feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

build option fixes

Browse Source
This commit is contained in:
Jacob Barthelmeh
2018-01-17 16:40:06 -07:00
parent 19288ea127
commit a0f5126076
3 changed files with 163 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/internal.c
View File

@@ -8382,13 +8382,13 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
sizeof(WOLFSSL_X509_STORE_CTX), ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (store == NULL) {
ERROR_OUT(MEMORY_E, exit_dc);
ERROR_OUT(MEMORY_E, exit_ppc);
}
WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALLOC(
sizeof(WOLFSSL_X509), ssl->heap,
DYNAMIC_TYPE_X509);
if (x509 == NULL) {
ERROR_OUT(MEMORY_E, exit_dc);
ERROR_OUT(MEMORY_E, exit_ppc);
}
#else
WOLFSSL_X509_STORE_CTX store[1];
@@ -8428,7 +8428,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#ifndef NO_CERTS
FreeX509(x509);
#endif
#ifdef SESSION_CERTS
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
wolfSSL_sk_X509_free(store->chain);
store->chain = NULL;
#endif
@@ -9077,7 +9077,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args->idx += ssl->keys.padSz;
}
#ifdef SESSION_CERTS
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
wolfSSL_sk_X509_free(store->chain);
store->chain = NULL;
#endif

297
src/ssl.c
View File

@@ -7171,39 +7171,46 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out,
XMEMCPY(local->pkey.ptr, *in + idx, inSz - idx);
}
switch (type) {
#ifndef NO_RSA
if (type == EVP_PKEY_RSA && local != NULL){
local->ownRsa = 1;
local->rsa = wolfSSL_RSA_new();
if (local->rsa == NULL) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
if (wolfSSL_RSA_LoadDer_ex(local->rsa,
(const unsigned char*)local->pkey.ptr, local->pkey_sz,
WOLFSSL_RSA_LOAD_PRIVATE) != SSL_SUCCESS) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
}
case EVP_PKEY_RSA:
local->ownRsa = 1;
local->rsa = wolfSSL_RSA_new();
if (local->rsa == NULL) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
if (wolfSSL_RSA_LoadDer_ex(local->rsa,
(const unsigned char*)local->pkey.ptr, local->pkey_sz,
WOLFSSL_RSA_LOAD_PRIVATE) != SSL_SUCCESS) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
break;
#endif /* NO_RSA */
#ifdef HAVE_ECC
if (type == EVP_PKEY_EC && local != NULL){
local->ownEcc = 1;
local->ecc = wolfSSL_EC_KEY_new();
if (local->ecc == NULL) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
if (wolfSSL_EC_KEY_LoadDer(local->ecc,
(const unsigned char*)local->pkey.ptr, local->pkey_sz)
!= SSL_SUCCESS) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
}
case EVP_PKEY_EC:
local->ownEcc = 1;
local->ecc = wolfSSL_EC_KEY_new();
if (local->ecc == NULL) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
if (wolfSSL_EC_KEY_LoadDer(local->ecc,
(const unsigned char*)local->pkey.ptr, local->pkey_sz)
!= SSL_SUCCESS) {
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
break;
#endif /* HAVE_ECC */
default:
WOLFSSL_MSG("Unsupported key type");
wolfSSL_EVP_PKEY_free(local);
return NULL;
}
/* advance pointer with success */
if (local != NULL) {
if ((idx + local->pkey_sz) <= (word32)inSz) {
@@ -11953,62 +11960,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
}
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)
/* Generates a RSA key of length len
*
* len length of RSA key i.e. 2048
* e e to use when generating RSA key
* f callback function for generation details
* data user callback argument
*
* Note: Because of wc_MakeRsaKey an RSA key size generated can be slightly
* rounded down. For example generating a key of size 2999 with e =
* 65537 will make a key of size 374 instead of 375.
* Returns a new RSA key on success and NULL on failure
*/
WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long e,
void(*f)(int, int, void*), void* data)
{
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_BIGNUM* bn = NULL;
WOLFSSL_ENTER("wolfSSL_RSA_generate_key");
(void)f;
(void)data;
if (len < 0) {
WOLFSSL_MSG("Bad argument: length was less than 0");
return NULL;
}
bn = wolfSSL_BN_new();
if (bn == NULL) {
WOLFSSL_MSG("Error creating big number");
return NULL;
}
if (wolfSSL_BN_set_word(bn, (WOLFSSL_BN_ULONG)e) != SSL_SUCCESS) {
WOLFSSL_MSG("Error using e value");
wolfSSL_BN_free(bn);
return NULL;
}
rsa = wolfSSL_RSA_new();
if (rsa == NULL) {
WOLFSSL_MSG("memory error");
}
else {
if (wolfSSL_RSA_generate_key_ex(rsa, len, bn, NULL) != SSL_SUCCESS){
wolfSSL_RSA_free(rsa);
rsa = NULL;
}
}
wolfSSL_BN_free(bn);
return rsa;
}
#endif /* NO_RSA */
#ifndef NO_CERTS
@@ -21141,6 +21092,7 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
DYNAMIC_TYPE_OPENSSL);
if (s == NULL)
return NULL;
XMEMSET(s, 0, sizeof(WOLFSSL_SESSION));
s->isAlloced = 1;
#ifdef HAVE_SESSION_TICKET
s->isDynamic = 0;
@@ -23716,63 +23668,6 @@ static int SetRsaInternal(WOLFSSL_RSA* rsa)
return WOLFSSL_SUCCESS;
}
/* return compliant with OpenSSL
* 1 if success, 0 if error
*/
int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn,
void* cb)
{
int ret = WOLFSSL_FAILURE;
(void)cb;
(void)bn;
(void)bits;
WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex");
if (rsa == NULL || rsa->internal == NULL) {
/* bit size checked during make key call */
WOLFSSL_MSG("bad arguments");
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_KEY_GEN
{
#ifdef WOLFSSL_SMALL_STACK
WC_RNG* rng = NULL;
#else
WC_RNG rng[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
if (rng == NULL)
return WOLFSSL_FAILURE;
#endif
if (wc_InitRng(rng) < 0)
WOLFSSL_MSG("RNG init failed");
else if (wc_MakeRsaKey((RsaKey*)rsa->internal, bits,
wolfSSL_BN_get_word(bn), rng) != MP_OKAY)
WOLFSSL_MSG("wc_MakeRsaKey failed");
else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS)
WOLFSSL_MSG("SetRsaExternal failed");
else {
rsa->inSet = 1;
ret = WOLFSSL_SUCCESS;
}
wc_FreeRng(rng);
#ifdef WOLFSSL_SMALL_STACK
XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
#endif
}
#else
WOLFSSL_MSG("No Key Gen built in");
#endif
return ret;
}
/* SSL_SUCCESS on ok */
#ifndef NO_WOLFSSL_STUB
@@ -24034,6 +23929,7 @@ int wolfSSL_RSA_private_encrypt(int len, unsigned char* in,
return sz;
}
#endif /* HAVE_USER_RSA */
/* return compliant with OpenSSL
* RSA modulus size in bytes, -1 if error
@@ -24043,7 +23939,7 @@ int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa)
WOLFSSL_ENTER("wolfSSL_RSA_size");
if (rsa == NULL)
return SSL_FATAL_ERROR;
return WOLFSSL_FATAL_ERROR;
if (rsa->inSet == 0)
{
if (SetRsaInternal((WOLFSSL_RSA*)rsa) != SSL_SUCCESS) {
@@ -24051,9 +23947,122 @@ int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa)
return 0;
}
}
return wolfSSL_BN_num_bytes(rsa->n);
return wc_RsaEncryptSize((RsaKey*)rsa->internal);
}
/* Generates a RSA key of length len
*
* len length of RSA key i.e. 2048
* e e to use when generating RSA key
* f callback function for generation details
* data user callback argument
*
* Note: Because of wc_MakeRsaKey an RSA key size generated can be slightly
* rounded down. For example generating a key of size 2999 with e =
* 65537 will make a key of size 374 instead of 375.
* Returns a new RSA key on success and NULL on failure
*/
WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long e,
void(*f)(int, int, void*), void* data)
{
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_BIGNUM* bn = NULL;
WOLFSSL_ENTER("wolfSSL_RSA_generate_key");
(void)f;
(void)data;
if (len < 0) {
WOLFSSL_MSG("Bad argument: length was less than 0");
return NULL;
}
bn = wolfSSL_BN_new();
if (bn == NULL) {
WOLFSSL_MSG("Error creating big number");
return NULL;
}
if (wolfSSL_BN_set_word(bn, (WOLFSSL_BN_ULONG)e) != SSL_SUCCESS) {
WOLFSSL_MSG("Error using e value");
wolfSSL_BN_free(bn);
return NULL;
}
rsa = wolfSSL_RSA_new();
if (rsa == NULL) {
WOLFSSL_MSG("memory error");
}
else {
if (wolfSSL_RSA_generate_key_ex(rsa, len, bn, NULL) != SSL_SUCCESS){
wolfSSL_RSA_free(rsa);
rsa = NULL;
}
}
wolfSSL_BN_free(bn);
return rsa;
}
/* return compliant with OpenSSL
* 1 if success, 0 if error
*/
int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn,
void* cb)
{
int ret = WOLFSSL_FAILURE;
(void)cb;
(void)bn;
(void)bits;
WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex");
if (rsa == NULL || rsa->internal == NULL) {
/* bit size checked during make key call */
WOLFSSL_MSG("bad arguments");
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_KEY_GEN
{
#ifdef WOLFSSL_SMALL_STACK
WC_RNG* rng = NULL;
#else
WC_RNG rng[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
if (rng == NULL)
return WOLFSSL_FAILURE;
#endif
if (wc_InitRng(rng) < 0)
WOLFSSL_MSG("RNG init failed");
else if (wc_MakeRsaKey((RsaKey*)rsa->internal, bits,
wolfSSL_BN_get_word(bn), rng) != MP_OKAY)
WOLFSSL_MSG("wc_MakeRsaKey failed");
else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS)
WOLFSSL_MSG("SetRsaExternal failed");
else {
rsa->inSet = 1;
ret = WOLFSSL_SUCCESS;
}
wc_FreeRng(rng);
#ifdef WOLFSSL_SMALL_STACK
XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
#endif
}
#else
WOLFSSL_MSG("No Key Gen built in");
#endif
return ret;
}
#endif /* HAVE_USER_RSA */
#endif /* NO_RSA */
#ifndef NO_DSA

