mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-03 20:54:41 +02:00
function additions and fixes for expansion of wolfCLU
This commit is contained in:
Jacob Barthelmeh
101
src/ssl.c
101
src/ssl.c
@@ -9548,6 +9548,18 @@ int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex)
|
||||
return ex->crit;
|
||||
}
|
||||
|
||||
/* Sets if the extension is critical
|
||||
* returns WOLFSSL_SUCCESS on success
|
||||
*/
|
||||
int wolfSSL_X509_EXTENSION_set_critical(WOLFSSL_X509_EXTENSION* ex, int crit)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_X509_EXTENSION_set_critical");
|
||||
if (ex == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
ex->crit = crit;
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
/* Creates v3_ext_method for a given X509v3 extension
|
||||
*
|
||||
* ex : The X509_EXTENSION used to create v3_ext_method. If the extension is
|
||||
@@ -10774,6 +10786,13 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
|
||||
else {
|
||||
ext->value.data = ext->value.strData;
|
||||
}
|
||||
|
||||
ext->obj = wolfSSL_ASN1_OBJECT_new();
|
||||
if (!(ext->obj = wolfSSL_OBJ_nid2obj(nid))) {
|
||||
WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new failed");
|
||||
goto err_cleanup;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
case NID_subject_alt_name:
|
||||
@@ -10829,6 +10848,13 @@ WOLFSSL_X509_EXTENSION *wolfSSL_X509V3_EXT_i2d(int nid, int crit,
|
||||
goto err_cleanup;
|
||||
}
|
||||
ext->value.type = akey->keyid->type;
|
||||
|
||||
ext->obj = wolfSSL_ASN1_OBJECT_new();
|
||||
if (!(ext->obj = wolfSSL_OBJ_nid2obj(nid))) {
|
||||
WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_new failed");
|
||||
goto err_cleanup;
|
||||
}
|
||||
|
||||
}
|
||||
else if (akey->issuer) {
|
||||
ext->obj = wolfSSL_ASN1_OBJECT_dup(akey->issuer);
|
||||
@@ -10882,6 +10908,28 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object \
|
||||
return NULL;
|
||||
return ext->obj;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* duplicates the 'obj' input and sets it into the 'ext' structure
|
||||
* returns WOLFSSL_SUCCESS on success
|
||||
*/
|
||||
int wolfSSL_X509_EXTENSION_set_object(WOLFSSL_X509_EXTENSION* ext,
|
||||
const WOLFSSL_ASN1_OBJECT* obj)
|
||||
{
|
||||
WOLFSSL_ASN1_OBJECT *current;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_X509_EXTENSION_set_object");
|
||||
if (ext == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
|
||||
current = wolfSSL_X509_EXTENSION_get_object(ext);
|
||||
if (current != NULL) {
|
||||
wolfSSL_ASN1_OBJECT_free(current);
|
||||
}
|
||||
ext->obj = wolfSSL_ASN1_OBJECT_dup((WOLFSSL_ASN1_OBJECT*)obj);
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
#endif /* OPENSSL_ALL */
|
||||
|
||||
/* Returns pointer to ASN1_STRING in X509_EXTENSION object */
|
||||
@@ -10893,6 +10941,27 @@ WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data(WOLFSSL_X509_EXTENSION* ext
|
||||
return &ext->value;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Creates a duplicate of input 'data' and sets it into 'ext' structure
|
||||
* returns WOLFSSL_SUCCESS on success
|
||||
*/
|
||||
int wolfSSL_X509_EXTENSION_set_data(WOLFSSL_X509_EXTENSION* ext,
|
||||
WOLFSSL_ASN1_STRING* data)
|
||||
{
|
||||
WOLFSSL_ASN1_STRING* current;
|
||||
|
||||
if (ext == NULL || data == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
|
||||
current = wolfSSL_X509_EXTENSION_get_data(ext);
|
||||
if (current != NULL) {
|
||||
wolfSSL_ASN1_STRING_free(current);
|
||||
}
|
||||
wolfSSL_ASN1_STRING_copy(&ext->value, data);
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
#if !defined(NO_PWDBASED)
|
||||
int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest,
|
||||
unsigned char* buf, unsigned int* len)
|
||||
@@ -40918,10 +40987,13 @@ cleanup:
|
||||
WC_RNG rng;
|
||||
|
||||
(void)req;
|
||||
WOLFSSL_ENTER("wolfSSL_X509_resign_cert");
|
||||
|
||||
sigType = wolfSSL_sigTypeFromPKEY(md, pkey);
|
||||
if (sigType == WOLFSSL_FAILURE)
|
||||
if (sigType == WOLFSSL_FAILURE) {
|
||||
WOLFSSL_MSG("Error getting signature type from pkey");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
|
||||
/* Get the private key object and type from pkey. */
|
||||
@@ -40944,8 +41016,10 @@ cleanup:
|
||||
return ret;
|
||||
ret = wc_SignCert_ex(certBodySz, sigType, der, derSz, type, key, &rng);
|
||||
wc_FreeRng(&rng);
|
||||
if (ret < 0)
|
||||
if (ret < 0) {
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_resign_cert", ret);
|
||||
return ret;
|
||||
}
|
||||
derSz = ret;
|
||||
|
||||
/* Extract signature from buffer */
|
||||
@@ -45187,6 +45261,19 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** out,
|
||||
}
|
||||
XMEMCPY(pkey->pkey.ptr, mem, keyIdx);
|
||||
pkey->type = EVP_PKEY_EC;
|
||||
|
||||
pkey->ownEcc = 1;
|
||||
pkey->ecc = wolfSSL_EC_KEY_new();
|
||||
if (pkey->ecc == NULL) {
|
||||
wolfSSL_EVP_PKEY_free(pkey);
|
||||
return NULL;
|
||||
}
|
||||
if (wolfSSL_EC_KEY_LoadDer(pkey->ecc,
|
||||
(const unsigned char*)pkey->pkey.ptr, pkey->pkey_sz)
|
||||
!= WOLFSSL_SUCCESS) {
|
||||
wolfSSL_EVP_PKEY_free(pkey);
|
||||
return NULL;
|
||||
}
|
||||
if (out != NULL) {
|
||||
*out = pkey;
|
||||
}
|
||||
@@ -53354,15 +53441,21 @@ void wolfSSL_X509_REQ_free(WOLFSSL_X509* req)
|
||||
int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey,
|
||||
const WOLFSSL_EVP_MD *md)
|
||||
{
|
||||
int ret;
|
||||
byte der[2048];
|
||||
int derSz = sizeof(der);
|
||||
|
||||
if (req == NULL || pkey == NULL || md == NULL)
|
||||
if (req == NULL || pkey == NULL || md == NULL) {
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_REQ_sign", BAD_FUNC_ARG);
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
/* Create a Cert that has the certificate request fields. */
|
||||
req->sigOID = wolfSSL_sigTypeFromPKEY((WOLFSSL_EVP_MD*)md, pkey);
|
||||
if (wolfssl_x509_make_der(req, 1, der, &derSz, 0) != WOLFSSL_SUCCESS) {
|
||||
if ((ret = wolfssl_x509_make_der(req, 1, der, &derSz, 0))
|
||||
!= WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("Unable to make DER for X509");
|
||||
WOLFSSL_LEAVE("wolfSSL_X509_REQ_sign", ret);
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
@@ -1619,6 +1619,7 @@ WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(
|
||||
WOLFSSL_API unsigned long wolfSSL_X509_subject_name_hash(const WOLFSSL_X509* x509);
|
||||
WOLFSSL_API int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int);
|
||||
WOLFSSL_API int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int);
|
||||
WOLFSSL_API int wolfSSL_X509_EXTENSION_set_critical(WOLFSSL_X509_EXTENSION*, int);
|
||||
WOLFSSL_API int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*);
|
||||
WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*);
|
||||
@@ -3856,7 +3857,11 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_x509_ext(void);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_X509_EXTENSION_get_object(WOLFSSL_X509_EXTENSION* ext);
|
||||
WOLFSSL_API int wolfSSL_X509_EXTENSION_set_object(WOLFSSL_X509_EXTENSION* ext,
|
||||
const WOLFSSL_ASN1_OBJECT* obj);
|
||||
WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data(WOLFSSL_X509_EXTENSION* ext);
|
||||
WOLFSSL_API int wolfSSL_X509_EXTENSION_set_data(WOLFSSL_X509_EXTENSION* ext,
|
||||
WOLFSSL_ASN1_STRING* data);
|
||||
#endif /* !NO_CERTS */
|
||||
|
||||
WOLFSSL_API WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
|
||||
|
||||
Reference in New Issue
Block a user