forked from wolfSSL/wolfssl
Merge pull request #4505 from julek-wolfssl/fix-nids
Make NID's consistent v2
This commit is contained in:
David Garske
GitHub
@@ -10574,7 +10574,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
ret = MEMORY_E;
|
||||
} else {
|
||||
if (!(x509->key.algor->algorithm =
|
||||
wolfSSL_OBJ_nid2obj(dCert->keyOID))) {
|
||||
wolfSSL_OBJ_nid2obj(oid2nid(dCert->keyOID, oidKeyType)))) {
|
||||
ret = PUBLIC_KEY_E;
|
||||
}
|
||||
}
|
||||
@@ -10604,7 +10604,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
#if defined(OPENSSL_ALL)
|
||||
wolfSSL_ASN1_OBJECT_free(x509->algor.algorithm);
|
||||
if (!(x509->algor.algorithm =
|
||||
wolfSSL_OBJ_nid2obj(dCert->signatureOID))) {
|
||||
wolfSSL_OBJ_nid2obj(oid2nid(dCert->signatureOID, oidSigType)))) {
|
||||
ret = PUBLIC_KEY_E;
|
||||
}
|
||||
#endif
|
||||
|
||||
259
src/ssl.c
259
src/ssl.c
@@ -135,8 +135,6 @@
|
||||
#include <wolfssl/openssl/x509v3.h>
|
||||
int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi);
|
||||
int SetIndividualExternal(WOLFSSL_BIGNUM** bn, mp_int* mpi);
|
||||
int oid2nid(word32 oid, int grp);
|
||||
word32 nid2oid(int nid, int grp);
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_QT)
|
||||
@@ -9284,7 +9282,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
||||
const byte* rawCert;
|
||||
const byte* input;
|
||||
byte* oidBuf;
|
||||
word32 oid, idx = 0, tmpIdx = 0;
|
||||
word32 oid, idx = 0, tmpIdx = 0, nid;
|
||||
WOLFSSL_X509_EXTENSION* ext = NULL;
|
||||
WOLFSSL_ASN1_INTEGER* a;
|
||||
WOLFSSL_STACK* sk;
|
||||
@@ -9384,6 +9382,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
||||
return NULL;
|
||||
}
|
||||
idx = tmpIdx;
|
||||
nid = (word32)oid2nid(oid, oidCertExtType);
|
||||
|
||||
/* Continue while loop until extCount == loc or idx > sz */
|
||||
if (extCount != loc) {
|
||||
@@ -9393,15 +9392,15 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
||||
}
|
||||
/* extCount == loc. Now get the extension. */
|
||||
/* Check if extension has been set */
|
||||
isSet = wolfSSL_X509_ext_isSet_by_NID((WOLFSSL_X509*)x509, oid);
|
||||
ext->obj = wolfSSL_OBJ_nid2obj(oid);
|
||||
isSet = wolfSSL_X509_ext_isSet_by_NID((WOLFSSL_X509*)x509, nid);
|
||||
ext->obj = wolfSSL_OBJ_nid2obj(nid);
|
||||
if (ext->obj == NULL) {
|
||||
WOLFSSL_MSG("\tfail: Invalid OBJECT");
|
||||
wolfSSL_X509_EXTENSION_free(ext);
|
||||
FreeDecodedCert(&cert);
|
||||
return NULL;
|
||||
}
|
||||
ext->obj->nid = oid;
|
||||
ext->obj->nid = nid;
|
||||
|
||||
switch (oid) {
|
||||
case BASIC_CA_OID:
|
||||
@@ -9457,7 +9456,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
||||
obj->obj = (byte*)x509->authInfoCaIssuer;
|
||||
obj->objSz = x509->authInfoCaIssuerSz;
|
||||
obj->grp = oidCertAuthInfoType;
|
||||
obj->nid = AIA_CA_ISSUER_OID;
|
||||
obj->nid = NID_ad_ca_issuers;
|
||||
|
||||
ret = wolfSSL_sk_ASN1_OBJECT_push(sk, obj);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
@@ -9486,7 +9485,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
||||
obj->obj = x509->authInfo;
|
||||
obj->objSz = x509->authInfoSz;
|
||||
obj->grp = oidCertAuthInfoType;
|
||||
obj->nid = AIA_OCSP_OID;
|
||||
obj->nid = NID_ad_OCSP;
|
||||
|
||||
ret = wolfSSL_sk_ASN1_OBJECT_push(sk, obj);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
@@ -10352,7 +10351,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
|
||||
int isSet = 0, found = 0, loc;
|
||||
const byte* rawCert;
|
||||
const byte* input;
|
||||
word32 oid, idx = 0, tmpIdx = 0;
|
||||
word32 oid, idx = 0, tmpIdx = 0, foundNID;
|
||||
DecodedCert cert;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_get_ext_by_NID");
|
||||
