mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ssl.c: Move functions out to separate files 

Moved E[CD][25519||448] APIs to pk.c
Move public key PEM APIs to pk.c.
Move wolfSSL loading and using of private keys and certificates to
ssl_load.c
Move PKCS#7 and PKCS#12 APIs to ssl_p7p12.c.
Move session and session cache APIs to ssl_sess.c.
Other minor fixes.
This commit is contained in:
Sean Parkinson 2024-03-05 11:02:45 +10:00
parent 9b92aea245
commit 8e9810e87e
29 changed files with 17234 additions and 13797 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
View File

@ -384,7 +384,10 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_load.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_p7p12.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""

3
IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
View File

@ -384,7 +384,10 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_load.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_p7p12.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""

3
IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
View File

@ -384,7 +384,10 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_load.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_p7p12.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""

3
IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
View File

@ -384,7 +384,10 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_load.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_p7p12.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""

3
IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
View File

@ -384,7 +384,10 @@ else()
"\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_load.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_p7p12.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/ssl_sess.c\"" # included by ssl.c
"\"${WOLFSSL_ROOT}/src/x509.c\""
"\"${WOLFSSL_ROOT}/src/x509_str.c\""
"\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""

3
IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
View File

@ -75,7 +75,10 @@ set(COMPONENT_SRCEXCLUDE
"./src/ssl_bn.c" # included by ssl.c
"./src/ssl_certman.c" # included by ssl.c
"./src/ssl_crypto.c" # included by ssl.c
"./src/ssl_load.c" # included by ssl.c
"./src/ssl_misc.c" # included by ssl.c
"./src/ssl_p7p12.c" # included by ssl.c
"./src/ssl_sess.c" # included by ssl.c
"./src/x509.c"
"./src/x509_str.c"
"./wolfcrypt/src/evp.c"

3
IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
View File

@ -41,7 +41,10 @@ list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_asn1.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_bn.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_certman.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_crypto.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_load.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_misc.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_p7p12.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_sess.c )
aux_source_directory( ${CRYPTO_SRC_DIR} CRYPTO_SOURCES )
list( REMOVE_ITEM CRYPTO_SOURCES ../../../wolfcrypt/src/evp.c )
list( REMOVE_ITEM CRYPTO_SOURCES ../../../wolfcrypt/src/misc.c )

BIN
certs/dh-priv-2048.der Normal file
View File

Binary file not shown.

14
certs/dh-priv-2048.pem Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN PRIVATE KEY-----
MIICJgIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBALChCAacCBO6WQY8vDDV9QDB
T0Sn1u9KxiUnHOjSllMKXJHdosKUhL99skSfm9LBisW+clyn55Hm1J9zB4VbZkjH
cPq07gLJPZpK2j3BRj4ZadEXRgejTZ8rlhc5bTCNKvOU03XPoHXm8pIfGnAFqgSD
VzD72naTOFDoJ/1j7jzlt8gJrm9QNY6EzkoA6RJ+WjHXM/whE3bMFjDbDPzFYqc1
uO+3sKzANvbZyUZI+UCQACsbqmzjGsMLA54bwkbkSE4ic2/DX9Sa1jAHSNaMkKvU
9vHjSNNYS6a5zSm/aB8IS2OGL1xr1rYGZfem3ABna7vDqUGD+8f6yOIefq8AP5MC
AQIEggEEAoIBAGgTxi13nL+WV5P+7N5Pog7yPpAD+2VCLWQh7akd6hZQ2DMlHsUe
ptoAexAcst8vQOI1/Q1CX9ItJmUmLzUFNJSeYBp9kxNmNtSmgu2JUmQDF1GBsUlK
ERt4h2PuXGAaRH39V13QP7KfYnb+7k5vo6z90XaDubLq1OQIaTpM4TbLVZBKoCmx
ozuZjUQdC97adAKHQKBmpyI2AbfWM+Af43vV5uyfq4k4X+Y7k5habXFPRXcNKklk
n6OA/isuvSN6S4i2fVmAG0hguT0utQJq6oScMZmav8izdbfOdOavXILLjRf/2Qv+
+IMa9qlwxfqcj4oZahATC2Vd9242JWUdOpQ=
-----END PRIVATE KEY-----

BIN
certs/dh-pub-2048.der Normal file
View File

Binary file not shown.

14
certs/dh-pub-2048.pem Normal file
View File

@ -0,0 +1,14 @@
-----BEGIN PUBLIC KEY-----
MIICJTCCARcGCSqGSIb3DQEDATCCAQgCggEBALChCAacCBO6WQY8vDDV9QDBT0Sn
1u9KxiUnHOjSllMKXJHdosKUhL99skSfm9LBisW+clyn55Hm1J9zB4VbZkjHcPq0
7gLJPZpK2j3BRj4ZadEXRgejTZ8rlhc5bTCNKvOU03XPoHXm8pIfGnAFqgSDVzD7
2naTOFDoJ/1j7jzlt8gJrm9QNY6EzkoA6RJ+WjHXM/whE3bMFjDbDPzFYqc1uO+3
sKzANvbZyUZI+UCQACsbqmzjGsMLA54bwkbkSE4ic2/DX9Sa1jAHSNaMkKvU9vHj
SNNYS6a5zSm/aB8IS2OGL1xr1rYGZfem3ABna7vDqUGD+8f6yOIefq8AP5MCAQID
ggEGAAKCAQEAgZ77PUjCE1nV8MPEk9zpTR6k1wYrpQKy3fjMK+kbuHUEw5AaMTK9
Gi3vpfwpg5ZaZTgTkPgakEcMwEagNDXEjzYOwxK5Ui6FVQ3VaDydVkhZppxpULu4
H1H2WwWUFTZTZlpCmhVsDWZwzy1RoxEfBnhC78hpLYKLzyASWC1EnCC9oP/U4aI/
D6i0bK1pXxPGFrML5jRkVpQReCkLI/aOgeTNUAcJC+USxIPSXpdPYl81zsWRgawP
bd2saVqE9DqJVSpoRY9yh1JoFqAagANNQL1x3sohEmMZq3EBbzReyawVW6Cbe5mb
LMtSN/UWqN/NwbYNcVj/GxFuoutVnS5jmw==
-----END PUBLIC KEY-----

20
certs/dsa2048.pem Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN DSA PRIVATE KEY-----
MIIDPwIBAAKCAQEAzI7JoNWaJxzaUt/HwOYGpD6KZknQWTNRacScXmSFx/Gr1dli
rP2h4BtX/5bvDJ/IRIfrXJHQRkIJUGojy4lvVelqEamoMqszDVG1eVG0q6IlEY3l
JL7Y8Z1OEm+sRFSAqbSBaE5EDrg5876DCHSixnrXan0KiFeDSNzPXm/uaAz3/wME
kKr3B5j4Z1qDI2ZHYMNDbgORrChmy/DTBcgJl7WuAV6AO51P3j6U/suCsLH8kYsd
iu7GBh83kUjS+GxdYBODp4Gsyo3QagQK6j4iThPxDbtga828XIejZytCoZ/NOVi+
VbGThM6yEE7kw5+yU2EBKaqWyyBgQh26dUtjwQIVAOelOdRqN16VBjkHdwrroAPr
eIKbAoIBAQCa1ExxL+z6MrKAfmFKa18YdkPDabpBx6cdeQHsrzSHZ08pgKg7h/bo
oejNGxyGOPbRDEYuyODJMCbVLH/BCL/MWoKO1NRJqqL65sGd8NmWsP8MWzOOBt2d
KKnpgEE72HqUIY9W8aK0K4kcdP9+kdwfkROYr8cG0kyQor3aFrplsC1ohzxuJY2Q
x7wNqUMDyb7PhW/bB3uM+LHCSRBpY1Y3xTDS+3Ga6IIHLj6VUPNzzzRb1asCFfLM
11LFKNhBGVVvuF/xmbPH2bNx9C3fIlk1hts5yhtNNZAZazHjyMYJv3ztAbSy9W7a
Y0E85jpyLWVI9gfNkoSLHacxa9bw+9n0AoIBAGZLu7fJSJUNWqYtoX/fH2dt7VJL
FmwXxq74asRX7S+z8CpVq7rK6hfoNXzlMQ1KlfxDb5c8XGesvmd/6U6qSLOSoXZ1
6gQ0f4czLSS2KZfjBHeTiRPbG5O4LJAaCTsm2VnzKglY3KwltKlFO6I6bGGEv2jU
6pvFKUhgFRA1LEQdtZrurMFo6Ee3QTQ5mvilIOkkxCxYP0xBMDoUbo3qrbqbQ9OY
L4PYFGfo+NVPrOA7v6dUFl5JZCZUpGtpfLqKg9kuZQqiJ++ZmQjXtZ+gAe9+F7+D
ay7dwDk4I2i0dmvlyvd87sBS4t2tWTpCBkWwx8F3BbIMMkBGqtp5dwRx33oCFQCY
7rlRNz51ExMGj5TT5ukAy2Jtmg==
-----END DSA PRIVATE KEY-----

