wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Different configuration fixes

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2020-01-15 20:42:19 +01:00
parent 480227704d
commit b58f26945d
5 changed files with 106 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
src/ssl.c
View File

@@ -24201,9 +24201,6 @@ int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void) WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
{ {
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
WOLFSSL_STACK* sk;
#endif
WOLFSSL_X509_STORE* store = NULL; WOLFSSL_X509_STORE* store = NULL;
WOLFSSL_ENTER("SSL_X509_STORE_new"); WOLFSSL_ENTER("SSL_X509_STORE_new");
@@ -32137,6 +32134,7 @@ int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key)
} }
#endif /* WOLFSSL_QT || OPENSSL_ALL */ #endif /* WOLFSSL_QT || OPENSSL_ALL */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
/* try and populate public pkey_sz and pkey.ptr */ /* try and populate public pkey_sz and pkey.ptr */
static void ECC_populate_EVP_PKEY(EVP_PKEY* pkey, ecc_key* ecc) static void ECC_populate_EVP_PKEY(EVP_PKEY* pkey, ecc_key* ecc)
{ {
@@ -32171,8 +32169,12 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_
if (pkey->rsa != NULL && pkey->ownRsa == 1) { if (pkey->rsa != NULL && pkey->ownRsa == 1) {
wolfSSL_RSA_free(pkey->rsa); wolfSSL_RSA_free(pkey->rsa);
} }
if (pkey->ecc != NULL && pkey->ownEcc == 1) {
wolfSSL_EC_KEY_free(pkey->ecc);
}
pkey->ecc = key; pkey->ecc = key;
pkey->ownEcc = 0; /* pkey does not own EC key */ pkey->ownEcc = 0; /* pkey does not own EC key */
pkey->ownRsa = 0;
pkey->type = EVP_PKEY_EC; pkey->type = EVP_PKEY_EC;
ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal); ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
@@ -32201,7 +32203,21 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
return NULL; return NULL;
} }
int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
{
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
/* try and populate public pkey_sz and pkey.ptr */
ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
return WOLFSSL_SUCCESS;
}
#endif /* OPENSSL_EXTRA || HAVE_ECC */
int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx) int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx)
{ {
@@ -32603,17 +32619,17 @@ static int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher,
} }
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_PEM_TO_DER */ #endif /* WOLFSSL_KEY_GEN || WOLFSSL_PEM_TO_DER */
#ifndef NO_RSA #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey) static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey)
{ {
int derMax = 0; int derMax = 0;
int derSz = 0; int derSz = 0;
byte* derBuf; byte* derBuf;
WOLFSSL_ENTER("wc_RsaKeyToDer"); WOLFSSL_ENTER("wolfSSL_RSA_To_Der");
if (!rsa || !outBuf || (publicKey != 0 && publicKey != 1)) { if (!rsa || !outBuf || (publicKey != 0 && publicKey != 1)) {
WOLFSSL_LEAVE("wc_RsaKeyToDer", BAD_FUNC_ARG); WOLFSSL_LEAVE("wolfSSL_RSA_To_Der", BAD_FUNC_ARG);
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
/* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional /* 5 > size of n, d, p, q, d%(p-1), d(q-1), 1/q%p, e + ASN.1 additional
@@ -32623,7 +32639,7 @@ static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey)
derBuf = (byte*)XMALLOC(derMax, NULL, DYNAMIC_TYPE_TMP_BUFFER); derBuf = (byte*)XMALLOC(derMax, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (derBuf == NULL) { if (derBuf == NULL) {
WOLFSSL_MSG("malloc failed"); WOLFSSL_MSG("malloc failed");
WOLFSSL_LEAVE("wc_RsaKeyToDer", MEMORY_ERROR); WOLFSSL_LEAVE("wolfSSL_RSA_To_Der", MEMORY_ERROR);
return MEMORY_ERROR; return MEMORY_ERROR;
} }
/* Key to DER */ /* Key to DER */
@@ -32648,7 +32664,7 @@ static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey)
} }
} }
WOLFSSL_LEAVE("wc_RsaKeyToDer", derSz); WOLFSSL_LEAVE("wolfSSL_RSA_To_Der", derSz);
return derSz; return derSz;
} }
#endif #endif
@@ -33475,6 +33491,34 @@ int wolfSSL_EVP_PKEY_set1_EC_KEY(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_EC_KEY *key)
} }
#endif /* WOLFSSL_QT || OPENSSL_ALL */ #endif /* WOLFSSL_QT || OPENSSL_ALL */
typedef struct {
const char *name;
int nid;
} WOLF_EC_NIST_NAME;
static const WOLF_EC_NIST_NAME kNistCurves[] = {
{"P-192", NID_X9_62_prime192v1},
{"P-256", NID_X9_62_prime256v1},
{"P-112", NID_secp112r1},
{"P-112-2", NID_secp112r2},
{"P-128", NID_secp128r1},
{"P-128-2", NID_secp128r2},
{"P-160", NID_secp160r1},
{"P-160-2", NID_secp160r2},
{"P-224", NID_secp224r1},
{"P-384", NID_secp384r1},
{"P-521", NID_secp521r1},
{"K-160", NID_secp160k1},
{"K-192", NID_secp192k1},
{"K-224", NID_secp224k1},
{"K-256", NID_secp256k1},
{"B-160", NID_brainpoolP160r1},
{"B-192", NID_brainpoolP192r1},
{"B-224", NID_brainpoolP224r1},
{"B-256", NID_brainpoolP256r1},
{"B-320", NID_brainpoolP320r1},
{"B-384", NID_brainpoolP384r1},
{"B-512", NID_brainpoolP512r1},
};
const char* wolfSSL_EC_curve_nid2nist(int nid) const char* wolfSSL_EC_curve_nid2nist(int nid)
{ {
const WOLF_EC_NIST_NAME* nist_name; const WOLF_EC_NIST_NAME* nist_name;
@@ -36709,6 +36753,7 @@ void wolfSSL_RSA_set_flags(WOLFSSL_RSA *r, int flags)
} }
} }
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
WOLFSSL_RSA* wolfSSL_RSAPublicKey_dup(WOLFSSL_RSA *rsa) WOLFSSL_RSA* wolfSSL_RSAPublicKey_dup(WOLFSSL_RSA *rsa)
{ {
int derSz = 0; int derSz = 0;
@@ -36741,6 +36786,7 @@ WOLFSSL_RSA* wolfSSL_RSAPublicKey_dup(WOLFSSL_RSA *rsa)
XFREE(derBuf, NULL, DYNAMIC_TYPE_ASN1); XFREE(derBuf, NULL, DYNAMIC_TYPE_ASN1);
return local; return local;
} }
#endif
void* wolfSSL_RSA_get_ex_data(const WOLFSSL_RSA *rsa, int idx) void* wolfSSL_RSA_get_ex_data(const WOLFSSL_RSA *rsa, int idx)
{ {
@@ -48058,23 +48104,6 @@ WOLFSSL_RSA* wolfSSL_RSA_new(void)
} }
#endif /* !NO_RSA && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */ #endif /* !NO_RSA && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
{
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
/* try and populate public pkey_sz and pkey.ptr */
ECC_populate_EVP_PKEY(pkey, (ecc_key*)key->internal);
return WOLFSSL_SUCCESS;
}
#endif
#if defined(OPENSSL_EXTRA) && !defined(NO_DSA) #if defined(OPENSSL_EXTRA) && !defined(NO_DSA)
int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key) int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key)
{ {

