forked from wolfSSL/wolfssl
Nginx 1.19.6
- Implement X509_pubkey_digest - Initialize entire WOLFSSL_X509_NAME struct to zero - Set raw and rawLen when copying WOLFSSL_X509_NAME
This commit is contained in:
Juliusz Sosinowicz
@ -3393,15 +3393,9 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag, void* heap)
|
||||
(void)heap;
|
||||
|
||||
if (name != NULL) {
|
||||
XMEMSET(name, 0, sizeof(WOLFSSL_X509_NAME));
|
||||
name->name = name->staticName;
|
||||
name->dynamicName = 0;
|
||||
name->sz = 0;
|
||||
name->heap = heap;
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
XMEMSET(name->entry, 0, sizeof(name->entry));
|
||||
name->x509 = NULL;
|
||||
name->entrySz = 0;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
34
src/ssl.c
34
src/ssl.c
@ -10402,6 +10402,29 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest,
|
||||
}
|
||||
#endif
|
||||
|
||||
int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509,
|
||||
const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len)
|
||||
{
|
||||
int ret;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_pubkey_digest");
|
||||
|
||||
if (x509 == NULL || digest == NULL) {
|
||||
WOLFSSL_MSG("Null argument found");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (x509->pubKey.buffer == NULL || x509->pubKey.length == 0) {
|
||||
WOLFSSL_MSG("No DER public key stored in X509");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
ret = wolfSSL_EVP_Digest(x509->pubKey.buffer, x509->pubKey.length, buf,
|
||||
len, digest, NULL);
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_pubkey_digest", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_use_PrivateKey");
|
||||
@ -52896,6 +52919,17 @@ int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to)
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
|
||||
if (from->rawLen > 0) {
|
||||
if (from->rawLen > ASN_NAME_MAX) {
|
||||
WOLFSSL_MSG("Bad raw size");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
XMEMCPY(to->raw, from->raw, from->rawLen);
|
||||
to->rawLen = from->rawLen;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (from->dynamicName) {
|
||||
to->name = (char*)XMALLOC(from->sz, to->heap, DYNAMIC_TYPE_SUBJECT_CN);
|
||||
if (to->name == NULL)
|
||||
|
||||
@ -409,6 +409,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
||||
#define X509_free wolfSSL_X509_free
|
||||
#define X509_load_certificate_file wolfSSL_X509_load_certificate_file
|
||||
#define X509_digest wolfSSL_X509_digest
|
||||
#define X509_pubkey_digest wolfSSL_X509_pubkey_digest
|
||||
#define X509_get_ext_count wolfSSL_X509_get_ext_count
|
||||
#define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i
|
||||
#define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d
|
||||
@ -1126,6 +1127,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
|
||||
#define SSL3_AD_BAD_CERTIFICATE bad_certificate
|
||||
#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
|
||||
#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name
|
||||
|
||||
#define ASN1_STRFLGS_ESC_MSB 4
|
||||
|
||||
|
||||
@ -3477,6 +3477,8 @@ WOLFSSL_API void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx,
|
||||
WOLFSSL_API void wolfSSL_X509V3_set_ctx_nodb(WOLFSSL_X509V3_CTX* ctx);
|
||||
WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
|
||||
const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len);
|
||||
WOLFSSL_API int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509,
|
||||
const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len);
|
||||
WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509);
|
||||
WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey);
|
||||
WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl,
|
||||
|
||||
Reference in New Issue
Block a user