@@ -10437,12 +10436,13 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
idx = tmpIdx;
|
||||
foundNID = (word32)oid2nid(oid, oidCertExtType);
|
||||
|
||||
if (extCount >= loc) {
|
||||
/* extCount >= loc. Now check if extension has been set */
|
||||
isSet = wolfSSL_X509_ext_isSet_by_NID((WOLFSSL_X509*)x509, oid);
|
||||
isSet = wolfSSL_X509_ext_isSet_by_NID((WOLFSSL_X509*)x509, foundNID);
|
||||
|
||||
if (isSet && ((word32)nid == oid)) {
|
||||
if (isSet && ((word32)nid == foundNID)) {
|
||||
found = 1;
|
||||
break;
|
||||
}
|
||||
@@ -16604,7 +16604,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
||||
int wolfSSL_add_all_algorithms(void)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_add_all_algorithms");
|
||||
if (wolfSSL_Init() == WOLFSSL_SUCCESS)
|
||||
if (initRefCount != 0 || wolfSSL_Init() == WOLFSSL_SUCCESS)
|
||||
return WOLFSSL_SUCCESS;
|
||||
else
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
@@ -23585,17 +23585,17 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
|
||||
|
||||
if (x509 != NULL) {
|
||||
switch (nid) {
|
||||
case BASIC_CA_OID: isSet = x509->basicConstSet; break;
|
||||
case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break;
|
||||
case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break;
|
||||
case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break;
|
||||
case KEY_USAGE_OID: isSet = x509->keyUsageSet; break;
|
||||
case CRL_DIST_OID: isSet = x509->CRLdistSet; break;
|
||||
case EXT_KEY_USAGE_OID: isSet = ((x509->extKeyUsageSrc) ? 1 : 0);
|
||||
case NID_basic_constraints: isSet = x509->basicConstSet; break;
|
||||
case NID_subject_alt_name: isSet = x509->subjAltNameSet; break;
|
||||
case NID_authority_key_identifier: isSet = x509->authKeyIdSet; break;
|
||||
case NID_subject_key_identifier: isSet = x509->subjKeyIdSet; break;
|
||||
case NID_key_usage: isSet = x509->keyUsageSet; break;
|
||||
case NID_crl_distribution_points: isSet = x509->CRLdistSet; break;
|
||||
case NID_ext_key_usage: isSet = ((x509->extKeyUsageSrc) ? 1 : 0);
|
||||
break;
|
||||
case AUTH_INFO_OID: isSet = x509->authInfoSet; break;
|
||||
case NID_info_access: isSet = x509->authInfoSet; break;
|
||||
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
|
||||
case CERT_POLICY_OID: isSet = x509->certPolicySet; break;
|
||||
case NID_certificate_policies: isSet = x509->certPolicySet; break;
|
||||
#endif /* WOLFSSL_SEP || WOLFSSL_QT */
|
||||
default:
|
||||
WOLFSSL_MSG("NID not in table");
|
||||
@@ -23616,14 +23616,15 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
|
||||
|
||||
if (x509 != NULL) {
|
||||
switch (nid) {
|
||||
case BASIC_CA_OID: crit = x509->basicConstCrit; break;
|
||||
case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break;
|
||||
case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break;
|
||||
case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break;
|
||||
case KEY_USAGE_OID: crit = x509->keyUsageCrit; break;
|
||||
case CRL_DIST_OID: crit= x509->CRLdistCrit; break;
|
||||
case NID_basic_constraints: crit = x509->basicConstCrit; break;
|
||||
case NID_subject_alt_name: crit = x509->subjAltNameCrit; break;
|
||||
case NID_authority_key_identifier: crit = x509->authKeyIdCrit; break;
|
||||
case NID_subject_key_identifier: crit = x509->subjKeyIdCrit; break;
|
||||
case NID_key_usage: crit = x509->keyUsageCrit; break;
|
||||
case NID_crl_distribution_points: crit= x509->CRLdistCrit; break;
|
||||
case NID_ext_key_usage: crit= x509->extKeyUsageCrit; break;
|
||||
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
|
||||
case CERT_POLICY_OID: crit = x509->certPolicyCrit; break;
|
||||
case NID_certificate_policies: crit = x509->certPolicyCrit; break;