7
tests/api.c
View File

@@ -5034,9 +5034,14 @@ static void test_wolfSSL_PKCS8(void)
/* Test using a PKCS8 ECC PEM */ /* Test using a PKCS8 ECC PEM */
AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
#else
#ifdef OPENSSL_EXTRA
AssertIntGT((bytes = wc_KeyPemToDer(buffer, bytes, der,
(word32)sizeof(der), NULL)), 0);
#else #else
AssertIntEQ((bytes = wc_KeyPemToDer(buffer, bytes, der, AssertIntEQ((bytes = wc_KeyPemToDer(buffer, bytes, der,
(word32)sizeof(der), NULL)), ASN_NO_PEM_HEADER); (word32)sizeof(der), NULL)), ASN_NO_PEM_HEADER);
#endif
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
wolfSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
@@ -19964,8 +19969,10 @@ static void test_wolfSSL_PEM_RSAPrivateKey(void)
AssertNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL))); AssertNotNull((rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL)));
AssertIntEQ(RSA_size(rsa), 256); AssertIntEQ(RSA_size(rsa), 256);
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
AssertNotNull(rsa_dup = RSAPublicKey_dup(rsa)); AssertNotNull(rsa_dup = RSAPublicKey_dup(rsa));
AssertPtrNE(rsa_dup, rsa); AssertPtrNE(rsa_dup, rsa);
#endif
/* test if valgrind complains about unreleased memory */ /* test if valgrind complains about unreleased memory */
RSA_up_ref(rsa); RSA_up_ref(rsa);

41
wolfssl/openssl/rsa.h
View File

@@ -26,6 +26,7 @@
#define WOLFSSL_RSA_H_ #define WOLFSSL_RSA_H_
#include <wolfssl/openssl/bn.h> #include <wolfssl/openssl/bn.h>
#include <wolfssl/wolfcrypt/types.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@@ -47,18 +48,44 @@
#define RSA_FLAG_NO_BLINDING (1 << 7) #define RSA_FLAG_NO_BLINDING (1 << 7)
#define RSA_FLAG_NO_CONSTTIME (1 << 8) #define RSA_FLAG_NO_CONSTTIME (1 << 8)
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
#define WOLFSSL_RSA_TYPE_DEFINED
#endif
typedef WOLFSSL_RSA RSA;
typedef struct WOLFSSL_RSA_METHOD { typedef struct WOLFSSL_RSA_METHOD {
int flags; int flags;
char *name; char *name;
} WOLFSSL_RSA_METHOD; } WOLFSSL_RSA_METHOD;
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
#define WOLFSSL_RSA_TYPE_DEFINED
typedef struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
WOLFSSL_BIGNUM* n;
WOLFSSL_BIGNUM* e;
WOLFSSL_BIGNUM* d;
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* dmp1; /* dP */
WOLFSSL_BIGNUM* dmq1; /* dQ */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
char ownRng; /* flag for if the rng should be free'd */
#if defined(OPENSSL_EXTRA)
WOLFSSL_RSA_METHOD* meth;
#endif
#if defined(HAVE_EX_DATA)
WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
wolfSSL_Mutex refMutex; /* ref count mutex */
int refCount; /* reference count */
#endif
} WOLFSSL_RSA;
#endif
typedef WOLFSSL_RSA RSA;
typedef WOLFSSL_RSA_METHOD RSA_METHOD; typedef WOLFSSL_RSA_METHOD RSA_METHOD;
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void); WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);

36
wolfssl/ssl.h
View File

@@ -34,6 +34,7 @@
#include <wolfssl/version.h> #include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/asn_public.h> #include <wolfssl/wolfcrypt/asn_public.h>
#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_WOLF_EVENT #ifdef HAVE_WOLF_EVENT
#include <wolfssl/wolfcrypt/wolfevent.h> #include <wolfssl/wolfcrypt/wolfevent.h>
@@ -455,12 +456,6 @@ struct WOLFSSL_BIO_METHOD {
typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg, typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg,
int iarg, long larg, long return_value); int iarg, long larg, long return_value);
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
typedef struct WOLFSSL_CRYPTO_EX_DATA {
void* ex_data[MAX_EX_DATA];
} WOLFSSL_CRYPTO_EX_DATA;
#endif
struct WOLFSSL_BIO { struct WOLFSSL_BIO {
WOLFSSL_BUF_MEM* mem_buf; WOLFSSL_BUF_MEM* mem_buf;
WOLFSSL_BIO_METHOD* method; WOLFSSL_BIO_METHOD* method;
@@ -487,35 +482,6 @@ struct WOLFSSL_BIO {
#endif #endif
}; };
struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
WOLFSSL_BIGNUM* n;
WOLFSSL_BIGNUM* e;
WOLFSSL_BIGNUM* d;
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* dmp1; /* dP */
WOLFSSL_BIGNUM* dmq1; /* dQ */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
char ownRng; /* flag for if the rng should be free'd */
#if defined(OPENSSL_EXTRA)
WOLFSSL_RSA_METHOD* meth;
#endif
#if defined(HAVE_EX_DATA)
WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
wolfSSL_Mutex refMutex; /* ref count mutex */
int refCount; /* reference count */
#endif
};
typedef struct WOLFSSL_COMP_METHOD { typedef struct WOLFSSL_COMP_METHOD {
int type; /* stunnel dereference */ int type; /* stunnel dereference */
} WOLFSSL_COMP_METHOD; } WOLFSSL_COMP_METHOD;

10
wolfssl/wolfcrypt/types.h
View File

@@ -37,6 +37,16 @@
#define WOLFSSL_ABI #define WOLFSSL_ABI
/* Tag for all the APIs that are a part of the fixed ABI. */ /* Tag for all the APIs that are a part of the fixed ABI. */
/*
* This struct is used multiple time by other structs and
* needs to be defined somwhere that all structs can import
* (with minimal depencencies).
*/
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
typedef struct WOLFSSL_CRYPTO_EX_DATA {
void* ex_data[MAX_EX_DATA];
} WOLFSSL_CRYPTO_EX_DATA;
#endif
#if defined(WORDS_BIGENDIAN) #if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER #define BIG_ENDIAN_ORDER