WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #1542 from ghoso/openssl_compat201805 

OpenSSL Compatibility APIs
pull/1587/head
Chris Conlon 2018-05-30 08:50:29 -06:00 committed by GitHub
parent cc58d3160f b84f111d51
commit 5e4c6e35cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 671 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
IDE/Renesas/cs+/Projects/common/user_settings.h
View File

@ -44,3 +44,5 @@
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
/* #define NO_WOLFSSL_STUB */

352
src/ssl.c
View File

@ -1476,7 +1476,7 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(pSz, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_P.buffer == NULL)
return MEMORY_E;
return MEMORY_E;
ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(gSz, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
@ -10832,6 +10832,15 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return WOLFSSL_FATAL_ERROR;
}
int wolfSSL_OPENSSL_add_all_algorithms_noconf(void)
{
WOLFSSL_ENTER("wolfSSL_OPENSSL_add_all_algorithms_noconf");
if (wolfSSL_add_all_algorithms() == WOLFSSL_FATAL_ERROR)
return WOLFSSL_FATAL_ERROR;
return WOLFSSL_SUCCESS;
}
/* returns previous set cache size which stays constant */
long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX* ctx, long sz)
@ -14355,7 +14364,6 @@ WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len)
return newX509;
}
#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA ||
OPENSSL_EXTRA_X509_SMALL */
@ -18061,7 +18069,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
}
#endif /* NO_CERTS */
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM)
static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type)
{
void *newx509 = NULL;
@ -18147,15 +18155,18 @@ WOLFSSL_X509 *wolfSSL_d2i_X509_fp(XFILE fp, WOLFSSL_X509 **x509)
WOLFSSL_ENTER("wolfSSL_d2i_X509_fp");
return (WOLFSSL_X509 *)wolfSSL_d2i_X509_fp_ex(fp, (void **)x509, CERT_TYPE);
}
#endif /* NO_FILESYSTEM */
#endif /* !NO_FILESYSTEM */
#ifdef HAVE_CRL
#ifndef NO_FILESYSTEM
WOLFSSL_X509_CRL *wolfSSL_d2i_X509_CRL_fp(XFILE fp, WOLFSSL_X509_CRL **crl)
{
WOLFSSL_ENTER("wolfSSL_d2i_X509_CRL_fp");
return (WOLFSSL_X509_CRL *)wolfSSL_d2i_X509_fp_ex(fp, (void **)crl, CRL_TYPE);
}
#endif /* !NO_FILESYSTEM */
WOLFSSL_X509_CRL* wolfSSL_d2i_X509_CRL(WOLFSSL_X509_CRL** crl, const unsigned char* in, int len)
{
@ -18203,7 +18214,7 @@ void wolfSSL_X509_CRL_free(WOLFSSL_X509_CRL *crl)
FreeCRL(crl, 1);
return;
}
#endif
#endif /* HAVE_CRL */
#ifndef NO_WOLFSSL_STUB
WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl)
@ -20744,6 +20755,14 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
return 0;
}
void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time)
{
WOLFSSL_ENTER("wolfSSL_ASN1_GENERALIZEDTIME_free");
if (asn1Time == NULL)
return;
XMEMSET(asn1Time->data, 0, sizeof(asn1Time->data));
}
int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk)
{
if (sk == NULL)
@ -21564,6 +21583,28 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
return ret;
}
int wolfSSL_RAND_poll()
{
byte entropy[16];
int ret = 0;
word32 entropy_sz = 16;
WOLFSSL_ENTER("wolfSSL_RAND_poll");
if (initGlobalRNG == 0){
WOLFSSL_MSG("Global RNG no Init");
return WOLFSSL_FAILURE;
}
ret = wc_GenerateSeed(&globalRNG.seed, entropy, entropy_sz);
if (ret != 0){
WOLFSSL_MSG("Bad wc_RNG_GenerateBlock");
