
wolfSSL_ASN1_OBJECT_free(obj);
goto err;
}
if (GetLength(p, &idx, &nameLen, (word32)len) <= 1) {
wolfSSL_ASN1_OBJECT_free(obj);
goto err;
}
/* Next is a string of some type. */
if (GetASNTag(p, &idx, &tag, (word32)len) < 0) {
wolfSSL_ASN1_OBJECT_free(obj);
goto err;
}
if (GetLength(p, &idx, &nameLen, (word32)len) <= 0) {
wolfSSL_ASN1_OBJECT_free(obj);
goto err;
}
p += idx;
len -= idx;
}
/* Create a WOLFSSL_ASN1_STRING from the DER. */
str = wolfSSL_ASN1_STRING_type_new(tag);
if (str == NULL) {
wolfSSL_ASN1_OBJECT_free(obj);
goto err;
}
wolfSSL_ASN1_STRING_set(str, p, (word32)len);
/* Wrap string in a WOLFSSL_ASN1_TYPE. */
type = wolfSSL_ASN1_TYPE_new();
if (type == NULL) {
wolfSSL_ASN1_OBJECT_free(obj);
wolfSSL_ASN1_STRING_free(str);
goto err;
}
wolfSSL_ASN1_TYPE_set(type, tag, str);
/* Store the object and string in general name. */
gn->d.otherName->type_id = obj;
gn->d.otherName->value = type;
ret = 1;
err:
return ret;
}
static int wolfssl_x509_alt_names_to_gn(WOLFSSL_X509* x509,
WOLFSSL_X509_EXTENSION* ext)
{
int ret = 0;
WOLFSSL_GENERAL_NAME* gn = NULL;
DNS_entry* dns = NULL;
WOLFSSL_STACK* sk;
#ifdef OPENSSL_ALL
ret = wolfSSL_ASN1_STRING_set(&ext->value, x509->subjAltNameSrc,
x509->subjAltNameSz);
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
goto err;
}
#endif
sk = (WOLFSSL_GENERAL_NAMES*)XMALLOC(sizeof(WOLFSSL_GENERAL_NAMES), NULL,
DYNAMIC_TYPE_ASN1);
if (sk == NULL) {
goto err;
}
XMEMSET(sk, 0, sizeof(WOLFSSL_GENERAL_NAMES));
sk->type = STACK_TYPE_GEN_NAME;
if (x509->subjAltNameSet && x509->altNames != NULL) {
/* alt names are DNS_entry structs */
dns = x509->altNames;
/* Currently only support GEN_DNS type */
while (dns != NULL) {
gn = wolfSSL_GENERAL_NAME_new();
if (gn == NULL) {
WOLFSSL_MSG("Error creating GENERAL_NAME");
wolfSSL_sk_pop_free(sk, NULL);
goto err;
}
gn->type = dns->type;
if (gn->type == GEN_OTHERNAME) {
if (!wolfssl_dns_entry_othername_to_gn(dns, gn)) {
WOLFSSL_MSG("OTHERNAME set failed");
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
goto err;
}
}
else {
gn->d.ia5->length = dns->len;
if (wolfSSL_ASN1_STRING_set(gn->d.ia5, dns->name,
gn->d.ia5->length) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set failed");
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
goto err;
}
}
if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
goto err;
}
dns = dns->next;
}
}
ext->ext_sk = sk;
ext->crit = x509->subjAltNameCrit;
ret = 1;
err:
return ret;
}
/* Pushes a new X509_EXTENSION* ext onto the stack inside WOLFSSL_X509* x509.
* This is currently a helper function for wolfSSL_X509_get_ext
* Caller does not free the returned WOLFSSL_X509_EXTENSION*
@ -900,17 +1084,9 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
break;
case ALT_NAMES_OID:
{
WOLFSSL_GENERAL_NAME* gn = NULL;
DNS_entry* dns = NULL;
if (!isSet)
break;
#ifdef OPENSSL_ALL
ret = wolfSSL_ASN1_STRING_set(&ext->value, x509->subjAltNameSrc,
x509->subjAltNameSz);
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
if (!wolfssl_x509_alt_names_to_gn(x509, ext)) {
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
@ -918,88 +1094,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
#endif
return NULL;
}
#endif
sk = (WOLFSSL_GENERAL_NAMES*)XMALLOC(
sizeof(WOLFSSL_GENERAL_NAMES), NULL,
DYNAMIC_TYPE_ASN1);
if (sk == NULL) {
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
XMEMSET(sk, 0, sizeof(WOLFSSL_GENERAL_NAMES));
sk->type = STACK_TYPE_GEN_NAME;
if (x509->subjAltNameSet && x509->altNames != NULL) {
/* alt names are DNS_entry structs */
dns = x509->altNames;
/* Currently only support GEN_DNS type */
while (dns != NULL) {
gn = wolfSSL_GENERAL_NAME_new();
if (gn == NULL) {
WOLFSSL_MSG("Error creating GENERAL_NAME");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
gn->type = dns->type;
gn->d.ia5->length = dns->len;
if (wolfSSL_ASN1_STRING_set(gn->d.ia5, dns->name,
gn->d.ia5->length) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
