WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Internal unit tests

pull/3439/head
Juliusz Sosinowicz 2020-10-15 21:19:20 +02:00
parent f5c463148f
commit 7df8f2e2bb
7 changed files with 411 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/bio.c
View File

@ -229,7 +229,10 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
if (bio && bio->type == WOLFSSL_BIO_FILE) { if (bio && bio->type == WOLFSSL_BIO_FILE) {
ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr); if (bio->ptr)
ret = (int)XFREAD(buf, 1, len, (XFILE)bio->ptr);
else
ret = XREAD(bio->num, buf, len);
} }
#endif #endif
@ -580,8 +583,11 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
} }
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
if (bio->type == WOLFSSL_BIO_FILE) { if (bio && bio->type == WOLFSSL_BIO_FILE) {
ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr); if (bio->ptr)
ret = (int)XFWRITE(data, 1, len, (XFILE)bio->ptr);
else
ret = XWRITE(bio->num, data, len);
} }
#endif #endif

124
src/ssl.c
View File

@ -15739,13 +15739,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
WOLFSSL_ENTER("wolfSSL_BIO_set_fd"); WOLFSSL_ENTER("wolfSSL_BIO_set_fd");
if (b != NULL) { if (b != NULL) {
if (b->type == WOLFSSL_BIO_FILE) {
b->ptr = XFDOPEN(fd, "rw");
if (!b->ptr) {
WOLFSSL_MSG("Error opening file descriptor");
return WOLFSSL_FAILURE;
}
}
b->num = fd; b->num = fd;
b->shutdown = (byte)closeF; b->shutdown = (byte)closeF;
} }
@ -15891,6 +15884,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
if (bio->ptr) { if (bio->ptr) {
XFCLOSE((XFILE)bio->ptr); XFCLOSE((XFILE)bio->ptr);
} }
else {
XCLOSE(bio->num);
}
} }
#endif #endif
@ -19733,7 +19729,7 @@ int wolfSSL_NCONF_get_number(const CONF *conf, const char *group,
char *str; char *str;
WOLFSSL_ENTER("wolfSSL_NCONF_get_number"); WOLFSSL_ENTER("wolfSSL_NCONF_get_number");
if (!conf || !group || !name || !result) { if (!conf || !name || !result) {
WOLFSSL_MSG("Bad parameter"); WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@ -19803,7 +19799,8 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
char prevValue; char prevValue;
if (*startIdx == '{') { if (*startIdx == '{') {
/* First read the section. Ex: ${ENV::COUNT} */ /* First read the section.
* format: ${section_name::var_name} */
s = ++startIdx; s = ++startIdx;
while (*strIdx && *strIdx != ':') strIdx++; while (*strIdx && *strIdx != ':') strIdx++;
if (!strIdx || s == strIdx || strIdx[1] != ':') { if (!strIdx || s == strIdx || strIdx[1] != ':') {
@ -19812,10 +19809,10 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
goto expand_cleanup; goto expand_cleanup;
} }
*strIdx = '\0'; *strIdx = '\0';
*strIdx += 2; strIdx += 2;
startIdx = strIdx; startIdx = strIdx;
} }
while (*strIdx && (XISALPHA(*strIdx) || *strIdx == '_')) while (*strIdx && (XISALNUM(*strIdx) || *strIdx == '_'))
strIdx++; strIdx++;
endIdx = strIdx; endIdx = strIdx;
if (startIdx == endIdx) { if (startIdx == endIdx) {
@ -19987,7 +19984,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
value = idx; value = idx;
/* Find end of value */ /* Find end of value */
idx = maxIdx-1; idx = maxIdx-1;
while (*idx == ' ' || *idx == '\t') while (idx >= value && (*idx == ' ' || *idx == '\t'))
idx--; idx--;
valueLen = idx - value + 1; valueLen = idx - value + 1;
@ -20041,6 +20038,7 @@ void wolfSSL_NCONF_free(WOLFSSL_CONF *conf)
WOLFSSL_ENTER("wolfSSL_NCONF_free"); WOLFSSL_ENTER("wolfSSL_NCONF_free");
if (conf) { if (conf) {
wolfSSL_sk_CONF_VALUE_free(conf->data); wolfSSL_sk_CONF_VALUE_free(conf->data);
XFREE(conf, NULL, DYNAMIC_TYPE_OPENSSL);
} }
} }
@ -21628,7 +21626,7 @@ error:
return ret; return ret;
} }
long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db) long wolfSSL_TXT_DB_write(WOLFSSL_BIO *out, WOLFSSL_TXT_DB *db)
{ {
const WOLF_STACK_OF(WOLFSSL_STRING)* data; const WOLF_STACK_OF(WOLFSSL_STRING)* data;
long totalLen = 0; long totalLen = 0;
@ -21743,10 +21741,9 @@ int wolfSSL_TXT_DB_create_index(WOLFSSL_TXT_DB *db, int field,
WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db, int idx, WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db, int idx,
WOLFSSL_STRING *value) WOLFSSL_STRING *value)
{ {
WOLF_STACK_OF(WOLFSSL_STRING)* data;
WOLFSSL_ENTER("wolfSSL_TXT_DB_get_by_index"); WOLFSSL_ENTER("wolfSSL_TXT_DB_get_by_index");
if (!db || idx < 0 || idx >= db->num_fields) { if (!db || !db->data || idx < 0 || idx >= db->num_fields) {
WOLFSSL_MSG("Bad parameter"); WOLFSSL_MSG("Bad parameter");
return NULL; return NULL;
} }
@ -21756,17 +21753,22 @@ WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db, int idx,