ret = WOLFSSL_FAILURE;
}else
ret = WOLFSSL_SUCCESS;
return ret;
}
WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void)
{
static int ctx; /* wolfcrypt doesn't now need ctx */
@ -32581,3 +32622,304 @@ int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p,
#endif
#endif /* WOLFCRYPT_ONLY */
#if defined(OPENSSL_EXTRA)
int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509)
{
WOLFSSL_ENTER("X509_check_ca");
if (x509 == NULL)
return WOLFSSL_FAILURE;
if (x509->isCa)
return 1;
if (x509->extKeyUsageCrit)
return 4;
return 0;
}
const char *wolfSSL_ASN1_tag2str(int tag)
{
static const char *const tag_label[31] = {
"EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", "NULL",
"OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", "ENUMERATED",
"<ASN1 11>", "UTF8STRING", "<ASN1 13>", "<ASN1 14>", "<ASN1 15>",
"SEQUENCE", "SET", "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
"VIDEOTEXTSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
"GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", "UNIVERSALSTRING",
"<ASN1 29>", "BMPSTRING"
};
if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
tag &= ~0x100;
if (tag < 0 || tag > 30)
return "(unknown)";
return tag_label[tag];
}
static int check_esc_char(char c, char *esc)
{
char *ptr = NULL;
ptr = esc;
while(*ptr != 0){
if (c == *ptr)
return 1;
ptr++;
}
return 0;
}
int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str,
unsigned long flags)
{
size_t str_len = 0, type_len = 0;
unsigned char *typebuf = NULL;
const char *hash="#";
WOLFSSL_ENTER("wolfSSL_ASN1_STRING_PRINT_ex");
if (out == NULL || str == NULL)
return WOLFSSL_FAILURE;
/* add ASN1 type tag */
if (flags & ASN1_STRFLGS_SHOW_TYPE){
const char *tag = wolfSSL_ASN1_tag2str(str->type);
/* colon len + tag len + null*/
type_len = XSTRLEN(tag) + 2;
typebuf = (unsigned char *)XMALLOC(type_len , NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (typebuf == NULL){
WOLFSSL_MSG("memory alloc failed.");
return WOLFSSL_FAILURE;
}
XMEMSET(typebuf, 0, type_len);
XSNPRINTF((char*)typebuf, (size_t)type_len , "%s:", tag);
type_len--;
}
/* dump hex */
if (flags & ASN1_STRFLGS_DUMP_ALL){
static const char hex_char[] = { '0', '1', '2', '3', '4', '5', '6',
'7','8', '9', 'A', 'B', 'C', 'D',
'E', 'F' };
char hex_tmp[4];
char *str_ptr, *str_end;
if (type_len > 0){
if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
str_len += type_len;
}
if (wolfSSL_BIO_write(out, hash, 1) != 1){
goto err_exit;
}
str_len++;
if (flags & ASN1_STRFLGS_DUMP_DER){
hex_tmp[0] = hex_char[str->type >> 4];
hex_tmp[1] = hex_char[str->type & 0xf];
hex_tmp[2] = hex_char[str->length >> 4];
hex_tmp[3] = hex_char[str->length & 0xf];
if (wolfSSL_BIO_write(out, hex_tmp, 4) != 4){
goto err_exit;
}
str_len += 4;
XMEMSET(hex_tmp, 0, 4);
}
str_ptr = str->data;
str_end = str->data + str->length;
while (str_ptr < str_end){
hex_tmp[0] = hex_char[*str_ptr >> 4];
hex_tmp[1] = hex_char[*str_ptr & 0xf];
if (wolfSSL_BIO_write(out, hex_tmp, 2) != 2){
goto err_exit;
}
str_ptr++;
str_len += 2;
}
if (type_len > 0)
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return (int)str_len;
}
if (type_len > 0){
if (wolfSSL_BIO_write(out, typebuf, (int)type_len) != (int)type_len){
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
str_len += type_len;
}
if (flags & ASN1_STRFLGS_ESC_2253){
char esc_ch[] = "+;<>\\";
