mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 11:17:29 +02:00
Adding X509_VERIFY_PARAM API
This commit is contained in:
Eric Blankenhorn
62
src/ssl.c
62
src/ssl.c
@ -25743,6 +25743,68 @@ char* wolfSSL_CONF_get1_default_config_file(void)
|
||||
return NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
WOLFSSL_X509_VERIFY_PARAM* wolfSSL_X509_VERIFY_PARAM_new(void)
|
||||
{
|
||||
WOLFSSL_X509_VERIFY_PARAM *param = NULL;
|
||||
param = XMALLOC(sizeof(WOLFSSL_X509_VERIFY_PARAM), NULL,
|
||||
DYNAMIC_TYPE_OPENSSL);
|
||||
if (param != NULL)
|
||||
XMEMSET(param, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM ));
|
||||
|
||||
return(param);
|
||||
}
|
||||
|
||||
|
||||
void wolfSSL_X509_VERIFY_PARAM_free(WOLFSSL_X509_VERIFY_PARAM *param)
|
||||
{
|
||||
if (param != NULL)
|
||||
XFREE(param, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
||||
|
||||
/* Sets flags by OR'ing with existing value. */
|
||||
int wolfSSL_X509_VERIFY_PARAM_set_flags(WOLFSSL_X509_VERIFY_PARAM *param,
|
||||
unsigned long flags)
|
||||
{
|
||||
int ret = WOLFSSL_FAILURE;
|
||||
|
||||
if (param != NULL) {
|
||||
param->flags |= flags;
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_X509_VERIFY_PARAM_get_flags(WOLFSSL_X509_VERIFY_PARAM *param)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
if (param != NULL) {
|
||||
ret = param->flags;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_X509_VERIFY_PARAM_clear_flags(WOLFSSL_X509_VERIFY_PARAM *param,
|
||||
unsigned long flags)
|
||||
{
|
||||
int ret = WOLFSSL_FAILURE;
|
||||
|
||||
if (param != NULL) {
|
||||
param->flags &= ~flags;
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/******************************************************************************
|
||||
* wolfSSL_X509_VERIFY_PARAM_set1_host - sets the DNS hostname to name
|
||||
* hostnames is cleared if name is NULL or empty.
|
||||
|
||||
20
tests/api.c
20
tests/api.c
@ -29793,11 +29793,7 @@ static void test_wolfSSL_X509_VERIFY_PARAM(void)
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509()");
|
||||
|
||||
/* Initializer function is not ported */
|
||||
/* param = wolfSSL_X509_VERIFY_PARAM_new(); */
|
||||
|
||||
param = (WOLFSSL_X509_VERIFY_PARAM *)XMALLOC(
|
||||
sizeof(WOLFSSL_X509_VERIFY_PARAM), NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
param = wolfSSL_X509_VERIFY_PARAM_new();
|
||||
AssertNotNull(param);
|
||||
|
||||
XMEMSET(param, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM ));
|
||||
@ -29821,7 +29817,19 @@ static void test_wolfSSL_X509_VERIFY_PARAM(void)
|
||||
AssertIntEQ(1, ret);
|
||||
AssertIntEQ(0, XSTRNCMP(param->ipasc, testIPv6, WOLFSSL_MAX_IPSTR));
|
||||
|
||||
XFREE(param, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
ret = wolfSSL_X509_VERIFY_PARAM_set_flags(param, WOLFSSL_CRL_CHECKALL);
|
||||
AssertIntEQ(1, ret);
|
||||
|
||||
ret = wolfSSL_X509_VERIFY_PARAM_get_flags(param);
|
||||
AssertIntEQ(WOLFSSL_CRL_CHECKALL, ret);
|
||||
|
||||
ret = wolfSSL_X509_VERIFY_PARAM_clear_flags(param, WOLFSSL_CRL_CHECKALL);
|
||||
AssertIntEQ(1, ret);
|
||||
|
||||
ret = wolfSSL_X509_VERIFY_PARAM_get_flags(param);
|
||||
AssertIntEQ(0, ret);
|
||||
|
||||
wolfSSL_X509_VERIFY_PARAM_free(param);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
|
||||
|
||||
@ -586,6 +586,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
#define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject
|
||||
#define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer
|
||||
#define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time
|
||||
#define X509_VERIFY_PARAM_new wolfSSL_X509_VERIFY_PARAM_new
|
||||
#define X509_VERIFY_PARAM_free wolfSSL_X509_VERIFY_PARAM_free
|
||||
#define X509_VERIFY_PARAM_set_flags wolfSSL_X509_VERIFY_PARAM_set_flags
|
||||
#define X509_VERIFY_PARAM_get_flags wolfSSL_X509_VERIFY_PARAM_get_flags
|
||||
#define X509_VERIFY_PARAM_clear_flags wolfSSL_X509_VERIFY_PARAM_clear_flags
|
||||
#define X509_VERIFY_PARAM_set_hostflags wolfSSL_X509_VERIFY_PARAM_set_hostflags
|
||||
#define X509_VERIFY_PARAM_set1_host wolfSSL_X509_VERIFY_PARAM_set1_host
|
||||
#define X509_VERIFY_PARAM_set1_ip_asc wolfSSL_X509_VERIFY_PARAM_set1_ip_asc
|
||||
|
||||
@ -1505,6 +1505,13 @@ WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
|
||||
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*,
|
||||
unsigned long flags,
|
||||
time_t t);
|
||||
WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_X509_VERIFY_PARAM_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_free(WOLFSSL_X509_VERIFY_PARAM *param);
|
||||
WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set_flags(WOLFSSL_X509_VERIFY_PARAM *param,
|
||||
unsigned long flags);
|
||||
WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_get_flags(WOLFSSL_X509_VERIFY_PARAM *param);
|
||||
WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_clear_flags(WOLFSSL_X509_VERIFY_PARAM *param,
|
||||
unsigned long flags);
|
||||
WOLFSSL_API void wolfSSL_X509_VERIFY_PARAM_set_hostflags(
|
||||
WOLFSSL_X509_VERIFY_PARAM* param, unsigned int flags);
|
||||
WOLFSSL_API int wolfSSL_X509_VERIFY_PARAM_set1_host(WOLFSSL_X509_VERIFY_PARAM* pParam,
|
||||
|
||||
Reference in New Issue
Block a user