return NULL; return NULL;
} }
/* Set the hash and comp functions */ /* If first data struct has correct hash and cmp function then
data = db->data; * assume others do too */
while (data) { if (db->data->hash_fn != db->hash_fn[idx] ||
if (data->comp != db->comp[idx] || data->hash_fn != db->hash_fn[idx]) { db->data->comp != db->comp[idx]) {
data->comp = db->comp[idx]; /* Set the hash and comp functions */
data->hash_fn = db->hash_fn[idx]; WOLF_STACK_OF(WOLFSSL_STRING)* data = db->data;
data->hash = 0; while (data) {
if (data->comp != db->comp[idx] ||
data->hash_fn != db->hash_fn[idx]) {
data->comp = db->comp[idx];
data->hash_fn = db->hash_fn[idx];
data->hash = 0;
}
data= data->next;
} }
data= data->next;
} }
return (WOLFSSL_STRING*) wolfSSL_lh_retrieve(db->data, value); return (WOLFSSL_STRING*) wolfSSL_lh_retrieve(db->data, value);
} }
#endif #endif
@ -23357,9 +23359,11 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp, int wolfSSL_X509_signature_print(WOLFSSL_BIO *bp,
const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig) const WOLFSSL_X509_ALGOR *sigalg, const WOLFSSL_ASN1_STRING *sig)
{ {
(void)sig;
WOLFSSL_ENTER("wolfSSL_X509_signature_print"); WOLFSSL_ENTER("wolfSSL_X509_signature_print");
if (!bp || !sigalg || !sig) { if (!bp || !sigalg) {
WOLFSSL_MSG("Bad parameter"); WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
@ -27704,7 +27708,7 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_d2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
* @param class Class of parsed ASN1 object * @param class Class of parsed ASN1 object
* @param inLen Length of *in buffer * @param inLen Length of *in buffer
* @return int Depends on which bits are set in the returned int: * @return int Depends on which bits are set in the returned int:
* 0x80 an error occured during parsing * 0x80 an error occurred during parsing
* 0x20 parsed object is constructed * 0x20 parsed object is constructed
* 0x01 the parsed object length is infinite * 0x01 the parsed object length is infinite
*/ */
@ -50854,8 +50858,10 @@ PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7)
int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7) int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7)
{ {
byte* output; byte* output = NULL;
int len; int len;
WC_RNG rng;
int ret = WOLFSSL_FAILURE;
WOLFSSL_ENTER("wolfSSL_i2d_PKCS7_bio"); WOLFSSL_ENTER("wolfSSL_i2d_PKCS7_bio");
if (!bio || !p7) { if (!bio || !p7) {
@ -50863,31 +50869,45 @@ int wolfSSL_i2d_PKCS7_bio(WOLFSSL_BIO *bio, PKCS7 *p7)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (!p7->rng) {
if (wc_InitRng(&rng) != 0) {
WOLFSSL_MSG("wc_InitRng error");
return WOLFSSL_FAILURE;
}
p7->rng = &rng;
}
if ((len = wc_PKCS7_EncodeSignedData(p7, NULL, 0)) < 0) { if ((len = wc_PKCS7_EncodeSignedData(p7, NULL, 0)) < 0) {
WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error"); WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error");
return WOLFSSL_FAILURE; goto cleanup;
} }
output = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER); output = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (!output) { if (!output) {
WOLFSSL_MSG("malloc error"); WOLFSSL_MSG("malloc error");
return WOLFSSL_FAILURE; goto cleanup;
} }
if ((len = wc_PKCS7_EncodeSignedData(p7, output, len)) < 0) { if ((len = wc_PKCS7_EncodeSignedData(p7, output, len)) < 0) {
WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error"); WOLFSSL_MSG("wc_PKCS7_EncodeSignedData error");
XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); goto cleanup;
return WOLFSSL_FAILURE;
} }
if (wolfSSL_BIO_write(bio, output, len) <= 0) { if (wolfSSL_BIO_write(bio, output, len) <= 0) {
WOLFSSL_MSG("wolfSSL_BIO_write error"); WOLFSSL_MSG("wolfSSL_BIO_write error");
XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); goto cleanup;
return WOLFSSL_FAILURE;
} }
XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER); ret = WOLFSSL_SUCCESS;
return WOLFSSL_SUCCESS; cleanup:
if (p7->rng == &rng) {
wc_FreeRng(&rng);
p7->rng = NULL;
}
if (output) {
XFREE(output, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
return ret;
} }
int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs, int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs,
@ -50934,14 +50954,19 @@ int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs,
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
} }
/**
* This API was added as a helper function for libest. It
* encodes a stack of certificates to pkcs7 format.