char* esc_ptr = NULL;
esc_ptr = str->data;
while (*esc_ptr != 0){
if (check_esc_char(*esc_ptr, esc_ch)){
if (wolfSSL_BIO_write(out,"\\", 1) != 1)
goto err_exit;
str_len++;
}
if (wolfSSL_BIO_write(out, esc_ptr, 1) != 1)
goto err_exit;
str_len++;
esc_ptr++;
}
if (type_len > 0)
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return (int)str_len;
}
if (wolfSSL_BIO_write(out, str->data, str->length) != str->length){
goto err_exit;
}
str_len += str->length;
if (type_len > 0)
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return (int)str_len;
err_exit:
if (type_len > 0)
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
#ifndef NO_ASN_TIME
WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
WOLFSSL_ASN1_TIME **out)
{
unsigned char time_type;
WOLFSSL_ASN1_TIME *ret = NULL;
unsigned char *data_ptr = NULL;
WOLFSSL_ENTER("wolfSSL_ASN1_TIME_to_generalizedtime");
if (t == NULL)
return NULL;
time_type = t->data[0];
if (time_type != ASN_UTC_TIME && time_type != ASN_GENERALIZED_TIME){
WOLFSSL_MSG("Invalid ASN_TIME type.");
return NULL;
}
if (out == NULL || *out == NULL){
ret = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (ret == NULL){
WOLFSSL_MSG("memory alloc failed.");
return NULL;
}
XMEMSET(ret, 0, sizeof(WOLFSSL_ASN1_TIME));
} else
ret = *out;
if (time_type == ASN_GENERALIZED_TIME){
XMEMCPY(ret->data, t->data, ASN_GENERALIZED_TIME_SIZE);
return ret;
} else if (time_type == ASN_UTC_TIME){
ret->data[0] = ASN_GENERALIZED_TIME;
ret->data[1] = ASN_GENERALIZED_TIME_SIZE;
data_ptr = ret->data + 2;
if (t->data[2] >= '5')
XSNPRINTF((char*)data_ptr, ASN_UTC_TIME_SIZE + 2, "19%s", t->data + 2);
else
XSNPRINTF((char*)data_ptr, ASN_UTC_TIME_SIZE + 2, "20%s", t->data + 2);
return ret;
}
WOLFSSL_MSG("Invalid ASN_TIME value");
return NULL;
}
#endif /* !NO_ASN_TIME */
#ifndef NO_ASN
int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp)
{
unsigned char *pptr = NULL;
char pad = 0 ;
unsigned char pad_val = 0;
int ret_size = 0;
unsigned char data1 = 0;
unsigned char neg = 0;
int i = 0;
WOLFSSL_ENTER("wolfSSL_i2c_ASN1_INTEGER");
if (a == NULL)
return WOLFSSL_FAILURE;
ret_size = a->intData[1];
if (ret_size == 0)
ret_size = 1;
else{
ret_size = (int)a->intData[1];
neg = a->negative;
data1 = a->intData[2];
if (ret_size == 1 && data1 == 0)
neg = 0;
/* 0x80 or greater positive number in first byte */
if (!neg && (data1 > 127)){
pad = 1;
pad_val = 0;
} else if (neg){
/* negative number */
if (data1 > 128){
pad = 1;
pad_val = 0xff;
} else if (data1 == 128){
for (i = 3; i < a->intData[1] + 2; i++){
if (a->intData[i]){
pad = 1;
pad_val = 0xff;
break;
}
}
}
}
ret_size += (int)pad;
}
if (pp == NULL)
return ret_size;
pptr = *pp;
if (pad)
*(pptr++) = pad_val;
if (a->intData[1] == 0)
*(pptr++) = 0;
else if (!neg){
/* positive number */
for (i=0; i < a->intData[1]; i++){
*pptr = a->intData[i+2];
pptr++;
}
} else {
/* negative number */
int str_len = 0;
/* 0 padding from end of buffer */
str_len = (int)a->intData[1];
pptr += a->intData[1] - 1;
while (!a->intData[str_len + 2] && str_len > 1){
*(pptr--) = 0;
str_len--;
}
/* 2's complement next octet */
*(pptr--) = ((a->intData[str_len + 1]) ^ 0xff) + 1;
str_len--;
/* Complement any octets left */
while (str_len > 0){
*(pptr--) = a->intData[str_len + 1] ^ 0xff;
str_len--;
}
}
*pp += ret_size;
return ret_size;
}
#endif /* !NO_ASN */
#endif /* OPENSSLEXTRA */

