wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

x509 small build and memory free

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-07-13 15:51:27 -06:00
parent d880d59974
commit 63c8f7d1b1
4 changed files with 97 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@ -3350,10 +3350,9 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
{
int i;
for (i = 0; i < MAX_NAME_ENTRIES; i++) {
/* free ASN1 string data */
if (name->entry[i].set && name->entry[i].data.data != NULL) {
if (name->entry[i].set) {
wolfSSL_ASN1_OBJECT_free(&name->entry[i].object);
XFREE(name->entry[i].data.data, heap, DYNAMIC_TYPE_OPENSSL);
wolfSSL_ASN1_STRING_free(name->entry[i].value);
}
}
}

38
src/ssl.c
View File

@ -36348,7 +36348,8 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
void wolfSSL_cert_service(void) {}
#endif
#ifdef OPENSSL_EXTRA
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
#ifndef NO_CERTS
void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name)
{
@ -37850,7 +37851,8 @@ err:
{
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_free");
if (ne != NULL) {
if (ne->value != NULL && ne->value != &(ne->data)) {
wolfSSL_ASN1_OBJECT_free(&ne->object);
if (ne->value != NULL) {
wolfSSL_ASN1_STRING_free(ne->value);
}
XFREE(ne, NULL, DYNAMIC_TYPE_NAME_ENTRY);
@ -37866,7 +37868,6 @@ err:
NULL, DYNAMIC_TYPE_NAME_ENTRY);
if (ne != NULL) {
XMEMSET(ne, 0, sizeof(WOLFSSL_X509_NAME_ENTRY));
ne->value = &(ne->data);
}
return ne;
@ -38235,18 +38236,23 @@ err:
objSz += SetLength(oidSz, objBuf + 1);
XMEMCPY(objBuf + objSz, oid, oidSz);
objSz += oidSz;
obj->objSz = objSz;
if(((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) ||
if (obj->objSz == 0 || objSz != obj->objSz) {
obj->objSz = objSz;
if(((obj->dynamic & WOLFSSL_ASN1_DYNAMIC_DATA) != 0) ||
(obj->obj == NULL)) {
obj->obj = (byte*)XREALLOC((byte*)obj->obj, obj->objSz, NULL,
DYNAMIC_TYPE_ASN1);
if (obj->obj == NULL) {
wolfSSL_ASN1_OBJECT_free(obj);
return NULL;
if (obj->obj != NULL)
XFREE((byte*)obj->obj, NULL, DYNAMIC_TYPE_ASN1);
obj->obj = (byte*)XMALLOC(obj->objSz, NULL, DYNAMIC_TYPE_ASN1);
if (obj->obj == NULL) {
wolfSSL_ASN1_OBJECT_free(obj);
return NULL;
}
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ;
}
else {
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ;
}
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA ;
} else {
obj->dynamic &= ~WOLFSSL_ASN1_DYNAMIC_DATA ;
}
XMEMCPY((byte*)obj->obj, objBuf, obj->objSz);
@ -38361,7 +38367,7 @@ err:
#endif
return bufSz;
}
#endif /* OPENSSL_EXTRA */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name,
@ -47386,7 +47392,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
}
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
/* unlike wolfSSL_X509_NAME_dup this does not malloc a duplicate, only deep
* copy. "to" is expected to be a fresh blank name, if not pointers could be
* lost */
@ -47407,6 +47414,7 @@ static int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from,
to->name = (char*)XMALLOC(from->sz, heap, DYNAMIC_TYPE_SUBJECT_CN);
if (to->name == NULL)
return WOLFSSL_FAILURE;
to->dynamicName = 1;
}
XMEMCPY(to->name, from->name, from->sz);
to->sz = from->sz;