* @param pkcs7 PKCS7 parameter object
* @param certs WOLFSSL_STACK_OF(WOLFSSL_X509)*
* @param out Output bio
* @return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure
*/
int wolfSSL_PKCS7_encode_certs(PKCS7* pkcs7, WOLFSSL_STACK* certs, int wolfSSL_PKCS7_encode_certs(PKCS7* pkcs7, WOLFSSL_STACK* certs,
WOLFSSL_BIO* out) WOLFSSL_BIO* out)
{ {
int ret; int ret;
WOLFSSL_PKCS7* p7; WOLFSSL_PKCS7* p7;
WC_RNG rng;
byte cleanRng = 0;
WOLFSSL_ENTER("wolfSSL_PKCS7_encode_certs"); WOLFSSL_ENTER("wolfSSL_PKCS7_encode_certs");
if (!pkcs7 || !certs || !out) { if (!pkcs7 || !certs || !out) {
@ -51000,26 +51025,18 @@ int wolfSSL_PKCS7_encode_certs(PKCS7* pkcs7, WOLFSSL_STACK* certs,
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (!pkcs7->rng) {
if (wc_InitRng(&rng) != 0) {
WOLFSSL_MSG("wc_InitRng error");
return WOLFSSL_FAILURE;
}
pkcs7->rng = &rng;
cleanRng = 1;
}
ret = wolfSSL_i2d_PKCS7_bio(out, pkcs7); ret = wolfSSL_i2d_PKCS7_bio(out, pkcs7);
if (cleanRng) {
wc_FreeRng(&rng);
pkcs7->rng = NULL;
}
return ret; return ret;
} }
#endif /* !NO_BIO */ #endif /* !NO_BIO */
/**
* This API was added as a helper functio for libest. It
* extracts a stack of certificates from the pkcs7 object.
* @param pkcs7 PKCS7 parameter object
* @return WOLFSSL_STACK_OF(WOLFSSL_X509)*
*/
WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7) WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7)
{ {
int i; int i;
@ -51037,7 +51054,8 @@ WOLFSSL_STACK* wolfSSL_PKCS7_to_stack(PKCS7* pkcs7)
return p7->certs; return p7->certs;
for (i = 0; i < MAX_PKCS7_CERTS && p7->pkcs7.cert[i]; i++) { for (i = 0; i < MAX_PKCS7_CERTS && p7->pkcs7.cert[i]; i++) {
WOLFSSL_X509* x509 = wolfSSL_X509_d2i(NULL, p7->pkcs7.cert[i], p7->pkcs7.certSz[i]); WOLFSSL_X509* x509 = wolfSSL_X509_d2i(NULL, p7->pkcs7.cert[i],
p7->pkcs7.certSz[i]);
if (!ret) if (!ret)
ret = wolfSSL_sk_X509_new(); ret = wolfSSL_sk_X509_new();
if (x509) { if (x509) {

19
tests/NCONF_test.cnf 100644
View File

@ -0,0 +1,19 @@
#
# This file is a sample configuration file that
# can be loaded with wolfSSL_NCONF_load
#
dir = ./test-dir
port = 1234
[ section1 ]
file1 = ./test-dir/file1 # test comment
file1_copy = $dir/file1
s1_dir = ./section1 # more comments
[section2]
fileName2 = file2
file_list = ${section1::file1}:$dir/file2:${section1::s1_dir}:$fileName2
port = 4321

33
tests/TXT_DB.txt 100644
View File

