mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-11 01:30:53 +02:00
Fixes from review
This commit is contained in:
@@ -16095,6 +16095,78 @@ int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
|
||||
*/
|
||||
int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
|
||||
|
||||
/*!
|
||||
\ingroup Setup
|
||||
\brief Pin a DER-encoded SubjectPublicKeyInfo that the peer is expected to
|
||||
present as a Raw Public Key (RFC 7250), establishing out-of-band trust on the
|
||||
WOLFSSL_CTX object. An unauthenticated RPK peer is otherwise rejected: when the
|
||||
peer is being authenticated (any verify mode other than WOLFSSL_VERIFY_NONE)
|
||||
the handshake fails closed unless the presented key matches a pin (or a verify
|
||||
callback accepts it). May be called more than once to pin several keys, up to
|
||||
WOLFSSL_MAX_RPK_PINS. The key is stored as its SHA-256 digest, so this API
|
||||
requires SHA-256. Pins are append-only for the lifetime of the CTX.
|
||||
|
||||
\return WOLFSSL_SUCCESS on success
|
||||
\return BAD_FUNC_ARG if ctx or spki is NULL, or spkiSz is 0
|
||||
\return BUFFER_E if the pin table is already full (WOLFSSL_MAX_RPK_PINS)
|
||||
\return other negative error code on a hashing failure
|
||||
|
||||
\param ctx WOLFSSL_CTX object pointer
|
||||
\param spki DER-encoded SubjectPublicKeyInfo the peer is expected to present
|
||||
\param spkiSz length of spki in bytes
|
||||
_Example_
|
||||
\code
|
||||
int ret;
|
||||
WOLFSSL_CTX* ctx;
|
||||
const unsigned char* spki; /* DER SubjectPublicKeyInfo */
|
||||
unsigned int spkiSz;
|
||||
...
|
||||
|
||||
ret = wolfSSL_CTX_set_expected_rpk(ctx, spki, spkiSz);
|
||||
\endcode
|
||||
\sa wolfSSL_set_expected_rpk
|
||||
\sa wolfSSL_set_client_cert_type
|
||||
\sa wolfSSL_set_server_cert_type
|
||||
*/
|
||||
int wolfSSL_CTX_set_expected_rpk(WOLFSSL_CTX* ctx, const unsigned char* spki,
|
||||
unsigned int spkiSz);
|
||||
|
||||
/*!
|
||||
\ingroup Setup
|
||||
\brief Pin a DER-encoded SubjectPublicKeyInfo that the peer is expected to
|
||||
present as a Raw Public Key (RFC 7250), establishing out-of-band trust on the
|
||||
WOLFSSL object. An unauthenticated RPK peer is otherwise rejected: when the
|
||||
peer is being authenticated (any verify mode other than WOLFSSL_VERIFY_NONE)
|
||||
the handshake fails closed unless the presented key matches a pin (or a verify
|
||||
callback accepts it). May be called more than once to pin several keys, up to
|
||||
WOLFSSL_MAX_RPK_PINS. The key is stored as its SHA-256 digest, so this API
|
||||
requires SHA-256. Pins are append-only for the lifetime of the object.
|
||||
|
||||
\return WOLFSSL_SUCCESS on success
|
||||
\return BAD_FUNC_ARG if ssl or spki is NULL, or spkiSz is 0
|
||||
\return BUFFER_E if the pin table is already full (WOLFSSL_MAX_RPK_PINS)
|
||||
\return other negative error code on a hashing failure
|
||||
|
||||
\param ssl WOLFSSL object pointer
|
||||
\param spki DER-encoded SubjectPublicKeyInfo the peer is expected to present
|
||||
\param spkiSz length of spki in bytes
|
||||
_Example_
|
||||
\code
|
||||
int ret;
|
||||
WOLFSSL* ssl;
|
||||
const unsigned char* spki; /* DER SubjectPublicKeyInfo */
|
||||
unsigned int spkiSz;
|
||||
...
|
||||
|
||||
ret = wolfSSL_set_expected_rpk(ssl, spki, spkiSz);
|
||||
\endcode
|
||||
\sa wolfSSL_CTX_set_expected_rpk
|
||||
\sa wolfSSL_set_client_cert_type
|
||||
\sa wolfSSL_set_server_cert_type
|
||||
*/
|
||||
int wolfSSL_set_expected_rpk(WOLFSSL* ssl, const unsigned char* spki,
|
||||
unsigned int spkiSz);
|
||||
|
||||
/*!
|
||||
|
||||
\brief Enable use of ConnectionID extensions for the SSL object. See RFC 9146
|
||||
|
||||
@@ -3883,6 +3883,14 @@ int test_tls13_rpk_trust(void)
|
||||
|
||||
ExpectIntEQ(load_file(svrRpkCertFile, &svrSpki, &svrSpkiSz), 0);
|
||||
ExpectIntEQ(load_file(clntRpkCertFile, &cliSpki, &cliSpkiSz), 0);
|
||||
/* If either pin failed to load, stop before feeding NULL/zero-length
|
||||
* buffers into the pinning calls below (which would only produce
|
||||
* misleading downstream failures). */
|
||||
if (EXPECT_FAIL()) {
|
||||
XFREE(svrSpki, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(cliSpki, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
/* --- WOLFSSL_VERIFY_NONE: completes, but reported as untrusted --- */
|
||||
ctx_c = ctx_s = NULL;
|
||||
|
||||
+3
-2
@@ -2782,8 +2782,9 @@ enum {
|
||||
WOLFSSL_X509_V_ERR_IP_ADDRESS_MISMATCH = 64,
|
||||
WOLFSSL_X509_V_ERR_INVALID_CA = 79,
|
||||
WC_OSSL_V509_V_ERR_MAX = 80,
|
||||
/* Codes at or above WC_OSSL_V509_V_ERR_MAX are intentionally outside the
|
||||
* contiguous range swept by the error-string test in tests/api.c. */
|
||||
/* wolfSSL-specific verify-result codes are assigned at or above
|
||||
* WC_OSSL_V509_V_ERR_MAX, intentionally outside the contiguous
|
||||
* OpenSSL-compatible range below it. */
|
||||
WOLFSSL_X509_V_ERR_RPK_UNTRUSTED = 95,
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
|
||||
Reference in New Issue
Block a user