feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Test fixes

Browse Source 
- Add `parameter` to `WOLFSSL_X509_ALGOR`
- Implement `wolfSSL_ASN1_TYPE_new`, `wolfSSL_ASN1_TYPE_free`, and `wolfSSL_ASN1_TYPE_set`
- Fix leak where `pval` in `wolfSSL_X509_ALGOR_set0` was lost if `aobj` was provided
This commit is contained in:
Juliusz Sosinowicz
2020-03-27 12:52:10 +01:00
parent 18093a6b0b
commit dbe4e778d3
4 changed files with 194 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

284
src/ssl.c
View File

@@ -26906,102 +26906,6 @@ char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
#ifdef OPENSSL_EXTRA
#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t)
{
(void) t;
WOLFSSL_STUB("wolfSSL_ASN1_TIME_free");
return;
}
#endif /* NO_WOLFSSL_STUB && WOLFSSL_QT || OPENSSL_ALL */
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t,
int offset_day, long offset_sec)
{
const time_t sec_per_day = 24*60*60;
struct tm* ts = NULL;
struct tm* tmpTime;
time_t t_adj = 0;
time_t offset_day_sec = 0;
#if defined(NEED_TMP_TIME)
struct tm tmpTimeStorage;
tmpTime = &tmpTimeStorage;
#else
tmpTime = NULL;
#endif
(void)tmpTime;
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj");
if (s == NULL){
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
if (s == NULL){
return NULL;
}
XMEMSET(s, 0, sizeof(WOLFSSL_ASN1_TIME));
}
/* compute GMT time with offset */
offset_day_sec = offset_day * sec_per_day;
t_adj = t + offset_day_sec + offset_sec;
ts = (struct tm *)XGMTIME(&t_adj, tmpTime);
if (ts == NULL){
WOLFSSL_MSG("failed to get time data.");
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
return NULL;
}
/* create ASN1 time notation */
/* UTC Time */
if (ts->tm_year >= 50 && ts->tm_year < 150){
char utc_str[ASN_UTC_TIME_SIZE];
int utc_year = 0,utc_mon,utc_day,utc_hour,utc_min,utc_sec;
s->type = V_ASN1_UTCTIME;
s->length = ASN_UTC_TIME_SIZE;
if (ts->tm_year >= 50 && ts->tm_year < 100){
utc_year = ts->tm_year;
} else if (ts->tm_year >= 100 && ts->tm_year < 150){
utc_year = ts->tm_year - 100;
}
utc_mon = ts->tm_mon + 1;
utc_day = ts->tm_mday;
utc_hour = ts->tm_hour;
utc_min = ts->tm_min;
utc_sec = ts->tm_sec;
XSNPRINTF((char *)utc_str, sizeof(utc_str),
"%02d%02d%02d%02d%02d%02dZ",
utc_year, utc_mon, utc_day, utc_hour, utc_min, utc_sec);
XMEMCPY(s->data, (byte *)utc_str, s->length);
/* GeneralizedTime */
} else {
char gt_str[ASN_GENERALIZED_TIME_MAX];
int gt_year,gt_mon,gt_day,gt_hour,gt_min,gt_sec;
s->type = V_ASN1_GENERALIZEDTIME;
s->length = ASN_GENERALIZED_TIME_SIZE;
gt_year = ts->tm_year + 1900;
gt_mon = ts->tm_mon + 1;
gt_day = ts->tm_mday;
gt_hour = ts->tm_hour;
gt_min = ts->tm_min;
gt_sec = ts->tm_sec;
XSNPRINTF((char *)gt_str, sizeof(gt_str),
"%4d%02d%02d%02d%02d%02dZ",
gt_year, gt_mon, gt_day, gt_hour, gt_min,gt_sec);
XMEMCPY(s->data, (byte *)gt_str, s->length);
}
