mirror of https://github.com/wolfSSL/wolfssl
* Adds the following openssl compatibility API's:
- SSL_CIPHER_get_id - SSL_CIPHER_get_rfc_name - SSL_get_cipher_by_value - X509_print_ex - X509_NAME_add_entry_by_NID - X509_time_adj - X509_time_adj_ex - DTLSv1_get_timeout - DTLSv1_handle_timeout - DTLSv1_set_initial_timeout_duration - SSL_CTX_set_current_time_cb - PEM_write_bio_RSA_PUBKEY - PEM_read_bio_RSA_PUBKEY - PEM_write_bio_PUBKEY - EVP_PKEY_missing_parameters - EVP_PKEY_cmp - BN_is_negative - BIO_set_retry_write * Improvements to the notBefore and notAfter date handling. * Improvements to BIO and BIO_METHOD - Moved structure to public area to allow for dereferencing - Renamed members to provide compatibility. - Added support for custom BIO methods for read/write. * Added advanced openssl compatibility test cases for key and certificate generation. * Fix for `ASN1_STRING_set` to allow NULL data. * Fix to populate public key information on `EVP_PKEY_assign_RSA` and `EVP_PKEY_assign_EC_KEY`. * Fix naming for `X509_get_notBefore` and `X509_get_notAfter` functions. * Added `wc_EccPublicKeyDerSize`. * Improvements to `wc_RsaPublicKeyDerSize`, so dummy memory doesn't have to be allocated. * Made the `wc_*PublicKeyDerSize` functions public. * Eliminate use of snprintf for UTC to generalized time conversion in `wolfSSL_ASN1_TIME_to_generalizedtime`.
This commit is contained in:
parent
4a6925e2ef
commit
872d222b59
|
@ -164,8 +164,8 @@
|
|||
/* get index cert in PEM */
|
||||
#define CyaSSL_X509_get_subjectCN wolfSSL_X509_get_subjectCN
|
||||
#define CyaSSL_X509_get_der wolfSSL_X509_get_der
|
||||
#define CyaSSL_X509_notBefore wolfSSL_X509_notBefore
|
||||
#define CyaSSL_X509_notAfter wolfSSL_X509_notAfter
|
||||
#define CyaSSL_X509_get_notBefore wolfSSL_X509_get_notBefore
|
||||
#define CyaSSL_X509_get_notAfter wolfSSL_X509_get_notAfter
|
||||
#define CyaSSL_X509_version wolfSSL_X509_version
|
||||
|
||||
#define CyaSSL_cmp_peer_cert_to_file wolfSSL_cmp_peer_cert_to_file
|
||||
|
|
|
@ -5819,7 +5819,7 @@ WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*);
|
|||
\brief This function checks to see if x509 is NULL and if it’s not,
|
||||
it returns the notAfter member of the x509 struct.
|
||||
|
||||
\return pointer returns a constant byte pointer to the notAfter
|
||||
\return pointer to struct with ASN1_TIME to the notAfter
|
||||
member of the x509 struct.
|
||||
\return NULL returned if the x509 object is NULL.
|
||||
|
||||
|
@ -5830,15 +5830,15 @@ WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*);
|
|||
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
|
||||
DYNAMIC_TYPE_X509) ;
|
||||
...
|
||||
byte* notAfter = wolfSSL_X509_notAfter(x509);
|
||||
const WOLFSSL_ASN1_TIME* notAfter = wolfSSL_X509_get_notAfter(x509);
|
||||
if(notAfter == NULL){
|
||||
// Failure case, the x509 object is null.
|
||||
// Failure case, the x509 object is null.
|
||||
}
|
||||
\endcode
|
||||
|
||||
\sa none
|
||||
\sa wolfSSL_X509_get_notBefore
|
||||
*/
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
|
||||
|
||||
/*!
|
||||
\ingroup CertsKeys
|
||||
|
@ -12210,8 +12210,8 @@ WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
|
|||
\brief The function checks to see if x509 is NULL and if it’s not, it
|
||||
returns the notBefore member of the x509 struct.
|
||||
|
||||
\return pointer This function returns a constant byte pointer to the x509’s
|
||||
member notAfter.
|
||||
\return pointer to struct with ASN1_TIME to the notBefore
|
||||
member of the x509 struct.
|
||||
\return NULL the function returns NULL if the x509 structure is NULL.
|
||||
|
||||
\param x509 a pointer to the WOLFSSL_X509 struct.
|
||||
|
@ -12221,15 +12221,15 @@ WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
|
|||
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALLOC(sizeof(WOLFSSL_X509), NULL,
|
||||
DYNAMIC_TYPE_X509) ;
|
||||
…
|
||||
byte* notAfter = wolfSSL_X509_notAfter(x509);
|
||||
const WOLFSSL_ASN1_TIME* notAfter = wolfSSL_X509_get_notBefore(x509);
|
||||
if(notAfter == NULL){
|
||||
//The x509 object was NULL
|
||||
}
|
||||
\endcode
|
||||
|
||||
\sa wolfSSL_X509_notAfter
|
||||
\sa wolfSSL_X509_get_notAfter
|
||||
*/
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
|
||||
|
||||
/*!
|
||||
\ingroup IO
|
||||
|
|
126
src/bio.c
126
src/bio.c
|
@ -101,12 +101,12 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)
|
|||
XMEMCPY(tmp, (void*)(pt + sz), memSz - sz);
|
||||
|
||||
/* reset internal bio->mem */
|
||||
XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
bio->mem = tmp;
|
||||
bio->memLen = memSz-sz;
|
||||
XFREE(bio->ptr, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
bio->ptr = tmp;
|
||||
bio->num = memSz-sz;
|
||||
if (bio->mem_buf != NULL) {
|
||||
bio->mem_buf->data = (char*)bio->mem;
|
||||
bio->mem_buf->length = bio->memLen;
|
||||
bio->mem_buf->data = (char*)bio->ptr;
|
||||
bio->mem_buf->length = bio->num;
|
||||
}
|
||||
}
|
||||
bio->wrSz -= sz;
|
||||
|
@ -376,16 +376,16 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
|
|||
return sz;
|
||||
}
|
||||
|
||||
if (bio->mem == NULL) {
|
||||
bio->mem = (byte*)XMALLOC(len, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->mem == NULL) {
|
||||
if (bio->ptr == NULL) {
|
||||
bio->ptr = (byte*)XMALLOC(len, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->ptr == NULL) {
|
||||
WOLFSSL_MSG("Error on malloc");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
bio->memLen = len;
|
||||
bio->num = len;
|
||||
if (bio->mem_buf != NULL) {
|
||||
bio->mem_buf->data = (char*)bio->mem;
|
||||
bio->mem_buf->length = bio->memLen;
|
||||
bio->mem_buf->data = (char*)bio->ptr;
|
||||
bio->mem_buf->length = bio->num;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -393,21 +393,21 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
|
|||
if (wolfSSL_BIO_get_mem_data(bio, (void*)&buf) < 0) {
|
||||
return WOLFSSL_BIO_ERROR;
|
||||
}
|
||||
if (bio->memLen < sz + len) {
|
||||
bio->mem = (byte*)XREALLOC(bio->mem, sz + len, bio->heap,
|
||||
if (bio->num < sz + len) {
|
||||
bio->ptr = (byte*)XREALLOC(bio->ptr, sz + len, bio->heap,
|
||||
DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->mem == NULL) {
|
||||
if (bio->ptr == NULL) {
|
||||
WOLFSSL_MSG("Error on realloc");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
bio->memLen = sz + len;
|
||||
bio->num = sz + len;
|
||||
if (bio->mem_buf != NULL) {
|
||||
bio->mem_buf->data = (char*)bio->mem;
|
||||
bio->mem_buf->length = bio->memLen;
|
||||
bio->mem_buf->data = (char*)bio->ptr;
|
||||
bio->mem_buf->length = bio->num;
|
||||
}
|
||||
}
|
||||
|
||||
XMEMCPY(bio->mem + sz, data, len);
|
||||
XMEMCPY((byte*)bio->ptr + sz, data, len);
|
||||
bio->wrSz += len;
|
||||
|
||||
return len;
|
||||
|
@ -543,22 +543,46 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
|||
}
|
||||
|
||||
|
||||
/* NOTE: add support for bio->infoCb() when implemented */
|
||||
WOLFSSL_API long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg)
|
||||
/* Wrapper for other BIO type funcions, expected to grow as OpenSSL compatability
|
||||
* layer grows.
|
||||
*
|
||||
* return info. specific to the cmd that is passed in.
|
||||
*/
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
||||
long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg)
|
||||
{
|
||||
(void)bio;
|
||||
(void)cmd;
|
||||
(void)larg;
|
||||
(void)parg;
|
||||
long ret;
|
||||
|
||||
(void)larg; /* not currently used */
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_BIO_ctrl");
|
||||
|
||||
if (bio && bio->method && bio->method->custom &&
|
||||
bio->method->custom->ctrlCb) {
|
||||
bio->method->custom->ctrlCb) {
|
||||
return bio->method->custom->ctrlCb(bio, cmd, larg, parg);
|
||||
}
|
||||
|
||||
WOLFSSL_STUB("BIO_ctrl");
|
||||
return 0;
|
||||
switch(cmd) {
|
||||
case BIO_CTRL_WPENDING:
|
||||
ret = (long)wolfSSL_BIO_ctrl_pending(bio);
|
||||
break;
|
||||
case BIO_CTRL_INFO:
|
||||
ret = (long)wolfSSL_BIO_get_mem_data(bio, parg);
|
||||
break;
|
||||
case BIO_CTRL_FLUSH:
|
||||
ret = (long)wolfSSL_BIO_flush(bio);
|
||||
break;
|
||||
case BIO_CTRL_RESET:
|
||||
ret = (long)wolfSSL_BIO_reset(bio);
|
||||
break;
|
||||
default:
|
||||
WOLFSSL_MSG("CMD not yet implemented");
|
||||
ret = WOLFSSL_FAILURE;
|
||||
break;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/* helper function for wolfSSL_BIO_gets
|
||||
|
@ -896,21 +920,21 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *bio, long size)
|
|||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (bio->mem != NULL) {
|
||||
XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->ptr != NULL) {
|
||||
XFREE(bio->ptr, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
||||
bio->mem = (byte*)XMALLOC(bio->wrSz, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->mem == NULL) {
|
||||
bio->ptr = (byte*)XMALLOC(bio->wrSz, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
if (bio->ptr == NULL) {
|
||||
WOLFSSL_MSG("Memory allocation error");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
bio->memLen = bio->wrSz;
|
||||
bio->num = bio->wrSz;
|
||||
bio->wrIdx = 0;
|
||||
bio->rdIdx = 0;
|
||||
if (bio->mem_buf != NULL) {
|
||||
bio->mem_buf->data = (char*)bio->mem;
|
||||
bio->mem_buf->length = bio->memLen;
|
||||
bio->mem_buf->data = (char*)bio->ptr;
|
||||
bio->mem_buf->length = bio->num;
|
||||
}
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
|
@ -938,12 +962,12 @@ int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2)
|
|||
}
|
||||
|
||||
/* set default write size if not already set */
|
||||
if (b1->mem == NULL && wolfSSL_BIO_set_write_buf_size(b1,
|
||||
if (b1->ptr == NULL && wolfSSL_BIO_set_write_buf_size(b1,
|
||||
WOLFSSL_BIO_SIZE) != WOLFSSL_SUCCESS) {
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (b2->mem == NULL && wolfSSL_BIO_set_write_buf_size(b2,
|
||||
if (b2->ptr == NULL && wolfSSL_BIO_set_write_buf_size(b2,
|
||||
WOLFSSL_BIO_SIZE) != WOLFSSL_SUCCESS) {
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
@ -984,7 +1008,7 @@ int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf)
|
|||
WOLFSSL_BIO* pair = bio->pair;
|
||||
|
||||
/* case where have wrapped around write buffer */
|
||||
*buf = (char*)pair->mem + pair->rdIdx;
|
||||
*buf = (char*)pair->ptr + pair->rdIdx;
|
||||
if (pair->wrIdx > 0 && pair->rdIdx >= pair->wrIdx) {
|
||||
return pair->wrSz - pair->rdIdx;
|
||||
}
|
||||
|
@ -1016,7 +1040,7 @@ int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
|
|||
if (bio->pair != NULL) {
|
||||
/* special case if asking to read 0 bytes */
|
||||
if (num == 0) {
|
||||
*buf = (char*)bio->pair->mem + bio->pair->rdIdx;
|
||||
*buf = (char*)bio->pair->ptr + bio->pair->rdIdx;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -1067,7 +1091,7 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
|
|||
|
||||
if (bio->pair != NULL) {
|
||||
if (num == 0) {
|
||||
*buf = (char*)bio->mem + bio->wrIdx;
|
||||