10
wolfcrypt/test/test.c
View File

@@ -11369,6 +11369,7 @@ int openssl_pkey0_test(void)
byte in[] = "Everyone gets Friday off.";
byte out[256];
size_t outlen;
size_t keySz;
byte plain[256];
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
FILE *keyFile, *keypubFile;
@@ -11433,6 +11434,7 @@ int openssl_pkey0_test(void)
printf("error with RSA_LoadDer_ex\n");
return ERR_BASE_PKEY-12;
}
keySz = (size_t)RSA_size(pubRsa);
prvPkey = wolfSSL_PKEY_new();
pubPkey = wolfSSL_PKEY_new();
@@ -11466,7 +11468,7 @@ int openssl_pkey0_test(void)
}
memset(out, 0, sizeof(out));
ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in));
if (ret < 0) {
if (ret != 1) {
printf("error encrypting msg\n");
return ERR_BASE_PKEY-18;
}
@@ -11474,7 +11476,7 @@ int openssl_pkey0_test(void)
show("encrypted msg", out, outlen);
memset(plain, 0, sizeof(plain));
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, sizeof(out));
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz);
if (ret != 1) {
printf("error decrypting msg\n");
return ERR_BASE_PKEY-19;
@@ -11510,7 +11512,7 @@ int openssl_pkey0_test(void)
memset(out, 0, sizeof(out));
ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in));
if (ret < 0) {
if (ret != 1) {
printf("error encrypting msg\n");
return ERR_BASE_PKEY-35;
}
@@ -11518,7 +11520,7 @@ int openssl_pkey0_test(void)
show("encrypted msg", out, outlen);
memset(plain, 0, sizeof(plain));
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, sizeof(out));
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz);
if (ret != 1) {
printf("error decrypting msg\n");
return ERR_BASE_PKEY-36;