7
certs/include.am
View File

@ -73,7 +73,12 @@ EXTRA_DIST += \
certs/x942dh2048.der \
certs/x942dh2048.pem \
certs/fpki-cert.der \
certs/rid-cert.der
certs/rid-cert.der \
certs/dh-priv-2048.der \
certs/dh-priv-2048.pem \
certs/dh-pub-2048.der \
certs/dh-pub-2048.pem \
certs/dsa2048.pem
EXTRA_DIST += \
certs/ca-key.der \

1
examples/client/client.c
View File

@ -2166,6 +2166,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)usePqc;
(void)pqcAlg;
(void)opensslPsk;
(void)fileFormat;
StackTrap();
/* Reinitialize the global myVerifyAction. */

3
src/include.am
View File

@ -21,7 +21,10 @@ EXTRA_DIST += src/ssl_asn1.c
EXTRA_DIST += src/ssl_bn.c
EXTRA_DIST += src/ssl_certman.c
EXTRA_DIST += src/ssl_crypto.c
EXTRA_DIST += src/ssl_load.c
EXTRA_DIST += src/ssl_misc.c
EXTRA_DIST += src/ssl_p7p12.c
EXTRA_DIST += src/ssl_sess.c
EXTRA_DIST += src/x509.c
EXTRA_DIST += src/x509_str.c

2606
src/pk.c
View File

File diff suppressed because it is too large Load Diff

14405
src/ssl.c
View File

File diff suppressed because it is too large Load Diff

2
src/ssl_bn.c
View File

@ -25,7 +25,7 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/internal.h>
#include <wolfssl/internal.h>
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif

5783
src/ssl_load.c Normal file
View File

File diff suppressed because it is too large Load Diff

213
src/ssl_misc.c
View File

@ -24,6 +24,8 @@
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#if !defined(WOLFSSL_SSL_MISC_INCLUDED)
#ifndef WOLFSSL_IGNORE_FILE_WARN
@ -54,7 +56,7 @@ static int wolfssl_read_bio_file(WOLFSSL_BIO* bio, char** data)
char* p;
/* Allocate buffer to hold a chunk of data. */
mem = (char*)XMALLOC(READ_BIO_FILE_CHUNK, bio->heap, DYNAMIC_TYPE_OPENSSL);
mem = (char*)XMALLOC(READ_BIO_FILE_CHUNK, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (mem == NULL) {
WOLFSSL_ERROR_MSG("Memory allocation error");
ret = MEMORY_E;
@ -86,8 +88,8 @@ static int wolfssl_read_bio_file(WOLFSSL_BIO* bio, char** data)
}
else {
/* No space left for more data to be read - add a chunk. */
p = (char*)XREALLOC(mem, ret + READ_BIO_FILE_CHUNK, bio->heap,
DYNAMIC_TYPE_OPENSSL);
p = (char*)XREALLOC(mem, ret + READ_BIO_FILE_CHUNK, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (p == NULL) {
sz = MEMORY_E;
break;
@ -103,7 +105,7 @@ static int wolfssl_read_bio_file(WOLFSSL_BIO* bio, char** data)
}
if ((sz < 0) || (ret == 0)) {
/* Dispose of memory on error or no data read. */
XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
XFREE(mem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
mem = NULL;
/* Return error. */
ret = sz;
@ -129,14 +131,14 @@ static int wolfssl_read_bio_len(WOLFSSL_BIO* bio, int sz, char** data)
char* mem;
/* Allocate buffer to hold data. */
mem = (char*)XMALLOC((size_t)sz, bio->heap, DYNAMIC_TYPE_OPENSSL);
mem = (char*)XMALLOC((size_t)sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (mem == NULL) {
WOLFSSL_ERROR_MSG("Memory allocation error");
ret = MEMORY_E;
}
else if ((ret = wolfSSL_BIO_read(bio, mem, sz)) != sz) {
/* Pending data not read. */
XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL);
XFREE(mem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
mem = NULL;
ret = MEMORY_E;
}
@ -299,5 +301,204 @@ static int wolfssl_read_file(XFILE fp, char** data, int* dataSz)
}
#endif /* (OPENSSL_EXTRA || PERSIST_CERT_CACHE) && !WOLFCRYPT_ONLY &&
* !NO_FILESYSTEM */
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
#ifdef WOLFSSL_SMALL_STACK
/* Buffer and size with no stack buffer. */
typedef struct {
/* Dynamically allocated buffer. */
byte* buffer;
/* Size of buffer in bytes. */
word32 sz;
} StaticBuffer;
/* Initialize static buffer.
*
* @param [in, out] sb Static buffer.
*/
static void static_buffer_init(StaticBuffer* sb)
{
sb->buffer = NULL;
sb->sz = 0;
}
/* Set the size of the buffer.
*
* Can only set size once.
*
* @param [in] sb Static buffer.
* @param [in] len Length required.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] type Type of dynamic memory.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
static int static_buffer_set_size(StaticBuffer* sb, word32 len, void* heap,
int type)
{
int ret = 0;
(void)heap;
(void)type;
sb->buffer = (byte*)XMALLOC(len, heap, type);
if (sb->buffer == NULL) {
ret = MEMORY_E;
}
else {
sb->sz = len;
}
return ret;
}
/* Dispose of dynamically allocated buffer.
*
* @param [in] sb Static buffer.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] type Type of dynamic memory.
*/
static void static_buffer_free(StaticBuffer* sb, void* heap, int type)
{
(void)heap;
(void)type;
XFREE(sb->buffer, heap, type);
}
#else
/* Buffer and size with stack buffer set and option to dynamically allocate. */
typedef struct {
/* Stack or heap buffer. */
byte* buffer;
/* Size of buffer in bytes. */
word32 sz;
/* Indicates whether the buffer was dynamically allocated. */
int dyn;
} StaticBuffer;
/* Initialize static buffer.
*
* @param [in, out] sb Static buffer.
* @param [in] stackBuffer Buffer allocated on the stack.
* @param [in] len Length of stack buffer.
*/
static void static_buffer_init(StaticBuffer* sb, byte* stackBuffer, word32 len)
{
sb->buffer = stackBuffer;
sb->sz = len;
sb->dyn = 0;
}
/* Set the size of the buffer.
*
* Pre: Buffer on the stack set with its size.
* Can only set size once.
*
* @param [in] sb Static buffer.
* @param [in] len Length required.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] type Type of dynamic memory.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
static int static_buffer_set_size(StaticBuffer* sb, word32 len, void* heap,
int type)
{
int ret = 0;
(void)heap;
(void)type;
if (len > sb->sz) {
byte* buff = (byte*)XMALLOC(len, heap, type);
if (buff == NULL) {
ret = MEMORY_E;
}
else {
sb->buffer = buff;
sb->sz = len;
sb->dyn = 1;
}
}
return ret;
}
/* Dispose of dynamically allocated buffer.
*
* @param [in] sb Static buffer.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] type Type of dynamic memory.
*/
static void static_buffer_free(StaticBuffer* sb, void* heap, int type)
{
(void)heap;
(void)type;
if (sb->dyn) {
XFREE(sb->buffer, heap, type);
}
}
#endif /* WOLFSSL_SMALL_STACK */
#ifndef NO_FILESYSTEM
/* Read all the data from a file into content.
*
* @param [in] fname File pointer to read with.
* @param [in, out] content Read data in an allocated buffer.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] type Type of dynamic memory.
* @param [out] size Amount of data read in bytes.
* @return 0 on success.
* @return WOLFSSL_BAD_FILE when reading fails.
* @return MEMORY_E when memory allocation fails.
*/
static int wolfssl_read_file_static(const char* fname, StaticBuffer* content,
void* heap, int type, long* size)
{
int ret = 0;
XFILE file = XBADFILE;
long sz = 0;
/* Check filename is usable. */
if (fname == NULL) {
ret = WOLFSSL_BAD_FILE;
}
/* Open file for reading. */
if ((ret == 0) && ((file = XFOPEN(fname, "rb")) == XBADFILE)) {
ret = WOLFSSL_BAD_FILE;
}
if (ret == 0) {
/* Get length of file. */
ret = wolfssl_file_len(file, &sz);
}
if (ret == 0) {
/* Set the buffer to be big enough to hold all data. */
ret = static_buffer_set_size(content, (word32)sz, heap, type);
}
/* Read data from file. */
if ((ret == 0) && ((size_t)XFREAD(content->buffer, 1, sz, file) !=
(size_t)sz)) {
ret = WOLFSSL_BAD_FILE;
}
/* Close file if opened. */
if (file != XBADFILE) {
XFCLOSE(file);
}
/* Return size read. */
*size = sz;
return ret;
}
#endif /* !NO_FILESYSTEM */
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
#endif /* !WOLFSSL_SSL_MISC_INCLUDED */