*buf = (char*)bio->ptr + bio->wrIdx;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -1106,7 +1130,7 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
|
|||
if (num < sz) {
|
||||
sz = num;
|
||||
}
|
||||
*buf = (char*)bio->mem + bio->wrIdx;
|
||||
*buf = (char*)bio->ptr + bio->wrIdx;
|
||||
bio->wrIdx += sz;
|
||||
|
||||
/* if at the end of the buffer and space for wrap around then set
|
||||
|
@ -1147,12 +1171,12 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
|
|||
bio->rdIdx = 0;
|
||||
bio->wrIdx = 0;
|
||||
bio->wrSz = 0;
|
||||
XFREE(bio->mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
bio->mem = NULL;
|
||||
bio->memLen = 0;
|
||||
XFREE(bio->ptr, bio->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
bio->ptr = NULL;
|
||||
bio->num = 0;
|
||||
if (bio->mem_buf != NULL) {
|
||||
bio->mem_buf->data = (char*)bio->mem;
|
||||
bio->mem_buf->length = bio->memLen;
|
||||
bio->mem_buf->data = (char*)bio->ptr;
|
||||
bio->mem_buf->length = bio->num;
|
||||
}
|
||||
return 0;
|
||||
|
||||
|
@ -1177,7 +1201,7 @@ long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c)
|
|||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
bio->close = (byte)c;
|
||||
bio->shutdown = (byte)c;
|
||||
bio->file = fp;
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
|
@ -1211,7 +1235,7 @@ int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name)
|
|||
}
|
||||
|
||||
if (bio->type == WOLFSSL_BIO_FILE) {
|
||||
if (bio->file != XBADFILE && bio->close == BIO_CLOSE) {
|
||||
if (bio->file != XBADFILE && bio->shutdown == BIO_CLOSE) {
|
||||
XFCLOSE(bio->file);
|
||||
}
|
||||
|
||||
|
@ -1219,7 +1243,7 @@ int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name)
|
|||
if (bio->file == XBADFILE) {
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
bio->close = BIO_CLOSE;
|
||||
bio->shutdown = BIO_CLOSE;
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
@ -1339,11 +1363,11 @@ long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
|
|||
case WOLFSSL_BIO_SOCKET:
|
||||
#ifdef XFCNTL
|
||||
{
|
||||
int flag = XFCNTL(bio->fd, F_GETFL, 0);
|
||||
int flag = XFCNTL(bio->num, F_GETFL, 0);
|
||||
if (on)
|
||||
XFCNTL(bio->fd, F_SETFL, flag | O_NONBLOCK);
|
||||
XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);
|
||||
else
|
||||
XFCNTL(bio->fd, F_SETFL, flag & ~O_NONBLOCK);
|
||||
XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
|
|
|
@ -3406,20 +3406,16 @@ void FreeX509(WOLFSSL_X509* x509)
|
|||
if (x509->authInfoCaIssuer != NULL) {
|
||||
XFREE(x509->authInfoCaIssuer, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
}
|
||||
if (x509->notBeforeTime != NULL) {
|
||||
XFREE(x509->notBeforeTime, x509->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
if (x509->notAfterTime != NULL) {
|
||||
XFREE(x509->notAfterTime, x509->heap, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
if (x509->ext_sk != NULL) {
|
||||
wolfSSL_sk_X509_EXTENSION_free(x509->ext_sk);
|
||||
}
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_QT */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/* Free serialNumber that was set by wolfSSL_X509_get_serialNumber */
|
||||
if (x509->serialNumber != NULL) {
|
||||
wolfSSL_ASN1_INTEGER_free(x509->serialNumber);
|
||||
}
|
||||
#endif /* OPENSSL_ALL || WOLFSSL_QT */
|
||||
#endif
|
||||
if (x509->extKeyUsageSrc != NULL) {
|
||||
XFREE(x509->extKeyUsageSrc, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
x509->extKeyUsageSrc= NULL;
|
||||
|
@ -8905,17 +8901,20 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
|||
}
|
||||
#endif /* WOLFSSL_SEP */
|
||||
{
|
||||
int minSz = min(dCert->beforeDateLen, MAX_DATE_SZ);
|
||||
if (minSz > 0) {
|
||||
int minSz;
|
||||
if (dCert->beforeDateLen > 0) {
|
||||
minSz = min(dCert->beforeDate[1], MAX_DATE_SZ);
|
||||
x509->notBefore.type = dCert->beforeDate[0];
|
||||
x509->notBefore.length = minSz;
|
||||
XMEMCPY(x509->notBefore.data, dCert->beforeDate, minSz);
|
||||
XMEMCPY(x509->notBefore.data, &dCert->beforeDate[2], minSz);
|
||||
}
|
||||
else
|
||||
x509->notBefore.length = 0;
|
||||
minSz = min(dCert->afterDateLen, MAX_DATE_SZ);
|
||||
if (minSz > 0) {
|
||||
if (dCert->afterDateLen > 0) {
|
||||
minSz = min(dCert->beforeDate[1], MAX_DATE_SZ);
|
||||
x509->notAfter.type = dCert->beforeDate[0];
|
||||
x509->notAfter.length = minSz;
|
||||
XMEMCPY(x509->notAfter.data, dCert->afterDate, minSz);
|
||||
XMEMCPY(x509->notAfter.data, &dCert->afterDate[2], minSz);
|
||||
}
|
||||
else
|
||||
x509->notAfter.length = 0;
|
||||
|
|
410
tests/api.c
410
tests/api.c
|
@ -18869,8 +18869,8 @@ static void test_wolfSSL_ASN1_TIME_print(void)
|
|||
/* create a bad time and test results */
|
||||
AssertNotNull(t = X509_get_notAfter(x509));
|
||||
AssertIntEQ(ASN1_TIME_check(t), WOLFSSL_SUCCESS);
|
||||
t->data[10] = 0;
|
||||
t->data[5] = 0;
|
||||
t->data[8] = 0;
|
||||
t->data[3] = 0;
|
||||
AssertIntNE(ASN1_TIME_print(bio, t), 1);
|
||||
AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
|
||||
AssertIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
|
||||
|
@ -18891,8 +18891,6 @@ static void test_wolfSSL_ASN1_UTCTIME_print(void)
|
|||
unsigned char buf[25];
|
||||
const char* validDate = "190424111501Z"; /* UTC = YYMMDDHHMMSSZ */
|
||||
const char* invalidDate = "190424111501X"; /* UTC = YYMMDDHHMMSSZ */
|
||||
byte* ptr1;
|
||||
byte* ptr2;
|
||||
|
||||
printf(testingFmt, "ASN1_UTCTIME_print()");
|
||||
|
||||
|
@ -18905,10 +18903,9 @@ static void test_wolfSSL_ASN1_UTCTIME_print(void)
|
|||
AssertNotNull(bio = BIO_new(BIO_s_mem()));
|
||||
AssertNotNull(utc = (ASN1_UTCTIME*)XMALLOC(sizeof(ASN1_UTCTIME), NULL,
|
||||
DYNAMIC_TYPE_ASN1));
|
||||
ptr1 = utc->data;
|
||||
*ptr1 = (byte)ASN_UTC_TIME; ptr1++;
|
||||
*ptr1 = (byte)ASN_UTC_TIME_SIZE; ptr1++;
|
||||
XMEMCPY(ptr1, (byte*)validDate, ASN_UTC_TIME_SIZE);
|
||||
utc->type = ASN_UTC_TIME;
|
||||
utc->length = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(utc->data, (byte*)validDate, ASN_UTC_TIME_SIZE);
|
||||
AssertIntEQ(ASN1_UTCTIME_print(bio, utc), 1);
|
||||
AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
|
||||
AssertIntEQ(XMEMCMP(buf, "Apr 24 11:15:01 2019 GMT", sizeof(buf)-1), 0);
|
||||
|
@ -18918,10 +18915,9 @@ static void test_wolfSSL_ASN1_UTCTIME_print(void)
|
|||
|
||||
/* Invalid format */
|
||||
AssertNotNull(bio = BIO_new(BIO_s_mem()));
|
||||
ptr2 = utc->data;
|
||||
*ptr2 = (byte)ASN_UTC_TIME; ptr2++;
|
||||
*ptr2 = (byte)ASN_UTC_TIME_SIZE; ptr2++;
|
||||
XMEMCPY(ptr2, (byte*)invalidDate, ASN_UTC_TIME_SIZE);
|
||||
utc->type = ASN_UTC_TIME;
|
||||
utc->length = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(utc->data, (byte*)invalidDate, ASN_UTC_TIME_SIZE);
|
||||
AssertIntEQ(ASN1_UTCTIME_print(bio, utc), 0);
|
||||
AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
|
||||
AssertIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
|
||||
|
@ -21291,6 +21287,10 @@ static void test_wolfSSL_BIO(void)
|
|||
AssertIntEQ((int)BIO_ctrl_pending(bio1), 8);
|
||||
AssertIntEQ((int)BIO_ctrl_pending(bio2), 20);
|
||||
|
||||
/* try read using ctrl function */
|
||||
AssertIntEQ((int)BIO_ctrl(bio1, BIO_CTRL_WPENDING, 0, NULL), 8);
|
||||
AssertIntEQ((int)BIO_ctrl(bio2, BIO_CTRL_WPENDING, 0, NULL), 20);
|
||||
|
||||
AssertIntEQ(BIO_nread(bio2, &bufPt, (int)BIO_ctrl_pending(bio2)), 20);
|
||||
for (i = 0; i < 20; i++) {
|
||||
AssertIntEQ((int)bufPt[i], i);
|
||||
|
@ -21531,7 +21531,7 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
|
|||
WOLFSSL_ASN1_TIME *asn_time, *s;
|
||||
int offset_day;
|
||||
long offset_sec;
|
||||
char date_str[20];
|
||||
char date_str[CTC_DATE_SIZE];
|
||||
time_t t;
|
||||
|
||||
printf(testingFmt, "wolfSSL_ASN1_TIME_adj()");
|
||||
|
@ -21545,18 +21545,18 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
|
|||
offset_sec = 45 * mini;
|
||||
/* offset_sec = -45 * min;*/
|
||||
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
|
||||
AssertTrue(asn_time->data[0] == asn_utc_time);
|
||||
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
|
||||
AssertTrue(asn_time->type == asn_utc_time);
|
||||
XSTRNCPY(date_str, (const char*)&asn_time->data, sizeof(date_str));
|
||||
AssertIntEQ(0, XMEMCMP(date_str, "000222211500Z", 13));
|
||||
|
||||
/* negative offset */
|
||||
offset_sec = -45 * mini;
|
||||
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
|
||||
AssertTrue(asn_time->data[0] == asn_utc_time);
|
||||
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
|
||||
AssertTrue(asn_time->type == asn_utc_time);
|
||||
XSTRNCPY(date_str, (const char*)&asn_time->data, sizeof(date_str));
|
||||
AssertIntEQ(0, XMEMCMP(date_str, "000222194500Z", 13));
|
||||
|
||||
XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XMEMSET(date_str, 0, sizeof(date_str));
|
||||
|
||||
/* Generalized time will overflow time_t if not long */
|
||||
|
@ -21569,11 +21569,11 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
|
|||
offset_day = 12;
|
||||
offset_sec = 10 * mini;
|
||||
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
|
||||
AssertTrue(asn_time->data[0] == asn_gen_time);
|
||||
XSTRNCPY(date_str,(const char*) &asn_time->data+2, 15);
|
||||
AssertTrue(asn_time->type == asn_gen_time);
|
||||
XSTRNCPY(date_str, (const char*)&asn_time->data, sizeof(date_str));
|
||||
AssertIntEQ(0, XMEMCMP(date_str, "20550313091000Z", 15));
|
||||
|
||||
XFREE(s,NULL,DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(s, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XMEMSET(date_str, 0, sizeof(date_str));
|
||||
#endif /* !TIME_T_NOT_64BIT && !NO_64BIT */
|
||||
|
||||
|
@ -21584,16 +21584,16 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
|
|||
offset_day = 7;
|
||||
offset_sec = 45 * mini;
|
||||
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
|
||||
AssertTrue(asn_time->data[0] == asn_utc_time);
|
||||
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
|
||||
AssertTrue(asn_time->type == asn_utc_time);
|
||||
XSTRNCPY(date_str, (const char*)&asn_time->data, sizeof(date_str));
|
||||
AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
|
||||
XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
|
||||
asn_time = wolfSSL_ASN1_TIME_adj(NULL, t, offset_day, offset_sec);
|
||||
AssertTrue(asn_time->data[0] == asn_utc_time);
|
||||
XSTRNCPY(date_str,(const char*) &asn_time->data+2,13);
|
||||
AssertTrue(asn_time->type == asn_utc_time);
|
||||
XSTRNCPY(date_str, (const char*)&asn_time->data, sizeof(date_str));
|
||||
AssertIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
|
||||
XFREE(asn_time,NULL,DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
|
@ -21604,21 +21604,45 @@ static void test_wolfSSL_X509_cmp_time(void)
|
|||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME) \
|
||||
&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_cmp_time()");
|
||||
|
||||
WOLFSSL_ASN1_TIME asn_time;
|
||||
time_t t;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_cmp_time()");
|
||||
|
||||
AssertIntEQ(0, wolfSSL_X509_cmp_time(NULL, &t));
|
||||
XMEMSET(&asn_time, 0, sizeof(WOLFSSL_ASN1_TIME));
|
||||
AssertIntEQ(0, wolfSSL_X509_cmp_time(&asn_time, &t));
|
||||
|
||||
asn_time.data[0] = ASN_UTC_TIME;
|
||||
asn_time.data[1] = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(&asn_time.data[2], "000222211515Z", 13);
|
||||
asn_time.type = ASN_UTC_TIME;
|
||||
asn_time.length = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(&asn_time.data, "000222211515Z", 13);
|
||||
AssertIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL));
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_X509_time_adj(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME) && \
|
||||
!defined(USER_TIME) && !defined(TIME_OVERRIDES) && \
|
||||
defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
|
||||
X509* x509;
|
||||
time_t t, not_before, not_after;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_time_adj()");
|
||||
|
||||
AssertNotNull(x509 = wolfSSL_X509_load_certificate_buffer(
|
||||
client_cert_der_2048, sizeof_client_cert_der_2048,
|
||||
WOLFSSL_FILETYPE_ASN1));
|
||||
|
||||
t = 0;
|
||||
not_before = XTIME(0);
|
||||
not_after = XTIME(0) + (60 * 24 * 30); /* 30 days after */
|
||||
AssertNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &t));
|
||||
AssertNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &t));
|
||||
|
||||
X509_free(x509);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
|
@ -21695,8 +21719,10 @@ static void test_wolfSSL_X509(void)
|
|||
static void test_wolfSSL_X509_get_ext_count(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
|
||||
int ret = 0;
|
||||
WOLFSSL_X509* x509;
|
||||
const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem";
|
||||
FILE* f;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_get_ext_count()");
|
||||
|
||||
|
@ -21713,14 +21739,29 @@ static void test_wolfSSL_X509_get_ext_count(void)
|
|||
AssertIntEQ(X509_get_ext_count(x509), 5);
|
||||
wolfSSL_X509_free(x509);
|
||||
|
||||
AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
|
||||
AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
|
||||
fclose(f);
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_get_ext_count() valid input");
|
||||
AssertIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 3);
|
||||
printf(resultFmt, ret == 3 ? passed : failed);
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_get_ext_count() NULL argument");
|
||||
AssertIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
|
||||
printf(resultFmt, ret == WOLFSSL_FAILURE ? passed : failed);
|
||||
|
||||
wolfSSL_X509_free(x509);
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_X509_sign(void)
|
||||
{
|
||||
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
|
||||
!defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
|
||||
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
|
||||
int ret;
|
||||
X509_NAME *name;
|
||||
X509 *x509;
|
||||
EVP_PKEY *pub;
|
||||
|
@ -21737,32 +21778,40 @@ static void test_wolfSSL_X509_sign(void)
|
|||
long clientPubKeySz = (long)sizeof_client_keypub_der_2048;
|
||||
#endif
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_sign");
|
||||
printf(testingFmt, "wolfSSL_X509_sign\n");
|
||||
|
||||
/* Set X509_NAME fields */
|
||||
AssertNotNull(name = X509_NAME_new());
|
||||
AssertIntEQ(X509_NAME_add_entry_by_txt(name, "country", MBSTRING_UTF8,
|
||||
(byte*)"US", 2, -1, 0), WOLFSSL_SUCCESS);
|
||||
(byte*)"US", 2, -1, 0), SSL_SUCCESS);
|
||||
AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
|
||||
(byte*)"wolfssl.com", 11, -1, 0), WOLFSSL_SUCCESS);
|
||||
(byte*)"wolfssl.com", 11, -1, 0), SSL_SUCCESS);
|
||||
AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
|
||||
(byte*)"support@wolfssl.com", 19, -1, 0), WOLFSSL_SUCCESS);
|
||||
(byte*)"support@wolfssl.com", 19, -1, 0), SSL_SUCCESS);
|
||||
|
||||
/* Get private and public keys */
|
||||
AssertNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
|
||||
clientKeySz));
|
||||
AssertNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &rsaPub, clientPubKeySz));
|
||||
AssertNotNull(x509 = X509_new());
|
||||
|
||||
/* Set version 3 */
|
||||
AssertIntNE(X509_set_version(x509, 2L), 0);
|
||||
/* Set subject name, add pubkey, and sign certificate */
|
||||
AssertIntEQ(X509_set_subject_name(x509, name), WOLFSSL_SUCCESS);
|
||||
AssertIntEQ(X509_set_pubkey(x509, pub), WOLFSSL_SUCCESS);
|
||||
AssertIntEQ(X509_set_subject_name(x509, name), SSL_SUCCESS);
|
||||
AssertIntEQ(X509_set_pubkey(x509, pub), SSL_SUCCESS);
|
||||
/* Test invalid parameters */
|
||||
AssertIntEQ(X509_sign(NULL, priv, EVP_sha256()), 0);
|
||||
AssertIntEQ(X509_sign(x509, NULL, EVP_sha256()), 0);
|
||||
AssertIntEQ(X509_sign(x509, priv, NULL), 0);
|
||||
/* Valid case - size should be 798 */
|
||||
AssertIntEQ(X509_sign(x509, priv, EVP_sha256()), 798);
|
||||
|
||||
ret = X509_sign(x509, priv, EVP_sha256());
|
||||
|
||||
/* Valid case - size should be 768 */
|
||||
#ifdef USE_CERT_BUFFERS_1024
|
||||
AssertIntEQ(ret, 768);
|
||||
#else
|
||||
AssertIntEQ(ret, 798);
|
||||
#endif
|
||||
|
||||
X509_NAME_free(name);
|
||||
EVP_PKEY_free(priv);
|
||||
|
@ -22582,6 +22631,8 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
|
|||
#endif
|
||||
|
||||
AssertNotNull(nm = X509_get_subject_name(x509));
|
||||
|
||||
/* Test add entry */
|
||||
AssertNotNull(entry = X509_NAME_ENTRY_create_by_NID(NULL, NID_commonName,
|
||||
0x0c, cn, (int)sizeof(cn)));
|
||||
AssertIntEQ(X509_NAME_add_entry(nm, entry, -1, 0), SSL_SUCCESS);
|
||||
|
@ -22591,8 +22642,13 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
|
|||
1), WOLFSSL_SUCCESS);
|
||||
|
||||
X509_NAME_ENTRY_free(entry);
|
||||
|
||||
/* Test add entry by NID */
|
||||
AssertIntEQ(X509_NAME_add_entry_by_NID(nm, NID_commonName, MBSTRING_UTF8,
|
||||
cn, -1, -1, 0), WOLFSSL_SUCCESS);
|
||||
|
||||
BIO_free(bio);
|
||||
X509_free(x509);
|
||||
X509_free(x509); /* free's nm */
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
|
@ -22729,7 +22785,7 @@ static void test_wolfSSL_X509_set_notBefore(void)
|
|||
/* ANS1_TIME_check validates by checking if arguement can be parsed */
|
||||
AssertIntEQ(ASN1_TIME_check(time_check), WOLFSSL_SUCCESS);
|
||||
/* Convert to human readable format and compare to intended date */
|
||||
AssertIntEQ(ASN1_TIME_print(bio,time_check), 1);
|
||||
AssertIntEQ(ASN1_TIME_print(bio, time_check), 1);
|
||||
AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
|
||||
AssertIntEQ(XMEMCMP(buf, "May 8 20:30:00 2019 GMT", sizeof(buf) - 1), 0);
|
||||
/*
|
||||
|
@ -24021,8 +24077,7 @@ static void test_wolfSSL_SHA256(void)
|
|||
|
||||
static void test_wolfSSL_X509_get_serialNumber(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
|
||||
!defined(NO_RSA)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
|
||||
ASN1_INTEGER* a;
|
||||
BIGNUM* bn;
|
||||
X509* x509;
|
||||
|
@ -24033,11 +24088,12 @@ static void test_wolfSSL_X509_get_serialNumber(void)
|
|||
AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
AssertNotNull(a = X509_get_serialNumber(x509));
|
||||
X509_free(x509);
|
||||
|
||||
/* check on value of ASN1 Integer */
|
||||
AssertNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
|
||||
|
||||
X509_free(x509); /* free's a */
|
||||
|
||||
AssertNotNull(serialHex = BN_bn2hex(bn));
|
||||
AssertStrEQ(serialHex, "1");
|
||||
OPENSSL_free(serialHex);
|
||||
|
@ -24045,7 +24101,6 @@ static void test_wolfSSL_X509_get_serialNumber(void)
|
|||
AssertIntEQ(BN_get_word(bn), 1);
|
||||
|
||||
BN_free(bn);
|
||||
ASN1_INTEGER_free(a);
|
||||
|
||||
/* hard test free'ing with dynamic buffer to make sure there is no leaks */
|
||||
a = ASN1_INTEGER_new();
|
||||
|
@ -24167,49 +24222,49 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
|
|||
XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertNotNull(out = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER));
|
||||
t->data[0] = ASN_UTC_TIME;
|
||||
t->data[1] = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE);
|
||||
t->type = ASN_UTC_TIME;
|
||||
t->length = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE);
|
||||
|
||||
tlen = wolfSSL_ASN1_TIME_get_length(t);
|
||||
AssertIntEQ(tlen, ASN_UTC_TIME_SIZE);
|
||||
data = wolfSSL_ASN1_TIME_get_data(t);
|
||||
AssertStrEQ((char*)data, "050727123456Z");
|
||||
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out);
|
||||
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
|
||||
AssertIntEQ(gtime->type, ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data, "20050727123456Z");
|
||||
|
||||
/* Generalized Time test */
|
||||
XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE);
|
||||
XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE);
|
||||
XMEMSET(data, 0, ASN_GENERALIZED_TIME_SIZE);
|
||||
gtime = NULL;
|
||||
t->data[0] = ASN_GENERALIZED_TIME;
|
||||
t->data[1] = ASN_GENERALIZED_TIME_SIZE;
|
||||
XMEMCPY(t->data + 2,"20050727123456Z",ASN_GENERALIZED_TIME_SIZE);
|
||||
t->type = ASN_GENERALIZED_TIME;
|
||||
t->length = ASN_GENERALIZED_TIME_SIZE;
|
||||
XMEMCPY(t->data, "20050727123456Z", ASN_GENERALIZED_TIME_SIZE);
|
||||
|
||||
tlen = wolfSSL_ASN1_TIME_get_length(t);
|
||||
AssertIntEQ(tlen, ASN_GENERALIZED_TIME_SIZE);
|
||||
data = wolfSSL_ASN1_TIME_get_data(t);
|
||||
AssertStrEQ((char*)data, "20050727123456Z");
|
||||
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out);
|
||||
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
|
||||
AssertIntEQ(gtime->type, ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data, "20050727123456Z");
|
||||
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* Null parameter test */
|
||||
XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE);
|
||||
gtime = NULL;
|
||||
out = NULL;
|
||||
t->data[0] = ASN_UTC_TIME;
|
||||
t->data[1] = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE);
|
||||
t->type = ASN_UTC_TIME;
|
||||
t->length = ASN_UTC_TIME_SIZE;
|
||||
XMEMCPY(t->data, "050727123456Z", ASN_UTC_TIME_SIZE);
|
||||
AssertNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, NULL));
|
||||
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
|
||||
AssertIntEQ(gtime->type, ASN_GENERALIZED_TIME);
|
||||
AssertIntEQ(gtime->length, ASN_GENERALIZED_TIME_SIZE);
|
||||
AssertStrEQ((char*)gtime->data, "20050727123456Z");
|
||||
|
||||
XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
@ -25144,9 +25199,8 @@ static void test_wolfSSL_OCSP_get0_info()
|
|||
AssertIntEQ(x509Int->dataMax, serial->dataMax);
|
||||
AssertIntEQ(XMEMCMP(x509Int->data, serial->data, serial->dataMax), 0);
|
||||
|
||||
ASN1_INTEGER_free(x509Int);
|
||||
OCSP_CERTID_free(id);
|
||||
X509_free(cert);
|
||||
X509_free(cert); /* free's x509Int */
|
||||
X509_free(issuer);
|
||||
|
||||
printf(resultFmt, "passed");
|
||||
|
@ -25622,7 +25676,8 @@ static void test_wc_ecc_get_curve_id_from_params(void)
|
|||
}
|
||||
static void test_wolfSSL_EVP_PKEY_encrypt(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
|
||||
!defined(HAVE_FAST_RSA)
|
||||
WOLFSSL_RSA* rsa = NULL;