@ -0,0 +1,33 @@
# This file was generated by libest unit tests.
V 211015165802Z 12F8 unknown /CN=TestCase9
V 211015165748Z 12F6 unknown /CN=rsa doe
V 211015165732Z 12F4 unknown /CN=rsa doe
V 211015165716Z 12F2 unknown /CN=rsa doe
V 320926161828Z 12F0 unknown /CN=rsa doe
V 211014161800Z 12EE unknown /CN=us4880_test2
V 320926161718Z 12EC unknown /CN=TEST16-CN
V 320926161653Z 12EA unknown /CN=TC4752-13
V 320926161607Z 12E8 unknown /CN=TC4752-8
V 320926161541Z 12E6 unknown /CN=US4752-TC2
V 320926161515Z 12E4 unknown /CN=TCUS3612-3
V 211014161456Z 12E2 unknown /CN=TC2174-4
V 211014161456Z 12E0 unknown /CN=TC2174-4
V 211014161455Z 12DE unknown /CN=TC2174-4
V 320926161440Z 12DC unknown /CN=TC1883-7
V 320926161440Z 12DA unknown /CN=TC1883-6
V 320926161434Z 12D8 unknown /CN=rsa doe
V 320926161421Z 12D6 unknown /CN=TC1005-93
V 320926161410Z 12D4 unknown /CN=TC1005-10
V 320926161359Z 12D2 unknown /CN=TC1005-8
V 320926161349Z 12D0 unknown /CN=TC1005-6
V 320926161343Z 12CE unknown /CN=TC1005-3
V 320926161343Z 12CC unknown /CN=TC1005-1
V 320926161338Z 12CA unknown /CN=TestCase9
V 320926161332Z 12C8 unknown /CN=US903-test7 CN
V 320926161321Z 12C6 unknown /CN=dsa doe
V 320926161321Z 12C4 unknown /CN=rsa doe
V 320926161304Z 12C2 unknown /CN=dsa doe
V 320926161304Z 12C0 unknown /CN=rsa doe
V 320926161208Z 12BE unknown /serialNumber=PID:Widget SN:2/CN=req by client in demo step 2
V 320926161116Z 12BC unknown /serialNumber=PID:Widget SN:2/CN=req by client in demo step 2

287
tests/api.c
View File

@ -307,6 +307,10 @@
#include <wolfssl/openssl/crypto.h> #include <wolfssl/openssl/crypto.h>
#include <wolfssl/openssl/hmac.h> #include <wolfssl/openssl/hmac.h>
#include <wolfssl/openssl/objects.h> #include <wolfssl/openssl/objects.h>
#ifdef OPENSSL_ALL
#include <wolfssl/openssl/txt_db.h>
#include <wolfssl/openssl/lhash.h>
#endif
#ifndef NO_AES #ifndef NO_AES
#include <wolfssl/openssl/aes.h> #include <wolfssl/openssl/aes.h>
#endif #endif
@ -26280,6 +26284,7 @@ static void test_wolfSSL_PEM_PrivateKey(void)
const char* fname = "./certs/server-key.pem"; const char* fname = "./certs/server-key.pem";
size_t sz; size_t sz;
byte* buf; byte* buf;
EVP_PKEY* pkey2;
file = XFOPEN(fname, "rb"); file = XFOPEN(fname, "rb");
AssertTrue((file != XBADFILE)); AssertTrue((file != XBADFILE));
@ -26299,6 +26304,11 @@ static void test_wolfSSL_PEM_PrivateKey(void)
XFREE(buf, NULL, DYNAMIC_TYPE_FILE); XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
BIO_free(bio); BIO_free(bio);
bio = NULL; bio = NULL;
AssertNotNull(pkey2 = EVP_PKEY_new());
pkey2->type = EVP_PKEY_RSA;
/* Test parameter copy */
AssertIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 0);
EVP_PKEY_free(pkey2);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
pkey = NULL; pkey = NULL;
} }
@ -26311,6 +26321,8 @@ static void test_wolfSSL_PEM_PrivateKey(void)
const char* fname = "./certs/ecc-key.pem"; const char* fname = "./certs/ecc-key.pem";
size_t sz; size_t sz;
byte* buf; byte* buf;
EVP_PKEY* pkey2;
int nid = 0;
file = XFOPEN(fname, "rb"); file = XFOPEN(fname, "rb");
AssertTrue((file != XBADFILE)); AssertTrue((file != XBADFILE));
@ -26328,6 +26340,14 @@ static void test_wolfSSL_PEM_PrivateKey(void)
XFREE(buf, NULL, DYNAMIC_TYPE_FILE); XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
BIO_free(bio); BIO_free(bio);
bio = NULL; bio = NULL;
AssertNotNull(pkey2 = EVP_PKEY_new());
pkey2->type = EVP_PKEY_EC;
/* Test parameter copy */
AssertIntEQ(EVP_PKEY_copy_parameters(pkey2, pkey), 1);
/* Test default digest */
AssertIntEQ(EVP_PKEY_get_default_digest_nid(pkey, &nid), 1);
AssertIntEQ(nid, NID_sha256);
EVP_PKEY_free(pkey2);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
pkey = NULL; pkey = NULL;
} }
@ -26790,6 +26810,7 @@ static void test_wolfSSL_tmp_dh(void)
int bytes; int bytes;
DSA* dsa; DSA* dsa;
DH* dh; DH* dh;
DH* dh2;
BIO* bio; BIO* bio;
SSL* ssl; SSL* ssl;
SSL_CTX* ctx; SSL_CTX* ctx;
@ -26818,6 +26839,7 @@ static void test_wolfSSL_tmp_dh(void)
dh = wolfSSL_DSA_dup_DH(dsa); dh = wolfSSL_DSA_dup_DH(dsa);
AssertNotNull(dh); AssertNotNull(dh);
AssertNotNull(dh2 = wolfSSL_DH_dup(dh));
AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS); AssertIntEQ((int)SSL_CTX_set_tmp_dh(ctx, dh), WOLFSSL_SUCCESS);
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
@ -26829,6 +26851,7 @@ static void test_wolfSSL_tmp_dh(void)
BIO_free(bio); BIO_free(bio);
DSA_free(dsa); DSA_free(dsa);
DH_free(dh); DH_free(dh);
DH_free(dh2);
SSL_free(ssl); SSL_free(ssl);
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
@ -27635,6 +27658,61 @@ static void test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
#endif #endif
} }
static void test_wolfSSL_PKCS7_certs(void)
{
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
STACK_OF(X509)* sk = NULL;
STACK_OF(X509_INFO)* info_sk = NULL;
PKCS7 *p7 = NULL;
BIO* bio;
const byte* p = NULL;
int buflen = 0;
int i;
printf(testingFmt, "wolfSSL_PKCS7_certs()");
/* Test twice. Once with d2i and once without to test
* that everything is free'd correctly. */
for (i = 0; i < 2; i++) {
AssertNotNull(p7 = PKCS7_new());
p7->version = 1;
p7->hashOID = SHAh;
AssertNotNull(bio = BIO_new(BIO_s_file()));
AssertIntGT(BIO_read_filename(bio, svrCertFile), 0);
AssertNotNull(info_sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
AssertIntEQ(sk_X509_INFO_num(info_sk), 2);
AssertNotNull(sk = sk_X509_new_null());
while (sk_X509_INFO_num(info_sk)) {
X509_INFO* info;
AssertNotNull(info = sk_X509_INFO_shift(info_sk));
AssertIntEQ(sk_X509_push(sk, info->x509), 1);
info->x509 = NULL;
X509_INFO_free(info);
}
sk_X509_INFO_free(info_sk);
BIO_free(bio);
bio = BIO_new(BIO_s_mem());
AssertIntEQ(wolfSSL_PKCS7_encode_certs(p7, sk, bio), 1);
AssertIntGT((buflen = BIO_get_mem_data(bio, &p)), 0);
if (i == 0) {
PKCS7_free(p7);
/* Reset certs to force p7 to regenerate them */
((WOLFSSL_PKCS7*)p7)->certs = NULL;
AssertNotNull(d2i_PKCS7(&p7, &p, buflen));
/* p7 free's the certs */
AssertNotNull(wolfSSL_PKCS7_to_stack(p7));
}
BIO_free(bio);
PKCS7_free(p7);
}
printf(resultFmt, passed);
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */
}
static void test_wolfSSL_X509_STORE_CTX(void) static void test_wolfSSL_X509_STORE_CTX(void)
{ {
@ -28033,6 +28111,7 @@ static void test_wolfSSL_CTX_set_srp_username(void)
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_SHA256) && !defined(WC_NO_RNG)
WOLFSSL_CTX* ctx; WOLFSSL_CTX* ctx;
WOLFSSL* ssl;
const char *username = "TESTUSER"; const char *username = "TESTUSER";
const char *password = "TESTPASSWORD"; const char *password = "TESTPASSWORD";
int r; int r;
@ -28051,6 +28130,12 @@ static void test_wolfSSL_CTX_set_srp_username(void)
AssertIntEQ(r,SSL_SUCCESS); AssertIntEQ(r,SSL_SUCCESS);
r = wolfSSL_CTX_set_srp_username(ctx, (char *)username); r = wolfSSL_CTX_set_srp_username(ctx, (char *)username);
AssertIntEQ(r,SSL_SUCCESS); AssertIntEQ(r,SSL_SUCCESS);
AssertNotNull(ssl = SSL_new(ctx));
AssertNotNull(SSL_get_srp_username(ssl));
AssertStrEQ(SSL_get_srp_username(ssl), username);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
printf(resultFmt, passed); printf(resultFmt, passed);
@ -29285,9 +29370,7 @@ static void test_wolfSSL_X509_cmp_time(void)
XMEMSET(&asn_time, 0, sizeof(WOLFSSL_ASN1_TIME)); XMEMSET(&asn_time, 0, sizeof(WOLFSSL_ASN1_TIME));
AssertIntEQ(0, wolfSSL_X509_cmp_time(&asn_time, &t)); AssertIntEQ(0, wolfSSL_X509_cmp_time(&asn_time, &t));
asn_time.type = ASN_UTC_TIME; AssertIntEQ(ASN1_TIME_set_string(&asn_time, "000222211515Z"), 1);
asn_time.length = ASN_UTC_TIME_SIZE;
XMEMCPY(&asn_time.data, "000222211515Z", 13);
AssertIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL)); AssertIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL));
printf(resultFmt, passed); printf(resultFmt, passed);
@ -29443,6 +29526,7 @@ static void test_wolfSSL_X509_sign(void)
DecodedCert dCert; DecodedCert dCert;
EVP_PKEY *pub; EVP_PKEY *pub;
EVP_PKEY *priv; EVP_PKEY *priv;
EVP_MD_CTX *mctx;
#if defined(USE_CERT_BUFFERS_1024) #if defined(USE_CERT_BUFFERS_1024)
const unsigned char* rsaPriv = client_key_der_1024; const unsigned char* rsaPriv = client_key_der_1024;
const unsigned char* rsaPub = client_keypub_der_1024; const unsigned char* rsaPub = client_keypub_der_1024;
@ -29510,6 +29594,11 @@ static void test_wolfSSL_X509_sign(void)
/* test valid sign case */ /* test valid sign case */
ret = X509_sign(x509, priv, EVP_sha256()); ret = X509_sign(x509, priv, EVP_sha256());
/* test valid X509_sign_ctx case */
AssertNotNull(mctx = EVP_MD_CTX_new());
AssertIntEQ(EVP_DigestSignInit(mctx, NULL, EVP_sha256(), NULL, priv), 1);
AssertIntGT(X509_sign_ctx(x509, mctx), 0);
#if defined(OPENSSL_ALL) && defined(WOLFSSL_ALT_NAMES) #if defined(OPENSSL_ALL) && defined(WOLFSSL_ALT_NAMES)
AssertIntEQ(X509_get_ext_count(x509), 1); AssertIntEQ(X509_get_ext_count(x509), 1);
#endif #endif
@ -29577,6 +29666,12 @@ static void test_wolfSSL_X509_sign(void)
AssertIntEQ(X509_sign(x509, NULL, EVP_sha256()), 0); AssertIntEQ(X509_sign(x509, NULL, EVP_sha256()), 0);
AssertIntEQ(X509_sign(x509, priv, NULL), 0); AssertIntEQ(X509_sign(x509, priv, NULL), 0);
AssertIntEQ(X509_sign_ctx(NULL, mctx), 0);
EVP_MD_CTX_free(mctx);
AssertNotNull(mctx = EVP_MD_CTX_new());
AssertIntEQ(X509_sign_ctx(x509, mctx), 0);
AssertIntEQ(X509_sign_ctx(x509, NULL), 0);
/* test invalid version number */ /* test invalid version number */
#if defined(OPENSSL_ALL) #if defined(OPENSSL_ALL)
AssertIntNE(X509_set_version(x509, 6L), 0); AssertIntNE(X509_set_version(x509, 6L), 0);
@ -29586,7 +29681,8 @@ static void test_wolfSSL_X509_sign(void)
AssertIntEQ(X509_get_ext_count(x509), SSL_FAILURE); AssertIntEQ(X509_get_ext_count(x509), SSL_FAILURE);
#endif #endif
EVP_MD_CTX_free(mctx);
X509_NAME_free(name);
EVP_PKEY_free(priv); EVP_PKEY_free(priv);
EVP_PKEY_free(pub); EVP_PKEY_free(pub);
X509_free(x509); X509_free(x509);
@ -33207,6 +33303,36 @@ static void test_wolfSSL_ASN1_STRING_to_UTF8(void)
wolfSSL_X509_free(x509); wolfSSL_X509_free(x509);
XFREE(actual_output, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(actual_output, NULL, DYNAMIC_TYPE_TMP_BUFFER);
} }
static void test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
{
ASN1_STRING* asn1str_test;
ASN1_STRING* asn1str_answer;
/* Each character is encoded using 4 bytes */
char input[] = {
0, 0, 0, 'T',
0, 0, 0, 'e',
0, 0, 0, 's',
0, 0, 0, 't',
};
char output[] = "Test";
printf(testingFmt, "test_wolfSSL_ASN1_UNIVERSALSTRING_to_string()");
AssertNotNull(asn1str_test = ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING));
AssertIntEQ(ASN1_STRING_set(asn1str_test, input, sizeof(input)), 1);
AssertIntEQ(ASN1_UNIVERSALSTRING_to_string(asn1str_test), 1);
AssertNotNull(asn1str_answer = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING));
AssertIntEQ(ASN1_STRING_set(asn1str_answer, output, sizeof(output)-1), 1);
AssertIntEQ(ASN1_STRING_cmp(asn1str_test, asn1str_answer), 0);
ASN1_STRING_free(asn1str_test);
ASN1_STRING_free(asn1str_answer);
printf(resultFmt, "passed");
}
#endif /* !defined(NO_ASN) */ #endif /* !defined(NO_ASN) */
static void test_wolfSSL_sk_CIPHER_description(void) static void test_wolfSSL_sk_CIPHER_description(void)
@ -34811,6 +34937,92 @@ static void test_wolfSSL_OBJ_sn(void)
printf(resultFmt, passed); printf(resultFmt, passed);
} }
static unsigned long TXT_DB_hash(const WOLFSSL_STRING *s)
{
return lh_strhash(s[3]);
}
static int TXT_DB_cmp(const WOLFSSL_STRING *a, const WOLFSSL_STRING *b)
{
return XSTRCMP(a[3], b[3]);
}
static void test_wolfSSL_TXT_DB(void)
{
#if !defined(NO_FILESYSTEM)
BIO *bio;
TXT_DB *db = NULL;
const int columns = 6;
const char *fields[6] = {
"V",
"320926161116Z",
"",
"12BD",
"unknown",
"/CN=rsa doe",
};
printf(testingFmt, "wolfSSL_TXT_DB");
/* Test read */
AssertNotNull(bio = BIO_new(BIO_s_file()));
AssertIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
AssertNotNull(db = TXT_DB_read(bio, columns));
AssertIntEQ(TXT_DB_insert(db, (WOLFSSL_STRING*)fields), 1);
BIO_free(bio);
/* Test write */
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(TXT_DB_write(bio, db), 1484);
BIO_free(bio);
/* Test index */
AssertIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
(wolf_sk_compare_cb)TXT_DB_cmp), 1);
AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "12DA";
AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "FFFF";
AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "";
AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
TXT_DB_free(db);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_NCONF(void)
{
#if !defined(NO_FILESYSTEM)
const char* confFile = "./tests/NCONF_test.cnf";
CONF* conf = NULL;
long eline = 0;
long num = 0;
printf(testingFmt, "wolfSSL_NCONF");
AssertNotNull(conf = NCONF_new(NULL));
AssertIntEQ(NCONF_load(conf, confFile, &eline), 1);
AssertIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
AssertIntEQ(num, 1234);
AssertIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
AssertIntEQ(num, 4321);
AssertStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
AssertStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
"./test-dir/file1");
AssertStrEQ(NCONF_get_string(conf, "section2", "file_list"),
"./test-dir/file1:./test-dir/file2:./section1:file2");
NCONF_free(conf);
printf(resultFmt, passed);
#endif
}
#endif /* OPENSSL_ALL */ #endif /* OPENSSL_ALL */
@ -36535,6 +36747,11 @@ static void test_wolfssl_PKCS7(void)
word32 len = sizeof(data); word32 len = sizeof(data);
const byte* p = data; const byte* p = data;
byte content[] = "Test data to encode."; byte content[] = "Test data to encode.";
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
BIO* bio;
byte key[sizeof_client_key_der_2048];
word32 keySz = (word32)sizeof(key);
#endif
AssertIntGT((len = CreatePKCS7SignedData(data, len, content, AssertIntGT((len = CreatePKCS7SignedData(data, len, content,
(word32)sizeof(content), (word32)sizeof(content),
@ -36560,6 +36777,18 @@ static void test_wolfssl_PKCS7(void)
AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL, AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
PKCS7_NOVERIFY), WOLFSSL_SUCCESS); PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
/* test i2d */
XMEMCPY(key, client_key_der_2048, keySz);
pkcs7->privateKey = key;
pkcs7->privateKeySz = (word32)sizeof(key);
pkcs7->encryptOID = RSAk;
pkcs7->hashOID = SHAh;
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
BIO_free(bio);
#endif
PKCS7_free(NULL); PKCS7_free(NULL);
PKCS7_free(pkcs7); PKCS7_free(pkcs7);
@ -38748,6 +38977,8 @@ static void test_wolfSSL_X509_print()
!defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(XSNPRINTF) !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(XSNPRINTF)
X509 *x509; X509 *x509;
BIO *bio; BIO *bio;
const X509_ALGOR *cert_sig_alg;
int stdout_fd = fileno(stdout);
printf(testingFmt, "wolfSSL_X509_print"); printf(testingFmt, "wolfSSL_X509_print");
x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM); x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
@ -38764,13 +38995,19 @@ static void test_wolfSSL_X509_print()
#endif #endif
BIO_free(bio); BIO_free(bio);
AssertNotNull(bio = BIO_new_fd(stdout_fd, BIO_NOCLOSE));
/* Print signature */
AssertNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
AssertIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
/* print to stdout */ /* print to stdout */
AssertNotNull(bio = BIO_new(BIO_s_file()));
wolfSSL_BIO_set_fp(bio, stdout, BIO_NOCLOSE);
AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS); AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
BIO_free(bio); /* print again */
AssertIntEQ(X509_print_fp(stdout, x509), SSL_SUCCESS);
X509_free(x509); X509_free(x509);
BIO_free(bio);
printf(resultFmt, passed); printf(resultFmt, passed);
#endif #endif
} }
@ -38782,11 +39019,11 @@ static void test_wolfSSL_RSA_print()
!defined(HAVE_FAST_RSA) && !defined(NO_BIO) !defined(HAVE_FAST_RSA) && !defined(NO_BIO)
BIO *bio; BIO *bio;
WOLFSSL_RSA* rsa = NULL; WOLFSSL_RSA* rsa = NULL;
int stdout_fd = fileno(stdout);
printf(testingFmt, "wolfSSL_RSA_print"); printf(testingFmt, "wolfSSL_RSA_print");
AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file())); AssertNotNull(bio = wolfSSL_BIO_new_fd(stdout_fd, BIO_NOCLOSE));
wolfSSL_BIO_set_fp(bio, stdout, BIO_NOCLOSE);
AssertIntEQ(RSA_print(bio, rsa, 0), SSL_SUCCESS); AssertIntEQ(RSA_print(bio, rsa, 0), SSL_SUCCESS);