276
tests/api.c
View File

@ -15550,6 +15550,24 @@ static void test_wolfSSL_ASN1_TIME_print()
}
static void test_wolfSSL_ASN1_GENERALIZEDTIME_free(){
#if defined(OPENSSL_EXTRA)
WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime;
unsigned char nullstr[32];
XMEMSET(nullstr, 0, 32);
asn1_gtime = (WOLFSSL_ASN1_GENERALIZEDTIME*)XMALLOC(
sizeof(WOLFSSL_ASN1_GENERALIZEDTIME), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
XMEMCPY(asn1_gtime->data,"20180504123500Z",ASN_GENERALIZED_TIME_SIZE);
wolfSSL_ASN1_GENERALIZEDTIME_free(asn1_gtime);
AssertIntEQ(0, XMEMCMP(asn1_gtime->data, nullstr, 32));
XFREE(asn1_gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* OPENSSL_EXTRA */
}
static void test_wolfSSL_private_keys(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@ -17121,8 +17139,8 @@ static void test_wolfSSL_ASN1_TIME_adj(void)
/* GeneralizedTime notation test */
/* 2055/03/01 09:00:00 */
t = (time_t)85 * year + 59 * day + 9 * hour + 21 * day;
offset_day = 12;
offset_sec = 10 * mini;
offset_day = 12;
offset_sec = 10 * mini;
asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec);
AssertTrue(asn_time->data[0] == asn_gen_time);
XSTRNCPY(date_str,(const char*) &asn_time->data+2, 15);
@ -17216,6 +17234,7 @@ static void test_wolfSSL_RAND(void)
printf(testingFmt, "wolfSSL_RAND()");
RAND_seed(seed, sizeof(seed));
AssertIntEQ(RAND_poll(), 1);
RAND_cleanup();
AssertIntEQ(RAND_egd(NULL), -1);
@ -17956,6 +17975,7 @@ static void test_wolfSSL_verify_depth(void)
WOLFSSL_CTX* ctx;
long depth;
printf(testingFmt, "test_wolfSSL_verify_depth()");
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
@ -18418,6 +18438,163 @@ static void test_wolfSSL_X509_get_serialNumber(void)
#endif
}
static void test_wolfSSL_OPENSSL_add_all_algorithms(void){
#if defined(OPENSSL_EXTRA)
printf(testingFmt, "wolfSSL_OPENSSL_add_all_algorithms()");
AssertIntEQ(wolfSSL_OPENSSL_add_all_algorithms_noconf(),WOLFSSL_SUCCESS);
wolfSSL_Cleanup();
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_ASN1_STRING_print_ex(void){
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_STRING* asn_str = NULL;
const char data[] = "Hello wolfSSL!";
ASN1_STRING* esc_str = NULL;
const char esc_data[] = "a+;<>";
BIO *bio;
unsigned long flags;
int p_len;
unsigned char rbuf[255];
printf(testingFmt, "wolfSSL_ASN1_STRING_print_ex()");
/* setup */
XMEMSET(rbuf, 0, 255);
bio = BIO_new(BIO_s_mem());
BIO_set_write_buf_size(bio,255);
asn_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING);
ASN1_STRING_set(asn_str, (const void*)data, sizeof(data));
esc_str = ASN1_STRING_type_new(V_ASN1_OCTET_STRING);
ASN1_STRING_set(esc_str, (const void*)esc_data, sizeof(esc_data));
/* no flags */
XMEMSET(rbuf, 0, 255);
flags = 0;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags);
AssertIntEQ(p_len, 15);
BIO_read(bio, (void*)rbuf, 15);
AssertStrEQ((char*)rbuf, "Hello wolfSSL!");
/* RFC2253 Escape */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_ESC_2253;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, esc_str, flags);
AssertIntEQ(p_len, 9);
BIO_read(bio, (void*)rbuf, 9);
AssertStrEQ((char*)rbuf, "a\\+\\;\\<\\>");
/* Show type */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_SHOW_TYPE;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags);
AssertIntEQ(p_len, 28);
BIO_read(bio, (void*)rbuf, 28);
AssertStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!");
/* Dump All */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags);
AssertIntEQ(p_len, 31);
BIO_read(bio, (void*)rbuf, 31);
AssertStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100");
/* Dump Der */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_DUMP_DER;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags);
AssertIntEQ(p_len, 35);
BIO_read(bio, (void*)rbuf, 35);
AssertStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100");
/* Dump All + Show type */
XMEMSET(rbuf, 0, 255);
flags = ASN1_STRFLGS_DUMP_ALL | ASN1_STRFLGS_SHOW_TYPE;
p_len = wolfSSL_ASN1_STRING_print_ex(bio, asn_str, flags);
AssertIntEQ(p_len, 44);
BIO_read(bio, (void*)rbuf, 44);
AssertStrEQ((char*)rbuf, "OCTET STRING:#48656C6C6F20776F6C6653534C2100");
BIO_free(bio);
ASN1_STRING_free(asn_str);
ASN1_STRING_free(esc_str);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN1_TIME)
WOLFSSL_ASN1_TIME *t;
WOLFSSL_ASN1_TIME *out;
