wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-03-24 13:27:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

add name entry and fix build without RSA

Browse Source
This commit is contained in:
Jacob Barthelmeh
2017-01-25 10:46:30 -07:00
parent 03a4b9d2fe
commit 79ea6b78bb
14 changed files with 325 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/internal.c
View File

@@ -2749,6 +2749,7 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
XMEMSET(&name->fullName, 0, sizeof(DecodedName));
XMEMSET(&name->cnEntry, 0, sizeof(WOLFSSL_X509_NAME_ENTRY));
name->cnEntry.value = &(name->cnEntry.data); /* point to internal data*/
name->cnEntry.nid = ASN_COMMON_NAME;
name->x509 = NULL;
#endif /* OPENSSL_EXTRA */
}
@@ -2761,9 +2762,16 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
if (name->dynamicName)
XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
#ifdef OPENSSL_EXTRA
if (name->fullName.fullName != NULL){
XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);
name->fullName.fullName = NULL;
{
int i;
if (name->fullName.fullName != NULL)
XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);
for (i = 0; i < MAX_NAME_ENTRIES; i++) {
/* free ASN1 string data */
if (name->extra[i].set && name->extra[i].data.data != NULL) {
XFREE(name->extra[i].data.data, heap, DYNAMIC_TYPE_OPENSSL);
}
}
}
#endif /* OPENSSL_EXTRA */
}