return s;
}
#endif /* !NO_ASN_TIME && !USER_TIME && !TIME_OVERRIDES */
#ifndef NO_WOLFSSL_STUB
int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
const WOLFSSL_ASN1_INTEGER* b)
@@ -28230,9 +28134,8 @@ WOLFSSL_X509_ALGOR* wolfSSL_X509_ALGOR_new(void)
void wolfSSL_X509_ALGOR_free(WOLFSSL_X509_ALGOR *alg)
{
if (alg) {
if (alg->algorithm) {
wolfSSL_ASN1_OBJECT_free(alg->algorithm);
}
wolfSSL_ASN1_OBJECT_free(alg->algorithm);
wolfSSL_ASN1_TYPE_free(alg->parameter);
XFREE(alg, NULL, DYNAMIC_TYPE_OPENSSL);
}
}
@@ -28265,8 +28168,15 @@ void wolfSSL_X509_ALGOR_get0(const WOLFSSL_ASN1_OBJECT **paobj, int *pptype,
*paobj = algor->algorithm;
if (ppval)
*ppval = algor->algorithm;
if (pptype)
*pptype = V_ASN1_OBJECT;
if (pptype) {
if (algor->parameter) {
*pptype = algor->parameter->type;
}
else {
/* Default to V_ASN1_OBJECT */
*pptype = V_ASN1_OBJECT;
}
}
}
int wolfSSL_X509_ALGOR_set0(WOLFSSL_X509_ALGOR *algor, WOLFSSL_ASN1_OBJECT *aobj,
@@ -28275,19 +28185,74 @@ int wolfSSL_X509_ALGOR_set0(WOLFSSL_X509_ALGOR *algor, WOLFSSL_ASN1_OBJECT *aobj
if (!algor) {
return WOLFSSL_FAILURE;
}
if (ptype != V_ASN1_OBJECT) {
WOLFSSL_MSG("Only V_ASN1_OBJECT ptype is supported");
return WOLFSSL_FAILURE;
}
if (aobj) {
algor->algorithm = aobj;
}
else if (pval) {
algor->algorithm = pval;
if (pval) {
if (!algor->parameter) {
algor->parameter = wolfSSL_ASN1_TYPE_new();
if (!algor->parameter) {
return WOLFSSL_FAILURE;
}
}
wolfSSL_ASN1_TYPE_set(algor->parameter, ptype, pval);
}
return WOLFSSL_SUCCESS;
}
void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value)
{
if (!a || !value) {
return;
}
switch (type) {
case V_ASN1_OBJECT:
a->value.object = value;
break;
case V_ASN1_UTCTIME:
a->value.utctime = value;
break;
case V_ASN1_GENERALIZEDTIME:
a->value.generalizedtime = value;
break;
default:
WOLFSSL_MSG("Unknown or unsupported ASN1_TYPE");
return;
}
a->type = type;
}
WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void)
{
WOLFSSL_ASN1_TYPE* ret = (WOLFSSL_ASN1_TYPE*)XMALLOC(sizeof(WOLFSSL_ASN1_TYPE),
NULL, DYNAMIC_TYPE_OPENSSL);
if (!ret)
return NULL;
XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TYPE));
return ret;
}
void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
{
if (at) {
switch (at->type) {
case V_ASN1_OBJECT:
wolfSSL_ASN1_OBJECT_free(at->value.object);
break;
case V_ASN1_UTCTIME:
wolfSSL_ASN1_TIME_free(at->value.utctime);
break;
case V_ASN1_GENERALIZEDTIME:
wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
break;
default:
WOLFSSL_MSG("Unknown or unsupported ASN1_TYPE");
break;
}
XFREE(at, NULL, DYNAMIC_TYPE_OPENSSL);
}
}
WOLFSSL_X509_PUBKEY *wolfSSL_X509_PUBKEY_new(void)
{
WOLFSSL_X509_PUBKEY *ret;
@@ -50249,7 +50214,106 @@ err_exit:
return WOLFSSL_FAILURE;
}
#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void)
{
WOLFSSL_ASN1_TIME* ret = (WOLFSSL_ASN1_TIME*)
XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_OPENSSL);
if (!ret)
return NULL;
XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME));
return ret;
}
void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t)
{
if (t) {
XFREE(t, NULL, DYNAMIC_TYPE_OPENSSL);
}
}
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t,
int offset_day, long offset_sec)
{
const time_t sec_per_day = 24*60*60;
struct tm* ts = NULL;
struct tm* tmpTime;
time_t t_adj = 0;
time_t offset_day_sec = 0;
#if defined(NEED_TMP_TIME)
struct tm tmpTimeStorage;
tmpTime = &tmpTimeStorage;
#else
tmpTime = NULL;
#endif
(void)tmpTime;
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_adj");
if (s == NULL){
s = wolfSSL_ASN1_TIME_new();
if (s == NULL){
return NULL;
}
}
/* compute GMT time with offset */
offset_day_sec = offset_day * sec_per_day;
t_adj = t + offset_day_sec + offset_sec;
ts = (struct tm *)XGMTIME(&t_adj, tmpTime);
if (ts == NULL){
WOLFSSL_MSG("failed to get time data.");
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
return NULL;
}
/* create ASN1 time notation */
/* UTC Time */
if (ts->tm_year >= 50 && ts->tm_year < 150){
char utc_str[ASN_UTC_TIME_SIZE];
int utc_year = 0,utc_mon,utc_day,utc_hour,utc_min,utc_sec;
s->type = V_ASN1_UTCTIME;
s->length = ASN_UTC_TIME_SIZE;
if (ts->tm_year >= 50 && ts->tm_year < 100){
utc_year = ts->tm_year;
} else if (ts->tm_year >= 100 && ts->tm_year < 150){
utc_year = ts->tm_year - 100;
}
utc_mon = ts->tm_mon + 1;
utc_day = ts->tm_mday;
utc_hour = ts->tm_hour;
utc_min = ts->tm_min;
utc_sec = ts->tm_sec;
XSNPRINTF((char *)utc_str, sizeof(utc_str),
"%02d%02d%02d%02d%02d%02dZ",
utc_year, utc_mon, utc_day, utc_hour, utc_min, utc_sec);
XMEMCPY(s->data, (byte *)utc_str, s->length);
/* GeneralizedTime */
} else {
char gt_str[ASN_GENERALIZED_TIME_MAX];
int gt_year,gt_mon,gt_day,gt_hour,gt_min,gt_sec;
s->type = V_ASN1_GENERALIZEDTIME;
s->length = ASN_GENERALIZED_TIME_SIZE;
gt_year = ts->tm_year + 1900;
gt_mon = ts->tm_mon + 1;
gt_day = ts->tm_mday;
gt_hour = ts->tm_hour;
gt_min = ts->tm_min;
gt_sec = ts->tm_sec;
XSNPRINTF((char *)gt_str, sizeof(gt_str),
"%4d%02d%02d%02d%02d%02dZ",
gt_year, gt_mon, gt_day, gt_hour, gt_min,gt_sec);
XMEMCPY(s->data, (byte *)gt_str, s->length);
}
return s;
}
#endif /* !NO_ASN_TIME && !USER_TIME && !TIME_OVERRIDES */
#ifndef NO_ASN_TIME
/* not a compatibility function - length getter for opaque type */
@@ -50284,14 +50348,10 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
WOLFSSL_MSG("Invalid ASN_TIME type.");
} else {
if (out == NULL || *out == NULL) {
ret = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
NULL, DYNAMIC_TYPE_TMP_BUFFER);
ret = wolfSSL_ASN1_TIME_new();
if (ret == NULL){
WOLFSSL_MSG("memory alloc failed.");
}
else {
XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME));
}
} else {
ret = *out;
}