WOLFSSL_ASN1_TIME *gtime;
printf(testingFmt, "wolfSSL_ASN1_TIME_to_generalizedtime()");
/* UTC Time test */
t = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_TMP_BUFFER);
XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE);
out = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_TMP_BUFFER);
t->data[0] = ASN_UTC_TIME;
t->data[1] = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE);
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out);
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
/* Generalized Time test */
XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE);
XMEMSET(out, 0, ASN_GENERALIZED_TIME_SIZE);
gtime = NULL;
t->data[0] = ASN_GENERALIZED_TIME;
t->data[1] = ASN_GENERALIZED_TIME_SIZE;
XMEMCPY(t->data + 2,"20050727123456Z",ASN_GENERALIZED_TIME_SIZE);
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out);
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* Null parameter test */
XMEMSET(t, 0, ASN_GENERALIZED_TIME_SIZE);
gtime = NULL;
out = NULL;
t->data[0] = ASN_UTC_TIME;
t->data[1] = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE);
AssertNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, NULL));
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_X509_check_ca(void){
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
WOLFSSL_X509 *x509;
x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
AssertIntEQ(wolfSSL_X509_check_ca(x509), 1);
wolfSSL_X509_free(x509);
x509 = wolfSSL_X509_load_certificate_file(ntruCertFile, WOLFSSL_FILETYPE_PEM);
AssertIntEQ(wolfSSL_X509_check_ca(x509), 0);
wolfSSL_X509_free(x509);
#endif
}
static void test_no_op_functions(void)
{
#if defined(OPENSSL_EXTRA)
@ -19311,6 +19488,95 @@ static void test_wolfSSL_X509_CRL(void)
return;
}
static void test_wolfSSL_i2c_ASN1_INTEGER()
{
#ifdef OPENSSL_EXTRA
ASN1_INTEGER *a;
unsigned char *pp,*tpp;
int ret;
a = wolfSSL_ASN1_INTEGER_new();
/* 40 */
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 40;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tpp = pp;
XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp);
pp--;
AssertIntEQ(*pp, 40);
XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* 128 */
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 128;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 2);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tpp = pp;
XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp);
pp--;
AssertIntEQ(*(pp--), 128);
AssertIntEQ(*pp, 0);
XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* -40 */
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 40;
a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tpp = pp;
XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp);
pp--;
AssertIntEQ(*pp, 216);
XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* -128 */
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 128;
a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tpp = pp;
XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp);
pp--;
AssertIntEQ(*pp, 128);
XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* -200 */
a->intData[0] = ASN_INTEGER;
a->intData[1] = 1;
a->intData[2] = 200;
a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 2);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tpp = pp;
XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp);
pp--;
AssertIntEQ(*(pp--), 56);
AssertIntEQ(*pp, 255);
XFREE(tpp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_ASN1_INTEGER_free(a);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA */
}
/*----------------------------------------------------------------------------*
| Main
*----------------------------------------------------------------------------*/
@ -19367,6 +19633,7 @@ void ApiTest(void)
test_wolfSSL_DES();
test_wolfSSL_certs();
test_wolfSSL_ASN1_TIME_print();
test_wolfSSL_ASN1_GENERALIZEDTIME_free();
test_wolfSSL_private_keys();
test_wolfSSL_PEM_PrivateKey();
test_wolfSSL_PEM_RSAPrivateKey();
@ -19421,6 +19688,11 @@ void ApiTest(void)
test_wolfSSL_SHA256();
test_wolfSSL_X509_get_serialNumber();
test_wolfSSL_X509_CRL();
test_wolfSSL_OPENSSL_add_all_algorithms();
test_wolfSSL_ASN1_STRING_print_ex();
test_wolfSSL_ASN1_TIME_to_generalizedtime();
test_wolfSSL_i2c_ASN1_INTEGER();
test_wolfSSL_X509_check_ca();
/* test the no op functions for compatibility */
test_no_op_functions();