2122
src/ssl_p7p12.c Normal file
View File

File diff suppressed because it is too large Load Diff

4535
src/ssl_sess.c Normal file
View File

File diff suppressed because it is too large Load Diff

21
src/x509.c
View File

@ -11262,6 +11262,27 @@ cleanup:
return loadX509orX509REQFromPemBio(bp, x, cb, u, CERT_TYPE);
}
/*
* bp : bio to read X509 from
* x : x509 to write to
* cb : password call back for reading PEM
* u : password
* _AUX is for working with a trusted X509 certificate
*/
WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX(WOLFSSL_BIO *bp,
WOLFSSL_X509 **x, wc_pem_password_cb *cb,
void *u)
{
WOLFSSL_ENTER("wolfSSL_PEM_read_bio_X509");
/* AUX info is; trusted/rejected uses, friendly name, private key id,
* and potentially a stack of "other" info. wolfSSL does not store
* friendly name or private key id yet in WOLFSSL_X509 for human
* readability and does not support extra trusted/rejected uses for
* root CA. */
return wolfSSL_PEM_read_bio_X509(bp, x, cb, u);
}
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_REQ(WOLFSSL_BIO *bp, WOLFSSL_X509 **x,
wc_pem_password_cb *cb, void *u)

1218
tests/api.c
View File

File diff suppressed because it is too large Load Diff

17
wolfcrypt/src/asn.c
View File

@ -24214,14 +24214,25 @@ int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
return ret;
}
int AllocCopyDer(DerBuffer** pDer, const unsigned char* buff, word32 length,
int type, void* heap)
{
int ret = AllocDer(pDer, length, type, heap);
if (ret == 0) {
XMEMCPY((*pDer)->buffer, buff, length);
}
return ret;
}
void FreeDer(DerBuffer** pDer)
{
if (pDer && *pDer)
{
if (pDer && *pDer) {
DerBuffer* der = (DerBuffer*)*pDer;
/* ForceZero private keys */
if (der->type == PRIVATEKEY_TYPE && der->buffer != NULL) {
if (((der->type == PRIVATEKEY_TYPE) ||
(der->type == ALT_PRIVATEKEY_TYPE)) && der->buffer != NULL) {
ForceZero(der->buffer, der->length);
}
der->buffer = NULL;

