WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #7395 from douzzer/20240403-RPK-cleanups 

20240403-RPK-cleanups
pull/7401/head
Anthony Hu 2024-04-05 13:43:15 -04:00 committed by GitHub
parent 3908bc34ed 747755b3c4
commit cf2f58bfdf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/internal.c
View File

@ -12454,7 +12454,8 @@ void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
name->sz = (int)XSTRLEN(name->name) + 1;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
name->rawLen = min(dCert->subjectRawLen, ASN_NAME_MAX);
XMEMCPY(name->raw, dCert->subjectRaw, name->rawLen);
if (name->rawLen > 0)
XMEMCPY(name->raw, dCert->subjectRaw, name->rawLen);
#endif
}
else {
@ -12464,7 +12465,7 @@ void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)) \
&& (defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
name->rawLen = min(dCert->issuerRawLen, ASN_NAME_MAX);
if (name->rawLen) {
if (name->rawLen > 0) {
XMEMCPY(name->raw, dCert->issuerRaw, name->rawLen);
}
#endif

4
src/tls.c
View File

@ -11212,8 +11212,10 @@ static int TLSX_ClientCertificateType_GetSize(WOLFSSL* ssl, byte msgType)
ret = (int)(OPAQUE8_LEN + cnt * OPAQUE8_LEN);
}
else if (msgType == server_hello || msgType == encrypted_extensions) {
/* sever side */
/* server side */
cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;/* must be one */
if (cnt != 1)
return SANITY_MSG_E;
ret = OPAQUE8_LEN;
}
else {

19
tests/api.c
View File

@ -67498,7 +67498,7 @@ static int test_tls13_rpk_handshake(void)
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
/* both clien and server do not call client/server_cert_type APIs,
/* both client and server do not call client/server_cert_type APIs,
* expecting default settings works and no negotiation performed.
*/
@ -67520,6 +67520,9 @@ static int test_tls13_rpk_handshake(void)
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
(void)typeCnt_c;
(void)typeCnt_s;
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
@ -67551,7 +67554,7 @@ static int test_tls13_rpk_handshake(void)
certType_s[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_s = 2;
/* both clien and server do not call client/server_cert_type APIs,
/* both client and server do not call client/server_cert_type APIs,
* expecting default settings works and no negotiation performed.
*/
@ -67575,6 +67578,9 @@ static int test_tls13_rpk_handshake(void)
WOLFSSL_SUCCESS);
ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
(void)typeCnt_c;
(void)typeCnt_s;
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
@ -67733,12 +67739,9 @@ static int test_tls13_rpk_handshake(void)
svrKeyFile, WOLFSSL_FILETYPE_PEM )
, 0);
/* set client certificate type in client end */
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
certType_c[1] = WOLFSSL_CERT_TYPE_X509;
typeCnt_c = 2;
/* client indicates both RPK and x509 certs are available but loaded RPK
/* set client certificate type in client end
*
* client indicates both RPK and x509 certs are available but loaded RPK
* cert only. It does not have client add client-cert-type extension in CH.
*/
certType_c[0] = WOLFSSL_CERT_TYPE_RPK;