mirror of https://github.com/wolfSSL/wolfssl.git
JacobBarthelmeh
GitHub
commit
fa6bc79f8b
|
|
@ -8326,6 +8326,8 @@ static DtlsFragBucket* DtlsMsgCombineFragBuckets(DtlsMsg* msg,
|
||||||
|
|
||||||
static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
|
static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
|
||||||
{
|
{
|
||||||
|
DtlsHandShakeHeader* dtls;
|
||||||
|
|
||||||
/* We have received all necessary fragments. Reconstruct the header. */
|
/* We have received all necessary fragments. Reconstruct the header. */
|
||||||
if (msg->fragBucketListCount != 1 || msg->fragBucketList->m.m.offset != 0 ||
|
if (msg->fragBucketListCount != 1 || msg->fragBucketList->m.m.offset != 0 ||
|
||||||
msg->fragBucketList->m.m.sz != msg->sz) {
|
msg->fragBucketList->m.m.sz != msg->sz) {
|
||||||
|
|
@ -8341,9 +8343,9 @@ static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
|
||||||
|
|
||||||
/* frag->padding makes sure we can fit the entire DTLS handshake header
|
/* frag->padding makes sure we can fit the entire DTLS handshake header
|
||||||
* before frag->buf */
|
* before frag->buf */
|
||||||
DtlsHandShakeHeader* dtls =
|
dtls = (DtlsHandShakeHeader*)(void *)((char *)msg->fragBucketList
|
||||||
(DtlsHandShakeHeader*)(msg->fragBucketList->buf -
|
+ OFFSETOF(DtlsFragBucket,buf)
|
||||||
DTLS_HANDSHAKE_HEADER_SZ);
|
- DTLS_HANDSHAKE_HEADER_SZ);
|
||||||
|
|
||||||
msg->fragBucketList = NULL;
|
msg->fragBucketList = NULL;
|
||||||
msg->fragBucketListCount = 0;
|
msg->fragBucketListCount = 0;
|
||||||
|
|
|
||||||
|
|
@ -8469,6 +8469,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
{
|
{
|
||||||
int length, encryptedKeySz = 0, ret = 0;
|
int length, encryptedKeySz = 0, ret = 0;
|
||||||
int keySz, version, sidType = 0;
|
int keySz, version, sidType = 0;
|
||||||
|
word32 encOID = 0;
|
||||||
word32 keyIdx;
|
word32 keyIdx;
|
||||||
byte issuerHash[KEYID_SIZE];
|
byte issuerHash[KEYID_SIZE];
|
||||||
byte* outKey = NULL;
|
byte* outKey = NULL;
|
||||||
|
|
@ -8644,30 +8645,19 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
(*idx) += KEYID_SIZE;
|
(*idx) += KEYID_SIZE;
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
||||||
word32 encOID = 0;
|
return ASN_PARSE_E;
|
||||||
|
|
||||||
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
|
||||||
return ASN_PARSE_E;
|
|
||||||
|
|
||||||
if (encOID != pkcs7->publicKeyOID) {
|
|
||||||
WOLFSSL_MSG("public key OID found in KTRI doesn't match "
|
|
||||||
"OID stored earlier.");
|
|
||||||
WOLFSSL_ERROR(ALGO_ID_E);
|
|
||||||
return ALGO_ID_E;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* key encryption algorithm must be RSA for now */
|
/* key encryption algorithm must be RSA for now */
|
||||||
if (pkcs7->publicKeyOID != RSAk
|
if (encOID != RSAk
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
&& pkcs7->publicKeyOID != RSAESOAEPk
|
&& encOID != RSAESOAEPk
|
||||||
#endif
|
#endif
|
||||||
)
|
)
|
||||||
return ALGO_ID_E;
|
return ALGO_ID_E;
|
||||||
|
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
if (encOID == RSAESOAEPk) {
|
||||||
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
|
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
|
||||||
return ASN_PARSE_E;
|
return ASN_PARSE_E;
|
||||||
}
|
}
|
||||||
|
|
@ -8704,7 +8694,6 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
FALL_THROUGH;
|
FALL_THROUGH;
|
||||||
|
|
||||||
case WC_PKCS7_DECRYPT_KTRI_3:
|
case WC_PKCS7_DECRYPT_KTRI_3:
|
||||||
|
|
||||||
#ifndef NO_PKCS7_STREAM
|
#ifndef NO_PKCS7_STREAM
|
||||||
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
|
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
|
||||||
pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
|
pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
|
||||||
|
|
@ -8778,7 +8767,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (pkcs7->publicKeyOID != RSAESOAEPk) {
|
if (encOID != RSAESOAEPk) {
|
||||||
#endif
|
#endif
|
||||||
keySz = wc_RsaPrivateDecryptInline(encryptedKey,
|
keySz = wc_RsaPrivateDecryptInline(encryptedKey,
|
||||||
encryptedKeySz, &outKey,
|
encryptedKeySz, &outKey,
|
||||||
|
|
@ -8827,7 +8816,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
if (encOID == RSAESOAEPk) {
|
||||||
if (!outKey) {
|
if (!outKey) {
|
||||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
}
|
}
|
||||||
|
|
@ -8845,7 +8834,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
if (encOID == RSAESOAEPk) {
|
||||||
if (!outKey) {
|
if (!outKey) {
|
||||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4582,7 +4582,7 @@ WOLFSSL_API void wolfSSL_sk_X509_INFO_pop_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*
|
||||||
WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*);
|
WOLFSSL_API void wolfSSL_sk_X509_INFO_free(WOLF_STACK_OF(WOLFSSL_X509_INFO)*);
|
||||||
|
|
||||||
#define WOLF_SK_COMPARE_CB(type, arg) \
|
#define WOLF_SK_COMPARE_CB(type, arg) \
|
||||||
int (*arg) (const type* const* a, const type* const* b)
|
int (*(arg)) (const type* const* a, const type* const* b)
|
||||||
typedef unsigned long (*wolf_sk_hash_cb) (const void *v);
|
typedef unsigned long (*wolf_sk_hash_cb) (const void *v);
|
||||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new(
|
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new(
|
||||||
WOLF_SK_COMPARE_CB(WOLFSSL_X509_NAME, cb));
|
WOLF_SK_COMPARE_CB(WOLFSSL_X509_NAME, cb));
|
||||||
|
|
|
||||||
|
|
@ -2753,11 +2753,11 @@ extern void uITRON4_free(void *p) ;
|
||||||
/* Are we using an external private key store like:
|
/* Are we using an external private key store like:
|
||||||
* PKCS11 / HSM / crypto callback / PK callback */
|
* PKCS11 / HSM / crypto callback / PK callback */
|
||||||
#if !defined(WOLF_PRIVATE_KEY_ID) && !defined(NO_WOLF_PRIVATE_KEY_ID) && \
|
#if !defined(WOLF_PRIVATE_KEY_ID) && !defined(NO_WOLF_PRIVATE_KEY_ID) && \
|
||||||
(defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) || \
|
(defined(HAVE_PKCS11) || defined(HAVE_PK_CALLBACKS) || \
|
||||||
defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_KCAPI))
|
defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_KCAPI))
|
||||||
/* Enables support for using wolfSSL_CTX_use_PrivateKey_Id and
|
/* Enables support for using wolfSSL_CTX_use_PrivateKey_Id and
|
||||||
* wolfSSL_CTX_use_PrivateKey_Label */
|
* wolfSSL_CTX_use_PrivateKey_Label */
|
||||||
#define WOLF_PRIVATE_KEY_ID
|
#define WOLF_PRIVATE_KEY_ID
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* With titan cache size there is too many sessions to fit with the default
|
/* With titan cache size there is too many sessions to fit with the default
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue