mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

change _EncodeName, add test with wc_MakeCertReq, add XMEMSET with Cert init

This commit is contained in:
Jacob Barthelmeh 2018-02-23 17:22:48 -07:00
parent 453aa16e8d
commit f2cbab95b0
4 changed files with 25 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
wolfcrypt/src/asn.c
View File

@ -7814,83 +7814,39 @@ int wc_InitCert(Cert* cert)
return BAD_FUNC_ARG;
}
XMEMSET(cert, 0, sizeof(Cert));
cert->version = 2; /* version 3 is hex 2 */
cert->sigType = CTC_SHAwRSA;
cert->daysValid = 500;
cert->selfSigned = 1;
cert->isCA = 0;
cert->bodySz = 0;
#ifdef WOLFSSL_ALT_NAMES
cert->altNamesSz = 0;
cert->beforeDateSz = 0;
cert->afterDateSz = 0;
#endif
#ifdef WOLFSSL_CERT_EXT
cert->skidSz = 0;
cert->akidSz = 0;
cert->keyUsage = 0;
cert->extKeyUsage = 0;
cert->certPoliciesNb = 0;
XMEMSET(cert->akid, 0, CTC_MAX_AKID_SIZE);
XMEMSET(cert->skid, 0, CTC_MAX_SKID_SIZE);
XMEMSET(cert->certPolicies, 0, CTC_MAX_CERTPOL_NB*CTC_MAX_CERTPOL_SZ);
#endif
cert->keyType = RSA_KEY;
XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
cert->serialSz = 0;
cert->issuer.country[0] = '\0';
cert->issuer.countryEnc = CTC_PRINTABLE;
cert->issuer.state[0] = '\0';
cert->issuer.stateEnc = CTC_UTF8;
cert->issuer.locality[0] = '\0';
cert->issuer.localityEnc = CTC_UTF8;
cert->issuer.sur[0] = '\0';
cert->issuer.surEnc = CTC_UTF8;
cert->issuer.org[0] = '\0';
cert->issuer.orgEnc = CTC_UTF8;
cert->issuer.unit[0] = '\0';
cert->issuer.unitEnc = CTC_UTF8;
cert->issuer.commonName[0] = '\0';
cert->issuer.commonNameEnc = CTC_UTF8;
cert->issuer.email[0] = '\0';
cert->subject.country[0] = '\0';
cert->subject.countryEnc = CTC_PRINTABLE;
cert->subject.state[0] = '\0';
cert->subject.stateEnc = CTC_UTF8;
cert->subject.locality[0] = '\0';
cert->subject.localityEnc = CTC_UTF8;
cert->subject.sur[0] = '\0';
cert->subject.surEnc = CTC_UTF8;
cert->subject.org[0] = '\0';
cert->subject.orgEnc = CTC_UTF8;
cert->subject.unit[0] = '\0';
cert->subject.unitEnc = CTC_UTF8;
cert->subject.commonName[0] = '\0';
cert->subject.commonNameEnc = CTC_UTF8;
cert->subject.email[0] = '\0';
#ifdef WOLFSSL_MULTI_ATTRIB
for (i = 0; i < CTC_MAX_ATTRIB; i++) {
cert->issuer.name[i].sz = 0;
cert->issuer.name[i].id = 0;
cert->issuer.name[i].type = CTC_UTF8;
cert->issuer.name[i].value[0] = '\0';
cert->subject.name[i].sz = 0;
cert->subject.name[i].id = 0;
cert->issuer.name[i].type = CTC_UTF8;
cert->subject.name[i].type = CTC_UTF8;
cert->subject.name[i].value[0] = '\0';
}
#endif /* WOLFSSL_MULTI_ATTRIB */
#ifdef WOLFSSL_CERT_REQ
cert->challengePw[0] ='\0';
#endif
#ifdef WOLFSSL_HEAP_TEST
cert->heap = (void*)WOLFSSL_HEAP_TEST;
#else
cert->heap = NULL;
#endif
(void)i;
@ -8908,7 +8864,7 @@ static int SetAltNames(byte *out, word32 outSz, byte *input, word32 length)
*
* returns length on success
*/
static int _EncodeName(EncodedName* name, const char* nameStr, char nameType,
static int wc_EncodeName(EncodedName* name, const char* nameStr, char nameType,
byte type)
{
word32 idx = 0;
@ -9059,7 +9015,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
int ret;
const char* nameStr = GetOneName(name, i);
ret = _EncodeName(&names[i], nameStr, GetNameType(name, i),
ret = wc_EncodeName(&names[i], nameStr, GetNameType(name, i),
GetNameId(i));
if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK
@ -9073,7 +9029,7 @@ int SetName(byte* output, word32 outputSz, CertName* name)
for (i = 0; i < CTC_MAX_ATTRIB; i++) {
if (name->name[i].sz > 0) {
int ret;
ret = _EncodeName(&addNames[i], name->name[i].value,
ret = wc_EncodeName(&addNames[i], name->name[i].value,
name->name[i].type, name->name[i].id);
if (ret < 0) {
#ifdef WOLFSSL_SMALL_STACK
@ -10640,7 +10596,7 @@ int wc_SetExtKeyUsageOID(Cert *cert, const char *in, word32 sz, byte idx,
byte oid[MAX_OID_SZ];
word32 oidSz = MAX_OID_SZ;
if (idx >= CTC_MAX_EKU_NB || sz >= CTX_MAX_EKU_OID_SZ) {
if (idx >= CTC_MAX_EKU_NB || sz >= CTC_MAX_EKU_OID_SZ) {
WOLFSSL_MSG("Either idx or sz was too large");
return BAD_FUNC_ARG;
}

9
wolfcrypt/test/test.c
View File

@ -9966,6 +9966,15 @@ int rsa_test(void)
"emailProtection,timeStamping,OCSPSigning") != 0) {
ERROR_OUT(-5645, exit_rsa);
}
#ifdef WOLFSSL_EKU_OID
{
const char unique[] = "2.16.840.1.111111.100.1.10.1";
if (wc_SetExtKeyUsageOID(&req, unique, sizeof(unique), 0,
HEAP_HINT) != 0) {
ERROR_OUT(-5652, exit_rsa);
}
}
#endif /* WOLFSSL_EKU_OID */
#endif /* WOLFSSL_CERT_EXT */
derSz = wc_MakeCertReq(&req, der, FOURK_BUF, &key, NULL);

3
wolfssl/wolfcrypt/asn.h
View File

@ -194,7 +194,8 @@ enum Misc_ASN {
#ifdef WOLFSSL_CERT_EXT
MAX_KID_SZ = 45, /* Max encoded KID length (SHA-256 case) */
MAX_KEYUSAGE_SZ = 18, /* Max encoded Key Usage length */
MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)), /* Max encoded ExtKeyUsage
MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)) +
CTC_MAX_EKU_OID_SZ, /* Max encoded ExtKeyUsage
(SEQ/LEN + OBJID + OCTSTR/LEN + SEQ + (6 * (SEQ + OID))) */
MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,

9
wolfssl/wolfcrypt/asn_public.h
View File

@ -117,9 +117,12 @@ enum Ctc_Misc {
#ifndef CTC_MAX_EKU_NB
#define CTC_MAX_EKU_NB 1
#endif
#ifndef CTX_MAX_EKU_OID_SZ
#define CTX_MAX_EKU_OID_SZ 30
#ifndef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 30
#endif
#else
#undef CTC_MAX_EKU_OID_SZ
#define CTC_MAX_EKU_OID_SZ 0
#endif
@ -191,7 +194,7 @@ typedef struct Cert {
byte extKeyUsage; /* Extended Key Usage */
#ifdef WOLFSSL_EKU_OID
/* Extended Key Usage OIDs */
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTX_MAX_EKU_OID_SZ];
byte extKeyUsageOID[CTC_MAX_EKU_NB][CTC_MAX_EKU_OID_SZ];
byte extKeyUsageOIDSz[CTC_MAX_EKU_NB];
#endif
char certPolicies[CTC_MAX_CERTPOL_NB][CTC_MAX_CERTPOL_SZ];