mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-03-24 15:27:19 +01:00
Fixed issues building with nocrypt. Improved logic on ASN_BER_TO_DER. Improved logic on unknown extension callback (new WC_ASN_UNKNOWN_EXT_CB gate).
This commit is contained in:
David Garske
@@ -5359,8 +5359,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
|
||||
|
||||
InitDecodedCert(cert, der->buffer, der->length, cm->heap);
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) && \
|
||||
defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
if (cm->unknownExtCallback != NULL) {
|
||||
wc_SetUnknownExtCallback(cert, cm->unknownExtCallback);
|
||||
}
|
||||
|
||||
@@ -609,8 +609,7 @@ void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
|
||||
}
|
||||
#endif /* NO_WOLFSSL_CM_VERIFY */
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
void wolfSSL_CertManagerSetUnknownExtCallback(WOLFSSL_CERT_MANAGER* cm,
|
||||
wc_UnknownExtCallback cb)
|
||||
{
|
||||
@@ -620,7 +619,7 @@ void wolfSSL_CertManagerSetUnknownExtCallback(WOLFSSL_CERT_MANAGER* cm,
|
||||
}
|
||||
|
||||
}
|
||||
#endif /* WOLFSSL_CUSTOM_OID && WOLFSSL_ASN_TEMPLATE && HAVE_OID_DECODING */
|
||||
#endif /* WC_ASN_UNKNOWN_EXT_CB */
|
||||
|
||||
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
|
||||
/* Verify the certificate.
|
||||
@@ -690,8 +689,7 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff,
|
||||
/* Create a decoded certificate with DER buffer. */
|
||||
InitDecodedCert(cert, buff, (word32)sz, cm->heap);
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
if (cm->unknownExtCallback != NULL)
|
||||
wc_SetUnknownExtCallback(cert, cm->unknownExtCallback);
|
||||
#endif
|
||||
|
||||
@@ -3660,7 +3660,7 @@ int StreamOctetString(const byte* inBuf, word32 inBufSz, byte* out, word32* outS
|
||||
|
||||
/* Convert BER to DER */
|
||||
|
||||
/* Pull informtation from the ASN.1 BER encoded item header */
|
||||
/* Pull information from the ASN.1 BER encoded item header */
|
||||
static int GetBerHeader(const byte* data, word32* idx, word32 maxIdx,
|
||||
byte* pTag, word32* pLen, int* indef)
|
||||
{
|
||||
@@ -6226,7 +6226,8 @@ static int RsaPssHashOidToMgf1(word32 oid, int* mgf)
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifndef NO_CERTS
|
||||
#if !defined(NO_CERTS) && !defined(NO_ASN_CRYPT)
|
||||
|
||||
/* Convert a hash OID to a fake signature OID.
|
||||
*
|
||||
* @param [in] oid Hash OID.
|
||||
@@ -21407,8 +21408,7 @@ enum {
|
||||
#define certExtASN_Length (sizeof(certExtASN) / sizeof(ASNItem))
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
int wc_SetUnknownExtCallback(DecodedCert* cert,
|
||||
wc_UnknownExtCallback cb) {
|
||||
if (cert == NULL) {
|
||||
@@ -21429,7 +21429,7 @@ int wc_SetUnknownExtCallbackEx(DecodedCert* cert,
|
||||
cert->unknownExtCallbackExCtx = ctx;
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* WC_ASN_UNKNOWN_EXT_CB */
|
||||
|
||||
/*
|
||||
* Processing the Certificate Extensions. This does not modify the current
|
||||
@@ -21583,7 +21583,7 @@ end:
|
||||
/* Decode the extension by type. */
|
||||
ret = DecodeExtensionType(input + idx, length, oid, critical, cert,
|
||||
&isUnknownExt);
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
if (isUnknownExt && (cert->unknownExtCallback != NULL ||
|
||||
cert->unknownExtCallbackEx != NULL)) {
|
||||
word16 decOid[MAX_OID_SZ];
|
||||
@@ -21612,8 +21612,9 @@ end:
|
||||
cert->unknownExtCallbackExCtx);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
(void)isUnknownExt;
|
||||
#endif
|
||||
|
||||
/* Move index on to next extension. */
|
||||
idx += length;
|
||||
@@ -34482,7 +34483,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
|
||||
#endif /* WOLFSSL_ASN_TEMPLATE */
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
/* build DER formatted ECC key, include optional public key if requested,
|
||||
* return length on success, negative on error */
|
||||
int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
|
||||
@@ -34913,7 +34914,7 @@ int wc_EccKeyToPKCS8(ecc_key* key, byte* output,
|
||||
return eccToPKCS8(key, output, outLen, 1);
|
||||
}
|
||||
#endif /* HAVE_PKCS8 */
|
||||
#endif /* HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
|
||||
#endif /* HAVE_ECC_KEY_EXPORT */
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifdef WC_ENABLE_ASYM_KEY_IMPORT
|
||||
|
||||
@@ -830,8 +830,7 @@ int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
void wc_PKCS7_SetUnknownExtCallback(PKCS7* pkcs7, wc_UnknownExtCallback cb)
|
||||
{
|
||||
if (pkcs7 != NULL) {
|
||||
@@ -1083,8 +1082,7 @@ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* derCert, word32 derCertSz)
|
||||
int devId;
|
||||
Pkcs7Cert* cert;
|
||||
Pkcs7Cert* lastCert;
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
wc_UnknownExtCallback cb;
|
||||
#endif
|
||||
|
||||
@@ -1095,16 +1093,14 @@ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* derCert, word32 derCertSz)
|
||||
heap = pkcs7->heap;
|
||||
devId = pkcs7->devId;
|
||||
cert = pkcs7->certList;
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
cb = pkcs7->unknownExtCallback;
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
cb = pkcs7->unknownExtCallback; /* save / restore callback */
|
||||
#endif
|
||||
ret = wc_PKCS7_Init(pkcs7, heap, devId);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
pkcs7->unknownExtCallback = cb;
|
||||
#endif
|
||||
pkcs7->certList = cert;
|
||||
@@ -1155,8 +1151,7 @@ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* derCert, word32 derCertSz)
|
||||
}
|
||||
|
||||
InitDecodedCert(dCert, derCert, derCertSz, pkcs7->heap);
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
if (pkcs7->unknownExtCallback != NULL)
|
||||
wc_SetUnknownExtCallback(dCert, pkcs7->unknownExtCallback);
|
||||
#endif
|
||||
|
||||
@@ -711,9 +711,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void);
|
||||
#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_KEY_GEN)
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void);
|
||||
#endif
|
||||
#if defined(ASN_BER_TO_DER) && \
|
||||
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
#ifdef ASN_BER_TO_DER
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void);
|
||||
#endif
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void);
|
||||
@@ -53957,9 +53955,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void)
|
||||
#endif /* WOLFSSL_PUBLIC_MP */
|
||||
|
||||
|
||||
#if defined(ASN_BER_TO_DER) && \
|
||||
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
|
||||
defined(OPENSSL_EXTRA_X509_SMALL))
|
||||
#ifdef ASN_BER_TO_DER
|
||||
/* wc_BerToDer is only public facing in the case of test cert or opensslextra */
|
||||
typedef struct berDerTestData {
|
||||
const byte *in;
|
||||
@@ -54075,7 +54071,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void)
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* ASN_BER_TO_DER */
|
||||
|
||||
#ifdef DEBUG_WOLFSSL
|
||||
static THREAD_LS_T int log_cnt = 0;
|
||||
|
||||
@@ -2650,8 +2650,7 @@ struct WOLFSSL_CERT_MANAGER {
|
||||
#ifdef HAVE_DILITHIUM
|
||||
short minDilithiumKeySz; /* minimum allowed Dilithium key size */
|
||||
#endif
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
wc_UnknownExtCallback unknownExtCallback;
|
||||
#endif
|
||||
};
|
||||
|
||||
@@ -3690,8 +3690,7 @@ WOLFSSL_API void wolfSSL_CTX_SetPerformTlsRecordProcessingCb(WOLFSSL_CTX* ctx,
|
||||
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm);
|
||||
WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm);
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
WOLFSSL_API void wolfSSL_CertManagerSetUnknownExtCallback(
|
||||
WOLFSSL_CERT_MANAGER* cm,
|
||||
wc_UnknownExtCallback cb);
|
||||
|
||||
@@ -1660,8 +1660,7 @@ typedef struct TrustedPeerCert TrustedPeerCert;
|
||||
typedef struct SignatureCtx SignatureCtx;
|
||||
typedef struct CertSignCtx CertSignCtx;
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
typedef int (*wc_UnknownExtCallback)(const word16* oid, word32 oidSz, int crit,
|
||||
const unsigned char* der, word32 derSz);
|
||||
typedef int (*wc_UnknownExtCallbackEx)(const word16* oid, word32 oidSz,
|
||||
@@ -1887,7 +1886,7 @@ struct DecodedCert {
|
||||
/* WOLFSSL_X509_NAME structures (used void* to avoid including ssl.h) */
|
||||
void* issuerName;
|
||||
void* subjectName;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||
#ifdef WOLFSSL_SEP
|
||||
int deviceTypeSz;
|
||||
byte* deviceType;
|
||||
@@ -1997,8 +1996,7 @@ struct DecodedCert {
|
||||
#ifdef HAVE_RPK
|
||||
byte isRPK : 1; /* indicate the cert is Raw-Public-Key cert in RFC7250 */
|
||||
#endif
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
wc_UnknownExtCallback unknownExtCallback;
|
||||
wc_UnknownExtCallbackEx unknownExtCallbackEx;
|
||||
void *unknownExtCallbackExCtx;
|
||||
@@ -2141,15 +2139,16 @@ typedef enum MimeStatus
|
||||
} MimeStatus;
|
||||
#endif /* HAVE_SMIME */
|
||||
|
||||
|
||||
WOLFSSL_LOCAL int HashIdAlg(word32 oidSum);
|
||||
WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
|
||||
WOLFSSL_LOCAL int CalcHashId_ex(const byte* data, word32 len, byte* hash,
|
||||
int hashAlg);
|
||||
WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
|
||||
|
||||
WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
|
||||
#ifdef ASN_BER_TO_DER
|
||||
WOLFSSL_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
|
||||
word32* derSz);
|
||||
#endif
|
||||
WOLFSSL_LOCAL int StreamOctetString(const byte* inBuf, word32 inBufSz,
|
||||
byte* out, word32* outSz, word32* idx);
|
||||
|
||||
@@ -2167,11 +2166,10 @@ WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert* cert);
|
||||
WOLFSSL_ASN_API int ParseCert(DecodedCert* cert, int type, int verify,
|
||||
void* cm);
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
WOLFSSL_ASN_API int wc_SetUnknownExtCallback(DecodedCert* cert,
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
WOLFSSL_API int wc_SetUnknownExtCallback(DecodedCert* cert,
|
||||
wc_UnknownExtCallback cb);
|
||||
WOLFSSL_ASN_API int wc_SetUnknownExtCallbackEx(DecodedCert* cert,
|
||||
WOLFSSL_API int wc_SetUnknownExtCallbackEx(DecodedCert* cert,
|
||||
wc_UnknownExtCallbackEx cb,
|
||||
void *ctx);
|
||||
#endif
|
||||
|
||||
@@ -345,8 +345,7 @@ struct PKCS7 {
|
||||
word32 plainDigestSz;
|
||||
word32 pkcs7DigestSz;
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
wc_UnknownExtCallback unknownExtCallback;
|
||||
#endif
|
||||
|
||||
@@ -363,8 +362,7 @@ struct PKCS7 {
|
||||
};
|
||||
|
||||
WOLFSSL_API PKCS7* wc_PKCS7_New(void* heap, int devId);
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
|
||||
&& defined(HAVE_OID_DECODING)
|
||||
#ifdef WC_ASN_UNKNOWN_EXT_CB
|
||||
WOLFSSL_API void wc_PKCS7_SetUnknownExtCallback(PKCS7* pkcs7,
|
||||
wc_UnknownExtCallback cb);
|
||||
#endif
|
||||
|
||||
@@ -415,36 +415,31 @@
|
||||
* ---------------------------------------------------------------------------
|
||||
*/
|
||||
#ifdef WOLFSSL_DUAL_ALG_CERTS
|
||||
#ifdef NO_RSA
|
||||
#error "Need RSA or else dual alg cert example will not work."