21
tests/api.c
View File

@@ -23496,8 +23496,7 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
printf(testingFmt, "wolfSSL_ASN1_TIME_adj()");
s = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_OPENSSL);
s = wolfSSL_ASN1_TIME_new();
/* UTC notation test */
/* 2000/2/15 20:30:00 */
t = (time_t)30 * year + 45 * day + 20 * hour + 30 * mini + 7 * day;
@@ -26638,11 +26637,9 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
printf(testingFmt, "wolfSSL_ASN1_TIME_to_generalizedtime()");
/* UTC Time test */
AssertNotNull(t = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
NULL, DYNAMIC_TYPE_TMP_BUFFER));
AssertNotNull(t = wolfSSL_ASN1_TIME_new());
XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE);
AssertNotNull(out = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
NULL, DYNAMIC_TYPE_TMP_BUFFER));
AssertNotNull(out = wolfSSL_ASN1_TIME_new());
t->type = ASN_UTC_TIME;
t->length = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE);
@@ -31052,13 +31049,21 @@ static void test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS()
AssertIntEQ(X509_ALGOR_set0(bootstrap->alg, OBJ_nid2obj(EVP_PKEY_EC),
V_ASN1_OBJECT, OBJ_nid2obj(nid)), 1);
#ifdef HAVE_COMP_KEY
AssertIntGT((len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED,
NULL, 0, NULL)), 0);
#else
AssertIntGT((len = EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, NULL)), 0);
#endif
AssertNotNull(der = XMALLOC(len, NULL, DYNAMIC_TYPE_ASN1));
#ifdef HAVE_COMP_KEY
AssertIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED,
der, len, NULL), len);
#else
AssertIntEQ(EC_POINT_point2oct(group, point, POINT_CONVERSION_UNCOMPRESSED,
der, len, NULL), len);
#endif
bootstrap->pub_key->data = der;
bootstrap->pub_key->length = (int)len;
/* Not actually used */

8
wolfssl/openssl/asn1.h
View File

@@ -79,7 +79,8 @@
WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
const WOLFSSL_BIGNUM*, WOLFSSL_ASN1_INTEGER*);
#define BN_to_ASN1_INTEGER wolfSSL_BN_to_ASN1_INTEGER
WOLFSSL_API void wolfSSL_ASN1_TYPE_set(WOLFSSL_ASN1_TYPE *a, int type, void *value);
#ifdef OPENSSL_ALL
/* IMPLEMENT_ASN1_FUNCTIONS stuff */
@@ -141,8 +142,9 @@ WOLFSSL_API int wolfSSL_ASN1_item_i2d(const void *src, byte **dest,
return wolfSSL_ASN1_item_i2d(src, dest, &type##_template_data);\
}
WOLFSSL_API void *ASN1_item_new(const WOLFSSL_ASN1_ITEM *it);
#endif /* OPENSSL_ALL */
#endif /* WOLFSSL_WPAS */
#define BN_to_ASN1_INTEGER wolfSSL_BN_to_ASN1_INTEGER
#define ASN1_TYPE_set wolfSSL_ASN1_TYPE_set
#endif /* WOLFSSL_ASN1_H_ */

4
wolfssl/ssl.h
View File

@@ -380,6 +380,7 @@ struct WOLFSSL_X509_INFO {
struct WOLFSSL_X509_ALGOR {
WOLFSSL_ASN1_OBJECT* algorithm;
WOLFSSL_ASN1_TYPE* parameter;
};
struct WOLFSSL_X509_PUBKEY {
@@ -1471,6 +1472,7 @@ WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGE
WOLFSSL_BIGNUM *bn);
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t,
int, long);
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void);
WOLFSSL_API void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t);
#endif
@@ -3798,6 +3800,8 @@ WOLFSSL_API void wolfSSL_X509_ALGOR_free(WOLFSSL_X509_ALGOR *alg);
WOLFSSL_API const WOLFSSL_X509_ALGOR* wolfSSL_X509_get0_tbs_sigalg(const WOLFSSL_X509 *x);
WOLFSSL_API void wolfSSL_X509_ALGOR_get0(const WOLFSSL_ASN1_OBJECT **paobj, int *pptype, const void **ppval, const WOLFSSL_X509_ALGOR *algor);
WOLFSSL_API int wolfSSL_X509_ALGOR_set0(WOLFSSL_X509_ALGOR *algor, WOLFSSL_ASN1_OBJECT *aobj, int ptype, void *pval);
WOLFSSL_API WOLFSSL_ASN1_TYPE* wolfSSL_ASN1_TYPE_new(void);
WOLFSSL_API void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at);
WOLFSSL_API WOLFSSL_X509_PUBKEY *wolfSSL_X509_PUBKEY_new(void);
WOLFSSL_API void wolfSSL_X509_PUBKEY_free(WOLFSSL_X509_PUBKEY *x);
WOLFSSL_API WOLFSSL_X509_PUBKEY *wolfSSL_X509_get_X509_PUBKEY(const WOLFSSL_X509* x509);