Time-Stamp Protocol (RFC 3161)

Implementation in wolfCrypt
OpenSSL compatibility layer in wolfSSL
Added tests, certificates, examples.
This commit is contained in:
Sean Parkinson
2026-06-25 21:59:57 +10:00
parent 0ecc0c5973
commit ae023a5643
73 changed files with 18311 additions and 27 deletions
+5
View File
@@ -25,6 +25,7 @@ EXTRA_DIST += src/ssl_api_dtls.c
EXTRA_DIST += src/ssl_api_ext.c
EXTRA_DIST += src/ssl_api_pk.c
EXTRA_DIST += src/ssl_asn1.c
EXTRA_DIST += src/ssl_tsp.c
EXTRA_DIST += src/ssl_bn.c
EXTRA_DIST += src/ssl_certman.c
EXTRA_DIST += src/ssl_crypto.c
@@ -2241,6 +2242,10 @@ if BUILD_PKCS7
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/pkcs7.c
endif
if BUILD_TSP
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/tsp.c
endif
if BUILD_SRP
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/srp.c
endif
+3
View File
@@ -455,6 +455,9 @@ WC_RNG* wolfssl_make_rng(WC_RNG* rng, int* local)
#include "src/ssl_asn1.c"
#endif /* OPENSSL_EXTRA_NO_ASN1 */
#define WOLFSSL_SSL_TSP_INCLUDED
#include "src/ssl_tsp.c"
#define WOLFSSL_PK_INCLUDED
#include "src/pk.c"
+91
View File
@@ -758,6 +758,44 @@ void wolfSSL_ASN1_BIT_STRING_free(WOLFSSL_ASN1_BIT_STRING* bitStr)
XFREE(bitStr, NULL, DYNAMIC_TYPE_OPENSSL);
}
/* Copy data into an ASN.1 BIT_STRING object.
*
* Any existing data is disposed of and a copy of the supplied data is made.
*
* @param [in, out] bitStr ASN.1 BIT_STRING object.
* @param [in] data Data to copy in. May be NULL when len is 0.
* @param [in] len Length of data in bytes.
* @return 1 on success.
* @return 0 when bitStr is NULL, len is negative, data is NULL with a
* positive length, or dynamic memory allocation fails.
*/
int wolfSSL_ASN1_BIT_STRING_set1(WOLFSSL_ASN1_BIT_STRING* bitStr,
const unsigned char* data, int len)
{
byte* tmp = NULL;
/* Validate parameters. */
if ((bitStr == NULL) || (len < 0) || ((data == NULL) && (len > 0))) {
return 0;
}
/* Make a copy of the data when there is any. */
if (len > 0) {
tmp = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL);
if (tmp == NULL) {
return 0;
}
XMEMCPY(tmp, data, (size_t)len);
}
/* Dispose of any old data and store the copy. */
XFREE(bitStr->data, NULL, DYNAMIC_TYPE_OPENSSL);
bitStr->data = tmp;
bitStr->length = len;
return 1;
}
/* Get the value of the bit from the ASN.1 BIT_STRING at specified index.
*
* A NULL object a value of 0 for the bit at all indices.
@@ -1134,6 +1172,59 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
return ret;
}
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_TSP) && defined(HAVE_PKCS7) && \
defined(WOLFSSL_TSP_VERIFIER)
/* Create an ASN.1 INTEGER object holding a big-endian number in DER form.
*
* The data is the ASN.1 type and length followed by the number as supplied.
*
* @param [in] val Big-endian encoding of number.
* @param [in] len Length of number in bytes.
* @return ASN.1 INTEGER object on success.
* @return NULL on failure.
*/
static WOLFSSL_ASN1_INTEGER* wolfssl_asn1_integer_new_buf(
const unsigned char* val, word32 len)
{
WOLFSSL_ASN1_INTEGER* a;
word32 pad;
word32 hdrSz;
word32 i = 0;
/* Defensive: all current callers pass a non-NULL, non-empty magnitude, but
* this is a shared helper. A NULL val is dereferenced below and a zero
* length would build a non-canonical empty INTEGER (02 00). */
if ((val == NULL) || (len == 0))
return NULL;
/* Pad with a leading 0x00 when the top bit is set so the DER INTEGER stays
* positive - the wc layer supplies the magnitude without this pad. */
pad = (val[0] & 0x80) ? 1 : 0;
hdrSz = 1 + SetLength(len + pad, NULL);
a = wolfSSL_ASN1_INTEGER_new();
if (a == NULL)
return NULL;
/* Make sure there is space for the data, pad, ASN.1 type and length. */
if (wolfssl_asn1_integer_require_len(a, (int)(len + pad + hdrSz), 0) != 1) {
wolfSSL_ASN1_INTEGER_free(a);
return NULL;
}
a->data[i++] = ASN_INTEGER;
i += SetLength(len + pad, a->data + i);
if (pad == 1) {
a->data[i++] = 0x00;
}
XMEMCPY(a->data + i, val, len);
a->length = (int)(len + i);
a->type = WOLFSSL_V_ASN1_INTEGER;
return a;
}
#endif /* OPENSSL_EXTRA && WOLFSSL_TSP && HAVE_PKCS7 && WOLFSSL_TSP_VERIFIER */
/* Duplicate the ASN.1 INTEGER object into a newly allocated one.
*
* @param [in] src ASN.1 INTEGER object to copy.
+2420
View File
File diff suppressed because it is too large Load Diff
+1 -1
View File
@@ -3704,7 +3704,7 @@ static int wolfSSL_ASN1_STRING_into_old_ext_fmt(WOLFSSL_ASN1_STRING *asn1str,
ret = DecodeExtKeyUsage((const byte*)asn1str->data, asn1str->length,
&extExtKeyUsageSrc, &extExtKeyUsageSz, &extExtKeyUsageCount,
&extExtKeyUsage, &extExtKeyUsageSsh);
&extExtKeyUsage, &extExtKeyUsageSsh, NULL);
if (ret != 0)
return ret;