104
wolfcrypt/src/asn.c
View File

@ -5043,7 +5043,8 @@ void FreeDecodedCert(DecodedCert* cert)
XFREE(cert->hwType, cert->heap, DYNAMIC_TYPE_X509_EXT);
XFREE(cert->hwSerialNum, cert->heap, DYNAMIC_TYPE_X509_EXT);
#endif /* WOLFSSL_SEP */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
if (cert->issuerName != NULL)
wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->issuerName);
if (cert->subjectName != NULL)
@ -5549,7 +5550,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
byte* hash;
word32 idx, localIdx = 0;
byte tag;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
WOLFSSL_X509_NAME* dName;
int nid = NID_undef;
#endif /* OPENSSL_EXTRA */
@ -5609,7 +5611,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectRawLen = length - cert->srcIdx;
}
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
dName = wolfSSL_X509_NAME_new();
if (dName == NULL) {
return MEMORY_E;
@ -5631,7 +5634,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
}
if (GetSequence(cert->source, &cert->srcIdx, &dummy, maxIdx) <= 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5639,7 +5643,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
ret = GetASNObjectId(cert->source, &cert->srcIdx, &oidSz, maxIdx);
if (ret != 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ret;
@ -5647,7 +5652,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
/* make sure there is room for joint */
if ((cert->srcIdx + sizeof(joint)) > (word32)maxIdx) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5661,7 +5667,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
id = joint[2];
if (GetHeader(cert->source, &b, &cert->srcIdx, &strLen,
maxIdx, 1) < 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5676,7 +5683,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
copy = WOLFSSL_COMMON_NAME;
copyLen = sizeof(WOLFSSL_COMMON_NAME) - 1;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_commonName;
#endif /* OPENSSL_EXTRA */
}
@ -5690,7 +5698,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectSNEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_surname;
#endif /* OPENSSL_EXTRA */
}
@ -5704,7 +5714,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectCEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_countryName;
#endif /* OPENSSL_EXTRA */
}
@ -5718,7 +5730,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectLEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_localityName;
#endif /* OPENSSL_EXTRA */
}
@ -5732,7 +5746,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectSTEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_stateOrProvinceName;
#endif /* OPENSSL_EXTRA */
}
@ -5746,7 +5762,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectOEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_organizationName;
#endif /* OPENSSL_EXTRA */
}
@ -5760,7 +5778,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectOUEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_organizationalUnitName;
#endif /* OPENSSL_EXTRA */
}
@ -5774,7 +5794,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectSNDEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_serialNumber;
#endif /* OPENSSL_EXTRA */
}
@ -5789,7 +5811,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectBCEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_businessCategory;
#endif /* OPENSSL_EXTRA */
}
@ -5808,7 +5831,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
if (GetLength(cert->source, &cert->srcIdx, &strLen,
maxIdx) < 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5825,7 +5849,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectJCEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_jurisdictionCountryName;
#endif /* OPENSSL_EXTRA */
}
@ -5841,7 +5867,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectJSEnc = b;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_jurisdictionStateOrProvinceName;
#endif /* OPENSSL_EXTRA */
}
@ -5871,7 +5899,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->srcIdx += oidSz + 1;
if (GetLength(cert->source, &cert->srcIdx, &strLen, maxIdx) < 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5898,7 +5927,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->subjectEmailLen = strLen;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_emailAddress;
#endif /* OPENSSL_EXTRA */
#ifndef IGNORE_NAME_CONSTRAINTS
@ -5909,8 +5940,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
cert->heap, DYNAMIC_TYPE_ALTNAME);
if (emailName == NULL) {
WOLFSSL_MSG("\tOut of Memory");
#if defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return MEMORY_E;
@ -5921,8 +5953,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
if (emailName->name == NULL) {
WOLFSSL_MSG("\tOut of Memory");
XFREE(emailName, cert->heap, DYNAMIC_TYPE_ALTNAME);
#if defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return MEMORY_E;
@ -5943,8 +5976,9 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
case ASN_USER_ID:
copy = WOLFSSL_USER_ID;
copyLen = sizeof(WOLFSSL_USER_ID) - 1;
#if defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_userId;
#endif /* OPENSSL_EXTRA */
break;
@ -5952,16 +5986,18 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
case ASN_DOMAIN_COMPONENT:
copy = WOLFSSL_DOMAIN_COMPONENT;
copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
#if defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) \
&& !defined(WOLFCRYPT_ONLY)
nid = NID_domainComponent;
#endif /* OPENSSL_EXTRA */
break;
default:
WOLFSSL_MSG("Unknown pilot attribute type");
#if defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
wolfSSL_X509_NAME_free(dName);
#endif /* OPENSSL_EXTRA */
return ASN_PARSE_E;
@ -5979,7 +6015,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
idx += strLen;
}
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
if (wolfSSL_X509_NAME_add_entry_by_NID(dName, nid, MBSTRING_UTF8,
&cert->source[cert->srcIdx], strLen, -1, -1) !=
WOLFSSL_SUCCESS) {
@ -5992,7 +6029,8 @@ static int GetName(DecodedCert* cert, int nameType, int maxIdx)
full[idx++] = 0;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
if (nameType == ISSUER) {
cert->issuerName = dName;
}

6
wolfssl/ssl.h
View File

@ -3219,7 +3219,6 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
#include <wolfssl/openssl/asn1.h>
struct WOLFSSL_X509_NAME_ENTRY {
WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */
WOLFSSL_ASN1_STRING data;
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
int nid; /* i.e. ASN_COMMON_NAME */
int set;
@ -3230,11 +3229,8 @@ WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_OBJ(WOLFSSL_X509_NAME *name,
const WOLFSSL_ASN1_OBJECT *obj,
int idx);
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
enum {
WOLFSSL_SYS_ACCEPT = 0,
WOLFSSL_SYS_BIND,
@ -3306,7 +3302,7 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
#endif /* !NO_CERTS */
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,