WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3092 from dgarske/sniffer_loadbuf 

Added sniffer API's to load buffer directly
pull/3126/head
toddouska 2020-07-10 12:58:45 -07:00 committed by GitHub
parent b931dc0d6e ed0f2bb8f5
commit b8078ab789
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 105 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
src/sniffer.c
View File

@ -1357,43 +1357,55 @@ static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo)
#if defined(HAVE_SNI) || defined(WOLFSSL_SNIFFER_WATCH)
static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
const char* keyFile, int typeKey,
const char* keyFile, int keySz, int typeKey,
const char* password)
{
byte* loadBuf;
long fileSz = 0;
XFILE file;
int ret;
int ret = -1;
if (keyBuf == NULL || keyBufSz == NULL || keyFile == NULL) {
return -1;
}
file = XFOPEN(keyFile, "rb");
if (file == XBADFILE) return -1;
if(XFSEEK(file, 0, XSEEK_END) != 0) {
XFCLOSE(file);
return -1;
}
fileSz = XFTELL(file);
if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) {
XFCLOSE(file);
return -1;
}
XREWIND(file);
if (keySz == 0) {
/* load from file */
file = XFOPEN(keyFile, "rb");
if (file == XBADFILE) return -1;
if(XFSEEK(file, 0, XSEEK_END) != 0) {
XFCLOSE(file);
return -1;
}
fileSz = XFTELL(file);
if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) {
XFCLOSE(file);
return -1;
}
XREWIND(file);
loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE);
if (loadBuf == NULL) {
loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE);
if (loadBuf == NULL) {
XFCLOSE(file);
return -1;
}
ret = (int)XFREAD(loadBuf, 1, fileSz, file);
XFCLOSE(file);
return -1;
if (ret != fileSz) {
XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE);
return -1;
}
}
ret = (int)XFREAD(loadBuf, 1, fileSz, file);
XFCLOSE(file);
if (ret != fileSz) {
XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE);
return -1;
else {
/* use buffer directly */
loadBuf = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_FILE);
if (loadBuf == NULL) {
return -1;
}
fileSz = keySz;
XMEMCPY(loadBuf, keyFile, fileSz);
}
if (typeKey == WOLFSSL_FILETYPE_PEM) {
@ -1468,7 +1480,7 @@ static int CreateWatchSnifferServer(char* error)
static int SetNamedPrivateKey(const char* name, const char* address, int port,
const char* keyFile, int typeKey, const char* password, char* error)
const char* keyFile, int keySz, int typeKey, const char* password, char* error)
{
SnifferServer* sniffer;
int ret;
@ -1499,7 +1511,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
namedKey->name[MAX_SERVER_NAME-1] = '\0';
ret = LoadKeyFile(&namedKey->key, &namedKey->keySz,
keyFile, type, password);
keyFile, keySz, type, password);
if (ret < 0) {
SetError(KEY_FILE_STR, error, NULL, 0);
FreeNamedKey(namedKey);
@ -1558,7 +1570,13 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
sniffer->ctx, (void*)password);
#endif
}
ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type);
if (keySz == 0) {
ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type);
}
else {
ret = wolfSSL_CTX_use_PrivateKey_buffer(sniffer->ctx,
(const byte*)keyFile, keySz, type);
}
if (ret != WOLFSSL_SUCCESS) {
SetError(KEY_FILE_STR, error, NULL, 0);
if (isNew)
@ -1602,7 +1620,30 @@ int ssl_SetNamedPrivateKey(const char* name,
TraceSetNamedServer(name, address, port, keyFile);
wc_LockMutex(&ServerListMutex);
ret = SetNamedPrivateKey(name, address, port, keyFile,
ret = SetNamedPrivateKey(name, address, port, keyFile, 0,
typeKey, password, error);
wc_UnLockMutex(&ServerListMutex);
if (ret == 0)
Trace(NEW_SERVER_STR);
return ret;
}
int ssl_SetNamedPrivateKeyBuffer(const char* name,
const char* address, int port,
const char* keyBuf, int keySz,
int typeKey, const char* password,
char* error)
{
int ret;
TraceHeader();
TraceSetNamedServer(name, address, port, NULL);
wc_LockMutex(&ServerListMutex);
ret = SetNamedPrivateKey(name, address, port, keyBuf, keySz,
typeKey, password, error);
wc_UnLockMutex(&ServerListMutex);
@ -1626,7 +1667,28 @@ int ssl_SetPrivateKey(const char* address, int port, const char* keyFile,
TraceSetServer(address, port, keyFile);
wc_LockMutex(&ServerListMutex);
ret = SetNamedPrivateKey(NULL, address, port, keyFile,
ret = SetNamedPrivateKey(NULL, address, port, keyFile, 0,
typeKey, password, error);
wc_UnLockMutex(&ServerListMutex);
if (ret == 0)
Trace(NEW_SERVER_STR);
return ret;
}
int ssl_SetPrivateKeyBuffer(const char* address, int port,
const char* keyBuf, int keySz,
int typeKey, const char* password,
char* error)
{
int ret;
TraceHeader();
TraceSetServer(address, port, NULL);
wc_LockMutex(&ServerListMutex);
ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz,
typeKey, password, error);
wc_UnLockMutex(&ServerListMutex);
@ -4580,7 +4642,7 @@ int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType,
keyType = (keyType == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
WOLFSSL_FILETYPE_ASN1;
ret = LoadKeyFile(&keyBuf, &keyBufSz, keyFile, keyType, password);
ret = LoadKeyFile(&keyBuf, &keyBufSz, keyFile, 0, keyType, password);
if (ret < 0) {
SetError(KEY_FILE_STR, error, NULL, 0);
XFREE(keyBuf, NULL, DYNAMIC_TYPE_X509);

13
wolfssl/sniffer.h
View File

@ -55,6 +55,19 @@ SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
const char* keyFile, int typeK,
const char* password, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetPrivateKeyBuffer(const char* address, int port,
const char* keyBuf, int keySz,
int typeK, const char* password,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_SetNamedPrivateKeyBuffer(const char* name,
const char* address, int port,
const char* keyBuf, int keySz,
int typeK, const char* password,
char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
unsigned char** data, char* error);