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
|
||||
|
@ -25697,7 +25752,8 @@ static void test_wolfSSL_EVP_PKEY_encrypt(void)
|
|||
}
|
||||
static void test_wolfSSL_EVP_PKEY_sign(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
|
||||
!defined(HAVE_FAST_RSA)
|
||||
WOLFSSL_RSA* rsa = NULL;
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
|
||||
|
@ -25744,7 +25800,7 @@ static void test_wolfSSL_EVP_PKEY_sign(void)
|
|||
AssertIntEQ(RSA_public_decrypt((int)siglen, sig, sigVerify,
|
||||
rsa, RSA_PKCS1_PSS_PADDING), SHA256_DIGEST_LENGTH);
|
||||
#else
|
||||
AssertIntEQ(RSA_public_decrypt(siglen, sig, sigVerify,
|
||||
AssertIntEQ(RSA_public_decrypt((int)siglen, sig, sigVerify,
|
||||
rsa, RSA_PKCS1_PADDING), SHA256_DIGEST_LENGTH);
|
||||
#endif
|
||||
|
||||
|
@ -25770,7 +25826,7 @@ static void test_wolfSSL_EVP_PKEY_sign(void)
|
|||
|
||||
static void test_EVP_PKEY_rsa(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
|
||||
WOLFSSL_RSA* rsa;
|
||||
WOLFSSL_EVP_PKEY* pkey;
|
||||
|
||||
|
@ -25787,7 +25843,7 @@ static void test_EVP_PKEY_rsa(void)
|
|||
|
||||
static void test_EVP_PKEY_ec(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL) && defined(HAVE_ECC)
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
|
||||
WOLFSSL_EC_KEY* ecKey;
|
||||
WOLFSSL_EVP_PKEY* pkey;
|
||||
|
||||
|
@ -25802,6 +25858,75 @@ static void test_EVP_PKEY_ec(void)
|
|||
#endif
|
||||
}
|
||||
|
||||
static void test_EVP_PKEY_cmp(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
EVP_PKEY *a, *b;
|
||||
const unsigned char *in;
|
||||
|
||||
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
|
||||
in = client_key_der_2048;
|
||||
AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
|
||||
&in, (long)sizeof_client_key_der_2048));
|
||||
in = client_key_der_2048;
|
||||
AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
|
||||
&in, (long)sizeof_client_key_der_2048));
|
||||
|
||||
/* Test success case RSA */
|
||||
AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
|
||||
|
||||
EVP_PKEY_free(b);
|
||||
EVP_PKEY_free(a);
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
|
||||
in = ecc_clikey_der_256;
|
||||
AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
|
||||
&in, (long)sizeof_ecc_clikey_der_256));
|
||||
in = ecc_clikey_der_256;
|
||||
AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
|
||||
&in, (long)sizeof_ecc_clikey_der_256));
|
||||
|
||||
/* Test success case ECC */
|
||||
AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
|
||||
|
||||
EVP_PKEY_free(b);
|
||||
EVP_PKEY_free(a);
|
||||
#endif
|
||||
|
||||
/* Test failure cases */
|
||||
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && \
|
||||
defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
|
||||
|
||||
in = client_key_der_2048;
|
||||
AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
|
||||
&in, (long)sizeof_client_key_der_2048));
|
||||
in = ecc_clikey_der_256;
|
||||
AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
|
||||
&in, (long)sizeof_ecc_clikey_der_256));
|
||||
|
||||
AssertIntNE(EVP_PKEY_cmp(a, b), 0);
|
||||
|
||||
EVP_PKEY_free(b);
|
||||
EVP_PKEY_free(a);
|
||||
#endif
|
||||
|
||||
/* invalid or empty failure cases */
|
||||
a = EVP_PKEY_new();
|
||||
b = EVP_PKEY_new();
|
||||
AssertIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
|
||||
AssertIntNE(EVP_PKEY_cmp(a, NULL), 0);
|
||||
AssertIntNE(EVP_PKEY_cmp(NULL, b), 0);
|
||||
AssertIntNE(EVP_PKEY_cmp(a, b), 0);
|
||||
EVP_PKEY_free(b);
|
||||
EVP_PKEY_free(a);
|
||||
|
||||
(void)in;
|
||||
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_ERR_load_crypto_strings(void)
|
||||
{
|
||||
#if defined(OPENSSL_ALL)
|
||||
|
@ -27448,17 +27573,26 @@ static void test_wolfSSL_X509_print()
|
|||
BIO *bio;
|
||||
|
||||
printf(testingFmt, "wolfSSL_X509_print");
|
||||
x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
|
||||
x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
|
||||
AssertNotNull(x509);
|
||||
|
||||
AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
|
||||
AssertIntEQ(X509_print(bio, x509),SSL_SUCCESS);
|
||||
|
||||
/* print to memory */
|
||||
AssertNotNull(bio = BIO_new(BIO_s_mem()));
|
||||
AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
|
||||
AssertIntEQ(BIO_get_mem_data(bio, NULL), 3212);
|
||||
BIO_free(bio);
|
||||
|
||||
/* print to stdout */
|
||||
AssertNotNull(bio = BIO_new(BIO_s_file()));
|
||||
wolfSSL_BIO_set_fp(bio, stdout, BIO_NOCLOSE);
|
||||
AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
|
||||
BIO_free(bio);
|
||||
|
||||
X509_free(x509);
|
||||
printf(resultFmt, passed);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_RSA_print()
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
|
||||
|
@ -27597,6 +27731,121 @@ static void test_wolfSSL_RSA_verify()
|
|||
#endif
|
||||
}
|
||||
|
||||
|
||||
#if defined(OPENSSL_EXTRA) && (defined(HAVE_ECC) || !defined(NO_RSA)) && \
|
||||
!defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
|
||||
static void test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
|
||||
{
|
||||
X509* x509 = NULL;
|
||||
BIGNUM* serial_number = NULL;
|
||||
X509_NAME* name = NULL;
|
||||
time_t epoch_off = 0;
|
||||
ASN1_INTEGER* asn1_serial_number;
|
||||
long not_before, not_after;
|
||||
|
||||
AssertNotNull(x509 = X509_new());
|
||||
|
||||
AssertIntNE(X509_set_pubkey(x509, pkey), 0);
|
||||
|
||||
AssertNotNull(serial_number = BN_new());
|
||||
AssertIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
|
||||
AssertNotNull(asn1_serial_number = X509_get_serialNumber(x509));
|
||||
AssertNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
|
||||
|
||||
/* version 3 */
|
||||
AssertIntNE(X509_set_version(x509, 2L), 0);
|
||||
|
||||
AssertNotNull(name = X509_NAME_new());
|
||||
|
||||
AssertIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
|
||||
(unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
|
||||
|
||||
AssertIntNE(X509_set_subject_name(x509, name), 0);
|
||||
AssertIntNE(X509_set_issuer_name(x509, name), 0);
|
||||
|
||||
not_before = (long)XTIME(NULL);
|
||||
not_after = not_before + (365 * 24 * 60 * 60);
|
||||
AssertNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &epoch_off));
|
||||
AssertNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &epoch_off));
|
||||
|
||||
AssertIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
|
||||
|
||||
BN_free(serial_number);
|
||||
X509_NAME_free(name);
|
||||
X509_free(x509);
|
||||
}
|
||||
#endif
|
||||
|
||||
static void test_openssl_generate_key_and_cert(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
#if !defined(NO_RSA)
|
||||
{
|
||||
EVP_PKEY* pkey = EVP_PKEY_new();
|
||||
int key_length = 2048;
|
||||
BIGNUM* exponent = BN_new();
|
||||
RSA* rsa = RSA_new();
|
||||
|
||||
AssertNotNull(pkey);
|
||||
AssertNotNull(exponent);
|
||||
AssertNotNull(rsa);
|
||||
|
||||
AssertIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
|
||||
#ifndef WOLFSSL_KEY_GEN
|
||||
AssertIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), WOLFSSL_FAILURE);
|
||||
|
||||
#if defined(USE_CERT_BUFFERS_1024)
|
||||
AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
|
||||
sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
|
||||
key_length = 1024;
|
||||
#elif defined(USE_CERT_BUFFERS_2048)
|
||||
AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
|
||||
sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
|
||||
#else
|
||||
RSA_free(rsa);
|
||||
rsa = NULL;
|
||||
#endif
|
||||
#else
|
||||
AssertIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
|
||||
#endif
|
||||
|
||||
if (rsa) {
|
||||
AssertIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
|
||||
|
||||
BN_free(exponent);
|
||||
|
||||
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
|
||||
test_openssl_make_self_signed_certificate(pkey);
|
||||
#endif
|
||||
}
|
||||
|
||||
EVP_PKEY_free(pkey);
|
||||
}
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
{
|
||||
EVP_PKEY* pkey = EVP_PKEY_new();
|
||||
EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
|
||||
|
||||
AssertNotNull(pkey);
|
||||
AssertNotNull(ec_key);
|
||||
|
||||
EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
|
||||
|
||||
AssertIntNE(EC_KEY_generate_key(ec_key), 0);
|
||||
AssertIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
|
||||
|
||||
#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
|
||||
test_openssl_make_self_signed_certificate(pkey);
|
||||
#endif
|
||||
|
||||
EVP_PKEY_free(pkey);
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
|
||||
static void test_stubs_are_stubs()
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB)
|
||||
|
@ -27830,6 +28079,7 @@ void ApiTest(void)
|
|||
test_wolfSSL_set_tlsext_status_type();
|
||||
test_wolfSSL_ASN1_TIME_adj();
|
||||
test_wolfSSL_X509_cmp_time();
|
||||
test_wolfSSL_X509_time_adj();
|
||||
test_wolfSSL_CTX_set_client_CA_list();
|
||||
test_wolfSSL_CTX_add_client_CA();
|
||||
test_wolfSSL_CTX_set_srp_username();
|
||||
|
@ -27913,6 +28163,7 @@ void ApiTest(void)
|
|||
test_wolfSSL_X509_cmp();
|
||||
test_wolfSSL_RSA_print();
|
||||
test_wolfSSL_ASN1_STRING_print();
|
||||
test_openssl_generate_key_and_cert();
|
||||
|
||||
/* test the no op functions for compatibility */
|
||||
test_no_op_functions();
|
||||
|
@ -27922,6 +28173,7 @@ void ApiTest(void)
|
|||
test_wolfSSL_EVP_PKEY_encrypt();
|
||||
test_wolfSSL_EVP_PKEY_sign();
|
||||
test_EVP_PKEY_ec();
|
||||
test_EVP_PKEY_cmp();
|
||||
/* OpenSSL error API tests */
|
||||
test_ERR_load_crypto_strings();
|
||||
/* OpenSSL sk_X509 API test */
|
||||
|
|
|
@ -627,12 +627,17 @@ static int SetASNInt(int len, byte firstByte, byte* output)
|
|||
{
|
||||
word32 idx = 0;
|
||||
|
||||
output[idx++] = ASN_INTEGER;
|
||||
if (output)
|
||||
output[idx] = ASN_INTEGER;
|
||||
idx++;
|
||||
if (firstByte & 0x80)
|
||||
len++;
|
||||
idx += SetLength(len, output + idx);
|
||||
if (firstByte & 0x80)
|
||||
output[idx++] = 0x00;
|
||||
idx += SetLength(len, output ? output + idx : NULL);
|
||||
if (firstByte & 0x80) {
|
||||
if (output)
|
||||
output[idx] = 0x00;
|
||||
idx++;
|
||||
}
|
||||
|
||||
return idx;
|
||||
}
|
||||
|
@ -664,16 +669,19 @@ static int SetASNIntMP(mp_int* n, int maxSz, byte* output)
|
|||
if (maxSz >= 0 && (idx + length) > maxSz)
|
||||
return BUFFER_E;
|
||||
|
||||
err = mp_to_unsigned_bin(n, output + idx);
|
||||
if (err != MP_OKAY)
|
||||
return MP_TO_E;
|
||||
if (output) {
|
||||
err = mp_to_unsigned_bin(n, output + idx);
|
||||
if (err != MP_OKAY)
|
||||
return MP_TO_E;
|
||||
}
|
||||
idx += length;
|
||||
|
||||
return idx;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(NO_RSA) && defined(HAVE_USER_RSA) && defined(WOLFSSL_CERT_GEN)
|
||||
#if !defined(NO_RSA) && defined(HAVE_USER_RSA) && \
|
||||
(defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA))
|
||||
/* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int from
|
||||
* an RSA key.
|
||||
* The number is assumed to be positive.