|
||||
#endif /* WOLFSSL_SEP || WOLFSSL_QT */
|
||||
}
|
||||
}
|
||||
@@ -28828,17 +28829,17 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key)
|
||||
switch (key->type) {
|
||||
#ifndef NO_RSA
|
||||
case EVP_PKEY_RSA:
|
||||
pk->algor->algorithm= wolfSSL_OBJ_nid2obj(RSAk);
|
||||
pk->algor->algorithm= wolfSSL_OBJ_nid2obj(NID_rsaEncryption);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_DSA
|
||||
case EVP_PKEY_DSA:
|
||||
pk->algor->algorithm = wolfSSL_OBJ_nid2obj(DSAk);
|
||||
pk->algor->algorithm = wolfSSL_OBJ_nid2obj(NID_dsa);
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case EVP_PKEY_EC:
|
||||
pk->algor->algorithm = wolfSSL_OBJ_nid2obj(ECDSAk);
|
||||
pk->algor->algorithm = wolfSSL_OBJ_nid2obj(NID_X9_62_id_ecPublicKey);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
@@ -31321,7 +31322,7 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
||||
"X509v3 Basic Constraints"},
|
||||
{ NID_subject_alt_name, ALT_NAMES_OID, oidCertExtType, "subjectAltName",
|
||||
"X509v3 Subject Alternative Name"},
|
||||
{ CRL_DIST_OID, CRL_DIST_OID, oidCertExtType, "crlDistributionPoints",
|
||||
{ NID_crl_distribution_points, CRL_DIST_OID, oidCertExtType, "crlDistributionPoints",
|
||||
"X509v3 CRL Distribution Points"},
|
||||
{ NID_info_access, AUTH_INFO_OID, oidCertExtType, "authorityInfoAccess",
|
||||
"Authority Information Access"},
|
||||
@@ -31341,9 +31342,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
||||
"certificatePolicies", "X509v3 Certificate Policies"},
|
||||
|
||||
/* oidCertAuthInfoType */
|
||||
{ AIA_OCSP_OID, AIA_OCSP_OID, oidCertAuthInfoType, "OCSP",
|
||||
{ NID_ad_OCSP, AIA_OCSP_OID, oidCertAuthInfoType, "OCSP",
|
||||
"OCSP"},
|
||||
{ AIA_CA_ISSUER_OID, AIA_CA_ISSUER_OID, oidCertAuthInfoType,
|
||||
{ NID_ad_ca_issuers, AIA_CA_ISSUER_OID, oidCertAuthInfoType,
|
||||
"caIssuers", "CA Issuers"},
|
||||
|
||||
/* oidCertPolicyType */
|
||||
@@ -31436,106 +31437,103 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
|
||||
/* oidSigType */
|
||||
#ifndef NO_DSA
|
||||
#ifndef NO_SHA
|
||||
{ CTC_SHAwDSA, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"},
|
||||
{ CTC_SHA256wDSA, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256",
|
||||
{ NID_dsaWithSHA1, CTC_SHAwDSA, oidSigType, "DSA-SHA1", "dsaWithSHA1"},
|
||||
{ NID_dsa_with_SHA256, CTC_SHA256wDSA, oidSigType, "dsa_with_SHA256",
|
||||
"dsa_with_SHA256"},
|
||||
#endif
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
#ifdef WOLFSSL_MD2
|
||||
{ CTC_MD2wRSA, CTC_MD2wRSA, oidSigType, "RSA-MD2",
|
||||
{ NID_md2WithRSAEncryption, CTC_MD2wRSA, oidSigType, "RSA-MD2",
|
||||
"md2WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef NO_MD5
|
||||
{ CTC_MD5wRSA, CTC_MD5wRSA, oidSigType, "RSA-MD5",
|
||||
{ NID_md5WithRSAEncryption, CTC_MD5wRSA, oidSigType, "RSA-MD5",
|
||||
"md5WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef NO_SHA
|
||||
{ CTC_SHAwRSA, CTC_SHAwRSA, oidSigType, "RSA-SHA1",
|
||||
{ NID_sha1WithRSAEncryption, CTC_SHAwRSA, oidSigType, "RSA-SHA1",
|
||||
"sha1WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
{ CTC_SHA224wRSA, CTC_SHA224wRSA, oidSigType, "RSA-SHA224",
|
||||
{ NID_sha224WithRSAEncryption, CTC_SHA224wRSA, oidSigType, "RSA-SHA224",
|
||||
"sha224WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
{ CTC_SHA256wRSA, CTC_SHA256wRSA, oidSigType, "RSA-SHA256",
|
||||
{ NID_sha256WithRSAEncryption, CTC_SHA256wRSA, oidSigType, "RSA-SHA256",
|
||||
"sha256WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
{ CTC_SHA384wRSA, CTC_SHA384wRSA, oidSigType, "RSA-SHA384",
|
||||
{ NID_sha384WithRSAEncryption, CTC_SHA384wRSA, oidSigType, "RSA-SHA384",
|
||||
