Merge pull request #3942 from dgarske/get_static_ephemeral
Added API's for getting pointer to loaded static ephemeral key
This commit is contained in:
toddouska
GitHub
commit
40fe746710
@ -13769,6 +13769,7 @@ WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_3_method(void);
|
||||
\param key key file path (if keySz == 0) or actual key buffer (PEM or ASN.1)
|
||||
\param keySz key size (should be 0 for "key" arg is file path)
|
||||
\param format WOLFSSL_FILETYPE_ASN1 or WOLFSSL_FILETYPE_PEM
|
||||
\sa wolfSSL_CTX_get_ephemeral_key
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format);
|
||||
|
||||
@ -13781,9 +13782,36 @@ WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, con
|
||||
\param key key file path (if keySz == 0) or actual key buffer (PEM or ASN.1)
|
||||
\param keySz key size (should be 0 for "key" arg is file path)
|
||||
\param format WOLFSSL_FILETYPE_ASN1 or WOLFSSL_FILETYPE_PEM
|
||||
\sa wolfSSL_get_ephemeral_key
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format);
|
||||
|
||||
/*!
|
||||
\ingroup SSL
|
||||
\brief This function returns pointer to loaded key as ASN.1/DER
|
||||
\return 0 Key returned successfully
|
||||
\param ctx A WOLFSSL_CTX context pointer
|
||||
\param keyAlgo enum wc_PkType like WC_PK_TYPE_DH and WC_PK_TYPE_ECDH
|
||||
\param key key buffer pointer
|
||||
\param keySz key size pointer
|
||||
\sa wolfSSL_CTX_set_ephemeral_key
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz);
|
||||
|
||||
/*!
|
||||
\ingroup SSL
|
||||
\brief This function returns pointer to loaded key as ASN.1/DER
|
||||
\return 0 Key returned successfully
|
||||
\param ssl A WOLFSSL object pointer
|
||||
\param keyAlgo enum wc_PkType like WC_PK_TYPE_DH and WC_PK_TYPE_ECDH
|
||||
\param key key buffer pointer
|
||||
\param keySz key size pointer
|
||||
\sa wolfSSL_set_ephemeral_key
|
||||
*/
|
||||
WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz);
|
||||
|
||||
/*!
|
||||
\ingroup SSL
|
||||
\brief Sign a message with the chosen message digest, padding, and RSA key
|
||||
|
||||
@ -2085,6 +2085,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
||||
if (ret != 0) {
|
||||
err_sys_ex(runWithErrors, "error loading static ECDH key");
|
||||
}
|
||||
{
|
||||
const byte* key = NULL;
|
||||
word32 keySz = 0;
|
||||
/* example for getting pointer to loaded static ephemeral key */
|
||||
wolfSSL_CTX_get_ephemeral_key(ctx, WC_PK_TYPE_ECDH, &key, &keySz);
|
||||
(void)key;
|
||||
(void)keySz;
|
||||
}
|
||||
#endif
|
||||
#ifndef NO_DH
|
||||
ret = wolfSSL_CTX_set_ephemeral_key(ctx, WC_PK_TYPE_DH,
|
||||
|
||||
60
src/ssl.c
60
src/ssl.c
@ -55715,7 +55715,6 @@ int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
return SetStaticEphemeralKey(&ctx->staticKE, keyAlgo, key, keySz, format,
|
||||
ctx->heap, NULL);
|
||||
}
|
||||
|
||||
int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const char* key, unsigned int keySz, int format)
|
||||
{
|
||||
@ -55727,6 +55726,65 @@ int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
ssl->heap, ssl->ctx);
|
||||
}
|
||||
|
||||
static int GetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz)
|
||||
{
|
||||
int ret = 0;
|
||||
DerBuffer* der = NULL;
|
||||
|
||||
if (staticKE == NULL || key == NULL || keySz == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
*key = NULL;
|
||||
*keySz = 0;
|
||||
|
||||
switch (keyAlgo) {
|
||||
#ifndef NO_DH
|
||||
case WC_PK_TYPE_DH:
|
||||
der = staticKE->dhKey;
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case WC_PK_TYPE_ECDH:
|
||||
der = staticKE->ecKey;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
/* not supported */
|
||||
ret = NOT_COMPILED_IN;
|
||||
break;
|
||||
}
|
||||
|
||||
if (der) {
|
||||
*key = der->buffer;
|
||||
*keySz = der->length;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* returns pointer to currently loaded static ephemeral as ASN.1 */
|
||||
/* this can be converted to PEM using wc_DerToPem */
|
||||
int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz)
|
||||
{
|
||||
if (ctx == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
return GetStaticEphemeralKey(&ctx->staticKE, keyAlgo, key, keySz);
|
||||
}
|
||||
int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz)
|
||||
{
|
||||
if (ssl == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
return GetStaticEphemeralKey(&ssl->staticKE, keyAlgo, key, keySz);
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_STATIC_EPHEMERAL */
|
||||
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
|
||||
@ -4361,6 +4361,12 @@ WOLFSSL_API int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
const char* key, unsigned int keySz, int format);
|
||||
WOLFSSL_API int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const char* key, unsigned int keySz, int format);
|
||||
|
||||
/* returns pointer to loaded key as ASN.1/DER */
|
||||
WOLFSSL_API int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz);
|
||||
WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
|
||||
const unsigned char** key, unsigned int* keySz);
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user