|
||||
|
@ -697,9 +705,11 @@ static int SetASNIntRSA(void* n, byte* output)
|
|||
if ((idx + length) > MAX_RSA_INT_SZ)
|
||||
return BUFFER_E;
|
||||
|
||||
err = wc_Rsa_to_unsigned_bin(n, output + idx, length);
|
||||
if (err != MP_OKAY)
|
||||
return MP_TO_E;
|
||||
if (output) {
|
||||
err = wc_Rsa_to_unsigned_bin(n, output + idx, length);
|
||||
if (err != MP_OKAY)
|
||||
return MP_TO_E;
|
||||
}
|
||||
idx += length;
|
||||
|
||||
return idx;
|
||||
|
@ -957,9 +967,14 @@ static word32 SetBitString(word32 len, byte unusedBits, byte* output)
|
|||
{
|
||||
word32 idx = 0;
|
||||
|
||||
output[idx++] = ASN_BIT_STRING;
|
||||
idx += SetLength(len + 1, output + idx);
|
||||
output[idx++] = unusedBits;
|
||||
if (output)
|
||||
output[idx] = ASN_BIT_STRING;
|
||||
idx++;
|
||||
|
||||
idx += SetLength(len + 1, output ? output + idx : NULL);
|
||||
if (output)
|
||||
output[idx] = unusedBits;
|
||||
idx++;
|
||||
|
||||
return idx;
|
||||
}
|
||||
|
@ -6053,13 +6068,19 @@ WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output)
|
|||
{
|
||||
word32 i = 0, j;
|
||||
|
||||
if (length < ASN_LONG_LENGTH)
|
||||
output[i++] = (byte)length;
|
||||
if (length < ASN_LONG_LENGTH) {
|
||||
if (output)
|
||||
output[i] = (byte)length;
|
||||
i++;
|
||||
}
|
||||
else {
|
||||
output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH);
|
||||
if (output)
|
||||
output[i] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH);
|
||||
i++;
|
||||
|
||||
for (j = BytePrecision(length); j; --j) {
|
||||
output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE));
|
||||
if (output)
|
||||
output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE));
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
@ -6070,8 +6091,9 @@ WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output)
|
|||
|
||||
WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output)
|
||||
{
|
||||
output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
|
||||
return SetLength(len, output + 1) + 1;
|
||||
if (output)
|
||||
output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
|
||||
return SetLength(len, output ? output + 1 : NULL) + 1;
|
||||
}
|
||||
|
||||
WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output)
|
||||
|
@ -6185,11 +6207,13 @@ WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
|
|||
idSz = SetObjectId(algoSz, ID_Length);
|
||||
seqSz = SetSequence(idSz + algoSz + tagSz + curveSz, seqArray);
|
||||
|
||||
XMEMCPY(output, seqArray, seqSz);
|
||||
XMEMCPY(output + seqSz, ID_Length, idSz);
|
||||
XMEMCPY(output + seqSz + idSz, algoName, algoSz);
|
||||
if (tagSz == 2)
|
||||
SetASNNull(&output[seqSz + idSz + algoSz]);
|
||||
if (output) {
|
||||
XMEMCPY(output, seqArray, seqSz);
|
||||
XMEMCPY(output + seqSz, ID_Length, idSz);
|
||||
XMEMCPY(output + seqSz + idSz, algoName, algoSz);
|
||||
if (tagSz == 2)
|
||||
SetASNNull(&output[seqSz + idSz + algoSz]);
|
||||
}
|
||||
|
||||
return seqSz + idSz + algoSz + tagSz;
|
||||
|
||||
|
@ -10124,74 +10148,52 @@ static int SetRsaPublicKey(byte* output, RsaKey* key,
|
|||
return idx;
|
||||
}
|
||||
|
||||
int RsaPublicKeyDerSize(RsaKey* key, int with_header)
|
||||
#endif /* !NO_RSA && (WOLFSSL_CERT_GEN || (WOLFSSL_KEY_GEN &&
|
||||
!HAVE_USER_RSA))) */
|
||||
|
||||
#if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA))
|
||||
int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header)
|
||||
{
|
||||
byte* dummy = NULL;
|
||||
byte seq[MAX_SEQ_SZ];
|
||||
byte bitString[1 + MAX_LENGTH_SZ + 1];
|
||||
int nSz;
|
||||
int eSz;
|
||||
int seqSz;
|
||||
int bitStringSz;
|
||||
int idx;
|
||||
int idx = 0;
|
||||
int nSz, eSz, seqSz, bitStringSz, algoSz;
|
||||
|
||||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* n */
|
||||
dummy = (byte*)XMALLOC(MAX_RSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (dummy == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
#ifdef HAVE_USER_RSA
|
||||
nSz = SetASNIntRSA(key->n, dummy);
|
||||
nSz = SetASNIntRSA(key->n, NULL);
|
||||
#else
|
||||
nSz = SetASNIntMP(&key->n, MAX_RSA_INT_SZ, dummy);
|
||||
nSz = SetASNIntMP(&key->n, MAX_RSA_INT_SZ, NULL);
|
||||
#endif
|
||||
XFREE(dummy, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (nSz < 0) {
|
||||
return nSz;
|
||||
}
|
||||
|
||||
/* e */
|
||||
dummy = (byte*)XMALLOC(MAX_RSA_E_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (dummy == NULL) {
|
||||
XFREE(dummy, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
#ifdef HAVE_USER_RSA
|
||||
eSz = SetASNIntRSA(key->e, dummy);
|
||||
eSz = SetASNIntRSA(key->e, NULL);
|
||||
#else
|
||||
eSz = SetASNIntMP(&key->e, MAX_RSA_INT_SZ, dummy);
|
||||
eSz = SetASNIntMP(&key->e, MAX_RSA_INT_SZ, NULL);
|
||||
#endif
|
||||
XFREE(dummy, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (eSz < 0) {
|
||||
return eSz;
|
||||
}
|
||||
|
||||
seqSz = SetSequence(nSz + eSz, seq);
|
||||
seqSz = SetSequence(nSz + eSz, NULL);
|
||||
|
||||
/* headers */
|
||||
if (with_header) {
|
||||
int algoSz;
|
||||
dummy = (byte*)XMALLOC(MAX_RSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (dummy == NULL)
|
||||
return MEMORY_E;
|
||||
algoSz = SetAlgoID(RSAk, NULL, oidKeyType, 0);
|
||||
bitStringSz = SetBitString(seqSz + nSz + eSz, 0, NULL);
|
||||
|
||||
algoSz = SetAlgoID(RSAk, dummy, oidKeyType, 0);
|
||||
bitStringSz = SetBitString(seqSz + nSz + eSz, 0, bitString);
|
||||
|
||||
idx = SetSequence(nSz + eSz + seqSz + bitStringSz + algoSz, dummy);
|
||||
XFREE(dummy, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
idx += SetSequence(nSz + eSz + seqSz + bitStringSz + algoSz, NULL);
|
||||
|
||||
/* algo */
|
||||
idx += algoSz;
|
||||
/* bit string */
|
||||
idx += bitStringSz;
|
||||
}
|
||||
else
|
||||
idx = 0;
|
||||
|
||||
/* seq */
|
||||
idx += seqSz;
|
||||
|
@ -10202,8 +10204,8 @@ int RsaPublicKeyDerSize(RsaKey* key, int with_header)
|
|||
|
||||
return idx;
|
||||
}
|
||||
#endif /* !NO_RSA && (WOLFSSL_CERT_GEN || (WOLFSSL_KEY_GEN &&
|
||||
!HAVE_USER_RSA))) */
|
||||
|
||||
#endif /* !NO_RSA && WOLFSSL_CERT_GEN */
|
||||
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
|
||||
|
@ -10587,20 +10589,24 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int with_header)
|
|||
|
||||
idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, output);
|
||||
/* algo */
|
||||
XMEMCPY(output + idx, algo, algoSz);
|
||||
if (output)
|
||||
XMEMCPY(output + idx, algo, algoSz);
|
||||
idx += algoSz;
|
||||
/* curve */
|
||||
XMEMCPY(output + idx, curve, curveSz);
|
||||
/* curve */
|
||||
if (output)
|
||||
XMEMCPY(output + idx, curve, curveSz);
|
||||
idx += curveSz;
|
||||
/* bit string */
|
||||
XMEMCPY(output + idx, bitString, bitStringSz);
|
||||
if (output)
|
||||
XMEMCPY(output + idx, bitString, bitStringSz);
|
||||
idx += bitStringSz;
|
||||
}
|
||||
else
|
||||
idx = 0;
|
||||
|
||||
/* pub */
|
||||
XMEMCPY(output + idx, pub, pubSz);
|
||||
if (output)
|
||||
XMEMCPY(output + idx, pub, pubSz);
|
||||
idx += pubSz;
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
|
@ -10626,7 +10632,7 @@ int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
|
|||
word32 keySz = 0;
|
||||
int ret;
|
||||
|
||||
if (output == NULL || key == NULL) {
|
||||
if (key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
|
@ -10645,12 +10651,23 @@ int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
|
|||
return ret;
|
||||
}
|
||||
|
||||
if (inLen < keySz + infoSz) {
|
||||
/* if output null then just return size */
|
||||
if (output == NULL) {
|
||||
return keySz + infoSz;
|
||||
}
|
||||
|
||||
if (output == NULL || inLen < keySz + infoSz) {
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
return SetEccPublicKey(output, key, with_AlgCurve);
|
||||
}
|
||||
|
||||
int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
|
||||
{
|
||||
return wc_EccPublicKeyToDer(key, NULL, 0, with_AlgCurve);
|
||||
}
|
||||
|
||||
#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
|
||||
|
||||
#if defined(HAVE_ED25519) && (defined(WOLFSSL_CERT_GEN) || \
|
||||
|
@ -10807,9 +10824,11 @@ static int CopyValidity(byte* output, Cert* cert)
|
|||
|
||||
/* headers and output */
|
||||
seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
|
||||
XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
|
||||
XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
|
||||
cert->afterDateSz);
|
||||
if (output) {
|
||||
XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
|
||||
XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
|
||||
cert->afterDateSz);
|
||||
}
|
||||
return seqSz + cert->beforeDateSz + cert->afterDateSz;
|
||||
}
|
||||
|
||||
|
@ -12253,17 +12272,20 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
|
|||
int idx = bodySz, seqSz;
|
||||
|
||||
/* algo */
|
||||
idx += SetAlgoID(sigAlgoType, buffer + idx, oidSigType, 0);
|
||||
idx += SetAlgoID(sigAlgoType, buffer ? buffer + idx : NULL, oidSigType, 0);
|
||||
/* bit string */
|
||||
idx += SetBitString(sigSz, 0, buffer + idx);
|
||||
idx += SetBitString(sigSz, 0, buffer ? buffer + idx : NULL);
|
||||
/* signature */
|
||||
XMEMCPY(buffer + idx, sig, sigSz);
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, sig, sigSz);
|
||||
idx += sigSz;
|
||||
|
||||
/* make room for overall header */
|
||||
seqSz = SetSequence(idx, seq);
|
||||
XMEMMOVE(buffer + seqSz, buffer, idx);
|
||||
XMEMCPY(buffer, seq, seqSz);
|
||||
if (buffer) {
|
||||
XMEMMOVE(buffer + seqSz, buffer, idx);
|
||||
XMEMCPY(buffer, seq, seqSz);
|
||||
}
|
||||
|
||||
return idx + seqSz;
|
||||
}
|
||||
|
@ -12282,6 +12304,10 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
|
|||
DerCert der[1];
|
||||
#endif
|
||||
|
||||
if (derBuffer == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
cert->keyType = eccKey ? ECC_KEY : (rsaKey ? RSA_KEY :
|
||||
(ed25519Key ? ED25519_KEY : NTRU_KEY));
|
||||
|
||||
|
@ -12611,20 +12637,25 @@ static int WriteCertReqBody(DerCert* der, byte* buffer)
|
|||
/* signed part header */
|
||||
idx = SetSequence(der->total, buffer);
|
||||
/* version */
|
||||
XMEMCPY(buffer + idx, der->version, der->versionSz);
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, der->version, der->versionSz);
|
||||
idx += der->versionSz;
|
||||
/* subject */
|
||||
XMEMCPY(buffer + idx, der->subject, der->subjectSz);
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, der->subject, der->subjectSz);
|
||||
idx += der->subjectSz;
|
||||
/* public key */
|
||||
XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
|
||||
idx += der->publicKeySz;
|
||||
/* attributes */
|
||||
XMEMCPY(buffer + idx, der->attrib, der->attribSz);
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, der->attrib, der->attribSz);
|
||||
idx += der->attribSz;
|
||||
/* extensions */
|
||||
if (der->extensionsSz) {
|
||||
XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
|
||||
if (buffer)
|
||||
XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
|
||||
(int)sizeof(der->extensions)));
|
||||
idx += der->extensionsSz;
|
||||
}
|
||||
|
|
|
@ -6145,7 +6145,8 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
|
|||
|
||||
/* return length needed only */
|
||||
if (key != NULL && out == NULL && outLen != NULL) {
|
||||
numlen = key->dp->size;
|
||||
/* if key hasn't been setup assume max bytes for size estimation */
|
||||
numlen = key->dp ? key->dp->size : MAX_ECC_BYTES;
|
||||
*outLen = 1 + 2*numlen;
|
||||
return LENGTH_ONLY_E;
|
||||
}
|
||||
|
@ -6156,7 +6157,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