213
src/ssl.c
View File

@@ -17295,7 +17295,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap)
XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY));
pkey->heap = heap;
pkey->type = WOLFSSL_EVP_PKEY_DEFAULT;
ret = wc_InitRng_ex(&(pkey->rng), heap);
ret = wc_InitRng_ex(&(pkey->rng), heap, INVALID_DEVID);
if (ret != 0){
wolfSSL_EVP_PKEY_free(pkey);
WOLFSSL_MSG("memory falure");
@@ -17317,20 +17317,22 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
wc_FreeRng(&(key->rng));
if (key->pkey.ptr != NULL)
{
XFREE(key->pkey.ptr, pkey->heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
}
switch(key->type)
{
#ifndef NO_RSA
case EVP_PKEY_RSA:
if (key->rsa != NULL && key->ownRsa == 1) {
wolfSSL_RSA_free(key->rsa);
}
break;
#endif /* NO_RSA */
default:
break;
}
XFREE(key, pkey->heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
}
}
@@ -20925,7 +20927,6 @@ static int SetRsaInternal(WOLFSSL_RSA* rsa)
return WOLFSSL_SUCCESS;
}
#endif /* HAVE_USER_RSA */
/* return compliant with OpenSSL
* 1 if success, 0 if error
@@ -21193,6 +21194,7 @@ int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa)
}
return wolfSSL_BN_num_bytes(rsa->n);
}
#endif /* HAVE_USER_RSA */
#endif /* NO_RSA */
#ifndef NO_DSA
@@ -21465,7 +21467,7 @@ int wolfSSL_DSA_do_verify(const unsigned char* d, unsigned char* sig,
#endif /* NO_DSA */
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
#ifdef DEBUG_SIGN
static void show(const char *title, const unsigned char *out, unsigned int outlen)
@@ -21951,6 +21953,7 @@ WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key)
}
#ifndef NO_RSA
/* with set1 functions the pkey struct does not own the RSA structure */
WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *key)
{
@@ -21970,6 +21973,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_RSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_RSA *k
#endif
return 1;
}
#endif /* NO_RSA */
WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key)
{
@@ -24167,7 +24171,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
{
WOLFSSL_EVP_PKEY* pkey = NULL;
#ifdef WOLFSSL_SMALL_STACK
Encryptedinfo* info;
EncryptedInfo* info;
#else
EncryptedInfo info[1];
#endif /* WOLFSSL_SMALL_STACK */
@@ -25101,17 +25105,55 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
return wolfSSL_PEM_read_bio_X509(bp, x, cb, u);
}
WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
WOLFSSL_X509_NAME_ENTRY** out, const char* field, int type,
const unsigned char* data, int dataSz)
void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne)
{
(void)out;
(void)field;
(void)type;
(void)data;
(void)dataSz;
WOLFSSL_STUB("wolfSSL_X509_NAME_ENTRY_create_by_NID()");
return NULL;
if (ne != NULL) {
if (ne->value != NULL && ne->value != &(ne->data)) {
wolfSSL_ASN1_STRING_free(ne->value);
}
XFREE(ne, NULL, DYNAMIC_TYPE_NAME_ENTRY);
}
}
WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void)
{
WOLFSSL_X509_NAME_ENTRY* ne = NULL;
ne = (WOLFSSL_X509_NAME_ENTRY*)XMALLOC(sizeof(WOLFSSL_X509_NAME_ENTRY),
NULL, DYNAMIC_TYPE_NAME_ENTRY);
if (ne != NULL) {
XMEMSET(ne, 0, sizeof(WOLFSSL_X509_NAME_ENTRY));
ne->value = &(ne->data);
}
return ne;
}
WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
WOLFSSL_X509_NAME_ENTRY** out, int nid, int type,
unsigned char* data, int dataSz)
{
WOLFSSL_X509_NAME_ENTRY* ne = NULL;
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_create_by_NID()");
ne = wolfSSL_X509_NAME_ENTRY_new();
if (ne == NULL) {
return NULL;
}
ne->nid = nid;
ne->value = wolfSSL_ASN1_STRING_type_new(type);
wolfSSL_ASN1_STRING_set(ne->value, (const void*)data, dataSz);
ne->set = 1;
if (out != NULL) {
*out = ne;
}
return ne;
}
@@ -25121,12 +25163,45 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name,
WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set)
{
(void)name;
(void)entry;
int i;
WOLFSSL_ENTER("wolfSSL_X509_NAME_add_entry()");
for (i = 0; i < MAX_NAME_ENTRIES; i++) {
if (name->extra[i].set != 1) { /* not set so overwrited */
WOLFSSL_X509_NAME_ENTRY* current = &(name->extra[i]);
WOLFSSL_ASN1_STRING* str;
WOLFSSL_MSG("Found place for name entry");
XMEMCPY(current, entry, sizeof(WOLFSSL_X509_NAME_ENTRY));
str = entry->value;
XMEMCPY(&(current->data), str, sizeof(WOLFSSL_ASN1_STRING));
current->value = &(current->data);
current->data.data = (char*)XMALLOC(str->length,
name->x509->heap, DYNAMIC_TYPE_OPENSSL);
if (current->data.data == NULL) {
return SSL_FAILURE;
}
XMEMCPY(current->data.data, str->data, str->length);
/* make sure is null terminated */
current->data.data[str->length - 1] = '\0';
current->set = 1; /* make sure now listed as set */
break;
}
}
if (i == MAX_NAME_ENTRIES) {
WOLFSSL_MSG("No spot found for name entry");
return SSL_FAILURE;
}
(void)idx;
(void)set;
WOLFSSL_STUB("wolfSSL_X509_NAME_add_entry");
return SSL_FAILURE;
return SSL_SUCCESS;
}
void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name)
@@ -25821,7 +25896,8 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
/* get CN shortcut from x509 since it has null terminator */
name->cnEntry.data.data = name->x509->subjectCN;
name->cnEntry.data.length = name->fullName.cnLen;
name->cnEntry.data.type = ASN_COMMON_NAME;
name->cnEntry.data.type = CTC_UTF8;
name->cnEntry.nid = ASN_COMMON_NAME;
name->cnEntry.set = 1;
return &(name->cnEntry);
}
@@ -26334,6 +26410,101 @@ end:
}
#endif
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
int wolfSSL_PEM_write_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 *x)
{
byte* pem;
int pemSz = 0;
const unsigned char* der;
int derSz;
int ret;
WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_REQ()");
if (x == NULL || bp == NULL) {
return SSL_FAILURE;
}
der = wolfSSL_X509_get_der(x, &derSz);
if (der == NULL) {
return SSL_FAILURE;
}
/* get PEM size */
pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERTREQ_TYPE);
if (pemSz < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return SSL_FAILURE;
}
/* create PEM buffer and convert from DER */
pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
return SSL_FAILURE;
}
if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERTREQ_TYPE) < 0) {
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
}
/* write the PEM to BIO */
ret = wolfSSL_BIO_write(bp, pem, pemSz);
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ret <= 0) return SSL_FAILURE;
return SSL_SUCCESS;
}
#endif /* WOLFSSL_CERT_REQ */
int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp, WOLFSSL_X509 *x)
{
byte* pem;
int pemSz = 0;
const unsigned char* der;
int derSz;
int ret;
WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_AUX()");
if (bp == NULL || x == NULL) {
WOLFSSL_MSG("NULL argument passed in");
return SSL_FAILURE;
}
der = wolfSSL_X509_get_der(x, &derSz);
if (der == NULL) {
return SSL_FAILURE;
}
/* get PEM size */
pemSz = wc_DerToPemEx(der, derSz, NULL, 0, NULL, CERT_TYPE);
if (pemSz < 0) {
return SSL_FAILURE;
}
/* create PEM buffer and convert from DER */
pem = (byte*)XMALLOC(pemSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
return SSL_FAILURE;
}
if (wc_DerToPemEx(der, derSz, pem, pemSz, NULL, CERT_TYPE) < 0) {
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return SSL_FAILURE;
}
/* write the PEM to BIO */
ret = wolfSSL_BIO_write(bp, pem, pemSz);
XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ret <= 0) return SSL_FAILURE;
return SSL_SUCCESS;
}
#endif /* WOLFSSL_CERT_GEN */
int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert)
{

