mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-03 20:54:41 +02:00
src/internal.c,src/wolfio.c: fallback to SHA256 when NO_SHA, in LoadCertByIssuer(), MicriumGenerateCookie(), uIPGenerateCookie(), and GNRC_GenerateCookie();
tests/api.c: when NO_SHA, omit test_wolfSSL_CertManagerCheckOCSPResponse() and test_wolfSSL_CheckOCSPResponse() (both use static artifacts with SHA1 name and key hashes).
This commit is contained in:
Daniel Pouzzner
@@ -13219,9 +13219,11 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
|
|||||||
|
|
||||||
len = wolfSSL_i2d_X509_NAME_canon(issuer, &pbuf);
|
len = wolfSSL_i2d_X509_NAME_canon(issuer, &pbuf);
|
||||||
if (len > 0) {
|
if (len > 0) {
|
||||||
#ifndef NO_SHA
|
#if defined(NO_SHA) && !defined(NO_SHA256)
|
||||||
|
retHash = wc_Sha256Hash((const byte*)pbuf, len, dgt);
|
||||||
|
#elif !defined(NO_SHA)
|
||||||
retHash = wc_ShaHash((const byte*)pbuf, len, dgt);
|
retHash = wc_ShaHash((const byte*)pbuf, len, dgt);
|
||||||
#endif
|
#endif
|
||||||
if (retHash == 0) {
|
if (retHash == 0) {
|
||||||
/* 4 bytes in little endian as unsigned long */
|
/* 4 bytes in little endian as unsigned long */
|
||||||
hash = (((unsigned long)dgt[3] << 24) |
|
hash = (((unsigned long)dgt[3] << 24) |
|
||||||
|
|||||||
12
src/wolfio.c
12
src/wolfio.c
@@ -2505,7 +2505,11 @@ int MicriumGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
|
|||||||
return GEN_COOKIE_E;
|
return GEN_COOKIE_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(NO_SHA) && !defined(NO_SHA256)
|
||||||
|
ret = wc_Sha256Hash((byte*)&peer, peerSz, digest);
|
||||||
|
#else
|
||||||
ret = wc_ShaHash((byte*)&peer, peerSz, digest);
|
ret = wc_ShaHash((byte*)&peer, peerSz, digest);
|
||||||
|
#endif
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
@@ -2813,7 +2817,11 @@ int uIPGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
|
|||||||
XMEMSET(token, 0, sizeof(token));
|
XMEMSET(token, 0, sizeof(token));
|
||||||
XMEMCPY(token, &ctx->peer_addr, sizeof(uip_ipaddr_t));
|
XMEMCPY(token, &ctx->peer_addr, sizeof(uip_ipaddr_t));
|
||||||
XMEMCPY(token + sizeof(uip_ipaddr_t), &ctx->peer_port, sizeof(word16));
|
XMEMCPY(token + sizeof(uip_ipaddr_t), &ctx->peer_port, sizeof(word16));
|
||||||
|
#if defined(NO_SHA) && !defined(NO_SHA256)
|
||||||
|
ret = wc_Sha256Hash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
|
||||||
|
#else
|
||||||
ret = wc_ShaHash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
|
ret = wc_ShaHash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
|
||||||
|
#endif
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
if (sz > WC_SHA_DIGEST_SIZE)
|
if (sz > WC_SHA_DIGEST_SIZE)
|
||||||
@@ -2895,7 +2903,11 @@ int GNRC_GenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
|
|||||||
token_size = GNRC_MAX_TOKEN_SIZE;
|
token_size = GNRC_MAX_TOKEN_SIZE;
|
||||||
XMEMSET(token, 0, GNRC_MAX_TOKEN_SIZE);
|
XMEMSET(token, 0, GNRC_MAX_TOKEN_SIZE);
|
||||||
XMEMCPY(token, &ctx->peer_addr, token_size);
|
XMEMCPY(token, &ctx->peer_addr, token_size);
|
||||||
|
#if defined(NO_SHA) && !defined(NO_SHA256)
|
||||||
|
ret = wc_Sha256Hash(token, token_size, digest);
|
||||||
|
#else
|
||||||
ret = wc_ShaHash(token, token_size, digest);
|
ret = wc_ShaHash(token, token_size, digest);
|
||||||
|
#endif
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
if (sz > WC_SHA_DIGEST_SIZE)
|
if (sz > WC_SHA_DIGEST_SIZE)
|
||||||
|
|||||||
@@ -3196,7 +3196,7 @@ static int test_wolfSSL_CertManagerCRL(void)
|
|||||||
static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
|
static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
|
||||||
{
|
{
|
||||||
EXPECT_DECLS;
|
EXPECT_DECLS;
|
||||||
#if defined(HAVE_OCSP) && !defined(NO_RSA)
|
#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA)
|
||||||
/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
|
/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
|
||||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
|
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
|
||||||
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
|
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
|
||||||
@@ -3516,7 +3516,8 @@ static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
|
|||||||
static int test_wolfSSL_CheckOCSPResponse(void)
|
static int test_wolfSSL_CheckOCSPResponse(void)
|
||||||
{
|
{
|
||||||
EXPECT_DECLS;
|
EXPECT_DECLS;
|
||||||
#if defined(HAVE_OCSP) && !defined(NO_RSA) && defined(OPENSSL_ALL)
|
#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA) && \
|
||||||
|
defined(OPENSSL_ALL)
|
||||||
const char* responseFile = "./certs/ocsp/test-response.der";
|
const char* responseFile = "./certs/ocsp/test-response.der";
|
||||||
const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
|
const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
|
||||||
const char* responseNoInternFile =
|
const char* responseNoInternFile =
|
||||||
|
|||||||
Reference in New Issue
Block a user