mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 18:57:27 +02:00
wolfSSL_X509V3_EXT_i2d cont.
This commit is contained in:
Juliusz Sosinowicz
94
src/ssl.c
94
src/ssl.c
@ -9268,6 +9268,12 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
|
|||||||
|
|
||||||
case AUTH_KEY_OID:
|
case AUTH_KEY_OID:
|
||||||
if (x509->authKeyIdSet) {
|
if (x509->authKeyIdSet) {
|
||||||
|
WOLFSSL_AUTHORITY_KEYID* akey = wolfSSL_AUTHORITY_KEYID_new();
|
||||||
|
if (!akey) {
|
||||||
|
WOLFSSL_MSG("Issue creating WOLFSSL_AUTHORITY_KEYID struct");
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
if (c != NULL) {
|
if (c != NULL) {
|
||||||
*c = x509->authKeyIdCrit;
|
*c = x509->authKeyIdCrit;
|
||||||
}
|
}
|
||||||
@ -9282,6 +9288,8 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
|
|||||||
obj->objSz = x509->authKeyIdSz;
|
obj->objSz = x509->authKeyIdSz;
|
||||||
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
|
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
|
||||||
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
|
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA;
|
||||||
|
akey->issuer = obj;
|
||||||
|
return akey;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
WOLFSSL_MSG("No Auth Key set");
|
WOLFSSL_MSG("No Auth Key set");
|
||||||
@ -9391,33 +9399,32 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c,
|
|||||||
}
|
}
|
||||||
case KEY_USAGE_OID:
|
case KEY_USAGE_OID:
|
||||||
{
|
{
|
||||||
WOLFSSL_ASN1_BIT_STRING* bit_str = NULL;
|
WOLFSSL_ASN1_STRING* asn1str = NULL;
|
||||||
if (x509->keyUsageSet) {
|
if (x509->keyUsageSet) {
|
||||||
if (c != NULL) {
|
if (c != NULL) {
|
||||||
*c = x509->keyUsageCrit;
|
*c = x509->keyUsageCrit;
|
||||||
}
|
}
|
||||||
|
|
||||||
bit_str = wolfSSL_ASN1_BIT_STRING_new();
|
asn1str = wolfSSL_ASN1_STRING_new();
|
||||||
if (bit_str == NULL) {
|
if (asn1str == NULL) {
|
||||||
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_BIT_STRING struct");
|
WOLFSSL_MSG("Failed to malloc ASN1_STRING");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
bit_str->type = KEY_USAGE_OID;
|
if (wolfSSL_ASN1_STRING_set(asn1str, &x509->keyUsage,
|
||||||
bit_str->flags = 0;
|
sizeof(word16)) != WOLFSSL_SUCCESS) {
|
||||||
bit_str->length = sizeof(word16);
|
WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error");
|
||||||
bit_str->data = (byte*)XMALLOC(bit_str->length, NULL, DYNAMIC_TYPE_OPENSSL);
|
wolfSSL_ASN1_STRING_free(asn1str);
|
||||||
if (bit_str->data == NULL) {
|
|
||||||
wolfSSL_ASN1_BIT_STRING_free(bit_str);
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
XMEMCPY(bit_str->data, &x509->keyUsage, bit_str->length);
|
|
||||||
|
asn1str->type = KEY_USAGE_OID;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
WOLFSSL_MSG("No Key Usage set");
|
WOLFSSL_MSG("No Key Usage set");
|
||||||
}
|
}
|
||||||
/* don't add stack of and return bit string directly */
|
/* don't add stack of and return bit string directly */
|
||||||
return bit_str;
|
return asn1str;
|
||||||
}
|
}
|
||||||
case INHIBIT_ANY_OID:
|
case INHIBIT_ANY_OID:
|
||||||
WOLFSSL_MSG("INHIBIT ANY extension not supported");
|
WOLFSSL_MSG("INHIBIT ANY extension not supported");
|
||||||
@ -9703,14 +9710,53 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case NID_basic_constraints:
|
case NID_basic_constraints:
|
||||||
// WOLFSSL_BASIC_CONSTRAINTS
|
{
|
||||||
break;
|
/* WOLFSSL_BASIC_CONSTRAINTS */
|
||||||
case NID_inhibit_any_policy:
|
WOLFSSL_BASIC_CONSTRAINTS* bc = data;
|
||||||
// ASN1_INTEGER
|
|
||||||
|
if (!(ext->obj = wolfSSL_ASN1_OBJECT_new())) {
|
||||||
|
WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new failed");
|
||||||
|
goto err_cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
ext->obj->ca = bc->ca;
|
||||||
|
if (bc->pathlen) {
|
||||||
|
