Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

libspdm x509 parts #7869

Merged
merged 1 commit into from
Sep 4, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 76 additions & 0 deletions src/pk.c
Original file line number Diff line number Diff line change
Expand Up @@ -2052,6 +2052,32 @@ WOLFSSL_RSA *wolfSSL_PEM_read_bio_RSA_PUBKEY(WOLFSSL_BIO* bio,
}
return rsa;
}

WOLFSSL_RSA *wolfSSL_d2i_RSA_PUBKEY_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out)
{
char* data = NULL;
int dataSz = 0;
int memAlloced = 0;
WOLFSSL_RSA* rsa = NULL;

WOLFSSL_ENTER("wolfSSL_d2i_RSA_PUBKEY_bio");

if (bio == NULL)
return NULL;

if (wolfssl_read_bio(bio, &data, &dataSz, &memAlloced) != 0) {
if (memAlloced)
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}

rsa = wolfssl_rsa_d2i(out, (const unsigned char*)data, dataSz,
WOLFSSL_RSA_LOAD_PUBLIC);
if (memAlloced)
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);

return rsa;
}
#endif /* !NO_BIO */

#ifndef NO_FILESYSTEM
Expand Down Expand Up @@ -12342,6 +12368,56 @@ int wolfSSL_EC_KEY_LoadDer_ex(WOLFSSL_EC_KEY* key, const unsigned char* derBuf,
return res;
}


#ifndef NO_BIO

WOLFSSL_EC_KEY *wolfSSL_d2i_EC_PUBKEY_bio(WOLFSSL_BIO *bio,
WOLFSSL_EC_KEY **out)
{
char* data = NULL;
int dataSz = 0;
int memAlloced = 0;
WOLFSSL_EC_KEY* ec = NULL;
int err = 0;

WOLFSSL_ENTER("wolfSSL_d2i_EC_PUBKEY_bio");

if (bio == NULL)
return NULL;

if (err == 0 && wolfssl_read_bio(bio, &data, &dataSz, &memAlloced) != 0) {
WOLFSSL_ERROR_MSG("wolfssl_read_bio failed");
err = 1;
}

if (err == 0 && (ec = wolfSSL_EC_KEY_new()) == NULL) {
WOLFSSL_ERROR_MSG("wolfSSL_EC_KEY_new failed");
err = 1;
}

/* Load the EC key with the public key from the DER encoding. */
if (err == 0 && wolfSSL_EC_KEY_LoadDer_ex(ec, (const unsigned char*)data,
dataSz, WOLFSSL_EC_KEY_LOAD_PUBLIC) != 1) {
WOLFSSL_ERROR_MSG("wolfSSL_EC_KEY_LoadDer_ex failed");
err = 1;
}

if (memAlloced)
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (err) { /* on error */
wolfSSL_EC_KEY_free(ec);
ec = NULL;
}
else { /* on success */
if (out != NULL)
*out = ec;
}

return ec;
}

#endif /* !NO_BIO */

/*
* EC key PEM APIs
*/
Expand Down
27 changes: 21 additions & 6 deletions src/ssl_asn1.c
Original file line number Diff line number Diff line change
Expand Up @@ -3986,15 +3986,15 @@ unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t)
*/
int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
{
int ret = 1;
int ret = WOLFSSL_SUCCESS;
char buf[MAX_TIME_STRING_SZ];

WOLFSSL_ENTER("wolfSSL_ASN1_TIME_check");

/* If can convert to human readable then format good. */
if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)a, buf,
MAX_TIME_STRING_SZ) == NULL) {
ret = 0;
ret = WOLFSSL_FAILURE;
}

return ret;
Expand All @@ -4012,7 +4012,7 @@ int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
*/
int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
{
int ret = 1;
int ret = WOLFSSL_SUCCESS;
int slen = 0;

WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string");
Expand All @@ -4021,15 +4021,15 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
WOLFSSL_MSG("Bad parameter");
ret = 0;
}
if (ret == 1) {
if (ret == WOLFSSL_SUCCESS) {
/* Get length of string including NUL terminator. */
slen = (int)XSTRLEN(str) + 1;
if (slen > CTC_DATE_SIZE) {
WOLFSSL_MSG("Date string too long");
ret = 0;
ret = WOLFSSL_FAILURE;
}
}
if ((ret == 1) && (t != NULL)) {
if ((ret == WOLFSSL_SUCCESS) && (t != NULL)) {
/* Copy in string including NUL terminator. */
XMEMCPY(t->data, str, (size_t)slen);
/* Do not include NUL terminator in length. */
Expand All @@ -4042,6 +4042,21 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
return ret;
}

int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
{
int ret = WOLFSSL_SUCCESS;

WOLFSSL_ENTER("wolfSSL_ASN1_TIME_set_string_X509");

if (t == NULL)
ret = WOLFSSL_FAILURE;
if (ret == WOLFSSL_SUCCESS)
ret = wolfSSL_ASN1_TIME_set_string(t, str);
if (ret == WOLFSSL_SUCCESS)
ret = wolfSSL_ASN1_TIME_check(t);
return ret;
}

/* Convert ASN.1 TIME object to ASN.1 GENERALIZED TIME object.
*
* @param [in] t ASN.1 TIME object.
Expand Down
7 changes: 5 additions & 2 deletions src/ssl_bn.c
Original file line number Diff line number Diff line change
Expand Up @@ -492,7 +492,7 @@ WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* data, int len,
WOLFSSL_ENTER("wolfSSL_BN_bin2bn");

