mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

debugging on asn and internal.c

Browse Source
This commit is contained in:
Jacob Barthelmeh 2014-12-30 15:14:27 -07:00
parent 0d4a65cd6f
commit 3b49b72436
4 changed files with 159 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
src/internal.c
View File

@ -1917,10 +1917,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
WOLFSSL_MSG("EccTempKey Memory error");
return MEMORY_E;
}
ecc_init(ssl->peerEccKey);
ecc_init(ssl->peerEccDsaKey);
ecc_init(ssl->eccDsaKey);
ecc_init(ssl->eccTempKey);
wc_ecc_init(ssl->peerEccKey);
wc_ecc_init(ssl->peerEccDsaKey);
wc_ecc_init(ssl->eccDsaKey);
wc_ecc_init(ssl->eccTempKey);
#endif
#ifdef HAVE_SECRET_CALLBACK
ssl->sessionSecretCb = NULL;
@ -2025,22 +2025,22 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#ifdef HAVE_ECC
if (ssl->peerEccKey) {
if (ssl->peerEccKeyPresent)
ecc_free(ssl->peerEccKey);
wc_ecc_free(ssl->peerEccKey);
XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->peerEccDsaKey) {
if (ssl->peerEccDsaKeyPresent)
ecc_free(ssl->peerEccDsaKey);
wc_ecc_free(ssl->peerEccDsaKey);
XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->eccTempKey) {
if (ssl->eccTempKeyPresent)
ecc_free(ssl->eccTempKey);
wc_ecc_free(ssl->eccTempKey);
XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->eccDsaKey) {
if (ssl->eccDsaKeyPresent)
ecc_free(ssl->eccDsaKey);
wc_ecc_free(ssl->eccDsaKey);
XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
#endif
@ -2116,7 +2116,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
if (ssl->peerEccKey)
{
if (ssl->peerEccKeyPresent) {
ecc_free(ssl->peerEccKey);
wc_ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
@ -2125,7 +2125,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
if (ssl->peerEccDsaKey)
{
if (ssl->peerEccDsaKeyPresent) {
ecc_free(ssl->peerEccDsaKey);
wc_ecc_free(ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
}
XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
@ -2134,7 +2134,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
if (ssl->eccTempKey)
{
if (ssl->eccTempKeyPresent) {
ecc_free(ssl->eccTempKey);
wc_ecc_free(ssl->eccTempKey);
ssl->eccTempKeyPresent = 0;
}
XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
@ -2143,7 +2143,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
if (ssl->eccDsaKey)
{
if (ssl->eccDsaKeyPresent) {
ecc_free(ssl->eccDsaKey);
wc_ecc_free(ssl->eccDsaKey);
ssl->eccDsaKeyPresent = 0;
}
XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
@ -4461,11 +4461,11 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
case ECDSAk:
{
if (ssl->peerEccDsaKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccDsaKey);
wc_ecc_free(ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
ecc_init(ssl->peerEccDsaKey);
wc_ecc_init(ssl->peerEccDsaKey);
}
if (ecc_import_x963(dCert->publicKey, dCert->pubKeySize,
if (wc_ecc_import_x963(dCert->publicKey, dCert->pubKeySize,
ssl->peerEccDsaKey) != 0) {
ret = PEER_KEY_ERROR;
}
@ -9940,12 +9940,12 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
return BUFFER_ERROR;
if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccKey);
wc_ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
ecc_init(ssl->peerEccKey);
wc_ecc_init(ssl->peerEccKey);
}
if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey) != 0)
if (wc_ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey) != 0)
return ECC_PEERKEY_ERROR;
*inOutIdx += length;
@ -10258,7 +10258,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
ERROR_OUT(MEMORY_E, done);
#endif
encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
encSigSz = wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encSigSz != verifiedSz || !out || XMEMCMP(out, encodedSig,
min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0)
