mirror of https://github.com/wolfSSL/wolfssl
Merge pull request #1421 from JacobBarthelmeh/Optimizations
trim out more strings and fix DN tag
This commit is contained in:
commit
0ab4166a80
|
@ -15965,12 +15965,15 @@ const char* GetCipherNameInternal(const char* cipherName, int cipherSuite)
|
|||
|
||||
/* if first is null then not any */
|
||||
if (first == NULL) {
|
||||
#if defined(HAVE_AESCCM) || defined(HAVE_CHACHA) || \
|
||||
defined(HAVE_ECC)
|
||||
if ( !XSTRSTR(nameFound, "CHACHA") &&
|
||||
!XSTRSTR(nameFound, "EC") &&
|
||||
!XSTRSTR(nameFound, "CCM")) {
|
||||
result = nameFound;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else if (XSTRSTR(nameFound, first)) {
|
||||
result = nameFound;
|
||||
|
@ -16486,26 +16489,51 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
|
|||
return 0; /* suites buffer not large enough, error out */
|
||||
}
|
||||
|
||||
suites->suites[idx++] = (XSTRSTR(name, "TLS13")) ? TLS13_BYTE
|
||||
: (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE
|
||||
: (XSTRSTR(name, "QSH")) ? QSH_BYTE
|
||||
: (XSTRSTR(name, "EC")) ? ECC_BYTE
|
||||
: (XSTRSTR(name, "CCM")) ? ECC_BYTE
|
||||
: 0x00; /* normal */
|
||||
suites->suites[idx++] = (byte)cipher_name_idx[i];
|
||||
suites->suites[idx++] =
|
||||
#ifdef WOLFSSL_TLS13
|
||||
(XSTRSTR(name, "TLS13")) ? TLS13_BYTE :
|
||||
#endif
|
||||
#ifdef HAVE_CHACHA
|
||||
(XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE :
|
||||
#endif
|
||||
#ifdef HAVE_QSH
|
||||
(XSTRSTR(name, "QSH")) ? QSH_BYTE :
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
(XSTRSTR(name, "EC")) ? ECC_BYTE :
|
||||
#endif
|
||||
#ifdef HAVE_AESCCM
|
||||
(XSTRSTR(name, "CCM")) ? ECC_BYTE :
|
||||
#endif
|
||||
0x00; /* normal */
|
||||
|
||||
suites->suites[idx++] = (byte)cipher_name_idx[i];
|
||||
/* The suites are either ECDSA, RSA, PSK, or Anon. The RSA
|
||||
* suites don't necessarily have RSA in the name. */
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (XSTRSTR(name, "TLS13")) {
|
||||
haveRSAsig = 1;
|
||||
haveECDSAsig = 1;
|
||||
}
|
||||
else if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
|
||||
haveECDSAsig = 1;
|
||||
else if (XSTRSTR(name, "ADH"))
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_ANON
|
||||
if (XSTRSTR(name, "ADH"))
|
||||
haveAnon = 1;
|
||||
else if ((haveRSAsig == 0) && (XSTRSTR(name, "PSK") == NULL))
|
||||
else
|
||||
#endif
|
||||
if (haveRSAsig == 0
|
||||
#ifndef NO_PSK
|
||||
&& (XSTRSTR(name, "PSK") == NULL)
|
||||
#endif
|
||||
) {
|
||||
haveRSAsig = 1;
|
||||
}
|
||||
|
||||
ret = 1; /* found at least one */
|
||||
break;
|
||||
|
|
21
src/ssl.c
21
src/ssl.c
|
@ -4690,8 +4690,10 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
|
|||
case CERTREQ_TYPE: header=BEGIN_CERT_REQ; footer=END_CERT_REQ;
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_DSA
|
||||
case DSA_TYPE: header=BEGIN_DSA_PRIV; footer=END_DSA_PRIV;
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case ECC_TYPE: header=BEGIN_EC_PRIV; footer=END_EC_PRIV;
|
||||
break;
|
||||
|
@ -4782,7 +4784,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
|
|||
word32 lineSz;
|
||||
char* finish;
|
||||
word32 finishSz;
|
||||
char* start;
|
||||
char* start = NULL;
|
||||
word32 startSz;
|
||||
char* newline;
|
||||
|
||||
|
@ -4791,12 +4793,17 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
|
|||
}
|
||||
|
||||
lineSz = (word32)(bufferEnd - line);
|
||||
#ifndef NO_DES3
|
||||
start = XSTRNSTR(line, "DES", min(lineSz, PEM_LINE_LEN));
|
||||
#endif
|
||||
|
||||
#ifndef NO_AES
|
||||
if (start == NULL) {
|
||||
start = XSTRNSTR(line, "AES", min(lineSz, PEM_LINE_LEN));
|
||||
}
|
||||
#endif
|
||||
|
||||
(void)lineSz;
|
||||
if (start == NULL) return WOLFSSL_BAD_FILE;
|
||||
if (info == NULL) return WOLFSSL_BAD_FILE;
|
||||
|
||||
|
@ -16097,20 +16104,29 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
|
|||
WOLFSSL_ENTER("SSL_get_version");
|
||||
if (ssl->version.major == SSLv3_MAJOR) {
|
||||
switch (ssl->version.minor) {
|
||||
#ifndef NO_OLD_TLS
|
||||
#ifdef WOLFSSL_ALLOW_SSLV3
|
||||
case SSLv3_MINOR :
|
||||
return "SSLv3";
|
||||
#endif
|
||||
#ifdef WOLFSSL_ALLOW_TLSV10
|
||||
case TLSv1_MINOR :
|
||||
return "TLSv1";
|
||||
#endif
|
||||
case TLSv1_1_MINOR :
|
||||
return "TLSv1.1";
|
||||
#endif
|
||||
case TLSv1_2_MINOR :
|
||||
return "TLSv1.2";
|
||||
#ifdef WOLFSSL_TLS13
|
||||
case TLSv1_3_MINOR :
|
||||
return "TLSv1.3";
|
||||
#endif
|
||||
default:
|
||||
return "unknown";
|
||||
}
|
||||
}
|
||||
#ifdef WOLFSSL_DTLS
|
||||
else if (ssl->version.major == DTLS_MAJOR) {
|
||||
switch (ssl->version.minor) {
|
||||
case DTLS_MINOR :
|
||||
|
@ -16121,6 +16137,7 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
|
|||
return "unknown";
|
||||
}
|
||||
}
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
return "unknown";
|
||||
}
|
||||
|
||||
|
@ -29433,6 +29450,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
|
|||
type = oidBlkType;
|
||||
break;
|
||||
|
||||
#ifndef NO_DES3