|
|||
if (key->type == ECC_PRIVATEKEY_ONLY)
|
||||
return ECC_PRIVATEONLY_E;
|
||||
|
||||
if (wc_ecc_is_valid_idx(key->idx) == 0) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) == 0 || key->dp == NULL) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
numlen = key->dp->size;
|
||||
|
|
|
@ -1242,10 +1242,10 @@ int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
|
|||
WOLFSSL_ENTER("EVP_PKEY_size");
|
||||
|
||||
switch (pkey->type) {
|
||||
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
|
||||
#ifndef NO_RSA
|
||||
case EVP_PKEY_RSA:
|
||||
return (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
|
||||
#endif /* NO_RSA */
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
case EVP_PKEY_EC:
|
||||
|
@ -1262,6 +1262,70 @@ int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
|
|||
return 0;
|
||||
}
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey)
|
||||
{
|
||||
(void)pkey;
|
||||
/* not using missing params callback and returning zero to indicate success */
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
|
||||
{
|
||||
int ret = -1; /* failure */
|
||||
int a_sz = 0, b_sz = 0;
|
||||
|
||||
if (a == NULL || b == NULL)
|
||||
return ret;
|
||||
|
||||
/* check its the same type of key */
|
||||
if (a->type != b->type)
|
||||
return ret;
|
||||
|
||||
/* get size based on key type */
|
||||
switch (a->type) {
|
||||
#ifndef NO_RSA
|
||||
case EVP_PKEY_RSA:
|
||||
a_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa));
|
||||
b_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa));
|
||||
break;
|
||||
#endif /* !NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
case EVP_PKEY_EC:
|
||||
if (a->ecc == NULL || a->ecc->internal == NULL ||
|
||||
b->ecc == NULL || b->ecc->internal == NULL) {
|
||||
return ret;
|
||||
}
|
||||
a_sz = wc_ecc_size((ecc_key*)(a->ecc->internal));
|
||||
b_sz = wc_ecc_size((ecc_key*)(b->ecc->internal));
|
||||
break;
|
||||
#endif /* HAVE_ECC */
|
||||
default:
|
||||
break;
|
||||
} /* switch (a->type) */
|
||||
|
||||
/* check size */
|
||||
if (a_sz <= 0 || b_sz <= 0 || a_sz != b_sz) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* check public key size */
|
||||
if (a->pkey_sz > 0 && b->pkey_sz > 0 && a->pkey_sz != b->pkey_sz) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* check public key */
|
||||
if (a->pkey.ptr && b->pkey.ptr) {
|
||||
if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, a->pkey_sz) != 0) {
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
ret = 0; /* success */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* Initialize structure for signing
|
||||
*
|
||||
|
@ -1732,14 +1796,14 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
|
|||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
}
|
||||
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
|
||||
#ifndef NO_RSA
|
||||
else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) {
|
||||
if (sig == NULL) {
|
||||
*siglen = wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif /* !NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
else if (ctx->pctx->pkey->type == EVP_PKEY_EC) {
|
||||
if (sig == NULL) {
|
||||
|
|
|
@ -106,9 +106,9 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
|
|||
RsaKey*, word32);
|
||||
WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
|
||||
const byte* e, word32 eSz, RsaKey* key);
|
||||
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
|
||||
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
|
||||
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
|
||||
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
|
||||
#endif
|
||||
WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
|
||||
|
@ -116,7 +116,7 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
|
|||
WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
|
||||
|
||||
|
||||
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
|
||||
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)
|
||||
/* abstracted BN operations with RSA key */
|
||||
WOLFSSL_API int wc_Rsa_leading_bit(void* BN);
|
||||
WOLFSSL_API int wc_Rsa_unsigned_bin_size(void* BN);
|
||||
|
|
|
@ -99,7 +99,7 @@ int wc_InitRsaKey(RsaKey* key, void* heap)
|
|||
|
||||
|
||||
/* three functions needed for cert and key gen */
|
||||
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
|
||||
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)
|
||||
/* return 1 if there is a leading bit*/
|
||||
int wc_Rsa_leading_bit(void* bn)
|
||||
{
|
||||
|
@ -171,7 +171,7 @@ int wc_Rsa_to_unsigned_bin(void* bn, byte* in, int inLen)
|
|||
}
|
||||
return MP_OKAY;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_GEN or WOLFSSL_KEY_GEN */
|
||||
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN || OPENSSL_EXTRA */
|
||||
|
||||
|
||||
#ifdef OPENSSL_EXTRA /* functions needed for openssl compatibility layer */
|
||||
|
@ -2305,6 +2305,10 @@ makeKeyEnd:
|
|||
return ret;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)
|
||||
|
||||
/********** duplicate code needed -- future refactor */
|
||||
#define MAX_VERSION_SZ 5
|
||||
#define MAX_SEQ_SZ 5
|
||||
|
@ -2765,7 +2769,7 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
|
|||
}
|
||||
|
||||
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
#endif /* WOLFSSL_KEY_GEN || OPENSSL_EXTRA */
|
||||
|
||||
#ifdef WC_RSA_BLINDING
|
||||
|
||||
|
|
|
@ -1612,60 +1612,6 @@ WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_3(void);
|
|||
#endif
|
||||
|
||||
|
||||
|
||||
/* custom method with user set callbacks */
|
||||
#define MAX_BIO_METHOD_NAME 256
|
||||
typedef struct WOLFSSL_BIO_METHOD_CUSTOM {
|
||||
char name[MAX_BIO_METHOD_NAME];
|
||||
|
||||
wolfSSL_BIO_meth_puts_cb putsCb;
|
||||
wolfSSL_BIO_meth_gets_cb getsCb;
|
||||
|
||||
wolfSSL_BIO_meth_read_cb readCb;
|
||||
wolfSSL_BIO_meth_write_cb writeCb;
|
||||
|
||||
wolfSSL_BIO_meth_destroy_cb freeCb;
|
||||
wolfSSL_BIO_meth_create_cb createCb;
|
||||
|
||||
wolfSSL_BIO_meth_get_ctrl_cb ctrlCb;
|
||||
} WOLFSSL_BIO_METHOD_CUSTOM;
|
||||
|
||||
/* wolfSSL BIO_METHOD type */
|
||||
struct WOLFSSL_BIO_METHOD {
|
||||
byte type; /* method type */
|
||||
WOLFSSL_BIO_METHOD_CUSTOM* custom;
|
||||
};
|
||||
|
||||
|
||||
/* wolfSSL BIO type */
|
||||
struct WOLFSSL_BIO {
|
||||
WOLFSSL_BUF_MEM* mem_buf;
|
||||
WOLFSSL_BIO_METHOD* method;
|
||||
WOLFSSL* ssl; /* possible associated ssl */
|
||||
#ifndef NO_FILESYSTEM
|
||||
XFILE file;
|
||||
#endif
|
||||
WOLFSSL_BIO* prev; /* previous in chain */
|
||||
WOLFSSL_BIO* next; /* next in chain */
|
||||
WOLFSSL_BIO* pair; /* BIO paired with */
|
||||
void* heap; /* user heap hint */
|
||||
byte* mem; /* memory buffer */
|
||||
void* usrCtx; /* user set pointer */
|
||||
char* infoArg; /* BIO callback argument */
|
||||
wolf_bio_info_cb infoCb; /* BIO callback */
|
||||
int wrSz; /* write buffer size (mem) */
|
||||
int wrIdx; /* current index for write buffer */
|
||||
int rdIdx; /* current read index */
|
||||
int readRq; /* read request */
|
||||
int memLen; /* memory buffer length */
|
||||
int fd; /* possible file descriptor */
|
||||
int eof; /* eof flag */
|
||||
int flags;
|
||||
byte type; /* method type */
|
||||
byte close; /* close flag */
|
||||
};
|
||||
|
||||
|
||||
/* wolfSSL method type */
|
||||
struct WOLFSSL_METHOD {
|
||||
ProtocolVersion version;
|
||||
|
@ -3565,14 +3511,12 @@ struct WOLFSSL_X509 {
|
|||
byte certPolicyCrit;
|
||||
#endif /* (WOLFSSL_SEP || WOLFSSL_QT) && (OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) */
|
||||
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
|
||||
WOLFSSL_ASN1_TIME* notAfterTime;
|
||||
WOLFSSL_ASN1_TIME* notBeforeTime;
|
||||
WOLFSSL_STACK* ext_sk; /* Store X509_EXTENSIONS from wolfSSL_X509_get_ext */
|
||||
WOLFSSL_STACK* ext_d2i;/* Store d2i extensions from wolfSSL_X509_get_ext_d2i */
|
||||
WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
|
||||
#endif /* WOLFSSL_QT || OPENSSL_ALL */
|
||||
int notBeforeSz;
|
||||
int notAfterSz;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_ASN1_INTEGER* serialNumber; /* Stores SN from wolfSSL_X509_get_serialNumber */
|
||||
#endif
|
||||
WOLFSSL_ASN1_TIME notBefore;
|
||||
WOLFSSL_ASN1_TIME notAfter;
|
||||
buffer sig;
|
||||
|
|
|
@ -32,6 +32,7 @@
|
|||
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
|
||||
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
|
||||
|
||||
#define V_ASN1_INTEGER 0x02
|
||||
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
|
||||
#define V_ASN1_NEG 0x100
|
||||
#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
|
||||
|
@ -68,6 +69,13 @@
|
|||
#define V_ASN1_UTCTIME 23
|
||||
#define V_ASN1_GENERALIZEDTIME 24
|
||||
|
||||
#define ASN1_STRING_FLAG_BITS_LEFT 0x008
|
||||
#define ASN1_STRING_FLAG_NDEF 0x010
|
||||
#define ASN1_STRING_FLAG_CONT 0x020
|
||||
#define ASN1_STRING_FLAG_MSTRING 0x040
|
||||
#define ASN1_STRING_FLAG_EMBED 0x080
|
||||
|
||||
|
||||
WOLFSSL_API WOLFSSL_ASN1_INTEGER *wolfSSL_BN_to_ASN1_INTEGER(
|
||||
const WOLFSSL_BIGNUM*, WOLFSSL_ASN1_INTEGER*);
|
||||
#define BN_to_ASN1_INTEGER wolfSSL_BN_to_ASN1_INTEGER
|
||||
|
|
|
@ -75,6 +75,8 @@
|
|||
/* helper to set specific retry/read flags */
|
||||
#define BIO_set_retry_read(bio)\
|
||||
wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_READ)
|
||||
#define BIO_set_retry_write(bio)\
|
||||
wolfSSL_BIO_set_flags((bio), WOLFSSL_BIO_FLAG_RETRY | WOLFSSL_BIO_FLAG_WRITE)
|
||||
|
||||
#define BIO_clear_retry_flags wolfSSL_BIO_clear_retry_flags
|
||||
|
||||
|
|
|
@ -82,6 +82,7 @@ WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM*);
|
|||
WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM*);
|
||||
WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM*);
|
||||
WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM*);
|
||||
WOLFSSL_API int wolfSSL_BN_is_negative(const WOLFSSL_BIGNUM*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
|
||||
|
||||
|
@ -145,6 +146,7 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
|
|||
#define BN_is_zero wolfSSL_BN_is_zero
|
||||
#define BN_is_one wolfSSL_BN_is_one
|
||||
#define BN_is_odd wolfSSL_BN_is_odd
|
||||
#define BN_is_negative wolfSSL_BN_is_negative
|
||||
|
||||
#define BN_cmp wolfSSL_BN_cmp
|
||||
|
||||
|
|
|
@ -190,9 +190,31 @@ enum {
|
|||
NID_md2 = 77,
|
||||
NID_md5 = 4,
|
||||
NID_hmac = 855,
|
||||
NID_dhKeyAgreement= 28,
|
||||
EVP_PKEY_DH = NID_dhKeyAgreement,
|
||||
EVP_PKEY_HMAC = NID_hmac
|
||||
};
|
||||
|
||||
enum {
|
||||
NID_md5WithRSA = 104,
|
||||
NID_md5WithRSAEncryption = 8,
|
||||
NID_dsaWithSHA1 = 113,
|
||||
NID_dsaWithSHA1_2 = 70,
|
||||
NID_sha1WithRSA = 115,
|
||||
NID_sha1WithRSAEncryption = 65,
|
||||
NID_sha224WithRSAEncryption = 671,
|
||||
NID_sha256WithRSAEncryption = 668,
|
||||
NID_sha384WithRSAEncryption = 669,
|
||||
NID_sha512WithRSAEncryption = 670,
|
||||
NID_ecdsa_with_SHA1 = 416,
|
||||
NID_ecdsa_with_SHA224 = 793,
|
||||
NID_ecdsa_with_SHA256 = 794,
|
||||
NID_ecdsa_with_SHA384 = 795,
|
||||
NID_ecdsa_with_SHA512 = 796,
|
||||
NID_dsa_with_SHA224 = 802,
|
||||
NID_dsa_with_SHA256 = 803,
|
||||
};
|
||||
|
||||
enum {
|
||||
NID_aes_128_cbc = 419,
|
||||
NID_aes_192_cbc = 423,
|
||||
|
@ -421,6 +443,8 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
|
|||
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
|
||||
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_id(const EVP_PKEY *pkey);
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