"sha384WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
{ CTC_SHA512wRSA, CTC_SHA512wRSA, oidSigType, "RSA-SHA512",
|
||||
{ NID_sha512WithRSAEncryption, CTC_SHA512wRSA, oidSigType, "RSA-SHA512",
|
||||
"sha512WithRSAEncryption"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA3
|
||||
#ifndef WOLFSSL_NOSHA3_224
|
||||
{ CTC_SHA3_224wRSA, CTC_SHA3_224wRSA, oidSigType, "RSA-SHA3-224",
|
||||
{ NID_RSA_SHA3_224, CTC_SHA3_224wRSA, oidSigType, "RSA-SHA3-224",
|
||||
"sha3-224WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_256
|
||||
{ CTC_SHA3_256wRSA, CTC_SHA3_256wRSA, oidSigType, "RSA-SHA3-256",
|
||||
{ NID_RSA_SHA3_256, CTC_SHA3_256wRSA, oidSigType, "RSA-SHA3-256",
|
||||
"sha3-256WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_384
|
||||
{ CTC_SHA3_384wRSA, CTC_SHA3_384wRSA, oidSigType, "RSA-SHA3-384",
|
||||
{ NID_RSA_SHA3_384, CTC_SHA3_384wRSA, oidSigType, "RSA-SHA3-384",
|
||||
"sha3-384WithRSAEncryption"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_512
|
||||
{ CTC_SHA3_512wRSA, CTC_SHA3_512wRSA, oidSigType, "RSA-SHA3-512",
|
||||
{ NID_RSA_SHA3_512, CTC_SHA3_512wRSA, oidSigType, "RSA-SHA3-512",
|
||||
"sha3-512WithRSAEncryption"},
|
||||
#endif
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
#ifndef NO_SHA
|
||||
{ CTC_SHAwECDSA, CTC_SHAwECDSA, oidSigType, "ecdsa-with-SHA1", "shaWithECDSA"},
|
||||
{ NID_ecdsa_with_SHA1, CTC_SHAwECDSA, oidSigType, "ecdsa-with-SHA1", "shaWithECDSA"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
{ CTC_SHA224wECDSA, CTC_SHA224wECDSA, oidSigType, "ecdsa-with-SHA224","sha224WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA224, CTC_SHA224wECDSA, oidSigType, "ecdsa-with-SHA224","sha224WithECDSA"},
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
{ CTC_SHA256wECDSA, CTC_SHA256wECDSA, oidSigType, "ecdsa-with-SHA256","sha256WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA256, CTC_SHA256wECDSA, oidSigType, "ecdsa-with-SHA256","sha256WithECDSA"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
{ CTC_SHA384wECDSA, CTC_SHA384wECDSA, oidSigType, "ecdsa-with-SHA384","sha384WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA384, CTC_SHA384wECDSA, oidSigType, "ecdsa-with-SHA384","sha384WithECDSA"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
{ CTC_SHA512wECDSA, CTC_SHA512wECDSA, oidSigType, "ecdsa-with-SHA512","sha512WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA512, CTC_SHA512wECDSA, oidSigType, "ecdsa-with-SHA512","sha512WithECDSA"},
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA3
|
||||
#ifndef WOLFSSL_NOSHA3_224
|
||||
{ CTC_SHA3_224wECDSA, CTC_SHA3_224wECDSA, oidSigType, "ecdsa-with-SHA3-224",
|
||||
"sha3-224WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA3_224, CTC_SHA3_224wECDSA, oidSigType, "id-ecdsa-with-SHA3-224",
|
||||
"ecdsa_with_SHA3-224"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_256
|
||||
{ CTC_SHA3_256wECDSA, CTC_SHA3_256wECDSA, oidSigType, "ecdsa-with-SHA3-256",
|
||||
"sha3-256WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA3_256, CTC_SHA3_256wECDSA, oidSigType, "id-ecdsa-with-SHA3-256",
|
||||
"ecdsa_with_SHA3-256"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_384
|
||||
{ CTC_SHA3_384wECDSA, CTC_SHA3_384wECDSA, oidSigType, "ecdsa-with-SHA3-384",
|
||||
"sha3-384WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA3_384, CTC_SHA3_384wECDSA, oidSigType, "id-ecdsa-with-SHA3-384",
|
||||
"ecdsa_with_SHA3-384"},
|
||||
#endif
|
||||
#ifndef WOLFSSL_NOSHA3_512
|
||||
{ CTC_SHA3_512wECDSA, CTC_SHA3_512wECDSA, oidSigType, "ecdsa-with-SHA3-512",
|
||||
"sha3-512WithECDSA"},
|
||||
{ NID_ecdsa_with_SHA3_512, CTC_SHA3_512wECDSA, oidSigType, "id-ecdsa-with-SHA3-512",
