From ffa6a80725b174c03343edf495b266b6b498db85 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Thu, 18 Mar 2021 08:12:19 +0900 Subject: [PATCH] addressed review comments part 4 --- src/crl.c | 2 +- src/internal.c | 23 +++++++++++++---------- wolfcrypt/src/asn.c | 2 +- wolfcrypt/src/wc_port.c | 9 ++++----- wolfssl/internal.h | 2 +- wolfssl/ssl.h | 3 --- wolfssl/wolfcrypt/wc_port.h | 4 ++++ 7 files changed, 24 insertions(+), 21 deletions(-) diff --git a/src/crl.c b/src/crl.c index fd96c4390..cb99ec1c7 100644 --- a/src/crl.c +++ b/src/crl.c @@ -369,7 +369,7 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert) !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) if (foundEntry == 0) { if (crl->cm->x509_store_p != NULL) { - ret = LoadCrlCertByIssuer(crl->cm->x509_store_p, + ret = LoadCertByIssuer(crl->cm->x509_store_p, (WOLFSSL_X509_NAME*)cert->issuerName, X509_LU_CRL); if (ret == WOLFSSL_SUCCESS) { /* try again */ diff --git a/src/internal.c b/src/internal.c index adf29955a..58ce4c826 100644 --- a/src/internal.c +++ b/src/internal.c @@ -10593,11 +10593,11 @@ static void FreeProcPeerCertArgs(WOLFSSL* ssl, void* pArgs) /* @param issuer a pointer to X509_NAME that presents an issuer */ /* @param type X509_LU_X509 or X509_LU_CRL */ /* @return WOLFSSL_SUCCESS on successful, otherwise WOLFSSL_FAILURE */ -int LoadCrlCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type) +int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type) { const int MAX_SUFFIX = 10;/* The number comes from CA_TABLE_SIZE=10 */ int ret = WOLFSSL_SUCCESS; - WOLFSSL_X509_LOOKUP* lookup = &store->lookup; + WOLFSSL_X509_LOOKUP* lookup; WOLFSSL_BY_DIR_entry* entry; WOLFSSL_BY_DIR_HASH hash_tmp; WOLFSSL_BY_DIR_HASH* ph = NULL; @@ -10611,11 +10611,14 @@ int LoadCrlCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type) int retHash = NOT_COMPILED_IN; byte dgt[WC_MAX_DIGEST_SIZE]; - WOLFSSL_ENTER("LoadCrlCertByIssuer"); + WOLFSSL_ENTER("LoadCertByIssuer"); /* sanity check */ - if (store == NULL || issuer == NULL || lookup->dirs == NULL || - lookup->type != 1 || (type != X509_LU_X509 && type != X509_LU_CRL)) { + if (store == NULL || issuer == NULL || (type != X509_LU_X509 && type != X509_LU_CRL)) { + return WOLFSSL_FAILURE; + } + lookup = &store->lookup; + if (lookup->dirs == NULL || lookup->type != 1) { return WOLFSSL_FAILURE; } @@ -10766,7 +10769,7 @@ int LoadCrlCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type) (void) i; ret = WOLFSSL_NOT_IMPLEMENTED; #endif - WOLFSSL_LEAVE("LoadCrlCertByIssuer", ret); + WOLFSSL_LEAVE("LoadCertByIssuer", ret); return ret; } @@ -11305,11 +11308,11 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (ret == ASN_NO_SIGNER_E) { WOLFSSL_MSG("try to load certificate if hash dir is set"); if (ssl->ctx->x509_store_pt != NULL) { - ret = LoadCrlCertByIssuer(ssl->ctx->x509_store_pt, + ret = LoadCertByIssuer(ssl->ctx->x509_store_pt, (WOLFSSL_X509_NAME*)args->dCert->issuerName, X509_LU_X509); } else { - ret = LoadCrlCertByIssuer(&ssl->ctx->x509_store, + ret = LoadCertByIssuer(&ssl->ctx->x509_store, (WOLFSSL_X509_NAME*)args->dCert->issuerName, X509_LU_X509); } @@ -11523,11 +11526,11 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (ret == ASN_NO_SIGNER_E) { WOLFSSL_MSG("try to load certificate if hash dir is set"); if (ssl->ctx->x509_store_pt != NULL) { - ret = LoadCrlCertByIssuer(ssl->ctx->x509_store_pt, + ret = LoadCertByIssuer(ssl->ctx->x509_store_pt, (WOLFSSL_X509_NAME*)args->dCert->issuerName, X509_LU_X509); } else { - ret = LoadCrlCertByIssuer(&ssl->ctx->x509_store, + ret = LoadCertByIssuer(&ssl->ctx->x509_store, (WOLFSSL_X509_NAME*)args->dCert->issuerName, X509_LU_X509); } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index c2af80e85..a19529107 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -13201,7 +13201,7 @@ int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr, char nameType int wc_EncodeName(EncodedName* name, const char* nameStr, char nameType, byte type) { - return wc_EncodeName_ex(name, nameStr, nameType, type, 0x16); + return wc_EncodeName_ex(name, nameStr, nameType, type, ASN_IA5_STRING); } /* encode CertName into output, return total bytes written */ int SetName(byte* output, word32 outputSz, CertName* name) diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 3a30d198a..9e119eb61 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -429,20 +429,19 @@ int wc_FileExists(const char* fname) return BAD_PATH_ERROR; } else #if defined(USE_WINDOWS_API) - if (ctx.s.st_mode & _S_IFREG) { + if (XS_ISREG(ctx.s.st_mode)) { return 0; } #elif defined(WOLFSSL_ZEPHYR) - if (ctx.s.type == FS_DIR_ENTRY_FILE) { + if (XS_ISREG(ctx.s.type)) { return 0; } - #elif defined(WOLFSSL_TELIT_M2MB) - if (ctx.s.st_mode & M2MB_S_IFREG) { + if (XS_ISREG(ctx.s.st_mode)) { return 0; } #else - if (S_ISREG(ctx.s.st_mode)) { + if (XS_ISREG(ctx.s.st_mode)) { return 0; } #endif diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 14fa0dc90..e24ebdb39 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -4836,7 +4836,7 @@ WOLFSSL_LOCAL void FreeKey(WOLFSSL* ssl, int type, void** pKey); #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) -WOLFSSL_LOCAL int LoadCrlCertByIssuer(WOLFSSL_X509_STORE* store, +WOLFSSL_LOCAL int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int Type); #endif #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 5b6c26687..6f7c384b3 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -196,9 +196,6 @@ typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME; typedef struct WOLFSSL_X509V3_CTX WOLFSSL_X509V3_CTX; typedef struct WOLFSSL_v3_ext_method WOLFSSL_v3_ext_method; -typedef struct WOLFSSL_BY_DIR WOLFSSL_BY_DIR; -typedef struct WOLFSSL_BY_DIR_entry WOLFSSL_BY_DIR_entry; -typedef struct WOLFSSL_BY_DIR_HASH WOLFSSL_BY_DIR_HASH; typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING; typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value; diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 3da8f90c8..c08ec6ca1 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -681,12 +681,15 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #if defined(USE_WINDOWS_API) #include #define XSTAT _stat + #define XS_ISREG(s) (s & _S_IFREG) #define SEPARATOR_CHAR ';' #elif defined(WOLFSSL_ZEPHYR) #define XSTAT fs_stat + #define XS_ISREG(s) (s == FS_DIR_ENTRY_FILE) #define SEPARATOR_CHAR ':' #elif defined(WOLFSSL_TELIT_M2MB) #define XSTAT m2mb_fs_stat + #define XS_ISREG(s) (s & M2MB_S_IFREG) #define SEPARATOR_CHAR ':' #else #include @@ -696,6 +699,7 @@ WOLFSSL_API int wolfCrypt_Cleanup(void); #define XREAD read #define XCLOSE close #define XSTAT stat + #define XS_ISREG(s) S_ISREG(s) #define SEPARATOR_CHAR ':' #endif #endif