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_ASN_TEMPLATE
|
||||
#error "Dual alg cert support requires the ASN.1 template feature."
|
||||
#endif
|
||||
#ifndef HAVE_ECC
|
||||
#error "Need ECDSA or else dual alg cert example will not work."
|
||||
#endif
|
||||
|
||||
#ifdef NO_RSA
|
||||
#error "Need RSA or else dual alg cert example will not work."
|
||||
#endif
|
||||
#undef WOLFSSL_CERT_GEN
|
||||
#define WOLFSSL_CERT_GEN
|
||||
|
||||
#ifndef HAVE_ECC
|
||||
#error "Need ECDSA or else dual alg cert example will not work."
|
||||
#endif
|
||||
#undef WOLFSSL_CUSTOM_OID
|
||||
#define WOLFSSL_CUSTOM_OID
|
||||
|
||||
#undef WOLFSSL_CERT_GEN
|
||||
#define WOLFSSL_CERT_GEN
|
||||
#undef HAVE_OID_ENCODING
|
||||
#define HAVE_OID_ENCODING
|
||||
|
||||
#undef WOLFSSL_CUSTOM_OID
|
||||
#define WOLFSSL_CUSTOM_OID
|
||||
#undef WOLFSSL_CERT_EXT
|
||||
#define WOLFSSL_CERT_EXT
|
||||
|
||||
#undef HAVE_OID_ENCODING
|
||||
#define HAVE_OID_ENCODING
|
||||
#undef OPENSSL_EXTRA
|
||||
#define OPENSSL_EXTRA
|
||||
|
||||
#undef WOLFSSL_CERT_EXT
|
||||
#define WOLFSSL_CERT_EXT
|
||||
|
||||
#undef OPENSSL_EXTRA
|
||||
#define OPENSSL_EXTRA
|
||||
|
||||
#undef HAVE_OID_DECODING
|
||||
#define HAVE_OID_DECODING
|
||||
#undef HAVE_OID_DECODING
|
||||
#define HAVE_OID_DECODING
|
||||
#endif /* WOLFSSL_DUAL_ALG_CERTS */
|
||||
|
||||
|
||||
@@ -1648,6 +1643,7 @@ extern void uITRON4_free(void *p) ;
|
||||
#define WOLFSSL_STATIC_PSK
|
||||
/* Server side support to be added at a later date. */
|
||||
#define NO_WOLFSSL_SERVER
|
||||
|
||||
/* Need WOLFSSL_PUBLIC_ASN to use ProcessPeerCert callback. */
|
||||
#define WOLFSSL_PUBLIC_ASN
|
||||
|
||||
@@ -2889,6 +2885,9 @@ extern void uITRON4_free(void *p) ;
|
||||
#define WOLFSSL_ASN_TEMPLATE
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_DUAL_ALG_CERTS) && !defined(WOLFSSL_ASN_TEMPLATE)
|
||||
#error "Dual alg cert support requires the ASN.1 template feature."
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
#undef WOLFSSL_ASN_ALL
|
||||
@@ -2926,6 +2925,7 @@ extern void uITRON4_free(void *p) ;
|
||||
#undef WOLFSSL_AKID_NAME
|
||||
#define WOLFSSL_AKID_NAME
|
||||
|
||||
/* Extended ASN.1 parsing support (typically used with cert gen) */
|
||||
#undef WOLFSSL_CERT_EXT
|
||||
#define WOLFSSL_CERT_EXT
|
||||
|
||||
@@ -2940,35 +2940,50 @@ extern void uITRON4_free(void *p) ;
|
||||
#undef WOLFSSL_CERT_NAME_ALL
|
||||
#define WOLFSSL_CERT_NAME_ALL
|
||||
|
||||
/* Store pointers to issuer name components and their lengths and encodings. */
|
||||
#undef WOLFSSL_HAVE_ISSUER_NAMES
|
||||
#define WOLFSSL_HAVE_ISSUER_NAMES
|
||||
|
||||
/* Additional ASN.1 encoded name fields. See CTC_MAX_ATTRIB for max limit */
|
||||
#undef WOLFSSL_MULTI_ATTRIB
|
||||
#define WOLFSSL_MULTI_ATTRIB
|
||||
|
||||
/* Parsing of indefinite length encoded ASN.1
|
||||
* Optionally used by PKCS7/PKCS12 */
|
||||
#undef ASN_BER_TO_DER
|
||||
#define ASN_BER_TO_DER
|
||||
|
||||
/* Enable custom OID support for subject and request extensions */
|
||||
#undef WOLFSSL_CUSTOM_OID
|
||||
#define WOLFSSL_CUSTOM_OID
|
||||
|
||||
/* Support for full OID (not just sum) encoding */
|
||||
#undef HAVE_OID_ENCODING
|
||||
#define HAVE_OID_ENCODING
|
||||
|
||||
/* Support for full OID (not just sum) decoding */