BIO_free(bio); BIO_free(bio);
@ -38877,6 +39114,7 @@ static void test_wolfSSL_ASN1_get_object(void)
int len = sizeof_cliecc_cert_der_256; int len = sizeof_cliecc_cert_der_256;
long asnLen = 0; long asnLen = 0;
int tag = 0, class = 0; int tag = 0, class = 0;
ASN1_OBJECT *a;
printf(testingFmt, "wolfSSL_ASN1_get_object()"); printf(testingFmt, "wolfSSL_ASN1_get_object()");
@ -38887,20 +39125,41 @@ static void test_wolfSSL_ASN1_get_object(void)
AssertIntEQ(tag, 0x10); AssertIntEQ(tag, 0x10);
AssertIntEQ(class, 0); AssertIntEQ(class, 0);
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class, asnLen) & 0x80, 0); AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
AssertIntEQ(asnLen, 772); AssertIntEQ(asnLen, 772);
AssertIntEQ(tag, 0x10); AssertIntEQ(tag, 0x10);
AssertIntEQ(class, 0); AssertIntEQ(class, 0);
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class, asnLen) & 0x80, 0); AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
AssertIntEQ(asnLen, 3); AssertIntEQ(asnLen, 3);
AssertIntEQ(tag, 0); AssertIntEQ(tag, 0);
AssertIntEQ(class, 0x80); AssertIntEQ(class, 0x80);
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class, asnLen) & 0x80, 0); AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
AssertIntEQ(asnLen, 1); AssertIntEQ(asnLen, 1);
AssertIntEQ(tag, 0x2); AssertIntEQ(tag, 0x2);
AssertIntEQ(class, 0); AssertIntEQ(class, 0);
derBuf += asnLen;
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
AssertIntEQ(asnLen, 20);
AssertIntEQ(tag, 0x2);
AssertIntEQ(class, 0);
derBuf += asnLen;
AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &class,
len - (derBuf - cliecc_cert_der_256)) & 0x80, 0);
AssertIntEQ(asnLen, 10);
AssertIntEQ(tag, 0x10);
AssertIntEQ(class, 0);
/* Read an ASN OBJECT */
AssertNotNull(d2i_ASN1_OBJECT(&a, &derBuf, len));
ASN1_OBJECT_free(a);
printf(resultFmt, passed); printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
@ -39625,6 +39884,7 @@ void ApiTest(void)
#endif #endif
test_wolfSSL_set_options(); test_wolfSSL_set_options();
test_wolfSSL_sk_SSL_CIPHER(); test_wolfSSL_sk_SSL_CIPHER();
test_wolfSSL_PKCS7_certs();
test_wolfSSL_X509_STORE_CTX(); test_wolfSSL_X509_STORE_CTX();
test_wolfSSL_X509_STORE_CTX_get0_current_issuer(); test_wolfSSL_X509_STORE_CTX_get0_current_issuer();
test_wolfSSL_msgCb(); test_wolfSSL_msgCb();
@ -39748,6 +40008,7 @@ void ApiTest(void)
test_wolfSSL_d2i_DHparams(); test_wolfSSL_d2i_DHparams();
test_wolfSSL_i2d_DHparams(); test_wolfSSL_i2d_DHparams();
test_wolfSSL_ASN1_STRING_to_UTF8(); test_wolfSSL_ASN1_STRING_to_UTF8();
test_wolfSSL_ASN1_UNIVERSALSTRING_to_string();
test_wolfSSL_EC_KEY_dup(); test_wolfSSL_EC_KEY_dup();
test_wolfSSL_EVP_PKEY_set1_get1_DSA(); test_wolfSSL_EVP_PKEY_set1_get1_DSA();
test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY(); test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY();
@ -39786,6 +40047,8 @@ void ApiTest(void)
test_IncCtr(); test_IncCtr();
test_wolfSSL_OBJ_ln(); test_wolfSSL_OBJ_ln();
test_wolfSSL_OBJ_sn(); test_wolfSSL_OBJ_sn();
test_wolfSSL_TXT_DB();
test_wolfSSL_NCONF();
#endif /* OPENSSL_ALL */ #endif /* OPENSSL_ALL */

2
wolfssl/wolfcrypt/types.h
View File

@ -652,8 +652,8 @@ decouple library dependencies with standard string, memory and so on.
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \ #if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA) defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
#define XTOUPPER(c) toupper((c)) #define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif #endif
#define XISALNUM(c) isalnum((c))
/* needed by wolfSSL_check_domain_name() */ /* needed by wolfSSL_check_domain_name() */
#define XTOLOWER(c) tolower((c)) #define XTOLOWER(c) tolower((c))
#endif #endif

3
wolfssl/wolfcrypt/wc_port.h
View File

@ -615,6 +615,9 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#include <dirent.h> #include <dirent.h>
#include <unistd.h> #include <unistd.h>
#include <sys/stat.h> #include <sys/stat.h>
#define XWRITE write
#define XREAD read
#define XCLOSE close
#endif #endif
#endif #endif