wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1421 from JacobBarthelmeh/Optimizations

Browse Source 
trim out more strings and fix DN tag
This commit is contained in:
toddouska
2018-03-08 14:03:10 -08:00
committed by GitHub
parent 1f9583c59c 612a80609a
commit 0ab4166a80
4 changed files with 80 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
src/internal.c
View File

@@ -15965,12 +15965,15 @@ const char* GetCipherNameInternal(const char* cipherName, int cipherSuite)
/* if first is null then not any */ /* if first is null then not any */
if (first == NULL) { if (first == NULL) {
#if defined(HAVE_AESCCM) || defined(HAVE_CHACHA) || \
defined(HAVE_ECC)
if ( !XSTRSTR(nameFound, "CHACHA") && if ( !XSTRSTR(nameFound, "CHACHA") &&
!XSTRSTR(nameFound, "EC") && !XSTRSTR(nameFound, "EC") &&
!XSTRSTR(nameFound, "CCM")) { !XSTRSTR(nameFound, "CCM")) {
result = nameFound; result = nameFound;
break; break;
} }
#endif
} }
else if (XSTRSTR(nameFound, first)) { else if (XSTRSTR(nameFound, first)) {
result = nameFound; result = nameFound;
@@ -16486,26 +16489,51 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
return 0; /* suites buffer not large enough, error out */ return 0; /* suites buffer not large enough, error out */
} }
suites->suites[idx++] = (XSTRSTR(name, "TLS13")) ? TLS13_BYTE suites->suites[idx++] =
: (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE #ifdef WOLFSSL_TLS13
: (XSTRSTR(name, "QSH")) ? QSH_BYTE (XSTRSTR(name, "TLS13")) ? TLS13_BYTE :
: (XSTRSTR(name, "EC")) ? ECC_BYTE #endif
: (XSTRSTR(name, "CCM")) ? ECC_BYTE #ifdef HAVE_CHACHA
: 0x00; /* normal */ (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE :
suites->suites[idx++] = (byte)cipher_name_idx[i]; #endif
#ifdef HAVE_QSH
(XSTRSTR(name, "QSH")) ? QSH_BYTE :
#endif
#ifdef HAVE_ECC
(XSTRSTR(name, "EC")) ? ECC_BYTE :
#endif
#ifdef HAVE_AESCCM
(XSTRSTR(name, "CCM")) ? ECC_BYTE :
#endif
0x00; /* normal */
suites->suites[idx++] = (byte)cipher_name_idx[i];
/* The suites are either ECDSA, RSA, PSK, or Anon. The RSA /* The suites are either ECDSA, RSA, PSK, or Anon. The RSA
* suites don't necessarily have RSA in the name. */ * suites don't necessarily have RSA in the name. */
#ifdef WOLFSSL_TLS13
if (XSTRSTR(name, "TLS13")) { if (XSTRSTR(name, "TLS13")) {
haveRSAsig = 1; haveRSAsig = 1;
haveECDSAsig = 1; haveECDSAsig = 1;
} }
else if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA")) else
#endif
#ifdef HAVE_ECC
if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
haveECDSAsig = 1; haveECDSAsig = 1;
else if (XSTRSTR(name, "ADH")) else
#endif
#ifdef HAVE_ANON
if (XSTRSTR(name, "ADH"))
haveAnon = 1; haveAnon = 1;
else if ((haveRSAsig == 0) && (XSTRSTR(name, "PSK") == NULL)) else
#endif
if (haveRSAsig == 0
#ifndef NO_PSK
&& (XSTRSTR(name, "PSK") == NULL)
#endif
) {
haveRSAsig = 1; haveRSAsig = 1;
}
ret = 1; /* found at least one */ ret = 1; /* found at least one */
break; break;