/* Validate parameters. */
if ((data == NULL) || (len < 0)) {
if (len < 0) {
ret = NULL;
}
/* Allocate a new big number when ret is NULL. */
Expand All @@ -507,7 +507,7 @@ WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* data, int len,
if (ret->internal == NULL) {
ret = NULL;
}
else {
else if (data != NULL) {
/* Decode into big number. */
if (mp_read_unsigned_bin((mp_int*)ret->internal, data, (word32)len)
!= 0) {
Expand All @@ -520,6 +520,9 @@ WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* data, int len,
bn = NULL;
}
}
else if (data == NULL) {
wolfSSL_BN_zero(ret);
}
}

/* Dispose of allocated BN not being returned. */
Expand Down
10 changes: 9 additions & 1 deletion src/ssl_misc.c
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,15 @@ static int wolfssl_read_bio(WOLFSSL_BIO* bio, char** data, int* dataSz,
if (bio->type == WOLFSSL_BIO_MEMORY) {
ret = wolfSSL_BIO_get_mem_data(bio, data);
if (ret > 0) {
bio->rdIdx += ret;
/* Advance the write index in the memory bio */
WOLFSSL_BIO* mem_bio = bio;
for (; mem_bio != NULL; mem_bio = mem_bio->next) {
if (mem_bio->type == WOLFSSL_BIO_MEMORY)
break;
}
if (mem_bio == NULL)
mem_bio = bio; /* Default to input */
mem_bio->rdIdx += ret;
}
*memAlloced = 0;
}
Expand Down
85 changes: 51 additions & 34 deletions src/x509.c
Original file line number Diff line number Diff line change
Expand Up @@ -367,38 +367,6 @@ int wolfSSL_sk_X509_EXTENSION_push(WOLFSSL_STACK* sk,WOLFSSL_X509_EXTENSION* ext
return wolfSSL_sk_push(sk, ext);
}

/* Free the structure for X509_EXTENSION stack
*
* sk stack to free nodes in
*/
void wolfSSL_sk_X509_EXTENSION_free(WOLFSSL_STACK* sk)
{
WOLFSSL_STACK* node;

WOLFSSL_ENTER("wolfSSL_sk_X509_EXTENSION_free");

if (sk == NULL) {
return;
}

/* parse through stack freeing each node */
node = sk->next;
while ((node != NULL) && (sk->num > 1)) {
WOLFSSL_STACK* tmp = node;
node = node->next;

wolfSSL_X509_EXTENSION_free(tmp->data.ext);
XFREE(tmp, NULL, DYNAMIC_TYPE_X509);
sk->num -= 1;
}

/* free head of stack */
if (sk->num == 1) {
wolfSSL_X509_EXTENSION_free(sk->data.ext);
}
XFREE(sk, NULL, DYNAMIC_TYPE_X509);
}

static WOLFSSL_STACK* generateExtStack(const WOLFSSL_X509 *x)
{
int numOfExt, i;
Expand Down Expand Up @@ -872,11 +840,37 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)

switch (oid) {
case BASIC_CA_OID:
{
word32 dataIdx = idx;
word32 dummyOid;
int dataLen = 0;

if (!isSet)
break;
/* Set pathlength */
a = wolfSSL_ASN1_INTEGER_new();
if (a == NULL) {

/* Set the data */
ret = GetObjectId(input, &dataIdx, &dummyOid, oidCertExtType,
(word32)sz) == 0;
if (ret && dataIdx < (word32)sz) {
/* Skip the critical information */
if (input[dataIdx] == ASN_BOOLEAN) {
dataIdx++;
ret = GetLength(input, &dataIdx, &dataLen, sz) >= 0;
dataIdx += dataLen;
}
}
if (ret) {
ret = GetOctetString(input, &dataIdx, &dataLen,
(word32)sz) > 0;
}
if (ret) {
ret = wolfSSL_ASN1_STRING_set(&ext->value, input + dataIdx,
dataLen) == 1;
}

if (a == NULL || !ret) {
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
Expand All @@ -892,7 +886,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
ext->obj->ca = x509->isCa;
ext->crit = x509->basicConstCrit;
break;

}
case AUTH_INFO_OID:
if (!isSet)
break;
Expand Down Expand Up @@ -3654,6 +3648,24 @@ WOLFSSL_X509* wolfSSL_X509_REQ_d2i(WOLFSSL_X509** x509,
{
return d2i_X509orX509REQ(x509, in, len, 1, NULL);
}

WOLFSSL_X509* wolfSSL_d2i_X509_REQ_INFO(WOLFSSL_X509** req,
const unsigned char** in, int len)
{
WOLFSSL_X509* ret = NULL;
WOLFSSL_ENTER("wolfSSL_d2i_X509_REQ_INFO");

if (in == NULL) {
WOLFSSL_MSG("NULL input for wolfSSL_d2i_X509");
return NULL;
}

ret = wolfSSL_X509_REQ_d2i(req, *in, len);
if (ret != NULL) {
*in += ret->derCert->length;
}
return ret;
}
#endif

#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA ||
Expand Down Expand Up @@ -5042,6 +5054,11 @@ void wolfSSL_sk_X509_EXTENSION_pop_free(
wolfSSL_sk_pop_free(sk, (wolfSSL_sk_freefunc)f);
}

void wolfSSL_sk_X509_EXTENSION_free(WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* sk)
{
wolfSSL_sk_pop_free(sk, NULL);
}

#endif /* OPENSSL_EXTRA */

#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
Expand Down
Loading