@ -10326,7 +10326,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
#endif
}
else {
ret = ecc_verify_hash(input + *inOutIdx, length,
ret = wc_ecc_verify_hash(input + *inOutIdx, length,
digest, digestSz, &verify, ssl->peerEccDsaKey);
}
if (ret != 0 || verify == 0)
@ -10729,8 +10729,8 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
return NO_PEER_KEY;
}
ecc_init(&myKey);
ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
wc_ecc_init(&myKey);
ret = wc_ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
if (ret != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -10739,7 +10739,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
}
/* precede export with 1 byte length */
ret = ecc_export_x963(&myKey, encSecret + 1, &size);
ret = wc_ecc_export_x963(&myKey, encSecret + 1, &size);
encSecret[0] = (byte)size;
encSz = size + 1;
@ -10747,14 +10747,14 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
ret = ECC_EXPORT_ERROR;
else {
size = sizeof(ssl->arrays->preMasterSecret);
ret = ecc_shared_secret(&myKey, peerKey,
ret = wc_ecc_shared_secret(&myKey, peerKey,
ssl->arrays->preMasterSecret, &size);
if (ret != 0)
ret = ECC_SHARED_ERROR;
}
ssl->arrays->preMasterSz = size;
ecc_free(&myKey);
wc_ecc_free(&myKey);
}
break;
#endif /* HAVE_ECC */
@ -10925,7 +10925,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
return ret;
#ifdef HAVE_ECC
ecc_init(&eccKey);
wc_ecc_init(&eccKey);
#endif
#ifndef NO_RSA
ret = InitRsaKey(&key, ssl->heap);
@ -10942,7 +10942,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
WOLFSSL_MSG("Trying ECC client cert, RSA didn't work");
idx = 0;
ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &eccKey,
ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &eccKey,
ssl->buffers.key.length);
if (ret == 0) {
WOLFSSL_MSG("Using ECC client cert");
@ -10979,7 +10979,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
FreeRsaKey(&key);
#endif
#ifdef HAVE_ECC
ecc_free(&eccKey);
wc_ecc_free(&eccKey);
#endif
return MEMORY_E;
}
@ -11056,7 +11056,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
#endif /*HAVE_PK_CALLBACKS */
}
else {
ret = ecc_sign_hash(digest, digestSz, encodedSig,
ret = wc_ecc_sign_hash(digest, digestSz, encodedSig,
&localSz, ssl->rng, &eccKey);
}
if (ret == 0) {
@ -11108,7 +11108,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
#endif
}
signSz = EncodeSignature(encodedSig, digest,digestSz,typeH);
signSz = wc_EncodeSignature(encodedSig, digest,digestSz,typeH);
signBuffer = encodedSig;
}
@ -11187,7 +11187,7 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
FreeRsaKey(&key);
#endif
#ifdef HAVE_ECC
ecc_free(&eccKey);
wc_ecc_free(&eccKey);
#endif
if (ret == 0) {
@ -11649,7 +11649,7 @@ int DoSessionTicket(WOLFSSL* ssl,
/* need ephemeral key now, create it if missing */
if (ssl->eccTempKeyPresent == 0) {
if (ecc_make_key(ssl->rng, ssl->eccTempKeySz,
if (wc_ecc_make_key(ssl->rng, ssl->eccTempKeySz,
ssl->eccTempKey) != 0) {
return ECC_MAKEKEY_ERROR;
}
@ -11663,7 +11663,7 @@ int DoSessionTicket(WOLFSSL* ssl,
return MEMORY_E;
#endif
if (ecc_export_x963(ssl->eccTempKey, exportBuf, &expSz) != 0)
if (wc_ecc_export_x963(ssl->eccTempKey, exportBuf, &expSz) != 0)
ERROR_OUT(ECC_EXPORT_ERROR, done_a);
length += expSz;
@ -11676,7 +11676,7 @@ int DoSessionTicket(WOLFSSL* ssl,
goto done_a;
#endif
ecc_init(&dsaKey);
wc_ecc_init(&dsaKey);
/* sig length */
length += LENGTH_SZ;
@ -11685,7 +11685,7 @@ int DoSessionTicket(WOLFSSL* ssl,
#ifndef NO_RSA
FreeRsaKey(&rsaKey);
#endif
ecc_free(&dsaKey);
wc_ecc_free(&dsaKey);
ERROR_OUT(NO_PRIVATE_KEY, done_a);
}
@ -11704,17 +11704,17 @@ int DoSessionTicket(WOLFSSL* ssl,
if (ssl->specs.sig_algo == ecc_dsa_sa_algo) {
/* ecdsa sig size */
word32 i = 0;
ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