6
wolfcrypt/src/fe_low_mem.c
View File

@ -56,9 +56,9 @@ void lm_copy(byte* x, const byte* a)
}
#if ((defined(HAVE_CURVE25519) && !defined(CURVE25519_SMALL)) || \
(defined(HAVE_ED25519) && !defined(ED25519_SMALL))) && \
!defined(FREESCALE_LTC_ECC)
/* to be Complementary to fe_operations.c */
(defined(HAVE_ED25519) && !defined(ED25519_SMALL))) && \
!defined(FREESCALE_LTC_ECC)
/* to be Complementary to fe_low_mem.c */
#else
void fe_init()
{

25
wolfssl/openssl/asn1.h
View File

@ -31,5 +31,26 @@
#define ASN1_STRING_set wolfSSL_ASN1_STRING_set
#define ASN1_STRING_free wolfSSL_ASN1_STRING_free
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
#endif /* WOLFSSL_ASN1_H_ */
#define V_ASN1_OCTET_STRING 0x04 /* tag for ASN1_OCTET_STRING */
#define V_ASN1_NEG 0x100
#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
/* Type for ASN1_print_ex */
# define ASN1_STRFLGS_ESC_2253 1
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
# define ASN1_STRFLGS_ESC_QUOTE 8
# define ASN1_STRFLGS_UTF8_CONVERT 0x10
# define ASN1_STRFLGS_IGNORE_TYPE 0x20
# define ASN1_STRFLGS_SHOW_TYPE 0x40
# define ASN1_STRFLGS_DUMP_ALL 0x80
# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
# define ASN1_STRFLGS_DUMP_DER 0x200
# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB | \
ASN1_STRFLGS_UTF8_CONVERT | \
ASN1_STRFLGS_DUMP_UNKNOWN | \
ASN1_STRFLGS_DUMP_DER)
#endif /* WOLFSSL_ASN1_H_ */

