wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

save next status with OCSP response verify

Browse Source
This commit is contained in:
JacobBarthelmeh
2022-11-03 22:39:47 -07:00
parent cbbe6fec94
commit 8225d3642b
2 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/ocsp.c
View File

@ -362,7 +362,7 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
} }
/* Replace existing certificate entry with updated */ /* Replace existing certificate entry with updated */
newSingle->status->next = status->next; ocspResponse->single->status->next = status->next;
XMEMCPY(status, ocspResponse->single->status, sizeof(CertStatus)); XMEMCPY(status, ocspResponse->single->status, sizeof(CertStatus));
} }
else { else {

23
tests/api.c
View File

@ -1726,9 +1726,10 @@ static int test_wolfSSL_CheckOCSPResponse(void)
{ {
WOLFSSL_CERT_MANAGER* cm = NULL; WOLFSSL_CERT_MANAGER* cm = NULL;
OcspEntry *entry; OcspEntry *entry;
CertStatus status[1]; CertStatus* status;
OcspRequest* request; OcspRequest* request;
byte serial1[] = {0x01};
byte serial[] = {0x02}; byte serial[] = {0x02};
byte issuerHash[] = { byte issuerHash[] = {
@ -1746,6 +1747,10 @@ static int test_wolfSSL_CheckOCSPResponse(void)
DYNAMIC_TYPE_OPENSSL); DYNAMIC_TYPE_OPENSSL);
AssertNotNull(entry); AssertNotNull(entry);
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_OPENSSL);
AssertNotNull(status);
XMEMSET(entry, 0, sizeof(OcspEntry)); XMEMSET(entry, 0, sizeof(OcspEntry));
XMEMSET(status, 0, sizeof(CertStatus)); XMEMSET(status, 0, sizeof(CertStatus));
@ -1774,9 +1779,23 @@ static int test_wolfSSL_CheckOCSPResponse(void)
dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS); dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data, AssertIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS); dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
AssertNotNull(entry->status);
XMEMCPY(request->serial, serial1, sizeof(serial1));
AssertIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
/* store both status's in the entry to check that "next" is not
* overwritten */
status->next = entry->status;
entry->status = status;
XMEMCPY(request->serial, serial, sizeof(serial));
AssertIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
AssertNotNull(entry->status->next);
/* compare the status found */ /* compare the status found */
AssertNotNull(entry->status);
AssertIntEQ(status->serialSz, entry->status->serialSz); AssertIntEQ(status->serialSz, entry->status->serialSz);
AssertIntEQ(XMEMCMP(status->serial, entry->status->serial, AssertIntEQ(XMEMCMP(status->serial, entry->status->serial,
status->serialSz), 0); status->serialSz), 0);