From dad0bc01597d774f2c5e455518bb5b28f86eb577 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 14 Apr 2020 12:52:23 +0200 Subject: [PATCH] Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions --- src/ssl.c | 4 +- tests/api.c | 2 +- wolfcrypt/src/evp.c | 223 ++++++++++++++++++++++---------------------- wolfssl/ssl.h | 2 +- 4 files changed, 116 insertions(+), 115 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 3c2583273..98a62af79 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -19733,7 +19733,6 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, return (textSz - 1); /* do not include null character in size */ } -#if defined(OPENSSL_EXTRA) #ifdef HAVE_ECC static int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); #endif @@ -19845,7 +19844,6 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509) } return key; } -#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA_X509_SMALL */ #endif /* !NO_CERTS */ @@ -30693,7 +30691,7 @@ static int SetECPointInternal(WOLFSSL_EC_POINT *p) #endif /* HAVE_ECC */ #endif /* OPENSSL_EXTRA */ -#if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) +#if defined(HAVE_ECC) && defined(OPENSSL_EXTRA_X509_SMALL) /* EC_POINT WolfSSL -> OpenSSL */ static int SetECPointExternal(WOLFSSL_EC_POINT *p) diff --git a/tests/api.c b/tests/api.c index d3d44a0f1..7e3dd3e70 100644 --- a/tests/api.c +++ b/tests/api.c @@ -22186,7 +22186,7 @@ static void test_wolfSSL_CTX_add_client_CA(void) static void test_wolfSSL_X509_NID(void) { - #if defined(OPENSSL_EXTRA) && \ + #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN) int sigType; int nameSz; diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 7cefd60ed..1365a5993 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -5400,116 +5400,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md) /* nothing to do here */ } -WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new(void){ - return wolfSSL_EVP_PKEY_new_ex(NULL); -} - - -WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap) -{ - WOLFSSL_EVP_PKEY* pkey; - int ret; - WOLFSSL_ENTER("wolfSSL_EVP_PKEY_new"); - pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), heap, - DYNAMIC_TYPE_PUBLIC_KEY); - if (pkey != NULL) { - XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY)); - pkey->heap = heap; - pkey->type = WOLFSSL_EVP_PKEY_DEFAULT; -#ifndef HAVE_FIPS - ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID); -#else - ret = wc_InitRng(&pkey->rng); -#endif - if (ret != 0){ - wolfSSL_EVP_PKEY_free(pkey); - WOLFSSL_MSG("memory failure"); - return NULL; - } - pkey->references = 1; - wc_InitMutex(&pkey->refMutex); - } - else { - WOLFSSL_MSG("memory failure"); - } - - return pkey; -} - - -void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) -{ - int doFree = 0; - WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free"); - if (key != NULL) { - if (wc_LockMutex(&key->refMutex) != 0) { - WOLFSSL_MSG("Couldn't lock pkey mutex"); - } - - /* only free if all references to it are done */ - key->references--; - if (key->references == 0) { - doFree = 1; - } - wc_UnLockMutex(&key->refMutex); - - if (doFree) { - wc_FreeRng(&key->rng); - - if (key->pkey.ptr != NULL) { - XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); - key->pkey.ptr = NULL; - } - switch(key->type) - { - #ifndef NO_RSA - case EVP_PKEY_RSA: - if (key->rsa != NULL && key->ownRsa == 1) { - wolfSSL_RSA_free(key->rsa); - key->rsa = NULL; - } - break; - #endif /* NO_RSA */ - - #ifdef HAVE_ECC - case EVP_PKEY_EC: - if (key->ecc != NULL && key->ownEcc == 1) { - wolfSSL_EC_KEY_free(key->ecc); - key->ecc = NULL; - } - break; - #endif /* HAVE_ECC */ - - #ifndef NO_DSA - case EVP_PKEY_DSA: - if (key->dsa != NULL && key->ownDsa == 1) { - wolfSSL_DSA_free(key->dsa); - key->dsa = NULL; - } - break; - #endif /* NO_DSA */ - - #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) - case EVP_PKEY_DH: - if (key->dh != NULL && key->ownDh == 1) { - wolfSSL_DH_free(key->dh); - key->dh = NULL; - } - break; - #endif /* ! NO_DH ... */ - - default: - break; - } - - if (wc_FreeMutex(&key->refMutex) != 0) { - WOLFSSL_MSG("Couldn't free pkey mutex"); - } - XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); - } - } -} - const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id) { WOLFSSL_MSG("wolfSSL_get_digestbynid"); @@ -6492,4 +6382,117 @@ int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key) #endif /* OPENSSL_EXTRA */ +#ifdef OPENSSL_EXTRA_X509_SMALL + +WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new(void){ + return wolfSSL_EVP_PKEY_new_ex(NULL); +} + + +WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap) +{ + WOLFSSL_EVP_PKEY* pkey; + int ret; + WOLFSSL_ENTER("wolfSSL_EVP_PKEY_new"); + pkey = (WOLFSSL_EVP_PKEY*)XMALLOC(sizeof(WOLFSSL_EVP_PKEY), heap, + DYNAMIC_TYPE_PUBLIC_KEY); + if (pkey != NULL) { + XMEMSET(pkey, 0, sizeof(WOLFSSL_EVP_PKEY)); + pkey->heap = heap; + pkey->type = WOLFSSL_EVP_PKEY_DEFAULT; +#ifndef HAVE_FIPS + ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID); +#else + ret = wc_InitRng(&pkey->rng); +#endif + if (ret != 0){ + wolfSSL_EVP_PKEY_free(pkey); + WOLFSSL_MSG("memory failure"); + return NULL; + } + pkey->references = 1; + wc_InitMutex(&pkey->refMutex); + } + else { + WOLFSSL_MSG("memory failure"); + } + + return pkey; +} + +void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key) +{ + int doFree = 0; + WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free"); + if (key != NULL) { + if (wc_LockMutex(&key->refMutex) != 0) { + WOLFSSL_MSG("Couldn't lock pkey mutex"); + } + + /* only free if all references to it are done */ + key->references--; + if (key->references == 0) { + doFree = 1; + } + wc_UnLockMutex(&key->refMutex); + + if (doFree) { + wc_FreeRng(&key->rng); + + if (key->pkey.ptr != NULL) { + XFREE(key->pkey.ptr, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); + key->pkey.ptr = NULL; + } + switch(key->type) + { + #ifndef NO_RSA + case EVP_PKEY_RSA: + if (key->rsa != NULL && key->ownRsa == 1) { + wolfSSL_RSA_free(key->rsa); + key->rsa = NULL; + } + break; + #endif /* NO_RSA */ + + #ifdef HAVE_ECC + case EVP_PKEY_EC: + if (key->ecc != NULL && key->ownEcc == 1) { + wolfSSL_EC_KEY_free(key->ecc); + key->ecc = NULL; + } + break; + #endif /* HAVE_ECC */ + + #ifndef NO_DSA + case EVP_PKEY_DSA: + if (key->dsa != NULL && key->ownDsa == 1) { + wolfSSL_DSA_free(key->dsa); + key->dsa = NULL; + } + break; + #endif /* NO_DSA */ + + #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) + case EVP_PKEY_DH: + if (key->dh != NULL && key->ownDh == 1) { + wolfSSL_DH_free(key->dh); + key->dh = NULL; + } + break; + #endif /* ! NO_DH ... */ + + default: + break; + } + + if (wc_FreeMutex(&key->refMutex) != 0) { + WOLFSSL_MSG("Couldn't free pkey mutex"); + } + XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY); + } + } +} + +#endif /* OPENSSL_EXTRA_X509_SMALL */ + #endif /* WOLFSSL_EVP_INCLUDED */ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 11afd8e3b..7ab1a15e5 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1165,7 +1165,7 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl); /* what's ref count */ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void); -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_ALL) WOLFSSL_API int wolfSSL_RSA_up_ref(WOLFSSL_RSA* rsa); WOLFSSL_API int wolfSSL_X509_up_ref(WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey);