From 3f6b7c883310a9bcc36c353bbdc9a9f62924399c Mon Sep 17 00:00:00 2001 From: Go Hosohara Date: Wed, 23 May 2018 16:33:11 +0900 Subject: [PATCH] Merge with openSSL-Compat-CRL-STORE on kojo1/wolfssl --- src/ssl.c | 57 +++++++++++++++------------------------------------ tests/api.c | 29 ++++++++++++++++---------- wolfssl/ssl.h | 5 +---- 3 files changed, 35 insertions(+), 56 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 2f31e5345..448c4a8dc 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -14364,19 +14364,6 @@ WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len) return newX509; } - - -#ifndef NO_WOLFSSL_STUB -#ifndef NO_FILESYSTEM -WOLFSSL_X509* wolfSSL_d2i_X509_fp(FILE *fp, WOLFSSL_X509 **x509) -{ - WOLFSSL_STUB("wolfSSL_d2i_X509_fp"); - (void)fp; - (void)x509; - return 0; -} -#endif /* !NO_FILESYSTEM */ -#endif /* !NO_WOLFSSL_STUB */ #endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ @@ -18082,7 +18069,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx) } #endif /* NO_CERTS */ -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type) { void *newx509 = NULL; @@ -18168,15 +18155,18 @@ WOLFSSL_X509 *wolfSSL_d2i_X509_fp(XFILE fp, WOLFSSL_X509 **x509) WOLFSSL_ENTER("wolfSSL_d2i_X509_fp"); return (WOLFSSL_X509 *)wolfSSL_d2i_X509_fp_ex(fp, (void **)x509, CERT_TYPE); } -#endif /* NO_FILESYSTEM */ +#endif /* !NO_FILESYSTEM */ #ifdef HAVE_CRL +#ifndef NO_FILESYSTEM WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE fp, WOLFSSL_X509_CRL **crl) { WOLFSSL_ENTER("wolfSSL_d2i_X509_CRL_fp"); return (WOLFSSL_X509_CRL *)wolfSSL_d2i_X509_fp_ex(fp, (void **)crl, CRL_TYPE); } +#endif /* !NO_FILESYSTEM */ + WOLFSSL_X509_CRL* wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL** crl, const unsigned char* in, int len) { @@ -18224,7 +18214,7 @@ void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl) FreeCRL(crl, 1); return; } -#endif +#endif /* HAVE_CRL */ #ifndef NO_WOLFSSL_STUB WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl) @@ -32634,7 +32624,6 @@ int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p, #endif /* WOLFCRYPT_ONLY */ #if defined(OPENSSL_EXTRA) -#ifndef NO_WOLFSSL_STUB int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509) { WOLFSSL_ENTER("X509_check_ca"); @@ -32646,19 +32635,9 @@ int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509) } -int wolfSSL_d2i_PKCS12_fp(FILE *fp, WC_PKCS12 *pkcs12) -{ - WOLFSSL_STUB("d2i_PKCS12_fp"); - (void)fp; - (void)pkcs12; - return 0; -} -#endif /* NO_WOLFSSL_STUB */ - - const char *wolfSSL_ASN1_tag2str(int tag) { - static const char *const tag_label[] = { + static const char *const tag_label[31] = { "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", "ENUMERATED", "", "UTF8STRING", "", "", "", @@ -32730,9 +32709,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, str_len += type_len; } if (wolfSSL_BIO_write(out, hash, 1) != 1){ - if (type_len > 0) - XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFSSL_FAILURE; + goto err_exit; } str_len++; if (flags & ASN1_STRFLGS_DUMP_DER){ @@ -32741,9 +32718,7 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, hex_tmp[2] = hex_char[str->length >> 4]; hex_tmp[3] = hex_char[str->length & 0xf]; if (wolfSSL_BIO_write(out, hex_tmp, 4) != 4){ - if (type_len > 0) - XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFSSL_FAILURE; + goto err_exit; } str_len += 4; XMEMSET(hex_tmp, 0, 4); @@ -32755,13 +32730,14 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, hex_tmp[0] = hex_char[*str_ptr >> 4]; hex_tmp[1] = hex_char[*str_ptr & 0xf]; if (wolfSSL_BIO_write(out, hex_tmp, 2) != 2){ - if (type_len > 0) - XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFSSL_FAILURE; + goto err_exit; } str_ptr++; str_len += 2; } + if (type_len > 0) + XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return (int)str_len; } @@ -32795,13 +32771,12 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, } if (wolfSSL_BIO_write(out, str->data, str->length) != str->length){ - if (type_len > 0) - XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - return WOLFSSL_FAILURE; + goto err_exit; } str_len += str->length; + if (type_len > 0) + XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return (int)str_len; err_exit: diff --git a/tests/api.c b/tests/api.c index 7be19f42e..44ed1c806 100644 --- a/tests/api.c +++ b/tests/api.c @@ -18451,7 +18451,7 @@ static void test_wolfSSL_OPENSSL_add_all_algorithms(void){ } static void test_wolfSSL_ASN1_STRING_print_ex(void){ -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_STRING* asn_str = NULL; const char data[] = "Hello wolfSSL!"; ASN1_STRING* esc_str = NULL; @@ -18459,21 +18459,30 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ BIO *bio; unsigned long flags; int p_len; - unsigned char rbuf[256]; + unsigned char rbuf[255]; printf(testingFmt, "wolfSSL_ASN1_STRING_print_ex()"); /* setup */ - XMEMSET(rbuf, 0, 256); + XMEMSET(rbuf, 0, 255); bio = BIO_new(BIO_s_mem()); - BIO_set_write_buf_size(bio,256); + BIO_set_write_buf_size(bio,255); asn_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING); ASN1_STRING_set(asn_str, (const void*)data, sizeof(data)); esc_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING); ASN1_STRING_set(esc_str, (const void*)esc_data, sizeof(esc_data)); + /* no flags */ + XMEMSET(rbuf, 0, 255); + flags = 0; + p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags); + AssertIntEQ(p_len, 15); + BIO_read(bio, (void*)rbuf, 15); + AssertStrEQ((char*)rbuf, "Hello wolfSSL!"); + /* RFC2253 Escape */ + XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_ESC_2253; p_len = wolfSSL_ASN1_STRING_print_ex(bio, esc_str, flags); AssertIntEQ(p_len, 9); @@ -18481,7 +18490,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ AssertStrEQ((char*)rbuf, "a\\+\\;\\<\\>"); /* Show type */ - XMEMSET(rbuf, 0, 256); + XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_SHOW_TYPE; p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags); AssertIntEQ(p_len, 28); @@ -18489,7 +18498,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ AssertStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!"); /* Dump All */ - XMEMSET(rbuf, 0, 256); + XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL; p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags); AssertIntEQ(p_len, 31); @@ -18497,7 +18506,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ AssertStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100"); /* Dump Der */ - XMEMSET(rbuf, 0, 256); + XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER; p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags); AssertIntEQ(p_len, 35); @@ -18505,7 +18514,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ AssertStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100"); /* Dump All + Show type */ - XMEMSET(rbuf, 0, 256); + XMEMSET(rbuf, 0, 255); flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE; p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags); AssertIntEQ(p_len, 44); @@ -18520,7 +18529,6 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ #endif } - static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){ #if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME) WOLFSSL_ASN1_TIME *t; @@ -18567,12 +18575,12 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){ AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE); AssertStrEQ((char*)gtime->data + 2, "20050727123456Z"); + XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); printf(resultFmt, passed); #endif } - static void test_no_op_functions(void) { #if defined(OPENSSL_EXTRA) @@ -19555,7 +19563,6 @@ static void test_wolfSSL_i2c_ASN1_INTEGER() printf(resultFmt, passed); #endif /* OPENSSL_EXTRA */ } - /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 963854b9f..705944cef 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1533,8 +1533,7 @@ WOLFSSL_API int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out); WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL **crl, const unsigned char *in, int len); #ifndef NO_FILESYSTEM -WOLFSSL_API WOLFSSL_X509* wolfSSL_d2i_X509_fp(FILE *fp, WOLFSSL_X509 **x509); -WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(WOLFSSL_X509_CRL **crl, XFILE file); +WOLFSSL_API WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE file, WOLFSSL_X509_CRL **crl); #endif WOLFSSL_API void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl); @@ -2917,13 +2916,11 @@ WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx); WOLFSSL_API void ERR_load_SSL_strings(void); WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p); -WOLFSSL_API int wolfSSL_d2i_PKCS12_fp(FILE *fp, WC_PKCS12 *pkcs12); WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag); WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags); WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t, WOLFSSL_ASN1_TIME **out); WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp); -WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x); #endif /* OPENSSL_EXTRA */ #ifdef HAVE_PK_CALLBACKS