mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-09 23:50:50 +02:00
Time-Stamp Protocol (RFC 3161)
Implementation in wolfCrypt OpenSSL compatibility layer in wolfSSL Added tests, certificates, examples.
This commit is contained in:
@@ -25,6 +25,7 @@ EXTRA_DIST += src/ssl_api_dtls.c
|
||||
EXTRA_DIST += src/ssl_api_ext.c
|
||||
EXTRA_DIST += src/ssl_api_pk.c
|
||||
EXTRA_DIST += src/ssl_asn1.c
|
||||
EXTRA_DIST += src/ssl_tsp.c
|
||||
EXTRA_DIST += src/ssl_bn.c
|
||||
EXTRA_DIST += src/ssl_certman.c
|
||||
EXTRA_DIST += src/ssl_crypto.c
|
||||
@@ -2241,6 +2242,10 @@ if BUILD_PKCS7
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/pkcs7.c
|
||||
endif
|
||||
|
||||
if BUILD_TSP
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/tsp.c
|
||||
endif
|
||||
|
||||
if BUILD_SRP
|
||||
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/srp.c
|
||||
endif
|
||||
|
||||
@@ -455,6 +455,9 @@ WC_RNG* wolfssl_make_rng(WC_RNG* rng, int* local)
|
||||
#include "src/ssl_asn1.c"
|
||||
#endif /* OPENSSL_EXTRA_NO_ASN1 */
|
||||
|
||||
#define WOLFSSL_SSL_TSP_INCLUDED
|
||||
#include "src/ssl_tsp.c"
|
||||
|
||||
#define WOLFSSL_PK_INCLUDED
|
||||
#include "src/pk.c"
|
||||
|
||||
|
||||
@@ -758,6 +758,44 @@ void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING* bitStr)
|
||||
XFREE(bitStr, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
||||
/* Copy data into an ASN.1 BIT_STRING object.
|
||||
*
|
||||
* Any existing data is disposed of and a copy of the supplied data is made.
|
||||
*
|
||||
* @param [in, out] bitStr ASN.1 BIT_STRING object.
|
||||
* @param [in] data Data to copy in. May be NULL when len is 0.
|
||||
* @param [in] len Length of data in bytes.
|
||||
* @return 1 on success.
|
||||
* @return 0 when bitStr is NULL, len is negative, data is NULL with a
|
||||
* positive length, or dynamic memory allocation fails.
|
||||
*/
|
||||
int wolfSSL_ASN1_BIT_STRING_set1(WOLFSSL_ASN1_BIT_STRING* bitStr,
|
||||
const unsigned char* data, int len)
|
||||
{
|
||||
byte* tmp = NULL;
|
||||
|
||||
/* Validate parameters. */
|
||||
if ((bitStr == NULL) || (len < 0) || ((data == NULL) && (len > 0))) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Make a copy of the data when there is any. */
|
||||
if (len > 0) {
|
||||
tmp = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
if (tmp == NULL) {
|
||||
return 0;
|
||||
}
|
||||
XMEMCPY(tmp, data, (size_t)len);
|
||||
}
|
||||
|
||||
/* Dispose of any old data and store the copy. */
|
||||
XFREE(bitStr->data, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
bitStr->data = tmp;
|
||||
bitStr->length = len;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Get the value of the bit from the ASN.1 BIT_STRING at specified index.
|
||||
*
|
||||
* A NULL object a value of 0 for the bit at all indices.
|
||||
@@ -1134,6 +1172,59 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TSP) && defined(HAVE_PKCS7) && \
|
||||
defined(WOLFSSL_TSP_VERIFIER)
|
||||
/* Create an ASN.1 INTEGER object holding a big-endian number in DER form.
|
||||
*
|
||||
* The data is the ASN.1 type and length followed by the number as supplied.
|
||||
*
|
||||
* @param [in] val Big-endian encoding of number.
|
||||
* @param [in] len Length of number in bytes.
|
||||
* @return ASN.1 INTEGER object on success.
|
||||
* @return NULL on failure.
|
||||
*/
|
||||
static WOLFSSL_ASN1_INTEGER* wolfssl_asn1_integer_new_buf(
|
||||
const unsigned char* val, word32 len)
|
||||
{
|
||||
WOLFSSL_ASN1_INTEGER* a;
|
||||
word32 pad;
|
||||
word32 hdrSz;
|
||||
word32 i = 0;
|
||||
|
||||
/* Defensive: all current callers pass a non-NULL, non-empty magnitude, but
|
||||
* this is a shared helper. A NULL val is dereferenced below and a zero
|
||||
* length would build a non-canonical empty INTEGER (02 00). */
|
||||
if ((val == NULL) || (len == 0))
|
||||
return NULL;
|
||||
|
||||
/* Pad with a leading 0x00 when the top bit is set so the DER INTEGER stays
|
||||
* positive - the wc layer supplies the magnitude without this pad. */
|
||||
pad = (val[0] & 0x80) ? 1 : 0;
|
||||
hdrSz = 1 + SetLength(len + pad, NULL);
|
||||
|
||||
a = wolfSSL_ASN1_INTEGER_new();
|
||||
if (a == NULL)
|
||||
return NULL;
|
||||
|
||||
/* Make sure there is space for the data, pad, ASN.1 type and length. */
|
||||
if (wolfssl_asn1_integer_require_len(a, (int)(len + pad + hdrSz), 0) != 1) {
|
||||
wolfSSL_ASN1_INTEGER_free(a);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
a->data[i++] = ASN_INTEGER;
|
||||
i += SetLength(len + pad, a->data + i);
|
||||
if (pad == 1) {
|
||||
a->data[i++] = 0x00;
|
||||
}
|
||||
XMEMCPY(a->data + i, val, len);
|
||||
a->length = (int)(len + i);
|
||||
a->type = WOLFSSL_V_ASN1_INTEGER;
|
||||
|
||||
return a;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA && WOLFSSL_TSP && HAVE_PKCS7 && WOLFSSL_TSP_VERIFIER */
|
||||
|
||||
/* Duplicate the ASN.1 INTEGER object into a newly allocated one.
|
||||
*
|
||||
* @param [in] src ASN.1 INTEGER object to copy.
|
||||
|
||||
+2420
File diff suppressed because it is too large
Load Diff
+1
-1
@@ -3704,7 +3704,7 @@ static int wolfSSL_ASN1_STRING_into_old_ext_fmt(WOLFSSL_ASN1_STRING *asn1str,
|
||||
|
||||
ret = DecodeExtKeyUsage((const byte*)asn1str->data, asn1str->length,
|
||||
&extExtKeyUsageSrc, &extExtKeyUsageSz, &extExtKeyUsageCount,
|
||||
&extExtKeyUsage, &extExtKeyUsageSsh);
|
||||
&extExtKeyUsage, &extExtKeyUsageSsh, NULL);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user