4
wolfssl/internal.h
View File

@ -3577,7 +3577,7 @@ struct WOLFSSL_CTX {
int certChainCnt;
#endif
DerBuffer* privateKey;
byte privateKeyType:6;
byte privateKeyType;
byte privateKeyId:1;
byte privateKeyLabel:1;
int privateKeySz;
@ -4553,7 +4553,7 @@ typedef struct Buffers {
#ifndef NO_CERTS
DerBuffer* certificate; /* WOLFSSL_CTX owns, unless we own */
DerBuffer* key; /* WOLFSSL_CTX owns, unless we own */
byte keyType:6; /* Type of key */
byte keyType; /* Type of key */
byte keyId:1; /* Key data is an id not data */
byte keyLabel:1; /* Key data is a label not data */
int keySz; /* Size of RSA key */

16
wolfssl/ssl.h
View File

@ -793,9 +793,9 @@ enum SNICbReturn {
* functions should use this macro to fill this gap. Users who want them
* to return the same return value as OpenSSL can define
* WOLFSSL_ERR_CODE_OPENSSL.
* Give item1 a variable that contains the potentially negative
* Give rc a variable that contains the potentially negative
* wolfSSL-defined return value or the return value itself, and
* give item2 the openSSL-defined return value.
* give fail_rc the openSSL-defined return value.
* Note that this macro replaces only negative return values with the
* specified value.
* Since wolfSSL 4.7.0, the following functions use this macro:
@ -804,11 +804,15 @@ enum SNICbReturn {
* - wolfSSL_EVP_PKEY_cmp
*/
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
#define WS_RETURN_CODE(item1,item2) \
(((item1) < 0) ? (int)(item2) : (int)(item1))
#define WS_RETURN_CODE(rc, fail_rc) \
(((rc) < 0) ? (int)(fail_rc) : (int)(rc))
#else
#define WS_RETURN_CODE(item1,item2) (item1)
#define WS_RETURN_CODE(rc, fail_rc) (rc)
#endif
#define WS_RC(rc) \
(((rc) == 1) ? 1 : 0)
#define WC_TO_WS_RC(ret) \
(((ret) == 0) ? 1 : (ret))
/* Maximum master key length (SECRET_LEN) */
#define WOLFSSL_MAX_MASTER_KEY_LENGTH 48
@ -4553,7 +4557,7 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NA
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX* ctx, WOLFSSL_X509* x);
WOLFSSL_API int wolfSSL_CTX_use_certificate(WOLFSSL_CTX* ctx, WOLFSSL_X509* x);
WOLFSSL_API int wolfSSL_CTX_add0_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
WOLFSSL_API int wolfSSL_add0_chain_cert(WOLFSSL* ssl, WOLFSSL_X509* x509);

5
wolfssl/wolfcrypt/asn.h
View File

@ -2365,7 +2365,10 @@ WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info,
WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
DerBuffer** pDer, void* heap, EncryptedInfo* info,
int* eccKey);
WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);
WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type,
void* heap);
WOLFSSL_LOCAL int AllocCopyDer(DerBuffer** der, const unsigned char* buff,
word32 length, int type, void* heap);
WOLFSSL_LOCAL void FreeDer(DerBuffer** der);
#if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) || \

4
wolfssl/wolfcrypt/ecc.h
View File

@ -139,6 +139,10 @@
#define WC_ECC_FIPS_GEN_MIN (WC_ECC_FIPS_SIG_MIN/8)
#endif
#ifdef WOLFSSL_SM2
#define WOLFSSL_SM2_KEY_BITS 256
#endif
/* calculate max ECC bytes */
#if ((MAX_ECC_BITS * 2) % 8) == 0
#define MAX_ECC_BYTES (MAX_ECC_BITS / 8)