wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Adding unknown extension callback to CertManager

Browse Source
This commit is contained in:
Anthony Hu
2024-01-31 16:27:07 -05:00
parent 48b99b0f10
commit dfc10741a5
3 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/ssl_certman.c
View File

@@ -575,6 +575,19 @@ void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
} }
#endif /* NO_WOLFSSL_CM_VERIFY */ #endif /* NO_WOLFSSL_CM_VERIFY */
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
&& defined(HAVE_OID_DECODING)
void wolfSSL_CertManagerSetUnknownExtCallback(WOLFSSL_CERT_MANAGER* cm,
wc_UnknownExtCallback cb)
{
WOLFSSL_ENTER("wolfSSL_CertManagerSetUnknownExtCallback");
if (cm != NULL) {
cm->unknownExtCallback = cb;
}
}
#endif /* WOLFSSL_CUSTOM_OID && WOLFSSL_ASN_TEMPLATE && HAVE_OID_DECODING */
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
/* Verify the certificate. /* Verify the certificate.
* *
@@ -643,6 +656,12 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff,
/* Create a decoded certificate with DER buffer. */ /* Create a decoded certificate with DER buffer. */
InitDecodedCert(cert, buff, (word32)sz, cm->heap); InitDecodedCert(cert, buff, (word32)sz, cm->heap);
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
&& defined(HAVE_OID_DECODING)
if (cm->unknownExtCallback != NULL)
wc_SetUnknownExtCallback(cert, cm->unknownExtCallback);
#endif
/* Parse DER into decoded certificate fields and verify signature /* Parse DER into decoded certificate fields and verify signature
* against a known CA. */ * against a known CA. */
ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, cm); ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, cm);

1
wolfssl/internal.h
View File

@@ -2632,6 +2632,7 @@ struct WOLFSSL_CERT_MANAGER {
short minFalconKeySz; /* minimum allowed Falcon key size */ short minFalconKeySz; /* minimum allowed Falcon key size */
short minDilithiumKeySz; /* minimum allowed Dilithium key size */ short minDilithiumKeySz; /* minimum allowed Dilithium key size */
#endif #endif
wc_UnknownExtCallback unknownExtCallback;
}; };

10
wolfssl/ssl.h
View File

@@ -1536,7 +1536,8 @@ WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx); WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data); WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
#if defined(HAVE_OCSP) || defined(HAVE_CRL) #if defined(HAVE_OCSP) || defined(HAVE_CRL) || (defined(WOLFSSL_CUSTOM_OID) && \
defined(WOLFSSL_ASN_TEMPLATE) && defined(HAVE_OID_DECODING))
#include "wolfssl/wolfcrypt/asn.h" #include "wolfssl/wolfcrypt/asn.h"
#endif #endif
@@ -3594,6 +3595,13 @@ WOLFSSL_API void wolfSSL_CTX_SetPerformTlsRecordProcessingCb(WOLFSSL_CTX* ctx,
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm); WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm); WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm);
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
&& defined(HAVE_OID_DECODING)
WOLFSSL_API void wolfSSL_CertManagerSetUnknownExtCallback(
WOLFSSL_CERT_MANAGER* cm,
wc_UnknownExtCallback cb);
#endif
WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm,
const char* f, const char* d); const char* f, const char* d);
WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm, WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,