|
||||
#undef HAVE_OID_DECODING
|
||||
#define HAVE_OID_DECODING
|
||||
|
||||
/* S/MIME - Secure Multipurpose Internet Mail Extension (used with PKCS7) */
|
||||
#undef HAVE_SMIME
|
||||
#define HAVE_SMIME
|
||||
|
||||
/* Enable compatibility layer function for getting time string */
|
||||
#undef WOLFSSL_ASN_TIME_STRING
|
||||
#define WOLFSSL_ASN_TIME_STRING
|
||||
|
||||
/* Support for parsing key usage */
|
||||
#undef WOLFSSL_ASN_PARSE_KEYUSAGE
|
||||
#define WOLFSSL_ASN_PARSE_KEYUSAGE
|
||||
|
||||
/* Support for parsing OCSP status */
|
||||
#undef WOLFSSL_OCSP_PARSE_STATUS
|
||||
#define WOLFSSL_OCSP_PARSE_STATUS
|
||||
|
||||
/* Extended Key Usage */
|
||||
#undef WOLFSSL_EKU_OID
|
||||
#define WOLFSSL_EKU_OID
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
|
||||
@@ -2997,6 +3012,26 @@ extern void uITRON4_free(void *p) ;
|
||||
#define WOLFSSL_MULTI_ATTRIB
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
#undef WOLFSSL_EKU_OID
|
||||
#define WOLFSSL_EKU_OID
|
||||
#endif
|
||||
|
||||
/* Disable time checking if no timer */
|
||||
#if defined(NO_ASN_TIME)
|
||||
#define NO_ASN_TIME_CHECK
|
||||
#endif
|
||||
|
||||
/* ASN Unknown Extension Callback support */
|
||||
#if defined(WOLFSSL_CUSTOM_OID) && defined(HAVE_OID_DECODING)
|
||||
#undef WC_ASN_UNKNOWN_EXT_CB
|
||||
#define WC_ASN_UNKNOWN_EXT_CB
|
||||
#endif
|
||||
|
||||
#if defined(WC_ASN_UNKNOWN_EXT_CB) && !defined(WOLFSSL_ASN_TEMPLATE)
|
||||
#error ASN unknown extension callback is only supported with ASN template
|
||||
#endif
|
||||
|
||||
|
||||
/* Linux Kernel Module */
|
||||
#ifdef WOLFSSL_LINUXKM
|
||||
@@ -3124,30 +3159,15 @@ extern void uITRON4_free(void *p) ;
|
||||
#define WOLFSSL_SESSION_ID_CTX
|
||||
#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */
|
||||
|
||||
/* ---------------------------------------------------------------------------
|
||||
* Special small OpenSSL compat layer for certs
|
||||
* ---------------------------------------------------------------------------
|
||||
*/
|
||||
#ifdef OPENSSL_EXTRA_X509_SMALL
|
||||
#undef WOLFSSL_EKU_OID
|
||||
#define WOLFSSL_EKU_OID
|
||||
|
||||
#undef WOLFSSL_MULTI_ATTRIB
|
||||
#define WOLFSSL_MULTI_ATTRIB
|
||||
|
||||
#undef WOLFSSL_NO_OPENSSL_RAND_CB
|
||||
#define WOLFSSL_NO_OPENSSL_RAND_CB
|
||||
#endif /* OPENSSL_EXTRA_X509_SMALL */
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SNI
|
||||
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
|
||||
#endif
|
||||
|
||||
/* Disable time checking if no timer */
|
||||
#if defined(NO_ASN_TIME)
|
||||
#define NO_ASN_TIME_CHECK
|
||||
#endif
|
||||
|
||||
/* both CURVE and ED small math should be enabled */
|
||||
#ifdef CURVED25519_SMALL
|
||||
#define CURVE25519_SMALL
|
||||
|
||||
@@ -875,7 +875,8 @@ typedef struct w64wrapper {
|
||||
#endif /* !XSNPRINTF */
|
||||
|
||||
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
|
||||
defined(HAVE_ALPN) || defined(WOLFSSL_SNIFFER)
|
||||
defined(HAVE_ALPN) || defined(WOLFSSL_SNIFFER) || \
|
||||
defined(WOLFSSL_ASN_PARSE_KEYUSAGE)
|
||||
/* use only Thread Safe version of strtok */
|
||||
#if defined(USE_WOLF_STRTOK)
|
||||
#define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
|
||||
|
||||
Reference in New Issue
Block a user