From e79cdefcde82bd62ca7eecc3811143347da0488f Mon Sep 17 00:00:00 2001 From: Go Hosohara Date: Fri, 8 Jun 2018 14:36:11 +0900 Subject: [PATCH] X509_NAME_ENTRY_get_object --- .../cs+/Projects/common/user_settings.h | 13 +-- .../cs+/Projects/common/wolfssl_dummy.c | 27 ++++--- src/ssl.c | 49 ++++++----- tests/api.c | 81 ++++++++++++++----- wolfssl/openssl/ssl.h | 3 + wolfssl/ssl.h | 3 +- 6 files changed, 122 insertions(+), 54 deletions(-) diff --git a/IDE/Renesas/cs+/Projects/common/user_settings.h b/IDE/Renesas/cs+/Projects/common/user_settings.h index a1507c808..6db37fa05 100644 --- a/IDE/Renesas/cs+/Projects/common/user_settings.h +++ b/IDE/Renesas/cs+/Projects/common/user_settings.h @@ -23,14 +23,15 @@ #define BENCH_EMBEDDED #define NO_WRITEV #define WOLFSSL_USER_IO +#define CloseSocket close #define NO_DEV_RANDOM #define USE_CERT_BUFFERS_2048 #define WOLFSSL_USER_CURRTIME #define SIZEOF_LONG_LONG 8 #define NO_WOLFSSL_DIR #define WOLFSSL_NO_CURRDIR -#define NO_FILESYSTEM #define WOLFSSL_LOG_PRINTF +#define NO_FILESYSTEM /* #define DEBUG_WOLFSSL */ @@ -83,10 +84,10 @@ #if defined(TIME_OVERRIDES) && defined(HAVE_TM_TYPE) && defined(HAVE_TIME_T_TYPE) /* #include "time_mng.h" */ - + typedef unsigned long Time_t #define time_t Time_t #define WOLFSSL_GMTIME - #define XGTIME gmtime + #define XGMTIME gmtime #define XTIME user_time struct tm { @@ -94,13 +95,15 @@ int tm_min; int tm_hour; int tm_mday; + int tm_wday; int tm_mon; int tm_year; int tm_yday; + int tm_isdst; }; #endif -#define HAVE_STUNNEL +// #define HAVE_STUNNEL #define KEEP_OUR_CERT #ifdef NO_ASN @@ -108,4 +111,4 @@ #endif #define WOLFSSL_GETENV_RANDFILE "randfile" -#define WOLFSSL_GETENV_HOME "envhome" +#define WOLFSSL_GETENV_HOME "envhome" \ No newline at end of file diff --git a/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c b/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c index ff3c29d1e..4a1602147 100644 --- a/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c +++ b/IDE/Renesas/cs+/Projects/common/wolfssl_dummy.c @@ -19,8 +19,14 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ -#include "../common/user_settings.h" -#include "../../../../../wolfssl/wolfcrypt/types.h" +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include +#include //typedef unsigned long time_t; @@ -29,20 +35,19 @@ static int tick = 0; -time_t time(time_t *t) -{ - return ((YEAR-1970)*365+30*MON)*24*60*60 + tick++; -} - #include -int strncasecmp(const char *s1, const char * s2, unsigned int sz) +int strncasecmp(const char *s1, const char *s2, unsigned int sz) { for( ; sz>0; sz--) - if(toupper(s1++) != toupper(s2++)) + if(toupper(*s1++) != toupper(*s2++)) return 1; return 0; } +unsigned long user_time(void){ + return ((YEAR-1970)*365+30*MON)*24*60*60 + tick++; +} + char* getenv(const char *env) { if (XSTRNCMP(env, "RANDFILE", 9) == 0) @@ -50,4 +55,6 @@ char* getenv(const char *env) else if (XSTRNCMP(env, "HOME", 5) == 0) return WOLFSSL_GETENV_HOME; else return 0; -} \ No newline at end of file +} + +void abort(void){ while(1); } \ No newline at end of file diff --git a/src/ssl.c b/src/ssl.c index c4f576267..517eb8641 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -29749,12 +29749,19 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) * returns a pointer to a new WOLFSSL_ASN1_OBJECT struct on success and NULL * on fail */ + WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int id) + { + return wolfSSL_OBJ_nid2obj_ex(id, NULL); + } + + WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int id, + WOLFSSL_ASN1_OBJECT* arg_obj) { word32 oidSz = 0; const byte* oid; word32 type = 0; - WOLFSSL_ASN1_OBJECT* obj; + WOLFSSL_ASN1_OBJECT* obj = arg_obj; byte objBuf[MAX_OID_SZ + MAX_LENGTH_SZ + 1]; /* +1 for object tag */ word32 objSz = 0; const char* sName; @@ -30169,10 +30176,12 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) oid = OidFromId(id, type, &oidSz); /* set object ID to buffer */ - obj = wolfSSL_ASN1_OBJECT_new(); - if (obj == NULL) { - WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); - return NULL; + if (obj == NULL){ + obj = wolfSSL_ASN1_OBJECT_new(); + if (obj == NULL) { + WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct"); + return NULL; + } } obj->type = id; obj->grp = type; @@ -30185,12 +30194,15 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) objSz += oidSz; obj->objSz = objSz; - obj->obj = (byte*)XMALLOC(obj->objSz, NULL, DYNAMIC_TYPE_ASN1); - if (obj->obj == NULL) { - wolfSSL_ASN1_OBJECT_free(obj); - return NULL; - } - XMEMCPY(obj->obj, objBuf, obj->objSz); + if(arg_obj == NULL) { /* Dynamic NAME_ENTRY */ + obj->obj = (byte*)XMALLOC(obj->objSz, NULL, DYNAMIC_TYPE_ASN1); + if ((obj->obj == NULL) && arg_obj == NULL) { + wolfSSL_ASN1_OBJECT_free(obj); + return NULL; + } + XMEMCPY(obj->obj, objBuf, obj->objSz); + } else /* static NAME_ENTR is for just type and grp */ + obj->obj = NULL; (void)type; @@ -30889,15 +30901,13 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) #endif - #ifndef NO_WOLFSSL_STUB WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) { - (void)ne; WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object"); - WOLFSSL_STUB("X509_NAME_ENTRY_get_object"); - - return NULL; + if (ne == NULL) return NULL; + wolfSSL_OBJ_nid2obj_ex(ne->nid, &ne->object); + return &ne->object; } - #endif + WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry( WOLFSSL_X509_NAME *name, int loc) @@ -30932,7 +30942,6 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) } name->cnEntry.data.type = CTC_UTF8; name->cnEntry.set = 1; - return &(name->cnEntry); /* common name index case */ } else if (loc == name->fullName.cnIdx) { @@ -30942,9 +30951,11 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) name->cnEntry.data.type = CTC_UTF8; name->cnEntry.nid = ASN_COMMON_NAME; name->cnEntry.set = 1; - return &(name->cnEntry); } + wolfSSL_OBJ_nid2obj_ex(name->cnEntry.nid, &name->cnEntry.object); + return &name->cnEntry; + /* additionall cases to check for go here */ WOLFSSL_MSG("Entry not found or implemented"); diff --git a/tests/api.c b/tests/api.c index c9f13ee54..a84e8a2c6 100644 --- a/tests/api.c +++ b/tests/api.c @@ -141,7 +141,7 @@ #include #include /* compatibility layer */ -#include + #include #include #include "examples/server/server.h" /* for testing compatibility layer callbacks */ @@ -3073,28 +3073,32 @@ static void test_wolfSSL_X509_NAME_get_entry(void) X509* x509; ASN1_STRING* asn; int idx; + ASN1_OBJECT *object = NULL; #ifndef NO_FILESYSTEM x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM); AssertNotNull(x509); - name = X509_get_subject_name(x509); + idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); + AssertIntGE(idx, 0); + ne = X509_NAME_get_entry(name, idx); + AssertNotNull(ne); + asn = X509_NAME_ENTRY_get_data(ne); + AssertNotNull(asn); + subCN = (char*)ASN1_STRING_data(asn); + AssertNotNull(subCN); + wolfSSL_FreeX509(x509); + #endif + x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM); + AssertNotNull(x509); + name = X509_get_subject_name(x509); idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); AssertIntGE(idx, 0); ne = X509_NAME_get_entry(name, idx); AssertNotNull(ne); - - asn = X509_NAME_ENTRY_get_data(ne); - AssertNotNull(asn); - - subCN = (char*)ASN1_STRING_data(asn); - AssertNotNull(subCN); - - wolfSSL_FreeX509(x509); - #endif - + AssertNotNull(object = X509_NAME_ENTRY_get_object(ne)); } printf(resultFmt, passed); @@ -13061,7 +13065,7 @@ static int test_wc_ecc_shared_secret (void) ecc_key key, pubKey; WC_RNG rng; int keySz = KEY16; - byte out[keySz]; + byte out[KEY16]; word32 outlen = (word32)sizeof(out); /* Initialize variables. */ @@ -13486,8 +13490,8 @@ static int test_wc_ecc_rs_to_sig (void) word32 siglen = (word32)sizeof(sig); /*R and S max size is the order of curve. 2^192.*/ int keySz = KEY24; - byte r[keySz]; - byte s[keySz]; + byte r[KEY24]; + byte s[KEY24]; word32 rlen = (word32)sizeof(r); word32 slen = (word32)sizeof(s); @@ -14207,7 +14211,7 @@ static int test_wc_ecc_shared_secret_ssh (void) WC_RNG rng; int keySz = KEY32; int key2Sz = KEY24; - byte secret[keySz]; + byte secret[KEY32]; word32 secretLen = keySz; /* Init stack variables. */ @@ -19748,7 +19752,7 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){ } static void test_wolfSSL_X509_CA_num(void){ -#if defined(OPENSSL_EXTRA) && !defined(NO_CERT) +#if defined(OPENSSL_EXTRA) && !defined(NO_CERT) && !defined(NO_FILESYSTEM) WOLFSSL_X509_STORE *store; WOLFSSL_X509 *x509_1, *x509_2; int ca_num = 0; @@ -19774,7 +19778,7 @@ static void test_wolfSSL_X509_CA_num(void){ } static void test_wolfSSL_X509_check_ca(void){ -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) WOLFSSL_X509 *x509; x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM); @@ -21006,7 +21010,44 @@ static void test_wolfSSL_X509_CRL(void) return; } -static void test_wolfSSL_i2c_ASN1_INTEGER(void) +static void test_wolfSSL_PEM_read_X509(void) +{ +#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) + X509 *x509 = NULL; + XFILE fp; + + AssertNotNull(fp = XFOPEN(svrCertFile, "rb")); + AssertNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL)); + X509_free(x509); + XFCLOSE(fp); + +#endif +} + +static void test_wolfSSL_X509_NAME_ENTRY_get_object() +{ +#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) + X509 *x509 = NULL; + X509_NAME* name = NULL; + int idx = 0; + X509_NAME_ENTRY *ne = NULL; + ASN1_OBJECT *object = NULL; + + x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM); + AssertNotNull(x509); + name = X509_get_subject_name(x509); + idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); + AssertIntGE(idx, 0); + + ne = X509_NAME_get_entry(name, idx); + AssertNotNull(ne); + AssertNotNull(object = X509_NAME_ENTRY_get_object(ne)); + + X509_free(x509); +#endif +} + +static void test_wolfSSL_i2c_ASN1_INTEGER() { #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) ASN1_INTEGER *a; @@ -21271,6 +21312,8 @@ void ApiTest(void) test_wolfSSL_SHA256(); test_wolfSSL_X509_get_serialNumber(); test_wolfSSL_X509_CRL(); + test_wolfSSL_PEM_read_X509(); + test_wolfSSL_X509_NAME_ENTRY_get_object(); test_wolfSSL_OPENSSL_add_all_algorithms(); test_wolfSSL_ASN1_STRING_print_ex(); test_wolfSSL_ASN1_TIME_to_generalizedtime(); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 99c5ff918..cabac3e3e 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -539,6 +539,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; #define PEM_read_bio_X509 wolfSSL_PEM_read_bio_X509 #define PEM_read_bio_X509_AUX wolfSSL_PEM_read_bio_X509_AUX #define PEM_read_X509_CRL wolfSSL_PEM_read_X509_CRL +#define PEM_read_X509 wolfSSL_PEM_read_X509 /*#if OPENSSL_API_COMPAT < 0x10100000L*/ #define CONF_modules_free() @@ -957,6 +958,8 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; #define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username #define OPENSSL_add_all_algorithms_noconf wolfSSL_OPENSSL_add_all_alogrithms_noconf #define i2c_ASN1_INTEGER wolfSSL_i2c_ASN1_INTEGER +#define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object + #define ERR_NUM_ERRORS 16 #define EVP_PKEY_RSA 6 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index ef5333ed9..aed6b25ed 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2531,7 +2531,7 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, #include struct WOLFSSL_X509_NAME_ENTRY { - WOLFSSL_ASN1_OBJECT* object; /* not defined yet */ + WOLFSSL_ASN1_OBJECT object; /* static object just for keeping grp, type */ WOLFSSL_ASN1_STRING data; WOLFSSL_ASN1_STRING* value; /* points to data, for lighttpd port */ int nid; /* i.e. ASN_COMMON_NAME */ @@ -2571,6 +2571,7 @@ WOLFSSL_API char* wolfSSL_OBJ_nid2ln(int n); WOLFSSL_API int wolfSSL_OBJ_txt2nid(const char *sn); WOLFSSL_API WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj(int n); +WOLFSSL_LOCAL WOLFSSL_ASN1_OBJECT* wolfSSL_OBJ_nid2obj_ex(int n, WOLFSSL_ASN1_OBJECT *arg_obj); WOLFSSL_API int wolfSSL_OBJ_obj2txt(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a, int no_name); WOLFSSL_API void wolfSSL_OBJ_cleanup(void);