wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup format and typos, and use WOLFSSL_FILETYPE.

Browse Source
This commit is contained in:
jordan
2022-11-15 11:45:11 -06:00
parent 81ed2a60b4
commit 17105606b1
2 changed files with 32 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/x509.c
View File

@ -6538,7 +6538,7 @@ const char* wolfSSL_X509_verify_cert_error_string(long err)
/* Add directory path that will be used for loading certs and CRLs /* Add directory path that will be used for loading certs and CRLs
* which have the <hash>.rn name format. * which have the <hash>.rn name format.
* type may be X509_FILETYPE_PEM or X509_FILETYPE_ASN1. * type may be WOLFSSL_FILETYPE_PEM or WOLFSSL_FILETYPE_ASN1.
* returns WOLFSSL_SUCCESS on successful, otherwise negative or zero. */ * returns WOLFSSL_SUCCESS on successful, otherwise negative or zero. */
int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP* lookup, const char* dir, int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP* lookup, const char* dir,
long type) long type)
@ -6562,7 +6562,7 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
const char* header = NULL; const char* header = NULL;
const char* footer = NULL; const char* footer = NULL;
if (type != X509_FILETYPE_PEM) if (type != WOLFSSL_FILETYPE_PEM)
return WS_RETURN_CODE(BAD_FUNC_ARG, (int)WOLFSSL_FAILURE); return WS_RETURN_CODE(BAD_FUNC_ARG, (int)WOLFSSL_FAILURE);
fp = XFOPEN(file, "rb"); fp = XFOPEN(file, "rb");
@ -6799,7 +6799,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl)
/* @param **ret return value of the control command */ /* @param **ret return value of the control command */
/* @return WOLFSSL_SUCCESS on successful, othewise WOLFSSL_FAILURE */ /* @return WOLFSSL_SUCCESS on successful, othewise WOLFSSL_FAILURE */
/* note: WOLFSSL_X509_L_ADD_STORE and WOLFSSL_X509_L_LOAD_STORE have not*/ /* note: WOLFSSL_X509_L_ADD_STORE and WOLFSSL_X509_L_LOAD_STORE have not*/
/* yet implemented. It retutns WOLFSSL_NOT_IMPLEMENTED */ /* yet implemented. It returns WOLFSSL_NOT_IMPLEMENTED */
/* when those control commands are passed. */ /* when those control commands are passed. */
int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd, int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd,
const char *argc, long argl, char **ret) const char *argc, long argl, char **ret)
@ -6816,7 +6816,7 @@ int wolfSSL_X509_LOOKUP_ctrl(WOLFSSL_X509_LOOKUP *ctx, int cmd,
WOLFSSL_SUCCESS : WOLFSSL_FAILURE; WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
break; break;
case WOLFSSL_X509_L_ADD_DIR: case WOLFSSL_X509_L_ADD_DIR:
/* store directory loaction to use it later */ /* store directory location to use it later */
#if !defined(NO_WOLFSSL_DIR) #if !defined(NO_WOLFSSL_DIR)
lret = x509AddCertDir(ctx->dirs, argc, argl); lret = x509AddCertDir(ctx->dirs, argc, argl);
#else #else
@ -7395,7 +7395,7 @@ WOLFSSL_API int wolfSSL_X509_load_crl_file(WOLFSSL_X509_LOOKUP *ctx,
return ret; return ret;
} }
if (type == X509_FILETYPE_PEM) { if (type == WOLFSSL_FILETYPE_PEM) {
do { do {
crl = wolfSSL_PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL); crl = wolfSSL_PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL);
if (crl == NULL) { if (crl == NULL) {
@ -7416,7 +7416,8 @@ WOLFSSL_API int wolfSSL_X509_load_crl_file(WOLFSSL_X509_LOOKUP *ctx,
} while(crl == NULL); } while(crl == NULL);
ret = count; ret = count;
} else if (type == X509_FILETYPE_ASN1) { }
else if (type == WOLFSSL_FILETYPE_ASN1) {
crl = wolfSSL_d2i_X509_CRL_bio(bio, NULL); crl = wolfSSL_d2i_X509_CRL_bio(bio, NULL);
if (crl == NULL) { if (crl == NULL) {
WOLFSSL_MSG("Load crl failed"); WOLFSSL_MSG("Load crl failed");

