wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for building with NO_ASN_TIME. If used with TLS user must supply LowResTimer and TimeNowInMilliseconds.

Browse Source
This commit is contained in:
David Garske
2021-04-30 15:04:31 -07:00
parent c9634952d5
commit f8ecd4b441
5 changed files with 41 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@@ -7922,7 +7922,12 @@ ProtocolVersion MakeDTLSv1_2(void)
return (word32)XTIME(0); return (word32)XTIME(0);
} }
#endif #endif
#else
/* user must supply timer function to return elapsed seconds:
* word32 LowResTimer(void);
*/
#endif /* !NO_ASN_TIME */ #endif /* !NO_ASN_TIME */
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH))) (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))

15
src/ssl.c
View File

@@ -26459,7 +26459,9 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
int ret = 0; int ret = 0;
int depth = 0; int depth = 0;
int error; int error;
#ifndef NO_ASN_TIME
byte *afterDate, *beforeDate; byte *afterDate, *beforeDate;
#endif
WOLFSSL_ENTER("wolfSSL_X509_verify_cert"); WOLFSSL_ENTER("wolfSSL_X509_verify_cert");
@@ -26486,6 +26488,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
#endif #endif
} }
#ifndef NO_ASN_TIME
error = 0; error = 0;
/* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or /* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
ASN_BEFORE_DATE_E if there are no additional errors found in the ASN_BEFORE_DATE_E if there are no additional errors found in the
@@ -26511,6 +26514,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
ctx->store->verify_cb(0, ctx); ctx->store->verify_cb(0, ctx);
#endif #endif
} }
#endif
/* OpenSSL returns 0 when a chain can't be built */ /* OpenSSL returns 0 when a chain can't be built */
if (ret == ASN_NO_SIGNER_E) if (ret == ASN_NO_SIGNER_E)
@@ -29092,10 +29096,14 @@ void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
wolfSSL_ASN1_OBJECT_free(at->value.object); wolfSSL_ASN1_OBJECT_free(at->value.object);
break; break;
case V_ASN1_UTCTIME: case V_ASN1_UTCTIME:
#ifndef NO_ASN_TIME
wolfSSL_ASN1_TIME_free(at->value.utctime); wolfSSL_ASN1_TIME_free(at->value.utctime);
#endif
break; break;
case V_ASN1_GENERALIZEDTIME: case V_ASN1_GENERALIZEDTIME:
#ifndef NO_ASN_TIME
wolfSSL_ASN1_TIME_free(at->value.generalizedtime); wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
#endif
break; break;
case V_ASN1_UTF8STRING: case V_ASN1_UTF8STRING:
case V_ASN1_PRINTABLESTRING: case V_ASN1_PRINTABLESTRING:
@@ -30757,16 +30765,23 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
* returns WOLFSSL_SUCCESS (1) if correct otherwise WOLFSSL_FAILURE (0) */ * returns WOLFSSL_SUCCESS (1) if correct otherwise WOLFSSL_FAILURE (0) */
int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a) int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
{ {
#ifndef NO_ASN_TIME
char buf[MAX_TIME_STRING_SZ]; char buf[MAX_TIME_STRING_SZ];
#endif
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_check"); WOLFSSL_ENTER("wolfSSL_ASN1_TIME_check");
#ifndef NO_ASN_TIME
/* if can parse the WOLFSSL_ASN1_TIME passed in then consider syntax good */ /* if can parse the WOLFSSL_ASN1_TIME passed in then consider syntax good */
if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)a, buf, if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)a, buf,
MAX_TIME_STRING_SZ) == NULL) { MAX_TIME_STRING_SZ) == NULL) {
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
#else
(void)a;
return WOLFSSL_FAILURE;
#endif
} }
#endif /* !NO_ASN_TIME */ #endif /* !NO_ASN_TIME */

9
src/tls13.c
View File

@@ -1272,7 +1272,8 @@ end:
return ret; return ret;
} }
#ifdef HAVE_SESSION_TICKET #if (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK))
#ifndef NO_ASN_TIME
#if defined(USER_TICKS) #if defined(USER_TICKS)
#if 0 #if 0
word32 TimeNowInMilliseconds(void) word32 TimeNowInMilliseconds(void)
@@ -1528,6 +1529,12 @@ end:
return (word32)(now.tv_sec * 1000 + now.tv_usec / 1000); return (word32)(now.tv_sec * 1000 + now.tv_usec / 1000);
} }
#endif #endif
#else
/* user must supply time in milliseconds function:
* word32 TimeNowInMilliseconds(void);
* The response is milliseconds elapsed
*/
#endif /* !NO_ASN_TIME */
#endif /* HAVE_SESSION_TICKET || !NO_PSK */ #endif /* HAVE_SESSION_TICKET || !NO_PSK */

8
tests/api.c
View File

@@ -41925,7 +41925,7 @@ static void test_wolfSSL_RSA_verify(void)
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
static void test_openssl_make_self_signed_certificate(EVP_PKEY* pkey) static void test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
{ {
X509* x509 = NULL; X509* x509 = NULL;
@@ -42006,7 +42006,8 @@ static void test_openssl_generate_key_and_cert(void)
BN_free(exponent); BN_free(exponent);
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
test_openssl_make_self_signed_certificate(pkey); test_openssl_make_self_signed_certificate(pkey);
#endif #endif
} }
@@ -42030,7 +42031,8 @@ static void test_openssl_generate_key_and_cert(void)
AssertIntNE(EC_KEY_generate_key(ec_key), 0); AssertIntNE(EC_KEY_generate_key(ec_key), 0);
AssertIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0); AssertIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
test_openssl_make_self_signed_certificate(pkey); test_openssl_make_self_signed_certificate(pkey);
#endif #endif

9
wolfcrypt/src/asn.c
View File

@@ -12429,6 +12429,7 @@ int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
#ifdef WOLFSSL_CERT_GEN #ifdef WOLFSSL_CERT_GEN
#ifndef NO_ASN_TIME
static WC_INLINE byte itob(int number) static WC_INLINE byte itob(int number)
{ {
return (byte)number + 0x30; return (byte)number + 0x30;
@@ -12462,7 +12463,7 @@ static void SetTime(struct tm* date, byte* output)
output[i] = 'Z'; /* Zulu profile */ output[i] = 'Z'; /* Zulu profile */
} }
#endif
#ifdef WOLFSSL_ALT_NAMES #ifdef WOLFSSL_ALT_NAMES
@@ -13358,6 +13359,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
* return size in bytes written to output, 0 on error */ * return size in bytes written to output, 0 on error */
static int SetValidity(byte* output, int daysValid) static int SetValidity(byte* output, int daysValid)
{ {
#ifndef NO_ASN_TIME
byte before[MAX_DATE_SIZE]; byte before[MAX_DATE_SIZE];
byte after[MAX_DATE_SIZE]; byte after[MAX_DATE_SIZE];
@@ -13427,6 +13429,11 @@ static int SetValidity(byte* output, int daysValid)
XMEMCPY(output + seqSz + beforeSz, after, afterSz); XMEMCPY(output + seqSz + beforeSz, after, afterSz);
return seqSz + beforeSz + afterSz; return seqSz + beforeSz + afterSz;
#else
(void)output;
(void)daysValid;
return NOT_COMPILED_IN;
#endif
} }
/* encode info from cert into DER encoded format */ /* encode info from cert into DER encoded format */