forked from wolfSSL/wolfssl
update to MYSQL compatibility
This commit is contained in:
Jacob Barthelmeh
204
src/ssl.c
204
src/ssl.c
@@ -81,6 +81,7 @@
|
||||
#include <wolfssl/wolfcrypt/idea.h>
|
||||
#include <wolfssl/wolfcrypt/curve25519.h>
|
||||
#include <wolfssl/wolfcrypt/ed25519.h>
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
#ifdef HAVE_STUNNEL
|
||||
#include <wolfssl/openssl/ocsp.h>
|
||||
#endif /* WITH_STUNNEL */
|
||||
@@ -9760,6 +9761,35 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
||||
}
|
||||
|
||||
|
||||
/* WOLFSSL_DES_key_schedule is a unsigned char array of size 8 */
|
||||
void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
|
||||
unsigned char* output, long sz,
|
||||
WOLFSSL_DES_key_schedule* ks1,
|
||||
WOLFSSL_DES_key_schedule* ks2,
|
||||
WOLFSSL_DES_key_schedule* ks3,
|
||||
WOLFSSL_DES_cblock* ivec, int enc)
|
||||
{
|
||||
Des3 des;
|
||||
byte key[24];/* EDE uses 24 size key */
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
|
||||
|
||||
XMEMSET(key, 0, sizeof(key));
|
||||
XMEMCPY(key, *ks1, DES_BLOCK_SIZE);
|
||||
XMEMCPY(&key[DES_BLOCK_SIZE], *ks2, DES_BLOCK_SIZE);
|
||||
XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE);
|
||||
|
||||
if (enc) {
|
||||
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION);
|
||||
wc_Des3_CbcEncrypt(&des, output, input, (word32)sz);
|
||||
}
|
||||
else {
|
||||
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_DECRYPTION);
|
||||
wc_Des3_CbcDecrypt(&des, output, input, (word32)sz);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* correctly sets ivec for next call */
|
||||
void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
|
||||
unsigned char* output, long length,
|
||||
@@ -10216,6 +10246,71 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_text_by_NID", textSz);
|
||||
return textSz;
|
||||
}
|
||||
|
||||
int wolfSSL_X509_NAME_get_index_by_NID(WOLFSSL_X509_NAME* name,
|
||||
int nid, int pos)
|
||||
{
|
||||
int ret = -1;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_NAME_get_index_by_NID");
|
||||
|
||||
if (name == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* these index values are already stored in DecodedName
|
||||
use those when available */
|
||||
if (name->fullName.fullName && name->fullName.fullNameLen > 0) {
|
||||
switch (nid) {
|
||||
case ASN_COMMON_NAME:
|
||||
ret = name->fullName.cnIdx;
|
||||
break;
|
||||
default:
|
||||
WOLFSSL_MSG("NID not yet implemented");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_index_by_NID", ret);
|
||||
|
||||
(void)pos;
|
||||
(void)nid;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY* in)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_data");
|
||||
return in->value;
|
||||
}
|
||||
|
||||
|
||||
char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data");
|
||||
|
||||
if (asn) {
|
||||
return asn->data;
|
||||
}
|
||||
else {
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING* asn)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length");
|
||||
|
||||
if (asn) {
|
||||
return asn->length;
|
||||
}
|
||||
else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
@@ -10636,6 +10731,14 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
#endif /* NO_FILESYSTEM */
|
||||
|
||||
#endif /* KEEP_PEER_CERT || SESSION_CERTS */
|
||||
|
||||
#ifdef OPENSSL_EXTRA /* needed for wolfSSL_X509_d21 function */
|
||||
WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl)
|
||||
{
|
||||
DerBuffer* cert = ssl->buffers.certificate;
|
||||
return wolfSSL_X509_d2i(NULL, cert->buffer, cert->length);
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* NO_CERTS */
|
||||
|
||||
|
||||
@@ -11656,7 +11759,6 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
|
||||
}
|
||||
|
||||
|
||||
|
||||
int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
|
||||
const WOLFSSL_ASN1_INTEGER* b)
|
||||
{
|
||||
@@ -11835,14 +11937,16 @@ long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx)
|
||||
void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
|
||||
WOLFSSL_DES_key_schedule* key)
|
||||
{
|
||||
(void)myDes;
|
||||
(void)key;
|
||||
if (myDes != NULL && key != NULL) {
|
||||
XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
|
||||
{
|
||||
(void)myDes;
|
||||
WOLFSSL_STUB("wolfSSL_DES_set_odd_parity");
|
||||
}
|
||||
|
||||
|
||||
@@ -11853,6 +11957,7 @@ void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
|
||||
(void)desb;
|
||||
(void)key;
|
||||
(void)len;
|
||||
WOLFSSL_STUB("wolfSSL_DES_ecb_encrypt");
|
||||
}
|
||||
|
||||
#endif /* NO_DES3 */
|
||||
@@ -16882,7 +16987,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
|
||||
|
||||
|
||||
#ifdef OPENSSL_EXTRA /*Lighttp compatibility*/
|
||||
#ifdef HAVE_LIGHTY
|
||||
#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE)
|
||||
|
||||
unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md)
|
||||
{
|
||||
@@ -16998,12 +17103,90 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
|
||||
}
|
||||
|
||||
WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc) {
|
||||
|
||||
int maxLoc = name->fullName.fullNameLen;
|
||||
char* data = NULL;
|
||||
int length;
|
||||
int type;
|
||||
|
||||
WOLFSSL_ASN1_STRING* asnStr;
|
||||
WOLFSSL_X509_NAME_ENTRY* ret;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_NAME_get_entry");
|
||||
|
||||
if (loc < 0 || loc > maxLoc) {
|
||||
WOLFSSL_MSG("Bad argument");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = XMALLOC(sizeof(WOLFSSL_X509_NAME_ENTRY), NULL, DYNAMIC_TYPE_X509);
|
||||
if (ret == NULL) {
|
||||
return ret;
|
||||
}
|
||||
asnStr = XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL,
|
||||
DYNAMIC_TYPE_X509);
|
||||
if (asnStr == NULL) {
|
||||
XFREE(ret, NULL, DYNAMIC_TYPE_X509);
|
||||
ret = NULL;
|
||||
}
|
||||
|
||||
/* initialize both structures */
|
||||
XMEMSET(ret, 0, sizeof(WOLFSSL_X509_NAME_ENTRY));
|
||||
XMEMSET(asnStr, 0, sizeof(WOLFSSL_ASN1_STRING));
|
||||
|
||||
/* common name index case */
|
||||
if (loc == name->fullName.cnIdx) {
|
||||
length = name->fullName.cnLen;
|
||||
data = name->fullName.fullName + loc;
|
||||
type = ASN_COMMON_NAME;
|
||||
}
|
||||
|
||||
/* additionall cases to check for go here */
|
||||
|
||||
|
||||
if (data == NULL) {
|
||||
WOLFSSL_MSG("Index not found");
|
||||
XFREE(asnStr, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(ret, NULL, DYNAMIC_TYPE_X509);
|
||||
ret = NULL;
|
||||
}
|
||||
else {
|
||||
asnStr->data = XMALLOC(length + 1, NULL, DYNAMIC_TYPE_X509);
|
||||
if (asnStr->data == NULL) {
|
||||
XFREE(asnStr, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(ret, NULL, DYNAMIC_TYPE_X509);
|
||||
ret = NULL;
|
||||
}
|
||||
|
||||
/* check bounds before copying from fullName */
|
||||
if (loc + length > maxLoc) {
|
||||
XFREE(asnStr, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(ret, NULL, DYNAMIC_TYPE_X509);
|
||||
ret = NULL;
|
||||
}
|
||||
|
||||
if (ret != NULL) {
|
||||
XMEMCPY(asnStr->data, data, length);
|
||||
asnStr->data[length] = 0;
|
||||
asnStr->length = length;
|
||||
asnStr->type = type;
|
||||
asnStr->flags = 0;
|
||||
|
||||
ret->object = NULL;
|
||||
ret->value = asnStr;
|
||||
ret->set = 1;
|
||||
ret->size = asnStr->length + sizeof(WOLFSSL_ASN1_STRING) +
|
||||
sizeof(WOLFSSL_X509_NAME_ENTRY);
|
||||
}
|
||||
}
|
||||
|
||||
(void)name;
|
||||
(void)loc;
|
||||
WOLFSSL_ENTER("wolfSSL_X509_NAME_get_entry");
|
||||
WOLFSSL_STUB("wolfSSL_X509_NAME_get_entry");
|
||||
(void)data;
|
||||
(void)type;
|
||||
(void)length;
|
||||
|
||||
return NULL;
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifndef NO_CERTS
|
||||
@@ -17038,7 +17221,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#endif
|
||||
#endif /* HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE */
|
||||
#endif
|
||||
|
||||
|
||||
@@ -17135,7 +17318,8 @@ void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx)
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
|
||||
#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL)
|
||||
#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \
|
||||
|| defined(WOLFSSL_MYSQL_COMPATIBLE)
|
||||
char * wolf_OBJ_nid2ln(int n) {
|
||||
(void)n;
|
||||
WOLFSSL_ENTER("wolf_OBJ_nid2ln");
|
||||
@@ -17228,7 +17412,7 @@ long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh)
|
||||
return pSz > 0 && gSz > 0 ? ret : SSL_FATAL_ERROR;
|
||||
}
|
||||
#endif /* NO_DH */
|
||||
#endif /* HAVE_LIGHTY || HAVE_STUNNEL */
|
||||
#endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE */
|
||||
|
||||
|
||||
/* stunnel compatibility functions*/
|
||||
|
||||
Reference in New Issue
Block a user