|
||||
"ecdsa_with_SHA3-512"},
|
||||
#endif
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
/* oidKeyType */
|
||||
#ifndef NO_DSA
|
||||
{ DSAk, DSAk, oidKeyType, "DSA", "dsaEncryption"},
|
||||
{ NID_dsa, DSAk, oidKeyType, "DSA", "dsaEncryption"},
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
{ RSAk, RSAk, oidKeyType, "rsaEncryption", "rsaEncryption"},
|
||||
{ NID_rsaEncryption, RSAk, oidKeyType, "rsaEncryption", "rsaEncryption"},
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
{ ECDSAk, ECDSAk, oidKeyType, "ECDSA", "ecdsaEncryption"},
|
||||
{ NID_X9_62_id_ecPublicKey, ECDSAk, oidKeyType, "id-ecPublicKey",
|
||||
"id-ecPublicKey"},
|
||||
#endif /* HAVE_ECC */
|
||||
@@ -44245,6 +44243,7 @@ err:
|
||||
WOLFSSL_ASN1_OBJECT* arg_obj)
|
||||
{
|
||||
word32 oidSz = 0;
|
||||
int nid = 0;
|
||||
const byte* oid;
|
||||
word32 type = 0;
|
||||
WOLFSSL_ASN1_OBJECT* obj = arg_obj;
|
||||
@@ -44259,6 +44258,7 @@ err:
|
||||
|
||||
for (i = 0; i < (int)WOLFSSL_OBJECT_INFO_SZ; i++) {
|
||||
if (wolfssl_object_info[i].nid == id) {
|
||||
nid = id;
|
||||
id = wolfssl_object_info[i].id;
|
||||
sName = wolfssl_object_info[i].sName;
|
||||
type = wolfssl_object_info[i].type;
|
||||
@@ -44298,6 +44298,7 @@ err:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
obj->nid = nid;
|
||||
obj->type = id;
|
||||
obj->grp = type;
|
||||
|
||||
@@ -50522,54 +50523,56 @@ word32 nid2oid(int nid, int grp)
|
||||
case oidSigType:
|
||||
switch (nid) {
|
||||
#ifndef NO_DSA
|
||||
case CTC_SHAwDSA:
|
||||
case NID_dsaWithSHA1:
|
||||
return CTC_SHAwDSA;
|
||||
case NID_dsa_with_SHA256:
|
||||
return CTC_SHA256wDSA;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
case CTC_MD2wRSA:
|
||||
case NID_md2WithRSAEncryption:
|
||||
return CTC_MD2wRSA;
|
||||
case CTC_MD5wRSA:
|
||||
case NID_md5WithRSAEncryption:
|
||||
return CTC_MD5wRSA;
|
||||
case CTC_SHAwRSA:
|
||||
case NID_sha1WithRSAEncryption:
|
||||
return CTC_SHAwRSA;
|
||||
case CTC_SHA224wRSA:
|
||||
case NID_sha224WithRSAEncryption:
|
||||
return CTC_SHA224wRSA;
|
||||
case CTC_SHA256wRSA:
|
||||
case NID_sha256WithRSAEncryption:
|
||||
return CTC_SHA256wRSA;
|
||||
case CTC_SHA384wRSA:
|
||||
case NID_sha384WithRSAEncryption:
|
||||
return CTC_SHA384wRSA;
|
||||
case CTC_SHA512wRSA:
|
||||
case NID_sha512WithRSAEncryption:
|
||||
return CTC_SHA512wRSA;
|
||||
#ifdef WOLFSSL_SHA3
|
||||
case CTC_SHA3_224wRSA:
|
||||
case NID_RSA_SHA3_224:
|
||||
return CTC_SHA3_224wRSA;
|
||||
case CTC_SHA3_256wRSA:
|
||||
case NID_RSA_SHA3_256:
|
||||
return CTC_SHA3_256wRSA;
|
||||
case CTC_SHA3_384wRSA:
|
||||
case NID_RSA_SHA3_384:
|
||||
return CTC_SHA3_384wRSA;
|
||||
case CTC_SHA3_512wRSA:
|
||||
case NID_RSA_SHA3_512:
|
||||
return CTC_SHA3_512wRSA;
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case CTC_SHAwECDSA:
|
||||
case NID_ecdsa_with_SHA1:
|
||||
return CTC_SHAwECDSA;
|
||||
case CTC_SHA224wECDSA:
|
||||
case NID_ecdsa_with_SHA224:
|
||||
return CTC_SHA224wECDSA;
|
||||
case CTC_SHA256wECDSA:
|
||||
case NID_ecdsa_with_SHA256:
|
||||
return CTC_SHA256wECDSA;
|
||||
case CTC_SHA384wECDSA:
|
||||
case NID_ecdsa_with_SHA384:
|
||||
return CTC_SHA384wECDSA;
|
||||
case CTC_SHA512wECDSA:
|
||||
case NID_ecdsa_with_SHA512:
|
||||
return CTC_SHA512wECDSA;
|
||||
#ifdef WOLFSSL_SHA3
|
||||
case CTC_SHA3_224wECDSA:
|
||||
case NID_ecdsa_with_SHA3_224:
|
||||
return CTC_SHA3_224wECDSA;
|
||||
case CTC_SHA3_256wECDSA:
|
||||
case NID_ecdsa_with_SHA3_256:
|
||||
return CTC_SHA3_256wECDSA;
|
||||
case CTC_SHA3_384wECDSA:
|
||||
case NID_ecdsa_with_SHA3_384:
|
||||
return CTC_SHA3_384wECDSA;
|
||||
case CTC_SHA3_512wECDSA:
|
||||
case NID_ecdsa_with_SHA3_512:
