feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

ssl: refactoring CyaSSL_CertPemToDer to reduce stack usage:

Browse Source 
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_KeyPemToDer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
This commit is contained in:
Moisés Guimarães
2014-08-18 14:58:28 -03:00
parent 27ad083dbf
commit 97548cc842
1 changed files with 62 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
src/ssl.c
View File

@@ -1178,10 +1178,14 @@ int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz,
unsigned char* buff, int buffSz, unsigned char* buff, int buffSz,
int type) int type)
{ {
EncryptedInfo info; int eccKey = 0;
int eccKey = 0; int ret;
int ret; buffer der;
buffer der; #ifdef CYASSL_SMALL_STACK
EncryptedInfo* info;
#else
EncryptedInfo info[1];
#endif
CYASSL_ENTER("CyaSSL_CertPemToDer"); CYASSL_ENTER("CyaSSL_CertPemToDer");
@@ -1194,13 +1198,25 @@ int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz,
CYASSL_MSG("Bad cert type"); CYASSL_MSG("Bad cert type");
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef CYASSL_SMALL_STACK
info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (info == NULL)
return MEMORY_E;
#endif
info.set = 0; info->set = 0;
info.ctx = NULL; info->ctx = NULL;
info.consumed = 0; info->consumed = 0;
der.buffer = NULL; der.buffer = NULL;
ret = PemToDer(pem, pemSz, type, &der, NULL, &info, &eccKey); ret = PemToDer(pem, pemSz, type, &der, NULL, info, &eccKey);
#ifdef CYASSL_SMALL_STACK
XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ret < 0) { if (ret < 0) {
CYASSL_MSG("Bad Pem To Der"); CYASSL_MSG("Bad Pem To Der");
} }
@@ -1242,10 +1258,14 @@ static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata)
int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
int buffSz, const char* pass) int buffSz, const char* pass)
{ {
EncryptedInfo info; int eccKey = 0;
int eccKey = 0; int ret;
int ret; buffer der;
buffer der; #ifdef CYASSL_SMALL_STACK
EncryptedInfo* info;
#else
EncryptedInfo info[1];
#endif
(void)pass; (void)pass;
@@ -1256,22 +1276,42 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
info.set = 0; #ifdef CYASSL_SMALL_STACK
info.ctx = NULL; info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
info.consumed = 0; DYNAMIC_TYPE_TMP_BUFFER);
der.buffer = NULL; if (info == NULL)
return MEMORY_E;
#endif
info->set = 0;
info->ctx = NULL;
info->consumed = 0;
der.buffer = NULL;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
if (pass) { if (pass) {
info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); info->ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
if (info.ctx == NULL) if (info->ctx == NULL) {
#ifdef CYASSL_SMALL_STACK
XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E; return MEMORY_E;
CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb); }
CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass);
CyaSSL_CTX_set_default_passwd_cb(info->ctx, OurPasswordCb);
CyaSSL_CTX_set_default_passwd_cb_userdata(info->ctx, (void*)pass);
} }
#endif #endif
ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, info, &eccKey);
if (info->ctx)
CyaSSL_CTX_free(info->ctx);
#ifdef CYASSL_SMALL_STACK
XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ret < 0) { if (ret < 0) {
CYASSL_MSG("Bad Pem To Der"); CYASSL_MSG("Bad Pem To Der");
} }
@@ -1288,9 +1328,6 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
if (info.ctx)
CyaSSL_CTX_free(info.ctx);
return ret; return ret;
} }