ext->obj->pathlen = wolfSSL_ASN1_INTEGER_dup(bc->pathlen);
|
||||||
|
if (!ext->obj->pathlen) {
|
||||||
|
WOLFSSL_MSG("wolfSSL_ASN1_INTEGER_dup failed");
|
||||||
|
goto err_cleanup;
|
||||||
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
case NID_authority_key_identifier:
|
case NID_authority_key_identifier:
|
||||||
// AUTHORITY_KEYID
|
{
|
||||||
|
/* AUTHORITY_KEYID */
|
||||||
|
WOLFSSL_AUTHORITY_KEYID* akey = data;
|
||||||
|
|
||||||
|
if (akey->keyid) {
|
||||||
|
if (wolfSSL_ASN1_STRING_set(&ext->value, akey->keyid->data,
|
||||||
|
akey->keyid->length) != WOLFSSL_SUCCESS) {
|
||||||
|
WOLFSSL_MSG("wolfSSL_ASN1_STRING_set failed");
|
||||||
|
goto err_cleanup;
|
||||||
|
}
|
||||||
|
ext->value.type = akey->keyid->type;
|
||||||
|
}
|
||||||
|
else if (akey->issuer) {
|
||||||
|
ext->obj = wolfSSL_ASN1_OBJECT_dup(akey->issuer);
|
||||||
|
if (!ext->obj) {
|
||||||
|
WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_dup failed");
|
||||||
|
goto err_cleanup;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
WOLFSSL_MSG("NID_authority_key_identifier empty data");
|
||||||
|
goto err_cleanup;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
|
case NID_inhibit_any_policy:
|
||||||
|
/* ASN1_INTEGER */
|
||||||
case NID_certificate_policies:
|
case NID_certificate_policies:
|
||||||
/* STACK_OF(POLICYINFO) */
|
/* STACK_OF(POLICYINFO) */
|
||||||
case NID_policy_mappings:
|
case NID_policy_mappings:
|
||||||
@ -19256,7 +19302,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
|
|||||||
wolfSSL_ASN1_OBJECT_free(dup);
|
wolfSSL_ASN1_OBJECT_free(dup);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
XMEMCPY(dup->obj, obj->obj, obj->objSz);
|
XMEMCPY((byte*)dup->obj, obj->obj, obj->objSz);
|
||||||
dup->dynamic = 1;
|
dup->dynamic = 1;
|
||||||
}
|
}
|
||||||
return dup;
|
return dup;
|
||||||
@ -27372,6 +27418,18 @@ void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc)
|
|||||||
XFREE(bc, NULL, DYNAMIC_TYPE_OPENSSL);
|
XFREE(bc, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void)
|
||||||
|
{
|
||||||
|
WOLFSSL_AUTHORITY_KEYID* akey = (WOLFSSL_AUTHORITY_KEYID*)XMALLOC(
|
||||||
|
sizeof(WOLFSSL_AUTHORITY_KEYID), NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
|
if (!akey) {
|
||||||
|
WOLFSSL_MSG("Issue creating WOLFSSL_AUTHORITY_KEYID struct");
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
XMEMSET(akey, 0, sizeof(WOLFSSL_AUTHORITY_KEYID));
|
||||||
|
return akey;
|
||||||
|
}
|
||||||
|
|
||||||
/* frees the wolfSSL_AUTHORITY_KEYID object */
|
/* frees the wolfSSL_AUTHORITY_KEYID object */
|
||||||
void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id)
|
void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id)
|
||||||
{
|
{
|
||||||
|
|||||||
35
tests/api.c
35
tests/api.c
@ -23305,7 +23305,8 @@ static void test_wolfSSL_certs(void)
|
|||||||
WOLFSSL* ssl;
|
WOLFSSL* ssl;
|
||||||
WOLFSSL_CTX* ctx;
|
WOLFSSL_CTX* ctx;
|
||||||
STACK_OF(ASN1_OBJECT)* sk;
|
STACK_OF(ASN1_OBJECT)* sk;
|
||||||
ASN1_BIT_STRING* bit_str;
|
ASN1_STRING* asn1_str;
|
||||||
|
AUTHORITY_KEYID* akey;
|
||||||
int crit;
|
int crit;
|
||||||
|
|
||||||
printf(testingFmt, "wolfSSL_certs()");
|
printf(testingFmt, "wolfSSL_certs()");
|
||||||
@ -23373,14 +23374,24 @@ static void test_wolfSSL_certs(void)
|
|||||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_basic_constraints,
|
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_basic_constraints,
|
||||||
&crit, NULL);
|
&crit, NULL);
|
||||||
AssertNotNull(sk);
|
AssertNotNull(sk);
|
||||||
|
#ifdef OPENSSL_ALL
|
||||||
|
ext = X509V3_EXT_i2d(NID_basic_constraints, crit, sk);
|
||||||
|
AssertNotNull(ext);
|
||||||
|
X509_EXTENSION_free(ext);
|
||||||
|
#endif
|
||||||
AssertIntEQ(crit, 0);
|
AssertIntEQ(crit, 0);
|
||||||
sk_ASN1_OBJECT_free(sk);
|
sk_ASN1_OBJECT_free(sk);
|
