wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixup for async on master

Browse Source
This commit is contained in:
Sean Parkinson
2017-05-08 08:41:00 +10:00
parent 1e2a6412d7
commit 1a08143946
4 changed files with 21 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/crl.c
View File

@@ -212,6 +212,7 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
byte* sig = NULL;
word32 sigSz = crle->signatureSz;
word32 sigOID = crle->signatureOID;
SignatureCtx sigCtx;
tbs = XMALLOC(tbsSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
if (tbs == NULL)
@@ -245,7 +246,8 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
return ASN_CRL_NO_SIGNER_E;
}
ret = VerifyCRL_Signature(tbs, tbsSz, sig, sigSz, sigOID, ca);
ret = VerifyCRL_Signature(&sigCtx, tbs, tbsSz, sig, sigSz,
sigOID, ca, crl->heap);
XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);

24
wolfcrypt/src/asn.c
View File

@@ -10704,9 +10704,9 @@ static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
return 0;
}
int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
const byte* signature, word32 sigSz,
word32 signatureOID, Signer *ca)
int VerifyCRL_Signature(SignatureCtx* sigCtx, const byte* toBeSigned,
word32 tbsSz, const byte* signature, word32 sigSz,
word32 signatureOID, Signer *ca, void* heap)
{
/* try to confirm/verify signature */
#ifndef IGNORE_KEY_EXTENSIONS
@@ -10716,9 +10716,10 @@ int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
}
#endif /* IGNORE_KEY_EXTENSIONS */
InitSignatureCtx(&sigCtx, dcrl->heap, INVALID_DEVID);
if (ConfirmSignature(toBeSigned, tbsSz, ca->publicKey, ca->pubKeySize,
ca->keyOID, signature, sigSz, signatureOID, NULL) != 0) {
InitSignatureCtx(sigCtx, heap, INVALID_DEVID);
if (ConfirmSignature(sigCtx, toBeSigned, tbsSz, ca->publicKey,
ca->pubKeySize, ca->keyOID, signature, sigSz,
signatureOID) != 0) {
WOLFSSL_MSG("CRL Confirm signature failed");
return ASN_CRL_CONFIRM_E;
}
@@ -10729,9 +10730,10 @@ int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
/* prase crl buffer into decoded state, 0 on success */
int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
{
int ret = 0, version, len, doNextDate = 1;
word32 oid, idx = 0, dateIdx;
Signer* ca = NULL;
int version, len, doNextDate = 1;
word32 oid, idx = 0, dateIdx;
Signer* ca = NULL;
SignatureCtx sigCtx;
WOLFSSL_MSG("ParseCRL");
@@ -10828,9 +10830,9 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
}
WOLFSSL_MSG("Found CRL issuer CA");
return VerifyCRL_Signature(buff + dcrl->certBegin,
return VerifyCRL_Signature(&sigCtx, buff + dcrl->certBegin,
dcrl->sigIndex - dcrl->certBegin, dcrl->signature, dcrl->sigLength,
dcrl->signatureOID, ca);
dcrl->signatureOID, ca, dcrl->heap);
}
#endif /* HAVE_CRL */

2
wolfssl/ssl.h
View File

@@ -2354,7 +2354,7 @@ WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsi
unsigned *len);
#ifdef WOLFSSL_HAPROXY
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
#endif

6
wolfssl/wolfcrypt/asn.h
View File

@@ -976,9 +976,11 @@ struct DecodedCRL {
};
WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*, void* heap);
WOLFSSL_LOCAL int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
WOLFSSL_LOCAL int VerifyCRL_Signature(SignatureCtx* sigCtx,
const byte* toBeSigned, word32 tbsSz,
const byte* signature, word32 sigSz,
word32 signatureOID, Signer *ca);
word32 signatureOID, Signer *ca,
void* heap);
WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);