|
||||
case NID_des:
|
||||
id = DESb;
|
||||
sName = "DES-CBC";
|
||||
|
@ -29444,6 +29462,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
|
|||
sName = "DES3-CBC";
|
||||
type = oidBlkType;
|
||||
break;
|
||||
#endif /* !NO_DES3 */
|
||||
|
||||
#ifdef HAVE_OCSP
|
||||
case NID_id_pkix_OCSP_basic:
|
||||
|
|
|
@ -4460,7 +4460,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
|
||||
if (dName->cnLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/CN=", 4);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_COMMON_NAME, 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->cnIdx], dName->cnLen);
|
||||
|
@ -4469,7 +4469,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->snLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/SN=", 4);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_SUR_NAME, 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->snIdx], dName->snLen);
|
||||
|
@ -4478,7 +4478,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->cLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/C=", 3);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_COUNTRY_NAME, 3);
|
||||
idx += 3;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->cIdx], dName->cLen);
|
||||
|
@ -4487,7 +4487,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->lLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/L=", 3);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_LOCALITY_NAME, 3);
|
||||
idx += 3;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->lIdx], dName->lLen);
|
||||
|
@ -4496,7 +4496,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->stLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/ST=", 4);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_STATE_NAME, 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->stIdx], dName->stLen);
|
||||
|
@ -4505,7 +4505,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->oLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/O=", 3);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_ORG_NAME, 3);
|
||||
idx += 3;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->oIdx], dName->oLen);
|
||||
|
@ -4514,7 +4514,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->ouLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/OU=", 4);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_ORGUNIT_NAME, 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->ouIdx], dName->ouLen);
|
||||
|
@ -4533,7 +4533,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
for (i = 0;i < dName->dcNum;i++){
|
||||
if (dName->dcLen[i] != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/DC=", 4);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_DOMAIN_COMPONENT, 4);
|
||||
idx += 4;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->dcIdx[i]], dName->dcLen[i]);
|
||||
|
@ -4552,7 +4552,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
|||
}
|
||||
if (dName->serialLen != 0) {
|
||||
dName->entryCount++;
|
||||
XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14);
|
||||
XMEMCPY(&dName->fullName[idx], WOLFSSL_SERIAL_NUMBER, 14);
|
||||
idx += 14;
|
||||
XMEMCPY(&dName->fullName[idx],
|
||||
&cert->source[dName->serialIdx], dName->serialLen);
|
||||
|
@ -7293,8 +7293,10 @@ const char* const END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
|
|||
const char* const BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
|
||||
const char* const END_EC_PRIV = "-----END EC PRIVATE KEY-----";
|
||||
#endif
|
||||
const char* const BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
|
||||
const char* const END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
|
||||
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || !defined(NO_DSA)
|
||||
const char* const BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
|
||||
const char* const END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
|
||||
#endif
|
||||
const char* const BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----";
|
||||
const char* const END_PUB_KEY = "-----END PUBLIC KEY-----";
|
||||
#ifdef HAVE_ED25519
|
||||
|
|
|
@ -116,15 +116,15 @@ enum DN_Tags {
|
|||
};
|
||||
|
||||
/* DN Tag Strings */
|
||||
#define WOLFSSL_COMMON_NAME "/CN"
|
||||
#define WOLFSSL_SUR_NAME "/SN"
|
||||
#define WOLFSSL_SERIAL_NUMBER "/serialNumber="
|
||||
#define WOLFSSL_COUNTRY_NAME "/C"
|
||||
#define WOLFSSL_LOCALITY_NAME "/L"
|
||||
#define WOLFSSL_STATE_NAME "/ST"
|
||||
#define WOLFSSL_ORG_NAME "/O"
|
||||
#define WOLFSSL_ORGUNIT_NAME "/OU"
|
||||
#define WOLFSSL_DOMAIN_COMPONENT "/DC"
|
||||
#define WOLFSSL_COMMON_NAME "/CN="
|
||||
#define WOLFSSL_SUR_NAME "/SN="
|
||||
#define WOLFSSL_SERIAL_NUMBER "/serialNumber="
|
||||
#define WOLFSSL_COUNTRY_NAME "/C="
|
||||
#define WOLFSSL_LOCALITY_NAME "/L="
|
||||
#define WOLFSSL_STATE_NAME "/ST="
|
||||
#define WOLFSSL_ORG_NAME "/O="
|
||||
#define WOLFSSL_ORGUNIT_NAME "/OU="
|
||||
#define WOLFSSL_DOMAIN_COMPONENT "/DC="
|
||||
|
||||
enum PBES {
|
||||
PBE_MD5_DES = 0,
|
||||
|
|
Loading…
Reference in New Issue