48
tests/api.c
View File

@ -50593,7 +50593,7 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
#endif /* !NO_BIO */ #endif /* !NO_BIO */
/* Test of X509 store use outside of SSL context w/ CRL lookup (ALWAYS /* Test of X509 store use outside of SSL context w/ CRL lookup (ALWAYS
returns 0) */ * returns 0) */
static int test_X509_STORE_No_SSL_CTX(void) static int test_X509_STORE_No_SSL_CTX(void)
{ {
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \ #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
@ -50601,16 +50601,17 @@ static int test_X509_STORE_No_SSL_CTX(void)
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \ (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
X509_STORE *store; X509_STORE * store;
X509_STORE_CTX *storeCtx; X509_STORE_CTX * storeCtx;
X509_CRL *crl; X509_CRL * crl;
X509 *ca, *cert; X509 * ca;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem"; X509 * cert;
const char srvCert[] = "./certs/server-cert.pem"; const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char caCert[] = "./certs/ca-cert.pem"; const char srvCert[] = "./certs/server-cert.pem";
const char caDir[] = "./certs/crl/hash_pem/"; const char caCert[] = "./certs/ca-cert.pem";
XFILE fp; const char caDir[] = "./certs/crl/hash_pem";
X509_LOOKUP *lookup; XFILE fp;
X509_LOOKUP * lookup;
printf(testingFmt, "test_X509_STORE_No_SSL_CTX"); printf(testingFmt, "test_X509_STORE_No_SSL_CTX");
@ -50622,8 +50623,8 @@ static int test_X509_STORE_No_SSL_CTX(void)
AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store /* Add CRL lookup directory to store
NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy * NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy
of crl.pem */ * of crl.pem */
AssertNotNull((lookup = X509_STORE_add_lookup(store, AssertNotNull((lookup = X509_STORE_add_lookup(store,
X509_LOOKUP_hash_dir()))); X509_LOOKUP_hash_dir())));
AssertIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir, AssertIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
@ -50633,7 +50634,7 @@ static int test_X509_STORE_No_SSL_CTX(void)
SSL_SUCCESS); SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which /* Add CRL to store NOT containing the verified certificate, which
forces use of the CRL lookup directory */ * forces use of the CRL lookup directory */
fp = XFOPEN(cliCrlPem, "rb"); fp = XFOPEN(cliCrlPem, "rb");
AssertTrue((fp != XBADFILE)); AssertTrue((fp != XBADFILE));
AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
@ -50648,7 +50649,7 @@ static int test_X509_STORE_No_SSL_CTX(void)
AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Perform verification, which should NOT indicate CRL missing due to the /* Perform verification, which should NOT indicate CRL missing due to the
store CM's X509 store pointer being NULL */ * store CM's X509 store pointer being NULL */
AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING); AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl); X509_CRL_free(crl);
@ -50664,8 +50665,8 @@ static int test_X509_STORE_No_SSL_CTX(void)
return 0; return 0;
} }
/* Basically the same test as test_X509_STORE_No_SSL_CTX, but with /* Test of X509 store use outside of SSL context w/ CRL lookup, but
* X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */ * with X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */
static int test_X509_LOOKUP_add_dir(void) static int test_X509_LOOKUP_add_dir(void)
{ {
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \ #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
@ -50676,11 +50677,12 @@ static int test_X509_LOOKUP_add_dir(void)
X509_STORE * store; X509_STORE * store;
X509_STORE_CTX * storeCtx; X509_STORE_CTX * storeCtx;
X509_CRL * crl; X509_CRL * crl;
X509 *ca, * cert; X509 * ca;
X509 * cert;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem"; const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char srvCert[] = "./certs/server-cert.pem"; const char srvCert[] = "./certs/server-cert.pem";
const char caCert[] = "./certs/ca-cert.pem"; const char caCert[] = "./certs/ca-cert.pem";
const char caDir[] = "./certs/crl/hash_der/"; const char caDir[] = "./certs/crl/hash_der";
XFILE fp; XFILE fp;
X509_LOOKUP * lookup; X509_LOOKUP * lookup;
@ -50694,8 +50696,8 @@ static int test_X509_LOOKUP_add_dir(void)
AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS); AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store. /* Add CRL lookup directory to store.
Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy * Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy
of crl.der */ * of crl.der */
AssertNotNull((lookup = X509_STORE_add_lookup(store, AssertNotNull((lookup = X509_STORE_add_lookup(store,
X509_LOOKUP_hash_dir()))); X509_LOOKUP_hash_dir())));
@ -50706,7 +50708,7 @@ static int test_X509_LOOKUP_add_dir(void)
SSL_SUCCESS); SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which /* Add CRL to store NOT containing the verified certificate, which
forces use of the CRL lookup directory */ * forces use of the CRL lookup directory */
fp = XFOPEN(cliCrlPem, "rb"); fp = XFOPEN(cliCrlPem, "rb");
AssertTrue((fp != XBADFILE)); AssertTrue((fp != XBADFILE));
AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
@ -50761,7 +50763,7 @@ static int test_X509_LOOKUP_add_dir(void)
AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS); AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Now we SHOULD get CRL_MISSING, because we looked for PEM /* Now we SHOULD get CRL_MISSING, because we looked for PEM
in dir containing only ASN1/DER. */ * in dir containing only ASN1/DER. */
AssertIntEQ(X509_verify_cert(storeCtx), CRL_MISSING); AssertIntEQ(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl); X509_CRL_free(crl);