||||||
|
|
||||||
bit_str = (ASN1_BIT_STRING*)X509_get_ext_d2i(x509ext, NID_key_usage, &crit, NULL);
|
asn1_str = (ASN1_STRING*)X509_get_ext_d2i(x509ext, NID_key_usage, &crit, NULL);
|
||||||
AssertNotNull(bit_str);
|
AssertNotNull(asn1_str);
|
||||||
AssertIntEQ(crit, 1);
|
AssertIntEQ(crit, 1);
|
||||||
AssertIntEQ(bit_str->type, NID_key_usage);
|
AssertIntEQ(asn1_str->type, NID_key_usage);
|
||||||
ASN1_BIT_STRING_free(bit_str);
|
#ifdef OPENSSL_ALL
|
||||||
|
ext = X509V3_EXT_i2d(NID_key_usage, crit, asn1_str);
|
||||||
|
AssertNotNull(ext);
|
||||||
|
X509_EXTENSION_free(ext);
|
||||||
|
#endif
|
||||||
|
ASN1_STRING_free(asn1_str);
|
||||||
|
|
||||||
#ifdef OPENSSL_ALL
|
#ifdef OPENSSL_ALL
|
||||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage,
|
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509, NID_ext_key_usage,
|
||||||
@ -23388,6 +23399,7 @@ static void test_wolfSSL_certs(void)
|
|||||||
AssertNotNull(sk);
|
AssertNotNull(sk);
|
||||||
ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk);
|
ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk);
|
||||||
AssertNotNull(ext);
|
AssertNotNull(ext);
|
||||||
|
X509_EXTENSION_free(ext);
|
||||||
sk_ASN1_OBJECT_free(sk);
|
sk_ASN1_OBJECT_free(sk);
|
||||||
#else
|
#else
|
||||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
|
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
|
||||||
@ -23395,9 +23407,15 @@ static void test_wolfSSL_certs(void)
|
|||||||
AssertNull(sk);
|
AssertNull(sk);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
|
akey = (AUTHORITY_KEYID*)X509_get_ext_d2i(x509ext,
|
||||||
NID_authority_key_identifier, &crit, NULL);
|
NID_authority_key_identifier, &crit, NULL);
|
||||||
AssertNotNull(sk);
|
AssertNotNull(akey);
|
||||||
|
#ifdef OPENSSL_ALL
|
||||||
|
ext = X509V3_EXT_i2d(NID_authority_key_identifier, crit, akey);
|
||||||
|
AssertNotNull(ext);
|
||||||
|
wolfSSL_AUTHORITY_KEYID_free(akey);
|
||||||
|
X509_EXTENSION_free(ext);
|
||||||
|
#endif
|
||||||
sk_ASN1_OBJECT_free(sk);
|
sk_ASN1_OBJECT_free(sk);
|
||||||
|
|
||||||
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
|
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext,
|
||||||
@ -23478,7 +23496,6 @@ static void test_wolfSSL_certs(void)
|
|||||||
|
|
||||||
AssertIntEQ(SSL_get_hit(ssl), 0);
|
AssertIntEQ(SSL_get_hit(ssl), 0);
|
||||||
#ifdef OPENSSL_ALL
|
#ifdef OPENSSL_ALL
|
||||||
X509_EXTENSION_free(ext);
|
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
#endif
|
#endif
|
||||||
X509_free(x509ext);
|
X509_free(x509ext);
|
||||||
@ -31375,7 +31392,7 @@ static void test_wolfSSL_X509V3_EXT(void) {
|
|||||||
#endif
|
#endif
|
||||||
AssertIntEQ(actual, expected);
|
AssertIntEQ(actual, expected);
|
||||||
wolfSSL_ASN1_STRING_free(asn1str);
|
wolfSSL_ASN1_STRING_free(asn1str);
|
||||||
#if 0
|
#if 1
|
||||||
i++;
|
i++;
|
||||||
|
|
||||||
/* Authority Info Access */
|
/* Authority Info Access */
|
||||||
|
|||||||
@ -89,6 +89,7 @@ typedef struct WOLFSSL_ACCESS_DESCRIPTION ACCESS_DESCRIPTION;
|
|||||||
typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS;
|
typedef WOLF_STACK_OF(WOLFSSL_ACCESS_DESCRIPTION) WOLFSSL_AUTHORITY_INFO_ACCESS;
|
||||||
|
|
||||||
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
|
WOLFSSL_API void wolfSSL_BASIC_CONSTRAINTS_free(WOLFSSL_BASIC_CONSTRAINTS *bc);
|
||||||
|
WOLFSSL_API WOLFSSL_AUTHORITY_KEYID* wolfSSL_AUTHORITY_KEYID_new(void);
|
||||||
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
|
WOLFSSL_API void wolfSSL_AUTHORITY_KEYID_free(WOLFSSL_AUTHORITY_KEYID *id);
|
||||||
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
|
WOLFSSL_API const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(
|
||||||
WOLFSSL_X509_EXTENSION* ex);
|
WOLFSSL_X509_EXTENSION* ex);
|
||||||
|
|||||||
Reference in New Issue
Block a user