21
src/ssl.c
View File

@@ -4690,8 +4690,10 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
case CERTREQ_TYPE: header=BEGIN_CERT_REQ; footer=END_CERT_REQ; case CERTREQ_TYPE: header=BEGIN_CERT_REQ; footer=END_CERT_REQ;
break; break;
#endif #endif
#ifndef NO_DSA
case DSA_TYPE: header=BEGIN_DSA_PRIV; footer=END_DSA_PRIV; case DSA_TYPE: header=BEGIN_DSA_PRIV; footer=END_DSA_PRIV;
break; break;
#endif
#ifdef HAVE_ECC #ifdef HAVE_ECC
case ECC_TYPE: header=BEGIN_EC_PRIV; footer=END_EC_PRIV; case ECC_TYPE: header=BEGIN_EC_PRIV; footer=END_EC_PRIV;
break; break;
@@ -4782,7 +4784,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
word32 lineSz; word32 lineSz;
char* finish; char* finish;
word32 finishSz; word32 finishSz;
char* start; char* start = NULL;
word32 startSz; word32 startSz;
char* newline; char* newline;
@@ -4791,12 +4793,17 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
} }
lineSz = (word32)(bufferEnd - line); lineSz = (word32)(bufferEnd - line);
#ifndef NO_DES3
start = XSTRNSTR(line, "DES", min(lineSz, PEM_LINE_LEN)); start = XSTRNSTR(line, "DES", min(lineSz, PEM_LINE_LEN));
#endif
#ifndef NO_AES
if (start == NULL) { if (start == NULL) {
start = XSTRNSTR(line, "AES", min(lineSz, PEM_LINE_LEN)); start = XSTRNSTR(line, "AES", min(lineSz, PEM_LINE_LEN));
} }
#endif
(void)lineSz;
if (start == NULL) return WOLFSSL_BAD_FILE; if (start == NULL) return WOLFSSL_BAD_FILE;
if (info == NULL) return WOLFSSL_BAD_FILE; if (info == NULL) return WOLFSSL_BAD_FILE;
@@ -16097,20 +16104,29 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
WOLFSSL_ENTER("SSL_get_version"); WOLFSSL_ENTER("SSL_get_version");
if (ssl->version.major == SSLv3_MAJOR) { if (ssl->version.major == SSLv3_MAJOR) {
switch (ssl->version.minor) { switch (ssl->version.minor) {
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
case SSLv3_MINOR : case SSLv3_MINOR :
return "SSLv3"; return "SSLv3";
#endif
#ifdef WOLFSSL_ALLOW_TLSV10
case TLSv1_MINOR : case TLSv1_MINOR :
return "TLSv1"; return "TLSv1";
#endif
case TLSv1_1_MINOR : case TLSv1_1_MINOR :
return "TLSv1.1"; return "TLSv1.1";
#endif
case TLSv1_2_MINOR : case TLSv1_2_MINOR :
return "TLSv1.2"; return "TLSv1.2";
#ifdef WOLFSSL_TLS13
case TLSv1_3_MINOR : case TLSv1_3_MINOR :
return "TLSv1.3"; return "TLSv1.3";
#endif
default: default:
return "unknown"; return "unknown";
} }
} }
#ifdef WOLFSSL_DTLS
else if (ssl->version.major == DTLS_MAJOR) { else if (ssl->version.major == DTLS_MAJOR) {
switch (ssl->version.minor) { switch (ssl->version.minor) {
case DTLS_MINOR : case DTLS_MINOR :
@@ -16121,6 +16137,7 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
return "unknown"; return "unknown";
} }
} }
#endif /* WOLFSSL_DTLS */
return "unknown"; return "unknown";
} }
@@ -29433,6 +29450,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
type = oidBlkType; type = oidBlkType;
break; break;
#ifndef NO_DES3
case NID_des: case NID_des:
id = DESb; id = DESb;
sName = "DES-CBC"; sName = "DES-CBC";
@@ -29444,6 +29462,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
sName = "DES3-CBC"; sName = "DES3-CBC";
type = oidBlkType; type = oidBlkType;
break; break;
#endif /* !NO_DES3 */
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
case NID_id_pkix_OCSP_basic: case NID_id_pkix_OCSP_basic:

