mirror of https://github.com/wolfSSL/wolfssl.git
update uses of wolfSSL_X509_new and wolfSSL_X509_d2i
where heap doesn't require a new ex function or struct field to avoid size increasepull/7136/head
John Bland
parent
03f32b623f
commit
41ea1109ec
27
src/ssl.c
27
src/ssl.c
|
|
@ -18856,7 +18856,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
|
||||||
sk = wolfSSL_sk_X509_new_null();
|
sk = wolfSSL_sk_X509_new_null();
|
||||||
i = ssl->session->chain.count-1;
|
i = ssl->session->chain.count-1;
|
||||||
for (; i >= 0; i--) {
|
for (; i >= 0; i--) {
|
||||||
x509 = wolfSSL_X509_new();
|
x509 = wolfSSL_X509_new_ex(ssl->heap);
|
||||||
if (x509 == NULL) {
|
if (x509 == NULL) {
|
||||||
WOLFSSL_MSG("Error Creating X509");
|
WOLFSSL_MSG("Error Creating X509");
|
||||||
wolfSSL_sk_X509_pop_free(sk, NULL);
|
wolfSSL_sk_X509_pop_free(sk, NULL);
|
||||||
|
|
@ -19224,9 +19224,10 @@ WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#ifndef WOLFSSL_X509_STORE_CERTS
|
#ifndef WOLFSSL_X509_STORE_CERTS
|
||||||
ssl->ourCert = wolfSSL_X509_d2i(NULL,
|
ssl->ourCert = wolfSSL_X509_d2i_ex(NULL,
|
||||||
ssl->buffers.certificate->buffer,
|
ssl->buffers.certificate->buffer,
|
||||||
ssl->buffers.certificate->length);
|
ssl->buffers.certificate->length,
|
||||||
|
ssl->heap);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
return ssl->ourCert;
|
return ssl->ourCert;
|
||||||
|
|
@ -19239,9 +19240,10 @@ WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#ifndef WOLFSSL_X509_STORE_CERTS
|
#ifndef WOLFSSL_X509_STORE_CERTS
|
||||||
ssl->ctx->ourCert = wolfSSL_X509_d2i(NULL,
|
ssl->ctx->ourCert = wolfSSL_X509_d2i_ex(NULL,
|
||||||
ssl->ctx->certificate->buffer,
|
ssl->ctx->certificate->buffer,
|
||||||
ssl->ctx->certificate->length);
|
ssl->ctx->certificate->length,
|
||||||
|
ssl->heap);
|
||||||
#endif
|
#endif
|
||||||
ssl->ctx->ownOurCert = 1;
|
ssl->ctx->ownOurCert = 1;
|
||||||
}
|
}
|
||||||
|
|
@ -19261,9 +19263,9 @@ WOLFSSL_X509* wolfSSL_CTX_get0_certificate(WOLFSSL_CTX* ctx)
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#ifndef WOLFSSL_X509_STORE_CERTS
|
#ifndef WOLFSSL_X509_STORE_CERTS
|
||||||
ctx->ourCert = wolfSSL_X509_d2i(NULL,
|
ctx->ourCert = wolfSSL_X509_d2i_ex(NULL,
|
||||||
ctx->certificate->buffer,
|
ctx->certificate->buffer,
|
||||||
ctx->certificate->length);
|
ctx->certificate->length, ctx->heap);
|
||||||
#endif
|
#endif
|
||||||
ctx->ownOurCert = 1;
|
ctx->ownOurCert = 1;
|
||||||
}
|
}
|
||||||
|
|
@ -26221,7 +26223,8 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
ctx->ourCert = wolfSSL_X509_d2i(NULL, x->derCert->buffer,x->derCert->length);
|
ctx->ourCert = wolfSSL_X509_d2i_ex(NULL, x->derCert->buffer,
|
||||||
|
x->derCert->length, ctx->heap);
|
||||||
if(ctx->ourCert == NULL){
|
if(ctx->ourCert == NULL){
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
@ -30057,8 +30060,8 @@ int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** ch
|
||||||
idx += 3;
|
idx += 3;
|
||||||
|
|
||||||
/* Create a new X509 from DER encoded data. */
|
/* Create a new X509 from DER encoded data. */