dns = dns->next;
/* last dns in list add at end of function */
if (dns != NULL) {
if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) !=
WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
}
if (wolfSSL_sk_GENERAL_NAME_push(sk,gn) !=
WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
ext->ext_sk = sk;
ext->crit = x509->subjAltNameCrit;
break;
}
default:
WOLFSSL_MSG("Unknown extension type found, parsing OID");
@ -1037,6 +1132,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ext->obj == NULL) {
ext->obj = wolfSSL_ASN1_OBJECT_new();
if (ext->obj == NULL) {
XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
@ -1053,7 +1149,6 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
ext->obj->objSz,
NULL,DYNAMIC_TYPE_ASN1);
if (ext->obj->obj == NULL) {
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -2136,6 +2231,12 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
}
break;
case ASN_OTHER_TYPE:
if (!wolfssl_dns_entry_othername_to_gn(dns, gn)) {
goto err;
}
break;
default:
if (wolfSSL_ASN1_STRING_set(gn->d.dNSName,
dns->name, dns->len) != WOLFSSL_SUCCESS) {
@ -2490,7 +2591,7 @@ err:
}
#endif
if (sk) {
wolfSSL_sk_free(sk);
wolfSSL_sk_pop_free(sk, NULL);
}
return NULL;
}
@ -9141,6 +9242,7 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key)
int nid;
const WOLFSSL_EC_GROUP *group;
#endif
WOLFSSL_ASN1_OBJECT *keyTypeObj;
WOLFSSL_ENTER("wolfSSL_X509_PUBKEY_set");
@ -9169,9 +9271,12 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key)
if (str == NULL)
goto error;
str->length = wolfSSL_i2d_DSAparams(key->dsa, (unsigned char **)&str->data);
if (str->length <= 0)
str->length = wolfSSL_i2d_DSAparams(key->dsa,
(unsigned char **)&str->data);
if (str->length <= 0) {
wolfSSL_ASN1_STRING_free(str);
goto error;
}
str->isDynamic = 1;
pval = str;
@ -9205,8 +9310,17 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key)
goto error;
}
if (!wolfSSL_X509_ALGOR_set0(pk->algor, wolfSSL_OBJ_nid2obj(key->type), ptype, pval)) {
keyTypeObj = wolfSSL_OBJ_nid2obj(key->type);
if (keyTypeObj == NULL) {
if (ptype == V_ASN1_OBJECT)
ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
else
ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval);
goto error;
}
if (!wolfSSL_X509_ALGOR_set0(pk->algor, keyTypeObj, ptype, pval)) {
WOLFSSL_MSG("Failed to create algorithm object");
ASN1_OBJECT_free(keyTypeObj);
if (ptype == V_ASN1_OBJECT)
ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
else
@ -13274,8 +13388,11 @@ int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to)
for (i = 0; i < MAX_NAME_ENTRIES; i++) {
WOLFSSL_X509_NAME_ENTRY* ne = wolfSSL_X509_NAME_get_entry(from, i);
if (ne != NULL)
wolfSSL_X509_NAME_add_entry(to, ne, i, 1);
if (ne != NULL) {
if (wolfSSL_X509_NAME_add_entry(to, ne, i, 1) != WOLFSSL_SUCCESS) {
return WOLFSSL_FAILURE;
}
}
}
to->entrySz = from->entrySz;
return WOLFSSL_SUCCESS;

15
src/x509_str.c
View File

@ -51,7 +51,11 @@ WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void)
DYNAMIC_TYPE_X509_CTX);
if (ctx != NULL) {
ctx->param = NULL;
wolfSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL);
if (wolfSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL) !=
WOLFSSL_SUCCESS) {
XFREE(ctx, NULL, DYNAMIC_TYPE_X509_CTX);
ctx = NULL;
}
}
return ctx;
@ -1261,6 +1265,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
}
obj->type = WOLFSSL_X509_LU_X509;
obj->data.x509 = x509;
x509 = NULL;
}
#endif
@ -1286,11 +1291,11 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
store->objs = ret;
return ret;
err_cleanup:
if (ret)
wolfSSL_sk_X509_OBJECT_free(ret);
if (cert_stack)
if (ret != NULL)
wolfSSL_sk_X509_OBJECT_pop_free(ret, NULL);
if (cert_stack != NULL)
wolfSSL_sk_X509_pop_free(cert_stack, NULL);
if (x509)
if (x509 != NULL)
wolfSSL_X509_free(x509);
return NULL;
}

5810
tests/api.c
View File

File diff suppressed because it is too large Load Diff