|
||||
return CTC_SHA3_512wECDSA;
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
@@ -50580,15 +50583,15 @@ word32 nid2oid(int nid, int grp)
|
||||
case oidKeyType:
|
||||
switch (nid) {
|
||||
#ifndef NO_DSA
|
||||
case DSAk:
|
||||
case NID_dsa:
|
||||
return DSAk;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
case RSAk:
|
||||
case NID_rsaEncryption:
|
||||
return RSAk;
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case ECDSAk:
|
||||
case NID_X9_62_id_ecPublicKey:
|
||||
return ECDSAk;
|
||||
#endif /* HAVE_ECC */
|
||||
}
|
||||
@@ -50694,19 +50697,19 @@ word32 nid2oid(int nid, int grp)
|
||||
/* oidCertExtType */
|
||||
case oidCertExtType:
|
||||
switch (nid) {
|
||||
case BASIC_CA_OID:
|
||||
case NID_basic_constraints:
|
||||
return BASIC_CA_OID;
|
||||
case ALT_NAMES_OID:
|
||||
case NID_subject_alt_name:
|
||||
return ALT_NAMES_OID;
|
||||
case CRL_DIST_OID:
|
||||
case NID_crl_distribution_points:
|
||||
return CRL_DIST_OID;
|
||||
case AUTH_INFO_OID:
|
||||
case NID_info_access:
|
||||
return AUTH_INFO_OID;
|
||||
case AUTH_KEY_OID:
|
||||
case NID_authority_key_identifier:
|
||||
return AUTH_KEY_OID;
|
||||
case SUBJ_KEY_OID:
|
||||
case NID_subject_key_identifier:
|
||||
return SUBJ_KEY_OID;
|
||||
case INHIBIT_ANY_OID:
|
||||
case NID_inhibit_any_policy:
|
||||
return INHIBIT_ANY_OID;
|
||||
case NID_key_usage:
|
||||
return KEY_USAGE_OID;
|
||||
@@ -50714,6 +50717,8 @@ word32 nid2oid(int nid, int grp)
|
||||
return NAME_CONS_OID;
|
||||
case NID_certificate_policies:
|
||||
return CERT_POLICY_OID;
|
||||
case NID_ext_key_usage:
|
||||
return EXT_KEY_USAGE_OID;
|
||||
}
|
||||
break;
|
||||
|
||||
@@ -50873,56 +50878,56 @@ int oid2nid(word32 oid, int grp)
|
||||
switch (oid) {
|
||||
#ifndef NO_DSA
|
||||
case CTC_SHAwDSA:
|
||||
return CTC_SHAwDSA;
|
||||
return NID_dsaWithSHA1;
|
||||
case CTC_SHA256wDSA:
|
||||
return CTC_SHA256wDSA;
|
||||
return NID_dsa_with_SHA256;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
case CTC_MD2wRSA:
|
||||
return CTC_MD2wRSA;
|
||||
return NID_md2WithRSAEncryption;
|
||||
case CTC_MD5wRSA:
|
||||
return CTC_MD5wRSA;
|
||||
return NID_md5WithRSAEncryption;
|
||||
case CTC_SHAwRSA:
|
||||
return CTC_SHAwRSA;
|
||||
return NID_sha1WithRSAEncryption;
|
||||
case CTC_SHA224wRSA:
|
||||
return CTC_SHA224wRSA;
|
||||
return NID_sha224WithRSAEncryption;
|
||||
case CTC_SHA256wRSA:
|
||||
return CTC_SHA256wRSA;
|
||||
return NID_sha256WithRSAEncryption;
|
||||
case CTC_SHA384wRSA:
|
||||
return CTC_SHA384wRSA;
|
||||
return NID_sha384WithRSAEncryption;
|
||||
case CTC_SHA512wRSA:
|
||||
return CTC_SHA512wRSA;
|
||||
return NID_sha512WithRSAEncryption;
|
||||
#ifdef WOLFSSL_SHA3
|
||||
case CTC_SHA3_224wRSA:
|
||||
return CTC_SHA3_224wRSA;
|
||||
return NID_RSA_SHA3_224;
|
||||
case CTC_SHA3_256wRSA:
|
||||
return CTC_SHA3_256wRSA;
|
||||
return NID_RSA_SHA3_256;
|
||||
case CTC_SHA3_384wRSA:
|
||||
return CTC_SHA3_384wRSA;
|
||||
return NID_RSA_SHA3_384;
|
||||
case CTC_SHA3_512wRSA:
|
||||
return CTC_SHA3_512wRSA;
|
||||
return NID_RSA_SHA3_512;
|
||||
#endif
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case CTC_SHAwECDSA:
|
||||
return CTC_SHAwECDSA;
|
||||
return NID_ecdsa_with_SHA1;
|
||||
case CTC_SHA224wECDSA:
|
||||
return CTC_SHA224wECDSA;
|
||||
return NID_ecdsa_with_SHA224;
|
||||
case CTC_SHA256wECDSA:
|
||||
return CTC_SHA256wECDSA;
|
||||
return NID_ecdsa_with_SHA256;
|
||||
case CTC_SHA384wECDSA:
|
||||
return CTC_SHA384wECDSA;
|
||||
return NID_ecdsa_with_SHA384;
|
||||
case CTC_SHA512wECDSA:
|
||||
return CTC_SHA512wECDSA;
|
||||
return NID_ecdsa_with_SHA512;
|
||||
#ifdef WOLFSSL_SHA3
|
||||
case CTC_SHA3_224wECDSA:
|
||||