55
tests/api.c
View File

@@ -2267,8 +2267,8 @@ static void verify_ALPN_not_matching_continue(WOLFSSL* ssl)
wolfSSL_ALPN_GetProtocol(ssl, &proto, &protoSz));
/* check value */
AssertIntEQ(1, 0 == protoSz);
AssertIntEQ(1, NULL == proto);
AssertIntEQ(1, (0 == protoSz));
AssertIntEQ(1, (NULL == proto));
}
static void verify_ALPN_matching_http1(WOLFSSL* ssl)
@@ -14699,7 +14699,8 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
static void test_wolfSSL_X509(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)\
&& !defined(NO_RSA)
X509* x509;
BIO* bio;
X509_STORE_CTX* ctx;
@@ -14916,6 +14917,53 @@ static void test_wolfSSL_OBJ(void)
}
static void test_wolfSSL_X509_NAME_ENTRY(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) \
&& !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
X509* x509;
BIO* bio;
X509_NAME* nm;
X509_NAME_ENTRY* entry;
unsigned char cn[] = "another name to add";
printf(testingFmt, "wolfSSL_X509_NAME_ENTRY()");
AssertNotNull(x509 =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS);
#ifdef WOLFSSL_CERT_REQ
{
X509_REQ* req;
BIO* bReq;
AssertNotNull(req =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
AssertNotNull(bReq = BIO_new(BIO_s_mem()));
AssertIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS);
BIO_free(bReq);
X509_free(req);
}
#endif
AssertNotNull(nm = X509_get_subject_name(x509));
AssertNotNull(entry = X509_NAME_ENTRY_create_by_NID(NULL, NID_commonName,
0x0c, cn, (int)sizeof(cn)));
AssertIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
X509_NAME_ENTRY_free(entry);
BIO_free(bio);
X509_free(x509);
printf(resultFmt, passed);
#endif
}
static void test_no_op_functions(void)
{
#if defined(OPENSSL_EXTRA)
@@ -15718,6 +15766,7 @@ void ApiTest(void)
test_wolfSSL_ERR_put_error();
test_wolfSSL_HMAC();
test_wolfSSL_OBJ();
test_wolfSSL_X509_NAME_ENTRY();
/* test the no op functions for compatibility */
test_no_op_functions();

