Revert wc_OBJ_sn2nid

2025-07-30 02:37:28 +02:00 · 2020-04-09 19:10:55 +02:00
parent 0ded4d4ccb
commit 0b3a331265
3 changed files with 45 additions and 30 deletions
--- a/tests/api.c
+++ b/tests/api.c
@ -28022,19 +28022,6 @@ static void test_wolfSSL_OBJ_sn(void)
    printf(testingFmt, "wolfSSL_OBJ_sn");

    AssertIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
-
-    #ifdef HAVE_ECC
-    {
-        int nCurves = 27;
-        EC_builtin_curve r[nCurves];
-        EC_get_builtin_curves(r,nCurves);
-
-        for (i = 0; i < nCurves; i++) {
-            AssertIntEQ(wolfSSL_OBJ_sn2nid(r[i].comment), r[i].nid);
-            AssertStrEQ(wolfSSL_OBJ_nid2sn(r[i].nid), r[i].comment);
-        }
-    }
-    #endif
    for (i = 0; i < maxIdx; i++) {
        AssertIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
        AssertStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -5436,25 +5436,45 @@ WOLFSSL_API int EccEnumToNID(int n)
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 int wc_OBJ_sn2nid(const char *sn)
 {
-    const WOLFSSL_ObjectInfo *obj_info = wolfssl_object_info;
-    size_t i, snlen;
-    WOLFSSL_ENTER("wolfSSL_OBJ_ln2nid");
-    if (sn && (snlen = XSTRLEN(sn)) > 0) {
-        /* Accept input like "/CN=" */
-        if (sn[0] == '/') {
-            sn++;
-            snlen--;
-        }
-        if (sn[snlen-1] == '=') {
-            snlen--;
-        }
-        for (i = 0; i < wolfssl_object_info_sz; i++, obj_info++) {
-            if (snlen == XSTRLEN(obj_info->sName) &&
-                    XSTRNCMP(sn, obj_info->sName, snlen) == 0) {
-                return obj_info->nid;
-            }
+    const struct {
+        const char *sn;
+        int  nid;
+    } sn2nid[] = {
+        {WOLFSSL_COMMON_NAME, NID_commonName},
+        {WOLFSSL_COUNTRY_NAME, NID_countryName},
+        {WOLFSSL_LOCALITY_NAME, NID_localityName},
+        {WOLFSSL_STATE_NAME, NID_stateOrProvinceName},
+        {WOLFSSL_ORG_NAME, NID_organizationName},
+        {WOLFSSL_ORGUNIT_NAME, NID_organizationalUnitName},
+        {WOLFSSL_EMAIL_ADDR, NID_emailAddress},
+        {NULL, -1}};
+
+    int i;
+    #ifdef HAVE_ECC
+    int eccEnum;
+    #endif
+    WOLFSSL_ENTER("OBJ_sn2nid");
+    for(i=0; sn2nid[i].sn != NULL; i++) {
+        if(XSTRNCMP(sn, sn2nid[i].sn, XSTRLEN(sn2nid[i].sn)) == 0) {
+            return sn2nid[i].nid;
        }
    }
+    #ifdef HAVE_ECC
+    /* Nginx uses this OpenSSL string. */
+    if (XSTRNCMP(sn, "prime256v1", 10) == 0)
+        sn = "SECP256R1";
+    if (XSTRNCMP(sn, "secp384r1", 10) == 0)
+        sn = "SECP384R1";
+    /* find based on name and return NID */
+    for (i = 0; ecc_sets[i].size != 0 && ecc_sets[i].name != NULL; i++) {
+        if (XSTRNCMP(sn, ecc_sets[i].name, ECC_MAXNAME) == 0) {
+            eccEnum = ecc_sets[i].id;
+            /* Convert enum value in ecc_curve_id to OpenSSL NID */
+            return EccEnumToNID(eccEnum);
+        }
+    }
+    #endif
+
    return NID_undef;
 }
 #endif
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@ -6296,6 +6296,10 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx,
    int keysize;
    byte pointType;

+#ifndef HAVE_COMP_KEY
+    (void)shortKeySize;
+#endif
+
    if (in == NULL || point == NULL || (curve_idx < 0) ||
        (wc_ecc_is_valid_idx(curve_idx) == 0))
        return ECC_BAD_ARG_E;
@ -6340,7 +6344,11 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx,

    /* calculate key size based on inLen / 2 if uncompressed or shortKeySize
     * is true */
+#ifdef HAVE_COMP_KEY
    keysize = compressed && !shortKeySize ? inLen : inLen>>1;
+#else
+    keysize = inLen>>1;
+#endif

    /* read data */
    if (err == MP_OKAY)