|
||||||
node->data.x509 = wolfSSL_X509_d2i(NULL, ctx->certChain->buffer + idx,
|
node->data.x509 = wolfSSL_X509_d2i_ex(NULL,
|
||||||
length);
|
ctx->certChain->buffer + idx, length, ctx->heap);
|
||||||
if (node->data.x509 == NULL) {
|
if (node->data.x509 == NULL) {
|
||||||
XFREE(node, NULL, DYNAMIC_TYPE_OPENSSL);
|
XFREE(node, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
/* Return as much of the chain as we created. */
|
/* Return as much of the chain as we created. */
|
||||||
|
|
@ -33784,8 +33787,8 @@ WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7)
|
||||||
return p7->certs;
|
return p7->certs;
|
||||||
|
|
||||||
for (i = 0; i < MAX_PKCS7_CERTS && p7->pkcs7.cert[i]; i++) {
|
for (i = 0; i < MAX_PKCS7_CERTS && p7->pkcs7.cert[i]; i++) {
|
||||||
WOLFSSL_X509* x509 = wolfSSL_X509_d2i(NULL, p7->pkcs7.cert[i],
|
WOLFSSL_X509* x509 = wolfSSL_X509_d2i_ex(NULL, p7->pkcs7.cert[i],
|
||||||
p7->pkcs7.certSz[i]);
|
p7->pkcs7.certSz[i], pkcs7->heap);
|
||||||
if (!ret)
|
if (!ret)
|
||||||
ret = wolfSSL_sk_X509_new_null();
|
ret = wolfSSL_sk_X509_new_null();
|
||||||
if (x509) {
|
if (x509) {
|
||||||
|
|
|
||||||
10
src/x509.c
10
src/x509.c
|
|
@ -7582,7 +7582,7 @@ static WOLFSSL_X509* d2i_X509orX509REQ_bio(WOLFSSL_BIO* bio,
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
localX509 = wolfSSL_X509_d2i(NULL, mem, size);
|
localX509 = wolfSSL_X509_d2i_ex(NULL, mem, size, bio->heap);
|
||||||
}
|
}
|
||||||
if (localX509 == NULL) {
|
if (localX509 == NULL) {
|
||||||
WOLFSSL_MSG("wolfSSL_X509_d2i error");
|
WOLFSSL_MSG("wolfSSL_X509_d2i error");
|
||||||
|
|
@ -13315,7 +13315,7 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm,
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Use existing CA retrieval APIs that use DecodedCert. */
|
/* Use existing CA retrieval APIs that use DecodedCert. */
|
||||||
InitDecodedCert(cert, x->derCert->buffer, x->derCert->length, NULL);
|
InitDecodedCert(cert, x->derCert->buffer, x->derCert->length, cm->heap);
|
||||||
if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0
|
if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0
|
||||||
&& !cert->selfSigned) {
|
&& !cert->selfSigned) {
|
||||||
#ifndef NO_SKID
|
#ifndef NO_SKID
|
||||||
|
|
@ -13337,8 +13337,8 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm,
|
||||||
|
|
||||||
#ifdef WOLFSSL_SIGNER_DER_CERT
|
#ifdef WOLFSSL_SIGNER_DER_CERT
|
||||||
/* populate issuer with Signer DER */
|
/* populate issuer with Signer DER */
|
||||||
if (wolfSSL_X509_d2i(issuer, ca->derCert->buffer,
|
if (wolfSSL_X509_d2i_ex(issuer, ca->derCert->buffer,
|
||||||
ca->derCert->length) == NULL)
|
ca->derCert->length, cm->heap) == NULL)
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
#else
|
#else
|
||||||
/* Create an empty certificate as CA doesn't have a certificate. */
|
/* Create an empty certificate as CA doesn't have a certificate. */
|
||||||
|
|
@ -13804,7 +13804,7 @@ void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_X509* issuer,
|
||||||
|
|
||||||