2
wolfcrypt/src/asn.c
View File

@@ -2397,7 +2397,7 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz,
return LENGTH_ONLY_E;
}
tmp = XMALLOC(tmpSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
tmp = (byte*)XMALLOC(tmpSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
#ifdef WOLFSSL_SMALL_STACK
if (saltTmp != NULL)

34
wolfcrypt/src/evp.c
View File

@@ -613,8 +613,11 @@ WOLFSSL_API WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pke
ctx = (WOLFSSL_EVP_PKEY_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY_CTX), NULL,
DYNAMIC_TYPE_PUBLIC_KEY);
if(ctx == NULL)return NULL;
XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_PKEY_CTX));
ctx->pkey = pkey ;
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
ctx->padding = RSA_PKCS1_PADDING;
#endif
return ctx;
}
@@ -634,7 +637,13 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
if (ctx == NULL)return 0;
WOLFSSL_ENTER("EVP_PKEY_decrypt");
(void)out;
(void)outlen;
(void)in;
(void)inlen;
switch(ctx->pkey->type){
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
case EVP_PKEY_RSA:
*outlen = wolfSSL_RSA_private_decrypt((int)inlen, (unsigned char*)in, out,
ctx->pkey->rsa, ctx->padding);
@@ -642,6 +651,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
return 1;
else
return 0;
#endif /* NO_RSA */
case EVP_PKEY_EC:
WOLFSSL_MSG("not implemented");
@@ -677,11 +687,18 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
WOLFSSL_ENTER("EVP_PKEY_encrypt");
if(ctx->op != EVP_PKEY_OP_ENCRYPT)return 0;
(void)out;
(void)outlen;
(void)in;
(void)inlen;
switch(ctx->pkey->type){
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
case EVP_PKEY_RSA:
*outlen = wolfSSL_RSA_public_encrypt((int)inlen, (unsigned char *)in, out,
ctx->pkey->rsa, ctx->padding);
return (int)*outlen;
#endif /* NO_RSA */
case EVP_PKEY_EC:
WOLFSSL_MSG("not implemented");
@@ -726,8 +743,10 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
WOLFSSL_ENTER("EVP_PKEY_size");
switch(pkey->type){
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
case EVP_PKEY_RSA:
return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
#endif /* NO_RSA */
case EVP_PKEY_EC:
WOLFSSL_MSG("not implemented");
@@ -753,6 +772,8 @@ WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data
return wolfSSL_EVP_DigestUpdate(ctx, data, len);
}
/* macro gaurd because currently only used with RSA */
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
static int md2nid(int md)
{
const char * d ;
@@ -761,6 +782,7 @@ static int md2nid(int md)
if(XSTRNCMP(d, "MD5", 3) == 0)return NID_md5;
return 0;
}
#endif /* NO_RSA */
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey)
@@ -774,7 +796,11 @@ WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *si
ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
if(ret <= 0)return ret;
(void)sigret;
(void)siglen;
switch(pkey->type){
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
case EVP_PKEY_RSA:
{
int nid = md2nid(ctx->macType);
@@ -782,6 +808,8 @@ WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *si
return wolfSSL_RSA_sign(nid, md, mdsize, sigret,
siglen, pkey->rsa);
}
#endif /* NO_RSA */
case EVP_PKEY_DSA:
case EVP_PKEY_EC:
WOLFSSL_MSG("not implemented");
@@ -819,13 +847,19 @@ WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize);
if(ret <= 0)return ret;
(void)sig;
(void)siglen;
switch(pkey->type){
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
case EVP_PKEY_RSA:{
int nid = md2nid(ctx->macType);
if(nid < 0)return 0;
return wolfSSL_RSA_verify(nid, md, mdsize, sig,
(unsigned int)siglen, pkey->rsa);
}
#endif /* NO_RSA */
case EVP_PKEY_DSA:
case EVP_PKEY_EC:
WOLFSSL_MSG("not implemented");

2
wolfcrypt/src/pkcs12.c
View File

@@ -1579,7 +1579,7 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name,
byte* certBuf = NULL;
word32 certBufSz;
byte* keyBuf;
word32 keyBufSz;
word32 keyBufSz = 0;
WOLFSSL_ENTER("wc_PKCS12_create()");

9
wolfcrypt/test/test.c
View File

@@ -10320,7 +10320,7 @@ int openssl_test(void)
int openSSL_evpMD_test(void)
{
#ifndef NO_SHA256
#if !defined(NO_SHA256) && !defined(NO_SHA)
int ret ;
WOLFSSL_EVP_MD_CTX* ctx;
WOLFSSL_EVP_MD_CTX* ctx2;
@@ -10389,6 +10389,7 @@ static void show(const char *title, const char *p, unsigned int s) {
#define ERR_BASE_PKEY -5000
int openssl_pkey0_test(void)
{
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
byte* prvTmp;
byte* pubTmp;
int prvBytes;
@@ -10410,9 +10411,6 @@ int openssl_pkey0_test(void)
char cliKey[] = "./certs/client-key.der";
char cliKeypub[] = "./certs/client-keyPub.der";
#endif
#ifdef WOLFSSL_TEST_CERT
DecodedCert cert;
#endif
prvTmp = (byte*)XMALLOC(FOURK_BUFF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -10572,6 +10570,7 @@ int openssl_pkey0_test(void)
EVP_PKEY_CTX_free(enc);
XFREE(prvTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* NO_RSA */
return 0;
@@ -10581,7 +10580,7 @@ int openssl_pkey0_test(void)
int openssl_evpSig_test()
{
#ifndef NO_RSA
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(HAVE_USER_RSA)
byte* prvTmp;
byte* pubTmp;
int prvBytes;

2
wolfssl/internal.h
View File

@@ -3024,6 +3024,7 @@ struct WOLFSSL_X509_NAME {
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
DecodedName fullName;
WOLFSSL_X509_NAME_ENTRY cnEntry;
WOLFSSL_X509_NAME_ENTRY extra[MAX_NAME_ENTRIES]; /* extra entries added */
WOLFSSL_X509* x509; /* x509 that struct belongs to */
#endif /* OPENSSL_EXTRA */
#ifdef WOLFSSL_NGINX
@@ -3047,6 +3048,7 @@ struct WOLFSSL_X509 {
int serialSz;
byte serial[EXTERNAL_SERIAL_SIZE];
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
char challengePw[CTC_NAME_SIZE]; /* for REQ certs */
#ifdef WOLFSSL_SEP
int deviceTypeSz;
byte deviceType[EXTERNAL_SERIAL_SIZE];

2
wolfssl/openssl/evp.h
View File

@@ -155,7 +155,7 @@ enum {
IDEA_CBC_TYPE = 19,
NID_sha1 = 64,
NID_sha224 = 65,
NID_md2 = 3,
NID_md2 = 77,
NID_md5 = 4,
NID_hmac = 855,
EVP_PKEY_HMAC = NID_hmac

2
wolfssl/openssl/rsa.h
View File

@@ -32,8 +32,10 @@
extern "C" {
#endif
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
#define RSA_PKCS1_PADDING WC_RSA_PKCSV15_PAD
#define RSA_PKCS1_OAEP_PADDING WC_RSA_OAEP_PAD
#endif
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_RSA WOLFSSL_RSA;

14
wolfssl/openssl/ssl.h
View File

@@ -58,6 +58,7 @@ typedef WOLFSSL_METHOD SSL_METHOD;
typedef WOLFSSL_CTX SSL_CTX;
typedef WOLFSSL_X509 X509;
typedef WOLFSSL_X509 X509_REQ;
typedef WOLFSSL_X509_NAME X509_NAME;
typedef WOLFSSL_X509_CHAIN X509_CHAIN;
@@ -321,6 +322,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
#define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
#define X509_NAME_ENTRY_free wolfSSL_X509_NAME_ENTRY_free
#define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID
#define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry
#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
@@ -558,6 +560,16 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define NID_commonName 0x03 /* matchs ASN_COMMON_NAME in asn.h */
/* matchs ASN_..._NAME in asn.h */
#define NID_commonName 0x03 /* CN */
#define NID_surname 0x04, /* SN */
#define NID_serialNumber 0x05, /* serialNumber */
#define NID_countryName 0x06, /* C */
#define NID_localityName 0x07, /* L */
#define NID_stateOrProvinceName 0x08, /* ST */
#define NID_organizationName 0x0a, /* O */
#define NID_organizationalUnitName 0x0b, /* OU */
/* NIDs */
enum {
NID_des = 66,
@@ -574,9 +586,9 @@ enum {
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_read_bio_DSAparams wolfSSL_PEM_read_bio_DSAparams
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define PEM_write_bio_X509_REQ wolfSSL_PEM_write_bio_X509_REQ
#define PEM_write_bio_X509_AUX wolfSSL_PEM_write_bio_X509_AUX
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#ifdef WOLFSSL_HAPROXY

11
wolfssl/ssl.h
View File

@@ -2391,9 +2391,9 @@ WOLFSSL_API long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt);
WOLFSSL_API long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt,void* pt);
#ifndef NO_CERTS
WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
WOLFSSL_X509_NAME_ENTRY** out, const char* field, int type,
const unsigned char* data, int dataSz);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
WOLFSSL_X509_NAME_ENTRY** out, int nid, int type,
unsigned char* data, int dataSz);
WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name,
WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
@@ -2450,7 +2450,7 @@ struct WOLFSSL_ASN1_BIT_STRING {
struct WOLFSSL_ASN1_STRING {
int length;
int type;
int type; /* type of string i.e. CTC_UTF8 */
char* data;
long flags;
};
@@ -2461,6 +2461,7 @@ struct WOLFSSL_X509_NAME_ENTRY {
WOLFSSL_ASN1_OBJECT* object; /* not defined yet */
WOLFSSL_ASN1_STRING data;
WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */
int nid; /* i.e. ASN_COMMON_NAME */
int set;
int size;
};
@@ -2470,6 +2471,8 @@ struct WOLFSSL_X509_NAME_ENTRY {
|| defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA)
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name);
WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x);
WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name);

6
wolfssl/wolfcrypt/asn.h
View File

@@ -103,7 +103,8 @@ enum DN_Tags {
ASN_LOCALITY_NAME = 0x07, /* L */
ASN_STATE_NAME = 0x08, /* ST */
ASN_ORG_NAME = 0x0a, /* O */
ASN_ORGUNIT_NAME = 0x0b /* OU */
ASN_ORGUNIT_NAME = 0x0b, /* OU */
ASN_EMAIL_NAME = 0x98 /* not oid number there is 97 in 2.5.4.0-97 */
};
enum PBES {
@@ -192,7 +193,8 @@ enum Misc_ASN {
MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
#endif
OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
MAX_NAME_ENTRIES = 5, /* extra entries added to x509 name struct */
OCSP_NONCE_EXT_SZ = 37, /* OCSP Nonce Extension size */
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */

1
wolfssl/wolfcrypt/types.h
View File

@@ -450,6 +450,7 @@
DYNAMIC_TYPE_SALT = 87,
DYNAMIC_TYPE_HASH_TMP = 88,
DYNAMIC_TYPE_BLOB = 89,
DYNAMIC_TYPE_NAME_ENTRY = 90,
};
/* max error buffer string size */