|
||||
|
@ -632,6 +656,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
|
|||
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
|
||||
#define EVP_PKEY_up_ref wolfSSL_EVP_PKEY_up_ref
|
||||
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
|
||||
#define EVP_PKEY_missing_parameters wolfSSL_EVP_PKEY_missing_parameters
|
||||
#define EVP_PKEY_cmp wolfSSL_EVP_PKEY_cmp
|
||||
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
|
||||
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
|
||||
#define EVP_PKEY_id wolfSSL_EVP_PKEY_id
|
||||
|
|
|
@ -50,6 +50,15 @@ WOLFSSL_RSA* wolfSSL_PEM_read_bio_RSAPrivateKey(WOLFSSL_BIO* bio,
|
|||
WOLFSSL_RSA**,
|
||||
pem_password_cb* cb,
|
||||
void* arg);
|
||||
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_bio_RSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa);
|
||||
|
||||
WOLFSSL_API
|
||||
WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_RSA** rsa,
|
||||
pem_password_cb* cb, void *u);
|
||||
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_EC_GROUP** group,
|
||||
|
@ -133,6 +142,8 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
|
|||
const WOLFSSL_EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb* cb, void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key);
|
||||
|
||||
|
||||
WOLFSSL_API
|
||||
|
@ -184,6 +195,8 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
|
|||
/* RSA */
|
||||
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
|
||||
#define PEM_read_bio_RSAPrivateKey wolfSSL_PEM_read_bio_RSAPrivateKey
|
||||
#define PEM_write_bio_RSA_PUBKEY wolfSSL_PEM_write_bio_RSA_PUBKEY
|
||||
#define PEM_read_bio_RSA_PUBKEY wolfSSL_PEM_read_bio_RSA_PUBKEY
|
||||
#define PEM_read_bio_ECPKParameters wolfSSL_PEM_read_bio_ECPKParameters
|
||||
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
|
||||
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
|
||||
|
@ -201,6 +214,7 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh);
|
|||
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
|
||||
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
|
||||
#define PEM_read_bio_PUBKEY wolfSSL_PEM_read_bio_PUBKEY
|
||||
#define PEM_write_bio_PUBKEY wolfSSL_PEM_write_bio_PUBKEY
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
|
|
@ -215,7 +215,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
|||
#define SSL_use_RSAPrivateKey_file wolfSSL_use_RSAPrivateKey_file
|
||||
#endif
|
||||
|
||||
#define SSL_CTX_new wolfSSL_CTX_new
|
||||
#define SSL_CTX_new(method) wolfSSL_CTX_new((WOLFSSL_METHOD*)(method))
|
||||
#define SSL_new wolfSSL_new
|
||||
#define SSL_set_fd wolfSSL_set_fd
|
||||
#define SSL_get_fd wolfSSL_get_fd
|
||||
|
@ -271,6 +271,10 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
|||
#define SSL_CIPHER_description wolfSSL_CIPHER_description
|
||||
#define SSL_CIPHER_get_name wolfSSL_CIPHER_get_name
|
||||
#define SSL_CIPHER_get_version wolfSSL_CIPHER_get_version
|
||||
#define SSL_CIPHER_get_id wolfSSL_CIPHER_get_id
|
||||
#define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_rfc_name
|
||||
#define SSL_get_cipher_by_value wolfSSL_get_cipher_by_value
|
||||
|
||||
#define SSL_get1_session wolfSSL_get1_session
|
||||
|
||||
#define SSL_get_keyblock_size wolfSSL_get_keyblock_size
|
||||
|
@ -348,6 +352,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
|||
#define X509_set_version wolfSSL_X509_set_version
|
||||
#define X509_sign wolfSSL_X509_sign
|
||||
#define X509_print wolfSSL_X509_print
|
||||
#define X509_print_ex wolfSSL_X509_print_ex
|
||||
#define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
|
||||
#define X509_verify_cert wolfSSL_X509_verify_cert
|
||||
#define X509_check_private_key wolfSSL_X509_check_private_key
|
||||
|
@ -399,12 +404,15 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
|
|||
#define X509_NAME_ENTRY_create_by_NID wolfSSL_X509_NAME_ENTRY_create_by_NID
|
||||
#define X509_NAME_add_entry wolfSSL_X509_NAME_add_entry
|
||||
#define X509_NAME_add_entry_by_txt wolfSSL_X509_NAME_add_entry_by_txt
|
||||
#define X509_NAME_add_entry_by_NID wolfSSL_X509_NAME_add_entry_by_NID
|
||||
#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
|
||||
#define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID
|
||||
#define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex
|
||||
#define X509_NAME_digest wolfSSL_X509_NAME_digest
|
||||
#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
|
||||
#define X509_cmp_time wolfSSL_X509_cmp_time
|
||||
#define X509_time_adj wolfSSL_X509_time_adj
|
||||
#define X509_time_adj_ex wolfSSL_X509_time_adj_ex
|
||||
|
||||
#define sk_ACCESS_DESCRIPTION_num wolfSSL_sk_ACCESS_DESCRIPTION_num
|
||||
#define sk_ACCESS_DESCRIPTION_value wolfSSL_sk_ACCESS_DESCRIPTION_value
|
||||
|
@ -763,10 +771,17 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
|
|||
/* yassl had set the default to be 500 */
|
||||
#define SSL_get_default_timeout(ctx) 500
|
||||
|
||||
#define DTLSv1_get_timeout(ssl, timeleft) wolfSSL_DTLSv1_get_timeout((ssl), (Timeval*)(timeleft))
|
||||
#define DTLSv1_handle_timeout wolfSSL_DTLSv1_handle_timeout
|
||||
#define DTLSv1_set_initial_timeout_duration wolfSSL_DTLSv1_set_initial_timeout_duration
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
#define SSL_CTX_set_current_time_cb(ssl, cb) ({ (void)ssl; (void)cb; })
|
||||
#endif
|
||||
|
||||
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
|
||||
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
|
||||
#define BIO_read_filename wolfSSL_BIO_read_filename
|
||||
#define BIO_s_file wolfSSL_BIO_s_file
|
||||
#define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth
|
||||
#define SSL_set_verify_depth wolfSSL_set_verify_depth
|
||||
#define SSL_get_app_data wolfSSL_get_app_data
|
||||
|
@ -805,7 +820,6 @@ enum {
|
|||
#include <wolfssl/openssl/pem.h>
|
||||
|
||||
#define SSL_CTRL_CHAIN 88
|
||||
#define BIO_CTRL_WPENDING 13
|
||||
#define GEN_IPADD 7
|
||||
#define ERR_LIB_SSL 20
|
||||
#define SSL_R_SHORT_READ 10
|
||||
|
@ -905,6 +919,8 @@ enum {
|
|||
#define BIO_CTRL_RESET 1
|
||||
#define BIO_CTRL_INFO 3
|
||||
#define BIO_CTRL_FLUSH 11
|
||||
#define BIO_CTRL_WPENDING 13
|
||||
|
||||
#define BIO_CLOSE 0x01
|
||||
#define BIO_FP_WRITE 0x04
|
||||
|
||||
|
@ -936,9 +952,6 @@ enum {
|
|||
#define SSL_CTX_ctrl wolfSSL_CTX_ctrl
|
||||
|
||||
#define SSL3_RANDOM_SIZE 32 /* same as RAN_LEN in internal.h */
|
||||
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|
||||
|| defined(OPENSSL_ALL)
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
|
||||
#define SSL2_VERSION 0x0002
|
||||
#define SSL3_VERSION 0x0300
|
||||
|
@ -948,8 +961,17 @@ enum {
|
|||
#define TLS1_3_VERSION 0x0304
|
||||
#define DTLS1_VERSION 0xFEFF
|
||||
#define DTLS1_2_VERSION 0xFEFD
|
||||
|
||||
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|
||||
|| defined(OPENSSL_ALL)
|
||||
#include <wolfssl/openssl/asn1.h>
|
||||
|
||||
#define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000)
|
||||
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000)
|
||||
|
||||
#define SSL3_AD_BAD_CERTIFICATE bad_certificate
|
||||
#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
|
||||
|
||||
#define ASN1_STRFLGS_ESC_MSB 4
|
||||
|
||||
#define SSL_MAX_MASTER_KEY_LENGTH WOLFSSL_MAX_MASTER_KEY_LENGTH
|
||||
|
@ -1118,6 +1140,16 @@ enum {
|
|||
#define SSL_do_handshake wolfSSL_SSL_do_handshake
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
/* cipher suites for compatibility */
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -4,3 +4,19 @@
|
|||
|
||||
/* for compatibility, this is expected to be included */
|
||||
#include <openssl/dh.h>
|
||||
|
||||
/* wolfSSL_X509_print_ex flags */
|
||||
#define X509_FLAG_COMPAT (0UL)
|
||||
#define X509_FLAG_NO_HEADER (1UL << 0)
|
||||
#define X509_FLAG_NO_VERSION (1UL << 1)
|
||||
#define X509_FLAG_NO_SERIAL (1UL << 2)
|
||||
#define X509_FLAG_NO_SIGNAME (1UL << 3)
|
||||
#define X509_FLAG_NO_ISSUER (1UL << 4)
|
||||
#define X509_FLAG_NO_VALIDITY (1UL << 5)
|
||||
#define X509_FLAG_NO_SUBJECT (1UL << 6)
|
||||
#define X509_FLAG_NO_PUBKEY (1UL << 7)
|
||||
#define X509_FLAG_NO_EXTENSIONS (1UL << 8)
|
||||
#define X509_FLAG_NO_SIGDUMP (1UL << 9)
|
||||
#define X509_FLAG_NO_AUX (1UL << 10)
|
||||
#define X509_FLAG_NO_ATTRIBUTES (1UL << 11)
|
||||
#define X509_FLAG_NO_IDS (1UL << 12)
|
||||
|
|
126
wolfssl/ssl.h
126
wolfssl/ssl.h
|
@ -39,6 +39,9 @@
|
|||
#include <wolfssl/wolfcrypt/wolfevent.h>
|
||||
#endif
|
||||
|
||||
/* used internally by wolfSSL while OpenSSL types aren't */
|
||||
#include <wolfssl/callbacks.h>
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
|
||||
#if MQX_USE_IO_OLD
|
||||
|
@ -206,13 +209,10 @@ struct WOLFSSL_BASIC_CONSTRAINTS {
|
|||
#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME
|
||||
#define WOLFSSL_ASN1_GENERALIZEDTIME WOLFSSL_ASN1_TIME
|
||||
|
||||
struct WOLFSSL_ASN1_TIME {
|
||||
/* MAX_DATA_SIZE is 32 */
|
||||
unsigned char data[32 + 2];
|
||||
/* ASN_TIME | LENGTH | date bytes */
|
||||
|
||||
/* for compat */
|
||||
word32 length;
|
||||
struct WOLFSSL_ASN1_TIME {
|
||||
unsigned char data[CTC_DATE_SIZE]; /* date bytes */
|
||||
int length;
|
||||
int type;
|
||||
};
|
||||
|
||||
|
@ -421,6 +421,69 @@ typedef struct WOLFSSL_BUF_MEM {
|
|||
size_t max; /* maximum length */
|
||||
} WOLFSSL_BUF_MEM;
|
||||
|
||||
/* custom method with user set callbacks */
|
||||
typedef int (*wolfSSL_BIO_meth_write_cb)(WOLFSSL_BIO*, const char*, int);
|
||||
typedef int (*wolfSSL_BIO_meth_read_cb)(WOLFSSL_BIO *, char *, int);
|
||||
typedef int (*wolfSSL_BIO_meth_puts_cb)(WOLFSSL_BIO*, const char*);
|
||||
typedef int (*wolfSSL_BIO_meth_gets_cb)(WOLFSSL_BIO*, char*, int);
|
||||
typedef long (*wolfSSL_BIO_meth_get_ctrl_cb)(WOLFSSL_BIO*, int, long, void*);
|
||||
typedef int (*wolfSSL_BIO_meth_create_cb)(WOLFSSL_BIO*);
|
||||
typedef int (*wolfSSL_BIO_meth_destroy_cb)(WOLFSSL_BIO*);
|
||||
|
||||
#define MAX_BIO_METHOD_NAME 256
|
||||
typedef struct WOLFSSL_BIO_METHOD_CUSTOM {
|
||||
char name[MAX_BIO_METHOD_NAME];
|
||||
|
||||
wolfSSL_BIO_meth_puts_cb putsCb;
|
||||
wolfSSL_BIO_meth_gets_cb getsCb;
|
||||
|
||||
wolfSSL_BIO_meth_read_cb readCb;
|
||||
wolfSSL_BIO_meth_write_cb writeCb;
|
||||
|
||||
wolfSSL_BIO_meth_destroy_cb freeCb;
|
||||
wolfSSL_BIO_meth_create_cb createCb;
|
||||
|
||||
wolfSSL_BIO_meth_get_ctrl_cb ctrlCb;
|
||||
} WOLFSSL_BIO_METHOD_CUSTOM;
|
||||
|
||||
/* wolfSSL BIO_METHOD type */
|
||||
struct WOLFSSL_BIO_METHOD {
|
||||
byte type; /* method type */
|
||||
WOLFSSL_BIO_METHOD_CUSTOM* custom;
|
||||
};
|
||||
|
||||
/* wolfSSL BIO type */
|
||||
typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg,
|
||||
int iarg, long larg, long return_value);
|
||||
|
||||
struct WOLFSSL_BIO {
|
||||
WOLFSSL_BUF_MEM* mem_buf;
|
||||
WOLFSSL_BIO_METHOD* method;
|
||||
WOLFSSL* ssl; /* possible associated ssl */
|
||||
#ifndef NO_FILESYSTEM
|
||||
XFILE file; /* file descriptor */
|
||||
#endif
|
||||
WOLFSSL_BIO* prev; /* previous in chain */
|
||||
WOLFSSL_BIO* next; /* next in chain */
|
||||
WOLFSSL_BIO* pair; /* BIO paired with */
|
||||
void* heap; /* user heap hint */
|
||||
byte* ptr; /* memory buffer */
|
||||
void* usrCtx; /* user set pointer */
|
||||
char* infoArg; /* BIO callback argument */
|
||||
wolf_bio_info_cb infoCb; /* BIO callback */
|
||||
int wrSz; /* write buffer size (mem) */
|
||||
int wrIdx; /* current index for write buffer */
|
||||
int rdIdx; /* current read index */
|
||||
int readRq; /* read request */
|
||||
int num; /* length */
|
||||
int eof; /* eof flag */
|
||||
int flags;
|
||||
byte type; /* method type */
|
||||
byte init:1; /* bio has been initialized */
|
||||
byte shutdown:1; /* close flag */
|
||||
};
|
||||
|
||||
|
||||
typedef struct WOLFSSL_COMP_METHOD {
|
||||
int type; /* stunnel dereference */
|
||||
} WOLFSSL_COMP_METHOD;
|
||||
|
@ -897,6 +960,11 @@ WOLFSSL_API int wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
|
|||
#define wolfSSL_get_using_nonblock wolfSSL_dtls_get_using_nonblock
|
||||
/* The old names are deprecated. */
|
||||
WOLFSSL_API int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
|
||||
WOLFSSL_API int wolfSSL_DTLSv1_get_timeout(WOLFSSL* ssl, Timeval* timeleft);
|
||||
WOLFSSL_API void wolfSSL_DTLSv1_set_initial_timeout_duration(WOLFSSL* ssl,
|
||||
word32 duration_ms);
|
||||
WOLFSSL_API int wolfSSL_DTLSv1_handle_timeout(WOLFSSL* ssl);
|
||||
|
||||
WOLFSSL_API int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
|
||||
WOLFSSL_API int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
|
||||
WOLFSSL_API int wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
|
||||
|
@ -1031,6 +1099,9 @@ WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
|
|||
WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int);
|
||||
WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
|
||||
WOLFSSL_API const char* wolfSSL_CIPHER_get_version(const WOLFSSL_CIPHER* cipher);
|
||||
WOLFSSL_API word32 wolfSSL_CIPHER_get_id(const WOLFSSL_CIPHER* cipher);
|
||||
WOLFSSL_API char* wolfSSL_CIPHER_get_rfc_name(const WOLFSSL_CIPHER* cipher);
|
||||
WOLFSSL_API const WOLFSSL_CIPHER* wolfSSL_get_cipher_by_value(word16 value);
|
||||
WOLFSSL_API const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session);
|
||||
WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*);
|
||||
WOLFSSL_API void wolfSSL_sk_CIPHER_free(WOLF_STACK_OF(WOLFSSL_CIPHER)* sk);
|
||||
|
@ -1064,11 +1135,8 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append);
|
|||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*);
|
||||
WOLFSSL_API int wolfSSL_BIO_flush(WOLFSSL_BIO*);
|
||||
WOLFSSL_API int wolfSSL_BIO_pending(WOLFSSL_BIO*);
|
||||
|
||||
typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg,
|
||||
int iarg, long larg, long return_value);
|
||||
WOLFSSL_API void wolfSSL_BIO_set_callback(WOLFSSL_BIO *bio,
|
||||
wolf_bio_info_cb callback_func);
|
||||
WOLFSSL_API void wolfSSL_BIO_set_callback(WOLFSSL_BIO *bio,
|
||||
wolf_bio_info_cb callback_func);
|
||||
WOLFSSL_API wolf_bio_info_cb wolfSSL_BIO_get_callback(WOLFSSL_BIO *bio);
|
||||
WOLFSSL_API void wolfSSL_BIO_set_callback_arg(WOLFSSL_BIO *bio, char *arg);
|
||||
WOLFSSL_API char* wolfSSL_BIO_get_callback_arg(const WOLFSSL_BIO *bio);
|
||||
|
@ -1095,25 +1163,19 @@ WOLFSSL_API int wolfSSL_BIO_clear_retry_flags(WOLFSSL_BIO*);
|
|||
|
||||
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_meth_new(int, const char*);
|
||||
WOLFSSL_API void wolfSSL_BIO_meth_free(WOLFSSL_BIO_METHOD*);
|
||||
typedef int (*wolfSSL_BIO_meth_write_cb)(WOLFSSL_BIO*, const char*, int);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_write(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_write_cb);
|
||||
typedef int (*wolfSSL_BIO_meth_read_cb)(WOLFSSL_BIO *, char *, int);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_read(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_read_cb);
|
||||
typedef int (*wolfSSL_BIO_meth_puts_cb)(WOLFSSL_BIO*, const char*);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_puts(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_puts_cb);
|
||||
typedef int (*wolfSSL_BIO_meth_gets_cb)(WOLFSSL_BIO*, char*, int);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_gets(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_gets_cb);
|
||||
typedef long (*wolfSSL_BIO_meth_get_ctrl_cb)(WOLFSSL_BIO*, int, long, void*);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_ctrl(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_get_ctrl_cb);
|
||||
typedef int (*wolfSSL_BIO_meth_create_cb)(WOLFSSL_BIO*);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_create(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_create_cb);
|
||||
typedef int (*wolfSSL_BIO_meth_destroy_cb)(WOLFSSL_BIO*);
|
||||
WOLFSSL_API int wolfSSL_BIO_meth_set_destroy(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_destroy_cb);
|
||||
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
|
||||
|
||||
|
||||
WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
|
||||
WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
|
||||
#ifndef NO_FILESYSTEM
|
||||
WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, XFILE fd, int flag);
|
||||
#endif
|
||||
WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
|
@ -1177,6 +1239,8 @@ WOLFSSL_API int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* n,
|
|||
#ifndef NO_RSA
|
||||
WOLFSSL_API int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_X509_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
|
||||
unsigned long nmflags, unsigned long cflag);
|
||||
WOLFSSL_API int wolfSSL_X509_print(WOLFSSL_BIO* bio, WOLFSSL_X509* x509);
|
||||
WOLFSSL_API char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
|
||||
|
@ -1285,6 +1349,10 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void);
|
|||
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
|
||||
WOLFSSL_API int wolfSSL_X509_cmp_time(const WOLFSSL_ASN1_TIME* asnTime,
|
||||
time_t *cmpTime);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj_ex(WOLFSSL_ASN1_TIME *asnTime,
|
||||
int offset_day, long offset_sec, time_t *in_tm);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj(WOLFSSL_ASN1_TIME *asnTime,
|
||||
long offset_sec, time_t *in_tm);
|
||||
WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX*,
|
||||
|
@ -1600,6 +1668,7 @@ enum {
|
|||
X509_R_CERT_ALREADY_IN_HASH_TABLE,
|
||||
|
||||
XN_FLAG_SPC_EQ = (1 << 23),
|
||||
XN_FLAG_SEP_CPLUS_SPC = (2 << 16),
|
||||
XN_FLAG_ONELINE = 0,
|
||||
XN_FLAG_RFC2253 = 1,
|
||||
|
||||
|
@ -1903,6 +1972,8 @@ WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl);
|
|||
|
||||
WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int);
|
||||
WOLFSSL_API void wolfSSL_CTX_set_current_time_cb(WOLFSSL_CTX* ctx,
|
||||
void (*cb)(const WOLFSSL* ssl, Timeval* out_clock));
|
||||
|
||||
/* get wolfSSL peer X509_CHAIN */
|
||||
WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
|
||||
|
@ -1930,8 +2001,6 @@ WOLFSSL_API int wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int
|
|||
WOLFSSL_API char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_get_tbs(WOLFSSL_X509*, int*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*);
|
||||
WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*);
|
||||
WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*);
|
||||
|
@ -2933,9 +3002,6 @@ int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen,
|
|||
|
||||
#ifdef WOLFSSL_CALLBACKS
|
||||
|
||||
/* used internally by wolfSSL while OpenSSL types aren't */
|
||||
#include <wolfssl/callbacks.h>
|
||||
|
||||
typedef int (*HandShakeCallBack)(HandShakeInfo*);
|
||||
typedef int (*TimeoutCallBack)(TimeoutInfo*);
|
||||
|
||||
|
@ -3021,12 +3087,15 @@ WOLFSSL_API long wolfSSL_CTX_clear_extra_chain_certs(WOLFSSL_CTX* ctx);
|
|||
#ifndef NO_CERTS
|
||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_create_by_NID(
|
||||
WOLFSSL_X509_NAME_ENTRY** out, int nid, int type,
|
||||
unsigned char* data, int dataSz);
|
||||
const unsigned char* data, int dataSz);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name,
|
||||
WOLFSSL_X509_NAME_ENTRY* entry, int idx, int set);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
|
||||
const char *field, int type, const unsigned char *bytes, int len, int loc,
|
||||
int set);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
|
||||
int type, const unsigned char *bytes,
|
||||
int len, int loc, int set);
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
||||
const WOLFSSL_X509_NAME* y);
|
||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
||||
|
@ -3094,6 +3163,7 @@ WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
|
|||
|
||||
WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
|
||||
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
|
||||
|
||||
WOLFSSL_API size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
|
||||
unsigned char *out, size_t outlen);
|
||||
WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL*, WOLFSSL_EVP_PKEY**);
|
||||
|
@ -3187,7 +3257,8 @@ WOLFSSL_API int wolfSSL_PEM_write_bio_X509_AUX(WOLFSSL_BIO *bp,WOLFSSL_X509 *x);
|
|||
WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x);
|
||||
#endif /* HAVE_STUNNEL || HAVE_LIGHTY */
|
||||
|
||||
#ifdef OPENSSL_ALL
|
||||
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
|
||||
defined(WOLFSSL_CERT_REQ)
|
||||
WOLFSSL_API int wolfSSL_i2d_X509_REQ(WOLFSSL_X509* req, unsigned char** out);
|
||||
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_REQ_new(void);
|
||||
WOLFSSL_API void wolfSSL_X509_REQ_free(WOLFSSL_X509* req);
|
||||
|
@ -3413,7 +3484,6 @@ WOLFSSL_API int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a,
|
|||
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
|
||||
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
|
||||
void *data);
|
||||
|
||||
WOLFSSL_API int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *data,
|
||||
const WOLFSSL_EVP_MD *type, unsigned char *md, unsigned int *len);
|
||||
|
||||
|
|
|
@ -1105,7 +1105,6 @@ WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
|
|||
WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
|
||||
int maxIdx);
|
||||
WOLFSSL_LOCAL int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der);
|
||||
WOLFSSL_LOCAL int RsaPublicKeyDerSize(RsaKey* key, int with_header);
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
/* ASN sig helpers */
|
||||
|
|
|
@ -106,7 +106,8 @@ enum CertType {
|
|||
PKCS12_TYPE,
|
||||
PKCS8_PRIVATEKEY_TYPE,
|
||||
PKCS8_ENC_PRIVATEKEY_TYPE,
|
||||
DETECT_CERT_TYPE
|
||||
DETECT_CERT_TYPE,
|
||||
DH_PRIVATEKEY_TYPE,
|
||||
};
|
||||
|
||||
|
||||
|
@ -204,9 +205,9 @@ typedef struct WOLFSSL_ASN1_INTEGER {
|
|||
unsigned char* data;
|
||||
unsigned int dataMax; /* max size of data buffer */
|
||||
unsigned int isDynamic:1; /* flag for if data pointer dynamic (1 is yes 0 is no) */
|
||||
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
|
||||
|
||||
int length;
|
||||
#endif
|
||||
int type;
|
||||
} WOLFSSL_ASN1_INTEGER;
|
||||
|
||||
|
||||
|
@ -476,9 +477,12 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
|
|||
word32 outputSz, byte *cipherIno, int type);
|
||||
#endif
|
||||
|
||||
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
|
||||
#ifndef NO_RSA
|
||||
#if !defined(HAVE_USER_RSA)
|
||||
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
|
||||
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
|
||||
#endif
|
||||
WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
|
@ -496,6 +500,7 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
|
|||
ecc_key*, word32);
|
||||
WOLFSSL_API int wc_EccPublicKeyToDer(ecc_key*, byte* output,
|
||||
word32 inLen, int with_AlgCurve);
|
||||
WOLFSSL_API int wc_EccPublicKeyDerSize(ecc_key*, int with_AlgCurve);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ED25519
|
||||
|
|
Loading…
Reference in New Issue