24
wolfcrypt/src/asn.c
View File

@@ -4460,7 +4460,7 @@ static int GetName(DecodedCert* cert, int nameType)
if (dName->cnLen != 0) { if (dName->cnLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/CN=", 4); XMEMCPY(&dName->fullName[idx], WOLFSSL_COMMON_NAME, 4);
idx += 4; idx += 4;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->cnIdx], dName->cnLen); &cert->source[dName->cnIdx], dName->cnLen);
@@ -4469,7 +4469,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->snLen != 0) { if (dName->snLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/SN=", 4); XMEMCPY(&dName->fullName[idx], WOLFSSL_SUR_NAME, 4);
idx += 4; idx += 4;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->snIdx], dName->snLen); &cert->source[dName->snIdx], dName->snLen);
@@ -4478,7 +4478,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->cLen != 0) { if (dName->cLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/C=", 3); XMEMCPY(&dName->fullName[idx], WOLFSSL_COUNTRY_NAME, 3);
idx += 3; idx += 3;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->cIdx], dName->cLen); &cert->source[dName->cIdx], dName->cLen);
@@ -4487,7 +4487,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->lLen != 0) { if (dName->lLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/L=", 3); XMEMCPY(&dName->fullName[idx], WOLFSSL_LOCALITY_NAME, 3);
idx += 3; idx += 3;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->lIdx], dName->lLen); &cert->source[dName->lIdx], dName->lLen);
@@ -4496,7 +4496,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->stLen != 0) { if (dName->stLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/ST=", 4); XMEMCPY(&dName->fullName[idx], WOLFSSL_STATE_NAME, 4);
idx += 4; idx += 4;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->stIdx], dName->stLen); &cert->source[dName->stIdx], dName->stLen);
@@ -4505,7 +4505,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->oLen != 0) { if (dName->oLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/O=", 3); XMEMCPY(&dName->fullName[idx], WOLFSSL_ORG_NAME, 3);
idx += 3; idx += 3;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->oIdx], dName->oLen); &cert->source[dName->oIdx], dName->oLen);
@@ -4514,7 +4514,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->ouLen != 0) { if (dName->ouLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/OU=", 4); XMEMCPY(&dName->fullName[idx], WOLFSSL_ORGUNIT_NAME, 4);
idx += 4; idx += 4;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->ouIdx], dName->ouLen); &cert->source[dName->ouIdx], dName->ouLen);
@@ -4533,7 +4533,7 @@ static int GetName(DecodedCert* cert, int nameType)
for (i = 0;i < dName->dcNum;i++){ for (i = 0;i < dName->dcNum;i++){
if (dName->dcLen[i] != 0) { if (dName->dcLen[i] != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/DC=", 4); XMEMCPY(&dName->fullName[idx], WOLFSSL_DOMAIN_COMPONENT, 4);
idx += 4; idx += 4;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->dcIdx[i]], dName->dcLen[i]); &cert->source[dName->dcIdx[i]], dName->dcLen[i]);
@@ -4552,7 +4552,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (dName->serialLen != 0) { if (dName->serialLen != 0) {
dName->entryCount++; dName->entryCount++;
XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14); XMEMCPY(&dName->fullName[idx], WOLFSSL_SERIAL_NUMBER, 14);
idx += 14; idx += 14;
XMEMCPY(&dName->fullName[idx], XMEMCPY(&dName->fullName[idx],
&cert->source[dName->serialIdx], dName->serialLen); &cert->source[dName->serialIdx], dName->serialLen);
@@ -7293,8 +7293,10 @@ const char* const END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
const char* const BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----"; const char* const BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
const char* const END_EC_PRIV = "-----END EC PRIVATE KEY-----"; const char* const END_EC_PRIV = "-----END EC PRIVATE KEY-----";
#endif #endif
const char* const BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----"; #if defined(HAVE_ECC) || defined(HAVE_ED25519) || !defined(NO_DSA)
const char* const END_DSA_PRIV = "-----END DSA PRIVATE KEY-----"; const char* const BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
const char* const END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
#endif
const char* const BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----"; const char* const BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----";
const char* const END_PUB_KEY = "-----END PUBLIC KEY-----"; const char* const END_PUB_KEY = "-----END PUBLIC KEY-----";
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519

18
wolfssl/wolfcrypt/asn.h
View File

@@ -116,15 +116,15 @@ enum DN_Tags {
}; };
/* DN Tag Strings */ /* DN Tag Strings */
#define WOLFSSL_COMMON_NAME "/CN" #define WOLFSSL_COMMON_NAME "/CN="
#define WOLFSSL_SUR_NAME "/SN" #define WOLFSSL_SUR_NAME "/SN="
#define WOLFSSL_SERIAL_NUMBER "/serialNumber=" #define WOLFSSL_SERIAL_NUMBER "/serialNumber="
#define WOLFSSL_COUNTRY_NAME "/C" #define WOLFSSL_COUNTRY_NAME "/C="
#define WOLFSSL_LOCALITY_NAME "/L" #define WOLFSSL_LOCALITY_NAME "/L="
#define WOLFSSL_STATE_NAME "/ST" #define WOLFSSL_STATE_NAME "/ST="
#define WOLFSSL_ORG_NAME "/O" #define WOLFSSL_ORG_NAME "/O="
#define WOLFSSL_ORGUNIT_NAME "/OU" #define WOLFSSL_ORGUNIT_NAME "/OU="
#define WOLFSSL_DOMAIN_COMPONENT "/DC" #define WOLFSSL_DOMAIN_COMPONENT "/DC="
enum PBES { enum PBES {
PBE_MD5_DES = 0, PBE_MD5_DES = 0,