/* not checking ctx->x509 for null first since app won't have initialized
|
/* not checking ctx->x509 for null first since app won't have initialized
|
||||||
* this X509V3_CTX before this function call */
|
* this X509V3_CTX before this function call */
|
||||||
ctx->x509 = wolfSSL_X509_new();
|
ctx->x509 = wolfSSL_X509_new_ex(issuer->heap);
|
||||||
if (!ctx->x509)
|
if (!ctx->x509)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -63,7 +63,8 @@ WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void)
|
||||||
|
|
||||||
|
|
||||||
int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
|
int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
|
||||||
WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509, WOLF_STACK_OF(WOLFSSL_X509)* sk)
|
WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509,
|
||||||
|
WOLF_STACK_OF(WOLFSSL_X509)* sk)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
(void)sk;
|
(void)sk;
|
||||||
|
|
@ -75,8 +76,8 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
|
||||||
ctx->current_cert = x509;
|
ctx->current_cert = x509;
|
||||||
#else
|
#else
|
||||||
if(x509 != NULL){
|
if(x509 != NULL){
|
||||||
ctx->current_cert = wolfSSL_X509_d2i(NULL, x509->derCert->buffer,
|
ctx->current_cert = wolfSSL_X509_d2i_ex(NULL, x509->derCert->buffer,
|
||||||
x509->derCert->length);
|
x509->derCert->length, x509->heap);
|
||||||
if(ctx->current_cert == NULL)
|
if(ctx->current_cert == NULL)
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
} else
|
} else
|
||||||
|
|
|
||||||
|
|
@ -31740,7 +31740,7 @@ static int test_wolfSSL_X509_NAME(void)
|
||||||
XFCLOSE(f);
|
XFCLOSE(f);
|
||||||
|
|
||||||
c = buf;
|
c = buf;
|
||||||
ExpectNotNull(x509 = wolfSSL_X509_d2i(NULL, c, bytes));
|
ExpectNotNull(x509 = wolfSSL_X509_d2i_ex(NULL, c, bytes, HEAP_HINT));
|
||||||
|
|
||||||
/* test cmp function */
|
/* test cmp function */
|
||||||
ExpectNotNull(a = X509_get_issuer_name(x509));
|
ExpectNotNull(a = X509_get_issuer_name(x509));
|
||||||
|
|
@ -36869,8 +36869,8 @@ static int test_wolfSSL_X509_NID(void)
|
||||||
/* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */
|
/* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */
|
||||||
|
|
||||||
/* convert cert from DER to internal WOLFSSL_X509 struct */
|
/* convert cert from DER to internal WOLFSSL_X509 struct */
|
||||||
ExpectNotNull(cert = wolfSSL_X509_d2i(&cert, client_cert_der_2048,
|
ExpectNotNull(cert = wolfSSL_X509_d2i_ex(&cert, client_cert_der_2048,
|
||||||
sizeof_client_cert_der_2048));
|
sizeof_client_cert_der_2048, HEAP_HINT));
|
||||||
|
|
||||||
/* ------ EXTRACT CERTIFICATE ELEMENTS ------ */
|
/* ------ EXTRACT CERTIFICATE ELEMENTS ------ */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -6071,6 +6071,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_HEAP_TEST
|
#ifdef WOLFSSL_HEAP_TEST
|
||||||
|
(void)heap;
|
||||||
key->heap = (void*)WOLFSSL_HEAP_TEST;
|
key->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||||
#else
|
#else
|
||||||
key->heap = heap;
|
key->heap = heap;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue