wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-05 21:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixup for async on master

Browse Source
This commit is contained in:
Sean Parkinson
2017-05-08 08:41:00 +10:00
parent 1e2a6412d7
commit 1a08143946
4 changed files with 21 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/crl.c
View File

@@ -212,6 +212,7 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
byte* sig = NULL; byte* sig = NULL;
word32 sigSz = crle->signatureSz; word32 sigSz = crle->signatureSz;
word32 sigOID = crle->signatureOID; word32 sigOID = crle->signatureOID;
SignatureCtx sigCtx;
tbs = XMALLOC(tbsSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); tbs = XMALLOC(tbsSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
if (tbs == NULL) if (tbs == NULL)
@@ -245,7 +246,8 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
return ASN_CRL_NO_SIGNER_E; return ASN_CRL_NO_SIGNER_E;
} }
ret = VerifyCRL_Signature(tbs, tbsSz, sig, sigSz, sigOID, ca); ret = VerifyCRL_Signature(&sigCtx, tbs, tbsSz, sig, sigSz,
sigOID, ca, crl->heap);
XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);

24
wolfcrypt/src/asn.c
View File

@@ -10704,9 +10704,9 @@ static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
return 0; return 0;
} }
int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz, int VerifyCRL_Signature(SignatureCtx* sigCtx, const byte* toBeSigned,
const byte* signature, word32 sigSz, word32 tbsSz, const byte* signature, word32 sigSz,
word32 signatureOID, Signer *ca) word32 signatureOID, Signer *ca, void* heap)
{ {
/* try to confirm/verify signature */ /* try to confirm/verify signature */
#ifndef IGNORE_KEY_EXTENSIONS #ifndef IGNORE_KEY_EXTENSIONS
@@ -10716,9 +10716,10 @@ int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
} }
#endif /* IGNORE_KEY_EXTENSIONS */ #endif /* IGNORE_KEY_EXTENSIONS */
InitSignatureCtx(&sigCtx, dcrl->heap, INVALID_DEVID); InitSignatureCtx(sigCtx, heap, INVALID_DEVID);
if (ConfirmSignature(toBeSigned, tbsSz, ca->publicKey, ca->pubKeySize, if (ConfirmSignature(sigCtx, toBeSigned, tbsSz, ca->publicKey,
ca->keyOID, signature, sigSz, signatureOID, NULL) != 0) { ca->pubKeySize, ca->keyOID, signature, sigSz,
signatureOID) != 0) {
WOLFSSL_MSG("CRL Confirm signature failed"); WOLFSSL_MSG("CRL Confirm signature failed");
return ASN_CRL_CONFIRM_E; return ASN_CRL_CONFIRM_E;
} }
@@ -10729,9 +10730,10 @@ int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz,
/* prase crl buffer into decoded state, 0 on success */ /* prase crl buffer into decoded state, 0 on success */
int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
{ {
int ret = 0, version, len, doNextDate = 1; int version, len, doNextDate = 1;
word32 oid, idx = 0, dateIdx; word32 oid, idx = 0, dateIdx;
Signer* ca = NULL; Signer* ca = NULL;
SignatureCtx sigCtx;
WOLFSSL_MSG("ParseCRL"); WOLFSSL_MSG("ParseCRL");
@@ -10828,9 +10830,9 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
} }
WOLFSSL_MSG("Found CRL issuer CA"); WOLFSSL_MSG("Found CRL issuer CA");
return VerifyCRL_Signature(buff + dcrl->certBegin, return VerifyCRL_Signature(&sigCtx, buff + dcrl->certBegin,
dcrl->sigIndex - dcrl->certBegin, dcrl->signature, dcrl->sigLength, dcrl->sigIndex - dcrl->certBegin, dcrl->signature, dcrl->sigLength,
dcrl->signatureOID, ca); dcrl->signatureOID, ca, dcrl->heap);
} }
#endif /* HAVE_CRL */ #endif /* HAVE_CRL */

2
wolfssl/ssl.h
View File

@@ -2354,7 +2354,7 @@ WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsi
unsigned *len); unsigned *len);
#ifdef WOLFSSL_HAPROXY #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context( WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length); const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
#endif #endif

6
wolfssl/wolfcrypt/asn.h
View File

@@ -976,9 +976,11 @@ struct DecodedCRL {
}; };
WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*, void* heap); WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*, void* heap);
WOLFSSL_LOCAL int VerifyCRL_Signature(const byte* toBeSigned, word32 tbsSz, WOLFSSL_LOCAL int VerifyCRL_Signature(SignatureCtx* sigCtx,
const byte* toBeSigned, word32 tbsSz,
const byte* signature, word32 sigSz, const byte* signature, word32 sigSz,
word32 signatureOID, Signer *ca); word32 signatureOID, Signer *ca,
void* heap);
WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm); WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*); WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);