11
wolfssl/openssl/ssl.h
View File

@ -128,6 +128,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_use_certificate_ASN1 wolfSSL_use_certificate_ASN1
#define d2i_PKCS8_PRIV_KEY_INFO_bio wolfSSL_d2i_PKCS8_PKEY_bio
#define PKCS8_PRIV_KEY_INFO_free wolfSSL_EVP_PKEY_free
#define d2i_PKCS12_fp wolfSSL_d2i_PKCS12_fp
#define d2i_PUBKEY_bio wolfSSL_d2i_PUBKEY_bio
#define d2i_PrivateKey wolfSSL_d2i_PrivateKey
@ -297,6 +298,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define RAND_seed wolfSSL_RAND_seed
#define RAND_cleanup wolfSSL_RAND_Cleanup
#define RAND_add wolfSSL_RAND_add
#define RAND_poll wolfSSL_RAND_poll
#define COMP_zlib wolfSSL_COMP_zlib
#define COMP_rle wolfSSL_COMP_rle
@ -380,6 +382,10 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
#define ASN1_GENERALIZEDTIME_print wolfSSL_ASN1_GENERALIZEDTIME_print
#define ASN1_TIME_adj wolfSSL_ASN1_TIME_adj
#define ASN1_GENERALIZEDTIME_free wolfSSL_ASN1_GENERALIZEDTIME_free
#define ASN1_STRING_print_ex wolfSSL_ASN1_STRING_print_ex
#define ASN1_tag2str wolfSSL_ASN1_tag2str
#define ASN1_TIME_to_generalizedtime wolfSSL_ASN1_TIME_to_generalizedtime
#define ASN1_INTEGER_new wolfSSL_ASN1_INTEGER_new
#define ASN1_INTEGER_free wolfSSL_ASN1_INTEGER_free
@ -582,8 +588,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define X509_check_private_key wolfSSL_X509_check_private_key
#define SSL_dup_CA_list wolfSSL_dup_CA_list
#define X509_check_ca wolfSSL_X509_check_ca
/* NIDs */
@ -890,6 +895,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_get0_session wolfSSL_SSL_get0_session
#define X509_check_host wolfSSL_X509_check_host
#define i2a_ASN1_INTEGER wolfSSL_i2a_ASN1_INTEGER
#define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER
#define ERR_peek_error_line_data wolfSSL_ERR_peek_error_line_data
#define ERR_load_BIO_strings wolfSSL_ERR_load_BIO_strings
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
@ -918,6 +924,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password
#define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username
#define OPENSSL_add_all_algorithms_noconf wolfSSL_OPENSSL_add_all_alogrithms_noconf
#ifdef __cplusplus
} /* extern "C" */

14
wolfssl/ssl.h
View File

@ -189,6 +189,7 @@ struct WOLFSSL_ASN1_INTEGER {
* byte type */
unsigned char intData[WOLFSSL_ASN1_INTEGER_MAX];
/* ASN_INTEGER | LENGTH | hex of number */
unsigned char negative; /* negative number flag */
unsigned char* data;
unsigned int dataMax; /* max size of data buffer */
@ -806,6 +807,10 @@ WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_OPENSSL_add_all_algorithms_noconf(void);
#endif
#ifndef NO_FILESYSTEM
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void);
#endif
@ -837,6 +842,7 @@ WOLFSSL_API int wolfSSL_RAND_egd(const char*);
WOLFSSL_API int wolfSSL_RAND_seed(const void*, int);
WOLFSSL_API void wolfSSL_RAND_Cleanup(void);
WOLFSSL_API void wolfSSL_RAND_add(const void*, int, double);
WOLFSSL_API int wolfSSL_RAND_poll(void);
WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void);
WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void);
@ -1386,7 +1392,6 @@ enum {
WOLFSSL_BIO_UNSET = -2,
WOLFSSL_BIO_SIZE = 17000 /* default BIO write size if not set */
};
#endif
WOLFSSL_API void wolfSSL_ERR_put_error(int lib, int fun, int err,
@ -1438,6 +1443,7 @@ WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*,
const WOLFSSL_ASN1_UTCTIME*);
WOLFSSL_API int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO*,
const WOLFSSL_ASN1_GENERALIZEDTIME*);
WOLFSSL_API void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_GENERALIZEDTIME*);
WOLFSSL_API int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*);
WOLFSSL_API void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*, int);
@ -2604,6 +2610,7 @@ WOLFSSL_API unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n, unsi
WOLFSSL_API unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n, unsigned char *md);
WOLFSSL_API int wolfSSL_X509_check_private_key(WOLFSSL_X509*, WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk );
WOLFSSL_API int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509);
#ifndef NO_FILESYSTEM
WOLFSSL_API long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
@ -2909,6 +2916,11 @@ WOLFSSL_API WOLFSSL_CIPHER* wolfSSL_sk_SSL_CIPHER_value(void *ciphers, int idx);
WOLFSSL_API void ERR_load_SSL_strings(void);
WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p);
WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag);
WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags);
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
WOLFSSL_ASN1_TIME **out);
WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp);
#endif /* OPENSSL_EXTRA */
#ifdef HAVE_PK_CALLBACKS