From b5f4a0c00595ea40a43d7f518810a43d836a41c4 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 21 Oct 2021 16:42:19 -0700 Subject: [PATCH] Improve API unit test to use `X509_NAME_get_sz` and make it widely available. --- src/ssl.c | 17 ++++++++--------- tests/api.c | 12 +++++++----- wolfssl/openssl/ssl.h | 1 + wolfssl/ssl.h | 3 +-- 4 files changed, 17 insertions(+), 16 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index a257f74b0..b7e77c382 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -23238,6 +23238,14 @@ int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509) #if defined(OPENSSL_EXTRA_X509_SMALL) +int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME* name) +{ + WOLFSSL_ENTER("wolfSSL_X509_NAME_get_sz"); + if (!name) + return -1; + return name->sz; +} + /* Searches for the first ENTRY of type NID * idx is the location to start searching from, the value at when the entry was * found is stored into idx @@ -47356,15 +47364,6 @@ int wolfSSL_version(WOLFSSL* ssl) return WOLFSSL_FAILURE; } - -int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME* name) -{ - WOLFSSL_ENTER("wolfSSL_X509_NAME_get_sz"); - if(!name) - return -1; - return name->sz; -} - #ifdef HAVE_SNI int wolfSSL_set_tlsext_host_name(WOLFSSL* ssl, const char* host_name) { diff --git a/tests/api.c b/tests/api.c index 1e8d7aa62..f80ffa123 100644 --- a/tests/api.c +++ b/tests/api.c @@ -35247,6 +35247,7 @@ static void test_wolfSSL_X509_sign(void) defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) int ret; char *cn; + word32 cnSz; X509_NAME *name; X509 *x509, *ca; DecodedCert dCert; @@ -35370,9 +35371,9 @@ static void test_wolfSSL_X509_sign(void) AssertNotNull(ca = d2i_X509(NULL, &certIssuer, (int)certIssuerSz)); AssertNotNull(name = X509_get_subject_name(ca)); - cn = (char*)XMALLOC(name->sz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); - - AssertNotNull(cn = X509_NAME_oneline(name, cn, name->sz)); + cnSz = X509_NAME_get_sz(name); + AssertNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL)); + AssertNotNull(cn = X509_NAME_oneline(name, cn, cnSz)); AssertIntEQ(0, XSTRNCMP(cn, dCert.subject, XSTRLEN(cn))); XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); @@ -35391,8 +35392,9 @@ static void test_wolfSSL_X509_sign(void) AssertIntGT(X509_sign(x509, priv, EVP_sha256()), 0); AssertNotNull(name = X509_get_issuer_name(x509)); - cn = (char*)XMALLOC(name->sz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); - AssertNotNull(cn = X509_NAME_oneline(name, cn, name->sz)); + cnSz = X509_NAME_get_sz(name); + AssertNotNull(cn = (char*)XMALLOC(cnSz, HEAP_HINT, DYNAMIC_TYPE_OPENSSL)); + AssertNotNull(cn = X509_NAME_oneline(name, cn, cnSz)); /* compare and don't include the multi-attrib "/OU=OU1/OU=OU2" above */ AssertIntEQ(0, XSTRNCMP(cn, dCert.issuer, XSTRLEN(dCert.issuer))); XFREE(cn, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index ff9d4c1dc..b9459a873 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -550,6 +550,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_NAME_new wolfSSL_X509_NAME_new #define X509_NAME_free wolfSSL_X509_NAME_free #define X509_NAME_dup wolfSSL_X509_NAME_dup +#define X509_NAME_get_sz wolfSSL_X509_NAME_get_sz #define X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID #define X509_NAME_get_index_by_OBJ wolfSSL_X509_NAME_get_index_by_OBJ #define X509_NAME_cmp wolfSSL_X509_NAME_cmp diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index af68f748e..e2b7d1169 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1707,6 +1707,7 @@ WOLFSSL_API int wolfSSL_X509_sign_ctx(WOLFSSL_X509 *x509, WOLFSSL_EVP_MD_CTX *ct WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); +WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( WOLFSSL_X509_NAME*, int, char*, int); WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( @@ -4343,8 +4344,6 @@ WOLFSSL_API int wolfSSL_SESSION_set_ex_data_with_cleanup( WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*, CRYPTO_free_func*); -WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*); - WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, unsigned int*);