return CTC_SHA3_224wECDSA;
|
||||
return NID_ecdsa_with_SHA3_224;
|
||||
case CTC_SHA3_256wECDSA:
|
||||
return CTC_SHA3_256wECDSA;
|
||||
return NID_ecdsa_with_SHA3_256;
|
||||
case CTC_SHA3_384wECDSA:
|
||||
return CTC_SHA3_384wECDSA;
|
||||
return NID_ecdsa_with_SHA3_384;
|
||||
case CTC_SHA3_512wECDSA:
|
||||
return CTC_SHA3_512wECDSA;
|
||||
return NID_ecdsa_with_SHA3_512;
|
||||
#endif
|
||||
#endif /* HAVE_ECC */
|
||||
}
|
||||
@@ -50933,15 +50938,15 @@ int oid2nid(word32 oid, int grp)
|
||||
switch (oid) {
|
||||
#ifndef NO_DSA
|
||||
case DSAk:
|
||||
return DSAk;
|
||||
return NID_dsa;
|
||||
#endif /* NO_DSA */
|
||||
#ifndef NO_RSA
|
||||
case RSAk:
|
||||
return RSAk;
|
||||
return NID_rsaEncryption;
|
||||
#endif /* NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case ECDSAk:
|
||||
return ECDSAk;
|
||||
return NID_X9_62_id_ecPublicKey;
|
||||
#endif /* HAVE_ECC */
|
||||
}
|
||||
break;
|
||||
@@ -51047,25 +51052,27 @@ int oid2nid(word32 oid, int grp)
|
||||
case oidCertExtType:
|
||||
switch (oid) {
|
||||
case BASIC_CA_OID:
|
||||
return BASIC_CA_OID;
|
||||
return NID_basic_constraints;
|
||||
case ALT_NAMES_OID:
|
||||
return ALT_NAMES_OID;
|
||||
return NID_subject_alt_name;
|
||||
case CRL_DIST_OID:
|
||||
return CRL_DIST_OID;
|
||||
return NID_crl_distribution_points;
|
||||
case AUTH_INFO_OID:
|
||||
return AUTH_INFO_OID;
|
||||
return NID_info_access;
|
||||
case AUTH_KEY_OID:
|
||||
return AUTH_KEY_OID;
|
||||
return NID_authority_key_identifier;
|
||||
case SUBJ_KEY_OID:
|
||||
return SUBJ_KEY_OID;
|
||||
return NID_subject_key_identifier;
|
||||
case INHIBIT_ANY_OID:
|
||||
return INHIBIT_ANY_OID;
|
||||
return NID_inhibit_any_policy;
|
||||
case KEY_USAGE_OID:
|
||||
return NID_key_usage;
|
||||
case NAME_CONS_OID:
|
||||
return NID_name_constraints;
|
||||
case CERT_POLICY_OID:
|
||||
return NID_certificate_policies;
|
||||
case EXT_KEY_USAGE_OID:
|
||||
return NID_ext_key_usage;
|
||||
}
|
||||
break;
|
||||
|
||||
|
||||
16
tests/api.c
16
tests/api.c
@@ -33994,6 +33994,11 @@ static void test_wolfSSL_X509_STORE_load_locations(void)
|
||||
AssertIntEQ(X509_STORE_load_locations(store, client_pem_file, NULL), WOLFSSL_SUCCESS);
|
||||
AssertIntEQ(X509_STORE_load_locations(store, NULL, certs_path), WOLFSSL_SUCCESS);
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
|
||||
/* Clear nodes */
|
||||
ERR_clear_error();
|
||||
#endif
|
||||
|
||||
SSL_CTX_free(ctx);
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
@@ -36050,7 +36055,7 @@ static void test_wolfSSL_X509_ALGOR_get0(void)
|
||||
AssertNotNull(ppval);
|
||||
AssertIntNE(pptype, 0);
|
||||
/* Make sure NID of X509_ALGOR is Sha256 with RSA */
|
||||
AssertIntEQ(OBJ_obj2nid(obj), CTC_SHA256wRSA);
|
||||
AssertIntEQ(OBJ_obj2nid(obj), NID_sha256WithRSAEncryption);
|
||||
|
||||
X509_free(x509);
|
||||
|
||||
@@ -36241,7 +36246,7 @@ static void test_wolfSSL_X509_PUBKEY(void)
|
||||
AssertNotNull(pubKey);
|
||||
AssertIntGT(ppklen, 0);
|
||||
|
||||
AssertIntEQ(OBJ_obj2nid(obj), RSAk);
|
||||
AssertIntEQ(OBJ_obj2nid(obj), NID_rsaEncryption);
|
||||
|
||||
AssertNotNull(evpKey = X509_PUBKEY_get(pubKey));
|
||||
AssertNotNull(pubKey2 = X509_PUBKEY_new());
|
||||
@@ -40860,13 +40865,10 @@ static void test_wolfSSL_OpenSSL_add_all_algorithms(void){
|
||||
printf(testingFmt, "wolfSSL_OpenSSL_add_all_algorithms()");
|
||||
|
||||
AssertIntEQ(wolfSSL_add_all_algorithms(),WOLFSSL_SUCCESS);
|
||||
wolfSSL_Cleanup();
|
||||
|
||||
AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(),WOLFSSL_SUCCESS);
|
||||
wolfSSL_Cleanup();
|
||||
|
||||
AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(),WOLFSSL_SUCCESS);
|
||||