&dsaKey, ssl->buffers.key.length);
if (ret != 0)
goto done_a;
sigSz = ecc_sig_size(&dsaKey); /* worst case estimate */
sigSz = wc_ecc_sig_size(&dsaKey); /* worst case estimate */
}
else {
#ifndef NO_RSA
FreeRsaKey(&rsaKey);
wc_FreeRsaKey(&rsaKey);
#endif
ecc_free(&dsaKey);
wc_ecc_free(&dsaKey);
ERROR_OUT(ALGO_ID_E, done_a); /* unsupported type */
}
length += sigSz;
@ -11734,9 +11734,9 @@ int DoSessionTicket(WOLFSSL* ssl,
/* check for available size */
if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) {
#ifndef NO_RSA
FreeRsaKey(&rsaKey);
wc_FreeRsaKey(&rsaKey);
#endif
ecc_free(&dsaKey);
wc_ecc_free(&dsaKey);
goto done_a;
}
@ -11750,7 +11750,7 @@ int DoSessionTicket(WOLFSSL* ssl,
/* key exchange data */
output[idx++] = named_curve;
output[idx++] = 0x00; /* leading zero */
output[idx++] = SetCurveId(ecc_size(ssl->eccTempKey));
output[idx++] = SetCurveId(wc_ecc_size(ssl->eccTempKey));
output[idx++] = (byte)expSz;
XMEMCPY(output + idx, exportBuf, expSz);
idx += expSz;
@ -11925,7 +11925,7 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
}
signSz = EncodeSignature(encodedSig, digest, digestSz,
signSz = wc_EncodeSignature(encodedSig, digest, digestSz,
typeH);
signBuffer = encodedSig;
}
@ -11948,7 +11948,7 @@ int DoSessionTicket(WOLFSSL* ssl,
sigSz, &rsaKey, ssl->rng);
FreeRsaKey(&rsaKey);
ecc_free(&dsaKey);
wc_ecc_free(&dsaKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -12006,13 +12006,13 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
}
else {
ret = ecc_sign_hash(digest, digestSz,
ret = wc_ecc_sign_hash(digest, digestSz,
output + LENGTH_SZ + idx, &sz, ssl->rng, &dsaKey);
}
#ifndef NO_RSA
FreeRsaKey(&rsaKey);
#endif
ecc_free(&dsaKey);
wc_ecc_free(&dsaKey);
if (ret < 0)
goto done_a2;
@ -12380,7 +12380,7 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
}
signSz = EncodeSignature(encodedSig, digest, digestSz,
signSz = wc_EncodeSignature(encodedSig, digest, digestSz,
typeH);
signBuffer = encodedSig;
}
@ -13163,7 +13163,7 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
}
sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
sigSz = wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
if (outLen == (int)sigSz && out && XMEMCMP(out, encodedSig,
min(sigSz, MAX_ENCODED_SIG_SZ)) == 0)
@ -13224,7 +13224,7 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
}
else {
err = ecc_verify_hash(input + *inOutIdx, sz, digest, digestSz,
err = wc_ecc_verify_hash(input + *inOutIdx, sz, digest, digestSz,
&verify, ssl->peerEccDsaKey);
}
@ -13563,12 +13563,12 @@ int DoSessionTicket(WOLFSSL* ssl,
return BUFFER_ERROR;
if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccKey);
wc_ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
ecc_init(ssl->peerEccKey);
wc_ecc_init(ssl->peerEccKey);
}
if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey))
if (wc_ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey))
return ECC_PEERKEY_ERROR;
*inOutIdx += length;
@ -13580,22 +13580,22 @@ int DoSessionTicket(WOLFSSL* ssl,
ecc_key staticKey;
word32 i = 0;
ecc_init(&staticKey);
ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
wc_ecc_init(&staticKey);
ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
&staticKey, ssl->buffers.key.length);
if (ret == 0)
ret = ecc_shared_secret(&staticKey, ssl->peerEccKey,
ret = wc_ecc_shared_secret(&staticKey, ssl->peerEccKey,
ssl->arrays->preMasterSecret, &length);
ecc_free(&staticKey);
wc_ecc_free(&staticKey);
}
else {
if (ssl->eccTempKeyPresent == 0) {
WOLFSSL_MSG("Ecc ephemeral key not made correctly");
ret = ECC_MAKEKEY_ERROR;
} else {
ret = ecc_shared_secret(ssl->eccTempKey,ssl->peerEccKey,
ret = wc_ecc_shared_secret(ssl->eccTempKey,ssl->peerEccKey,
ssl->arrays->preMasterSecret, &length);
}
}

26
wolfcrypt/src/asn.c
View File

@ -2880,7 +2880,7 @@ WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
}
word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
{
byte digArray[MAX_ENCODED_DIG_SZ];
byte algoArray[MAX_ALGO_SZ];
@ -2899,7 +2899,7 @@ word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
}
int GetCTC_HashOID(int type)
int wc_GetCTC_HashOID(int type)
{
switch (type) {
#ifdef WOLFSSL_MD2
@ -3080,7 +3080,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
else {
/* make sure we're right justified */
encodedSigSz =
EncodeSignature(encodedSig, digest, digestSz, typeH);
wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encodedSigSz != verifySz ||
XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
WOLFSSL_MSG("Rsa SSL verify match encode error");
@ -3147,11 +3147,11 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
}
#endif
if (ecc_import_x963(key, keySz, pubKey) < 0) {
if (wc_ecc_import_x963(key, keySz, pubKey) < 0) {
WOLFSSL_MSG("ASN Key import error ECC");
}
else {
if (ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
if (wc_ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
pubKey) != 0) {
WOLFSSL_MSG("ECC verify hash error");
}
@ -3160,7 +3160,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
} else
ret = 1; /* match */
ecc_free(pubKey);
wc_ecc_free(pubKey);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -4469,7 +4469,7 @@ WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
/* convert der buffer to pem into output, can't do inplace, der and output
need to be different */
int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
int type)
{
#ifdef WOLFSSL_SMALL_STACK
@ -6500,7 +6500,7 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
}
int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
word32 inSz)
{
word32 oid = 0;
@ -6619,7 +6619,7 @@ int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
if (pubSz < (ECC_MAXSIZE*2 + 1)) {
XMEMCPY(pub, &input[*inOutIdx], pubSz);
*inOutIdx += length;
ret = ecc_import_private_key(priv, privSz, pub, pubSz,
ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,
key);
} else
ret = BUFFER_E;
@ -6640,7 +6640,7 @@ int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
#ifdef WOLFSSL_KEY_GEN
/* Write a Private ecc key to DER format, length on success else < 0 */
int EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
byte curve[MAX_ALGO_SZ];
byte ver[MAX_VERSION_SZ];
@ -6660,7 +6660,7 @@ int EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
if (key == NULL || output == NULL || inLen == 0)
return BAD_FUNC_ARG;
ret = ecc_export_x963(key, NULL, &pubSz);
ret = wc_ecc_export_x963(key, NULL, &pubSz);
if (ret != LENGTH_ONLY_E) {
return ret;
}
@ -6697,7 +6697,7 @@ int EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
/* private */
output[idx++] = ASN_OCTET_STRING;
output[idx++] = (byte)privSz;
ret = ecc_export_private_only(key, output + idx, &privSz);
ret = wc_ecc_export_private_only(key, output + idx, &privSz);
if (ret < 0) {
return ret;
}
@ -6715,7 +6715,7 @@ int EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
output[idx++] = ASN_BIT_STRING;
output[idx++] = (byte)pubSz + 1; /* plus null byte */
output[idx++] = (byte)0; /* null byte */
ret = ecc_export_x963(key, output + idx, &pubSz);
ret = wc_ecc_export_x963(key, output + idx, &pubSz);
if (ret != 0) {
return ret;
}

108
wolfssl/wolfcrypt/asn.h
View File

@ -142,13 +142,13 @@ enum Misc_ASN {
MAX_RSA_E_SZ = 16, /* Max RSA public e size */
MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
#ifdef CYASSL_CERT_GEN
#ifdef CYASSL_CERT_REQ
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
/* Max encoded cert req attributes length */
MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
#endif
#ifdef CYASSL_ALT_NAMES
#ifdef WOLFSSL_ALT_NAMES
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
#else
MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
@ -410,7 +410,7 @@ struct DecodedCert {
byte* subjectRaw; /* pointer to subject inside source */
int subjectRawLen;
#endif
#if defined(CYASSL_CERT_GEN)
#if defined(WOLFSSL_CERT_GEN)
/* easy access to subject info for other sign */
char* subjectSN;
int subjectSNLen;
@ -432,12 +432,12 @@ struct DecodedCert {
char subjectOUEnc;
char* subjectEmail;
int subjectEmailLen;
#endif /* CYASSL_CERT_GEN */
#endif /* WOLFSSL_CERT_GEN */
#ifdef OPENSSL_EXTRA
DecodedName issuerName;
DecodedName subjectName;
#endif /* OPENSSL_EXTRA */
#ifdef CYASSL_SEP
#ifdef WOLFSSL_SEP
int deviceTypeSz;
byte* deviceType;
int hwTypeSz;
@ -448,7 +448,7 @@ struct DecodedCert {
byte extCertPolicySet;
byte extCertPolicyCrit;
#endif /* OPENSSL_EXTRA */
#endif /* CYASSL_SEP */
#endif /* WOLFSSL_SEP */
};
@ -482,67 +482,67 @@ struct Signer {
/* not for public consumption but may use for testing sometimes */
#ifdef CYASSL_TEST_CERT
#define CYASSL_TEST_API CYASSL_API
#ifdef WOLFSSL_TEST_CERT
#define WOLFSSL_TEST_API WOLFSSL_API
#else
#define CYASSL_TEST_API CYASSL_LOCAL
#define WOLFSSL_TEST_API WOLFSSL_LOCAL
#endif
CYASSL_TEST_API void FreeAltNames(DNS_entry*, void*);
WOLFSSL_TEST_API void FreeAltNames(DNS_entry*, void*);
#ifndef IGNORE_NAME_CONSTRAINTS
CYASSL_TEST_API void FreeNameSubtrees(Base_entry*, void*);
WOLFSSL_TEST_API void FreeNameSubtrees(Base_entry*, void*);
#endif /* IGNORE_NAME_CONSTRAINTS */
CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm);
WOLFSSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
WOLFSSL_TEST_API void FreeDecodedCert(DecodedCert*);
WOLFSSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm);
CYASSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify,void* cm);
CYASSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify,void* cm);
WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
CYASSL_LOCAL Signer* MakeSigner(void*);
CYASSL_LOCAL void FreeSigner(Signer*, void*);
CYASSL_LOCAL void FreeSignerTable(Signer**, int, void*);
WOLFSSL_LOCAL Signer* MakeSigner(void*);
WOLFSSL_LOCAL void FreeSigner(Signer*, void*);
WOLFSSL_LOCAL void FreeSignerTable(Signer**, int, void*);
CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
WOLFSSL_LOCAL int ToTraditional(byte* buffer, word32 length);
WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
/* ASN.1 helper functions */
CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
int* version);
CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx);
CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
word32 maxIdx);
CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
WOLFSSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
int maxIdx);
#ifdef HAVE_ECC
/* ASN sig helpers */
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
mp_int* s);
CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
mp_int* r, mp_int* s);
#endif
#ifdef CYASSL_CERT_GEN
#ifdef WOLFSSL_CERT_GEN
enum cert_enums {
NAME_ENTRIES = 8,
@ -553,16 +553,16 @@ enum cert_enums {
ECC_KEY = 12
};
#ifndef CYASSL_PEMCERT_TODER_DEFINED
#ifndef WOLFSSL_PEMCERT_TODER_DEFINED
#ifndef NO_FILESYSTEM
/* forward from CyaSSL */
CYASSL_API
WOLFSSL_API
int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
#define CYASSL_PEMCERT_TODER_DEFINED
#define WOLFSSL_PEMCERT_TODER_DEFINED
#endif
#endif
#endif /* CYASSL_CERT_GEN */
#endif /* WOLFSSL_CERT_GEN */
@ -659,14 +659,14 @@ struct OcspRequest {
};
CYASSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
CYASSL_LOCAL int OcspResponseDecode(OcspResponse*);
WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse*);
CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*,
WOLFSSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*,
byte, byte*, word32);
CYASSL_LOCAL int EncodeOcspRequest(OcspRequest*);
WOLFSSL_LOCAL int EncodeOcspRequest(OcspRequest*);
CYASSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*);
WOLFSSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*);
#endif /* HAVE_OCSP */
@ -701,9 +701,9 @@ struct DecodedCRL {
int totalCerts; /* number on list */
};
CYASSL_LOCAL void InitDecodedCRL(DecodedCRL*);
CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*);
WOLFSSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
#endif /* HAVE_CRL */

70
wolfssl/wolfcrypt/asn_public.h
View File

@ -2,14 +2,14 @@
*
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* CyaSSL is free software; you can redistribute it and/or modify
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
@ -20,13 +20,13 @@
*/
#ifndef CTAO_CRYPT_ASN_PUBLIC_H
#define CTAO_CRYPT_ASN_PUBLIC_H
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
#include <cyassl/ctaocrypt/types.h>
#include <cyassl/ctaocrypt/ecc.h>
#ifdef CYASSL_CERT_GEN
#include <cyassl/ctaocrypt/rsa.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/ecc.h>
#ifdef WOLFSSL_CERT_GEN
#include <wolfssl/wolfcrypt/rsa.h>
#endif
@ -68,7 +68,7 @@ enum Ctc_Encoding {
};
#ifdef CYASSL_CERT_GEN
#ifdef WOLFSSL_CERT_GEN
#ifndef HAVE_ECC
typedef struct ecc_key ecc_key;
@ -113,7 +113,7 @@ typedef struct Cert {
/* internal use only */
int bodySz; /* pre sign total size */
int keyType; /* public key type of subject */
#ifdef CYASSL_ALT_NAMES
#ifdef WOLFSSL_ALT_NAMES
byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
int altNamesSz; /* altNames size in bytes */
byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
@ -121,7 +121,7 @@ typedef struct Cert {
byte afterDate[CTC_DATE_SIZE]; /* after date copy */
int afterDateSz; /* size of copy */
#endif
#ifdef CYASSL_CERT_REQ
#ifdef WOLFSSL_CERT_REQ
char challengePw[CTC_NAME_SIZE];
#endif
} Cert;
@ -140,55 +140,55 @@ typedef struct Cert {
isCA = 0 (false)
keyType = RSA_KEY (default)
*/
CYASSL_API void InitCert(Cert*);
CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WOLFSSL_API void wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, RNG*);
#ifdef CYASSL_CERT_REQ
CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*);
#endif
CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer,
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, RNG*);
CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*);
CYASSL_API int SetIssuer(Cert*, const char*);
CYASSL_API int SetSubject(Cert*, const char*);
#ifdef CYASSL_ALT_NAMES
CYASSL_API int SetAltNames(Cert*, const char*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
#ifdef WOLFSSL_ALT_NAMES
WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
#endif
CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int);
CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int);
CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int);
CYASSL_API int SetDatesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#ifdef HAVE_NTRU
CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz, RNG*);
#endif
#endif /* CYASSL_CERT_GEN */
#endif /* WOLFSSL_CERT_GEN */
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
#endif
#ifdef HAVE_ECC
/* private key helpers */
CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
ecc_key*,word32);
CYASSL_API int EccKeyToDer(ecc_key*, byte* output, word32 inLen);
WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
#endif
/* DER encode signature */
CYASSL_API word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
int hashOID);
CYASSL_API int GetCTC_HashOID(int type);
WOLFSSL_API int wc_GetCTC_HashOID(int type);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
#endif /* WOLF_CRYPT_ASN_PUBLIC_H */