wolfSSL_Cleanup();
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
@@ -43650,7 +43652,7 @@ static void test_wolfSSL_X509V3_EXT_get(void) {
|
||||
AssertIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
|
||||
for (i = 0; i < numOfExt; i++) {
|
||||
AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
|
||||
AssertNotNull(extNid = ext->obj->nid);
|
||||
AssertIntNE((extNid = ext->obj->nid), NID_undef);
|
||||
AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
|
||||
AssertIntEQ(method->ext_nid, extNid);
|
||||
}
|
||||
@@ -45675,7 +45677,7 @@ static void test_X509_get_signature_nid(void)
|
||||
AssertIntEQ(X509_get_signature_nid(NULL), 0);
|
||||
AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
AssertIntEQ(X509_get_signature_nid(x509), CTC_SHA256wRSA);
|
||||
AssertIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
|
||||
X509_free(x509);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
|
||||
@@ -4964,6 +4964,10 @@ WOLFSSL_LOCAL void wolfSSL_sk_BY_DIR_entry_free(WOLF_STACK_OF(wolfSSL_BY_DIR_ent
|
||||
WOLFSSL_LOCAL int wolfSSL_sk_BY_DIR_entry_push(WOLF_STACK_OF(wolfSSL_BY_DIR_entry)* sk,
|
||||
WOLFSSL_BY_DIR_entry* in);
|
||||
#endif /* OPENSSL_ALL && !NO_FILESYSTEM && !NO_WOLFSSL_DIR */
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
WOLFSSL_LOCAL int oid2nid(word32 oid, int grp);
|
||||
WOLFSSL_LOCAL word32 nid2oid(int nid, int grp);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
||||
@@ -45,7 +45,7 @@ enum {
|
||||
NID_X9_62_prime192v3 = 411,
|
||||
NID_X9_62_prime239v1 = 412,
|
||||
NID_X9_62_prime239v2 = 413,
|
||||
NID_X9_62_prime239v3 = 414,
|
||||
NID_X9_62_prime239v3 = 418, /* Previous value conflicted with AES128CBCb */
|
||||
NID_X9_62_prime256v1 = 415,
|
||||
NID_secp112r1 = 704,
|
||||
NID_secp112r2 = 705,
|
||||
|
||||
@@ -237,10 +237,10 @@ enum {
|
||||
AES_192_GCM_TYPE = 22,
|
||||
AES_256_GCM_TYPE = 23,
|
||||
NID_sha1 = 64,
|
||||
NID_sha224 = 65,
|
||||
NID_sha224 = 675,
|
||||
NID_md2 = 77,
|
||||
NID_md4 = 257,
|
||||
NID_md5 = 4,
|
||||
NID_md5 = 40,
|
||||
NID_hmac = 855,
|
||||
NID_cmac = 894,
|
||||
NID_dhKeyAgreement= 28,
|
||||
@@ -265,7 +265,8 @@ enum {
|
||||
|
||||
enum {
|
||||
NID_md5WithRSA = 104,
|
||||
NID_md5WithRSAEncryption = 8,
|
||||
NID_md2WithRSAEncryption = 9,
|
||||
NID_md5WithRSAEncryption = 99,
|
||||
NID_dsaWithSHA1 = 113,
|
||||
NID_dsaWithSHA1_2 = 70,
|
||||
NID_sha1WithRSA = 115,
|
||||
@@ -274,11 +275,19 @@ enum {
|
||||
NID_sha256WithRSAEncryption = 668,
|
||||
NID_sha384WithRSAEncryption = 669,
|
||||
NID_sha512WithRSAEncryption = 670,
|
||||
NID_RSA_SHA3_224 = 1116,
|
||||
NID_RSA_SHA3_256 = 1117,
|
||||
NID_RSA_SHA3_384 = 1118,
|
||||
NID_RSA_SHA3_512 = 1119,
|
||||
NID_ecdsa_with_SHA1 = 416,
|
||||
NID_ecdsa_with_SHA224 = 793,
|
||||
NID_ecdsa_with_SHA256 = 794,
|
||||
NID_ecdsa_with_SHA384 = 795,
|
||||
NID_ecdsa_with_SHA512 = 796,
|
||||
NID_ecdsa_with_SHA3_224 = 1112,
|
||||
NID_ecdsa_with_SHA3_256 = 1113,
|
||||
NID_ecdsa_with_SHA3_384 = 1114,
|
||||
NID_ecdsa_with_SHA3_512 = 1115,
|
||||
NID_dsa_with_SHA224 = 802,
|
||||
NID_dsa_with_SHA256 = 803,
|
||||
NID_sha3_224 = 1096,
|
||||
|
||||
@@ -705,10 +705,11 @@ enum
|
||||
NID_policy_constraints = 150,
|
||||
NID_inhibit_any_policy = 168, /* 2.5.29.54 */
|
||||
NID_tlsfeature = 1020, /* id-pe 24 */
|
||||
NID_commonName = 0x03, /* matches ASN_COMMON_NAME in asn.h */
|
||||
NID_buildingName = 1494,
|
||||
|
||||
|
||||
NID_commonName = 14, /* CN Changed to not conflict
|
||||
* with PBE_SHA1_DES3 */
|
||||
NID_surname = 0x04, /* SN */
|
||||
NID_serialNumber = 0x05, /* serialNumber */
|
||||
NID_countryName = 0x06, /* C */
|
||||
|
||||
Reference in New Issue
Block a user